www.hellooha.com Open in urlscan Pro
46.101.17.77 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.hellooha.com/
Effective URL:
https://www.hellooha.com/
Submission: On December 07 via manual (December 7th 2021, 10:14:30 pm UTC) from IN — Scanned from GB

Summary HTTP 299 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 52 IPs in 10 countries across 42 domains to perform 299 HTTP transactions. The main IP is 46.101.17.77, located in London, United Kingdom and belongs to DIGITALOCEAN-ASN, US. The main domain is www.hellooha.com.
TLS certificate: Issued by R3 on September 30th 2021. Valid for: 3 months.

This is the only time www.hellooha.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	46.101.17.77 46.101.17.77	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
40	89.187.169.47 89.187.169.47	60068 (CDN77 ^_^) (CDN77 ^_^)
4	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
4	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.97.6 18.66.97.6	16509 (AMAZON-02) (AMAZON-02)
1	34.252.133.182 34.252.133.182	16509 (AMAZON-02) (AMAZON-02)
1 14	54.170.178.48 54.170.178.48	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
2	104.19.150.54 104.19.150.54	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:2251:dc00:1f:612c:5a80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	35.241.9.51 35.241.9.51	15169 (GOOGLE) (GOOGLE)
4 7	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
12	34.107.254.252 34.107.254.252	15169 (GOOGLE) (GOOGLE)
2	50.17.87.205 50.17.87.205	14618 (AMAZON-AES) (AMAZON-AES)
1	141.95.3.9 141.95.3.9	16276 (OVH) (OVH)
1 1	52.91.215.149 52.91.215.149	14618 (AMAZON-AES) (AMAZON-AES)
12 23	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1 1	184.30.20.207 184.30.20.207	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	52.30.140.199 52.30.140.199	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.6.247 37.157.6.247	198622 (ADFORM) (ADFORM)
1	54.154.13.77 54.154.13.77	16509 (AMAZON-02) (AMAZON-02)
3 4	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
6	104.111.244.187 104.111.244.187	16625 (AKAMAI-AS) (AKAMAI-AS)
3 6	3.64.158.25 3.64.158.25	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
3	54.161.40.243 54.161.40.243	14618 (AMAZON-AES) (AMAZON-AES)
15	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2 6	34.250.155.46 34.250.155.46	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	35.186.238.175 35.186.238.175	15169 (GOOGLE) (GOOGLE)
6 10	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2600:9000:223... 2600:9000:223f:7800:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
2	2a02:fa8:8806... 2a02:fa8:8806:12::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	44.236.75.167 44.236.75.167	16509 (AMAZON-02) (AMAZON-02)
1	66.155.71.149 66.155.71.149	13768 (COGECO-PEER1) (COGECO-PEER1)
3 3	3.124.200.54 3.124.200.54	16509 (AMAZON-02) (AMAZON-02)
2 2	35.210.178.101 35.210.178.101	15169 (GOOGLE) (GOOGLE)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:f9a2:1d20:7db2:a370	16509 (AMAZON-02) (AMAZON-02)
2	185.86.139.104 185.86.139.104	201081 (SMARTADSE...) (SMARTADSERVER)
1	18.198.153.20 18.198.153.20	16509 (AMAZON-02) (AMAZON-02)
19	18.207.27.110 18.207.27.110	14618 (AMAZON-AES) (AMAZON-AES)
1 1	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
26	18.66.112.43 18.66.112.43	16509 (AMAZON-02) (AMAZON-02)
2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
1	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
13	18.195.140.94 18.195.140.94	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700::68... 2606:4700::6812:c05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 2	72.251.244.140 72.251.244.140	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
299	52

2 46.101.17.77 (London, United Kingdom) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: web1.hellooha.com

www.hellooha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com

static.hellooha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-6.fra56.r.cloudfront.net

t.effectivemeasure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.252.133.182 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-133-182.eu-west-1.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 54.170.178.48 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-178-48.eu-west-1.compute.amazonaws.com

collector.effectivemeasure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.150.54 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2251:dc00:1f:612c:5a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

detect-survey.effectivemeasure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com

f3a06674-ebb9-4b9d-ba8f-0052018c0687.prmutv.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 37.252.172.123 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 34.107.254.252 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 252.254.107.34.bc.googleusercontent.com

api.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.17.87.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-87-205.compute-1.amazonaws.com

survey.effectivemeasure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.3.9 (France)

ASN16276 (OVH, FR)
PTR: p32.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.91.215.149 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-91-215-149.compute-1.amazonaws.com

eus-api.ccgateway.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 142.250.186.66 (United States) 12 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.20.207 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-207.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.140.199 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.247 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.154.13.77 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-13-77.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 15.197.193.217 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.111.244.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-244-187.deploy.static.akamaitechnologies.com

c.evidon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.64.158.25 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-158-25.eu-central-1.compute.amazonaws.com

tagger.opecloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.161.40.243 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-161-40-243.compute-1.amazonaws.com

l.evidon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.250.155.46 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-155-46.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.238.175 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 175.238.186.35.bc.googleusercontent.com

ae-gmtdmp.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2.18.234.21 (Frankfurt am Main, Germany) 6 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:223f:7800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.236.75.167 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-236-75-167.us-west-2.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.124.200.54 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-200-54.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.178.101 (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 101.178.210.35.bc.googleusercontent.com

a.volvelle.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:f9a2:1d20:7db2:a370 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.104 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.153.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-153-20.eu-central-1.compute.amazonaws.com

ads.celtra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 18.207.27.110 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-207-27-110.compute-1.amazonaws.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.248 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 18.66.112.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-43.fra56.r.cloudfront.net

cache-ssl.celtra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 18.195.140.94 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-140-94.eu-central-1.compute.amazonaws.com

track.celtra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:c05 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.244.140 (Amsterdam, Netherlands) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

tracking.m6r.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	googlesyndication.com pagead2.googlesyndication.com 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com tpc.googlesyndication.com	227 KB
42	hellooha.com 1 redirects www.hellooha.com static.hellooha.com	509 KB
40	celtra.com ads.celtra.com cache-ssl.celtra.com track.celtra.com	974 KB
39	doubleclick.net 12 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net googleads.g.doubleclick.net googleads4.g.doubleclick.net ad.doubleclick.net	246 KB
31	adsafeprotected.com 2 redirects pixel.adsafeprotected.com static.adsafeprotected.com fw.adsafeprotected.com dt.adsafeprotected.com	295 KB
18	effectivemeasure.net 1 redirects t.effectivemeasure.net collector.effectivemeasure.net detect-survey.effectivemeasure.net survey.effectivemeasure.net	13 KB
14	permutive.com cdn.permutive.com api.permutive.com	443 KB
14	moatads.com z.moatads.com mb.moatads.com px.moatads.com	90 KB
10	casalemedia.com 6 redirects dsum-sec.casalemedia.com	9 KB
9	evidon.com c.evidon.com l.evidon.com	36 KB
7	adnxs.com 4 redirects ib.adnxs.com	6 KB
6	opecloud.com 3 redirects tagger.opecloud.com	2 KB
5	2mdn.net s0.2mdn.net	178 KB
5	googletagservices.com www.googletagservices.com	131 KB
5	google.com www.google.com adservice.google.com	2 KB
4	adsrvr.org 3 redirects match.adsrvr.org	2 KB
4	cloudflare.com cdnjs.cloudflare.com	174 KB
3	openx.net rtb.openx.net us-u.openx.net	771 B
3	bidswitch.net 3 redirects x.bidswitch.net	2 KB
3	google.co.uk www.google.co.uk adservice.google.co.uk	1 KB
2	m6r.eu 2 redirects tracking.m6r.eu	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	teads.tv sync.teads.tv	344 B
2	smartadserver.com ssbsync.smartadserver.com	150 B
2	volvelle.tech 2 redirects a.volvelle.tech	1 KB
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	dotomi.com dclk-match.dotomi.com	207 B
2	adform.net 2 redirects dmp.adform.net	933 B
2	crwdcntrl.net 2 redirects bcp.crwdcntrl.net	1014 B
2	mathtag.com 2 redirects pixel.mathtag.com sync.mathtag.com	1 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	googletagmanager.com www.googletagmanager.com	78 KB
1	ctnsnet.com 1 redirects gcm.ctnsnet.com	509 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com	964 B
1	sitescout.com pixel-sync.sitescout.com	191 B
1	mookie1.com ae-gmtdmp.mookie1.com	324 B
1	krxd.net beacon.krxd.net	338 B
1	ccgateway.net 1 redirects eus-api.ccgateway.net	619 B
1	id5-sync.com id5-sync.com	1009 B
1	prmutv.co f3a06674-ebb9-4b9d-ba8f-0052018c0687.prmutv.co	454 B
0	netmng.com Failed google2waycm.netmng.com Failed
0	turn.com Failed ad.turn.com Failed
299	42

	Domain	Requested by
40	static.hellooha.com	www.hellooha.com static.hellooha.com
26	cache-ssl.celtra.com	fw.adsafeprotected.com
26	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com ad.doubleclick.net
23	cm.g.doubleclick.net	12 redirects googleads.g.doubleclick.net 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
19	dt.adsafeprotected.com	9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
15	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com googleads.g.doubleclick.net
14	collector.effectivemeasure.net	1 redirects www.hellooha.com t.effectivemeasure.net
13	track.celtra.com
12	api.permutive.com	cdn.permutive.com www.hellooha.com
11	px.moatads.com
10	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net
7	ib.adnxs.com	4 redirects cdn.permutive.com googleads.g.doubleclick.net
6	static.adsafeprotected.com	pixel.adsafeprotected.com 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
6	googleads.g.doubleclick.net	9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com www.hellooha.com
6	tagger.opecloud.com	3 redirects www.hellooha.com
6	c.evidon.com	www.hellooha.com c.evidon.com
5	s0.2mdn.net	9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
5	www.googletagservices.com	9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com www.googletagservices.com
4	googleads4.g.doubleclick.net	googleads.g.doubleclick.net ad.doubleclick.net
4	pixel.adsafeprotected.com	1 redirects 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
4	9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	match.adsrvr.org	3 redirects 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
4	securepubads.g.doubleclick.net	www.hellooha.com securepubads.g.doubleclick.net
4	cdnjs.cloudflare.com	www.hellooha.com cdnjs.cloudflare.com
3	x.bidswitch.net	3 redirects
3	l.evidon.com
3	www.google.com	www.hellooha.com tpc.googlesyndication.com 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
2	tracking.m6r.eu	2 redirects
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	ssbsync.smartadserver.com	9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
2	a.volvelle.tech	2 redirects
2	pm.w55c.net	2 redirects 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
2	dclk-match.dotomi.com	9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
2	fw.adsafeprotected.com	1 redirects 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.co.uk	securepubads.g.doubleclick.net
2	dmp.adform.net	2 redirects
2	bcp.crwdcntrl.net	2 redirects
2	survey.effectivemeasure.net	t.effectivemeasure.net
2	cdn.permutive.com	www.hellooha.com cdn.permutive.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	z.moatads.com	www.hellooha.com z.moatads.com
2	www.googletagmanager.com	www.hellooha.com
2	www.hellooha.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	ad.doubleclick.net	www.googletagservices.com
1	rtb.openx.net	9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
1	sync.mathtag.com	1 redirects
1	ads.celtra.com	9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	pixel-sync.sitescout.com	9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
1	ae-gmtdmp.mookie1.com
1	beacon.krxd.net	www.hellooha.com
1	pixel.mathtag.com	1 redirects
1	eus-api.ccgateway.net	1 redirects
1	id5-sync.com	www.hellooha.com
1	f3a06674-ebb9-4b9d-ba8f-0052018c0687.prmutv.co	cdn.permutive.com
1	detect-survey.effectivemeasure.net	t.effectivemeasure.net
1	www.google.co.uk	www.hellooha.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	mb.moatads.com	z.moatads.com
1	t.effectivemeasure.net	www.hellooha.com
0	google2waycm.netmng.com Failed	9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
0	ad.turn.com Failed	9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
299	67

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
play.google.com
apps.apple.com

Subject Issuer	Validity	Valid
*.hellooha.com R3	`2021-09-30` - `2021-12-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
static.hellooha.com R3	`2021-11-24` - `2022-02-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.effectivemeasure.net Amazon	`2021-02-02` - `2022-03-03`	a year	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-25` - `2022-06-25`	a year	crt.sh
permutive.com Cloudflare Inc ECC CA-3	`2021-03-02` - `2022-03-01`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.co.uk GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.prmutv.co R3	`2021-10-25` - `2022-01-23`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
api.permutive.com R3	`2021-10-21` - `2022-01-19`	3 months	crt.sh
*.id5-sync.com R3	`2021-10-05` - `2022-01-03`	3 months	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
*.evidon.com DigiCert SHA2 Secure Server CA	`2021-05-30` - `2022-06-08`	a year	crt.sh
*.tagger.opecloud.com Amazon	`2021-07-02` - `2022-07-31`	a year	crt.sh
*.google.co.uk GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
*.sitescout.com RapidSSL RSA CA 2018	`2020-01-15` - `2022-02-02`	2 years	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
dt.adsafeprotected.com Amazon	`2021-04-22` - `2022-05-21`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
celtra.com Amazon	`2021-03-11` - `2022-04-09`	a year	crt.sh
teads.tv R3	`2021-11-03` - `2022-02-01`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh

This page contains 22 frames:

Primary Page: https://www.hellooha.com/
Frame ID: CB9B2B5A372A5B5F70B3FA44CB2E7FBC
Requests: 127 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: C0DC403A710853BDD5C583E9BB6017CC
Requests: 1 HTTP requests in this frame

Frame: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4A19883D528AF37DBA8276E2999A220D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 81468ED9D3FA0434BB6B16CC5FBE344A
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D3B6B32421E112B71D090280032664B3
Requests: 2 HTTP requests in this frame

Frame: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 88ED414E287BFE65C27533306827824F
Requests: 43 HTTP requests in this frame

Frame: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 619EA59C8B0F901312AD6AB68DDD86A1
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCj-8KCAhj06K-8ATAB&v=APEucNVoZF1H_VrqY1wJriOcIR5OsacSZnDCPqNonzGGZ-NRoKMZ0CprXP1RsPX2isC-l7E_r5iEKRyqxXwc-D6lxFulkwWidujp3tO_2djnCAW28vXJ4S13KVBVsvDhMyXf53xi6zsadnc7iaJPqksERqcPFh2RrRIMt7tH4lMMJs4LuoGbuDE
Frame ID: ABB59FBE2F8EC807FFD24FFD6761C2CD
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLeO4gEQ7NyYlQIYwt_kmgEwAQ&v=APEucNWsiPt9hdAnOFGQ_Q2HiBEdLs6wYjXUaFUVhWzf09pyoEs6auwOlLKfULmtB7akbdb_RPK-81-2DFsdXpr-mGeOk8mmaO5fRFB530ZEI1uJrVVr_uE3OFARYA7Mx-lJWhrV7sx6eankMztDbafZgnFtROV2yHrmrgx1cD9assDXAnRwvWA
Frame ID: B13169DBAE69530D5D4915F811B1B027
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 31B0FC0C18C8E2529B56931D3C12660A
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 53854D6D373983D527964DC0F7C05475
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 3B036069AC17CFDF8FA51669F3EE0F9A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F2DBB15862147B47B4B824C5B715B99D
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8866F33B57728CB07AAB9853048D93C8
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 67278C1A7CC00D0FC020BE59F1048664
Requests: 1 HTTP requests in this frame

Frame: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C2D90DF64C92CD9CA6D122139C99B0A6
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK_PCBDdhLiuAhiu-pK7ATAB&v=APEucNULkOnmznQBse37REJW2RRkAOLY6BwUlTY4LlSGzn0PqRoGA_nkS46-CGcFQG7aSXuh37FVTzVhJd9skJVLvYxLfj0YQxnwZ_pCo6rrcqi7PaazLZQH2YKw1K9652NviCxjcWgioGRiouuALvd8Tw53vQi4H-QApmVEp05IPdr-9Q54Fyc
Frame ID: 140BD316F945617B2C109EB1938F6A59
Requests: 5 HTTP requests in this frame

Frame: https://cache-ssl.celtra.com/api/blobs/d98e9f2ab223bbd47ecebc7ae8bcda42f58737e1f8e4e1c7d1ad0c1b0264d042/arrow.png?transform=crush&quality=256
Frame ID: 19B2B94FFF2A6A9644F9571353730454
Requests: 25 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E39AED3987AF7095FB410BA01F3AC08D
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5C48C8938FC8A42348AFB0A3A9B6391F
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 38E0EE4C938642CD3CF49522751637AE
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: E73EF68B5DDDDD12A5B0772BF416C8E7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

حلول القضايا الاجتماعية المعاصرة - حلوها

Page URL History Show full URLs

http://www.hellooha.com/ HTTP 301
https://www.hellooha.com/ Page URL

Page Statistics

299
Requests

87 %
HTTPS

31 %
IPv6

42
Domains

67
Subdomains

52
IPs

10
Countries

3425 kB
Transfer

9930 kB
Size

71
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/7ellooha/

Search URL Search Domain Scan URL

URL: https://twitter.com/7ellooha/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/7ellooha/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/7ellooha/

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.helloha&hl=ar

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/alo-hellooha-%D8%A3%D9%84%D9%88-%D8%AD%D9%84%D9%88%D9%87%D8%A7/id1330155399

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.hellooha.com/ HTTP 301
https://www.hellooha.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53

https://collector.effectivemeasure.net/beacon/get?cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1638915262152_1 HTTP 302
https://collector.effectivemeasure.net/beacon/get?final=1&cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1638915262152_1

Request Chain 72

https://eus-api.ccgateway.net/v1/s/narratiive-syndication?puid=ab7dea75-a0ee-4c19-8bfd-cf106cc952fc&rdurl=https://collector.effectivemeasure.net/sync_webhook/carbon/{{ccuid}} HTTP 302
https://collector.effectivemeasure.net/sync_webhook/carbon/67667aaf-590e-4c47-afb4-0c07f385fb25

Request Chain 73

https://cm.g.doubleclick.net/pixel?google_nid=emi_ddp&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=emi_ddp&google_cm=&google_tc= HTTP 302
https://collector.effectivemeasure.net/sync_webhook/ddp/google_gid?google_gid=CAESEKSwIRfoQw9Wv7QVjEyzFtQ&google_cver=1

Request Chain 74

https://pixel.mathtag.com/sync/img?redir=https://collector.effectivemeasure.net/sync_webhook/mediamath/[MM_UUID] HTTP 302
https://collector.effectivemeasure.net/sync_webhook/mediamath/b0e561af-dcbe-4700-a865-553fe50c78fd

Request Chain 75

https://bcp.crwdcntrl.net/5/c=10063?https://collector.effectivemeasure.net/sync_webhook/lotame/${profile_id} HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=10063?https://collector.effectivemeasure.net/sync_webhook/lotame/${profile_id} HTTP 302
https://collector.effectivemeasure.net/sync_webhook/lotame/b53d38afb17da9461733db0521eef12f

Request Chain 76

https://dmp.adform.net/serving/cookie/match?party=1181 HTTP 302
https://dmp.adform.net/serving/cookie/match?CC=1&party=1181 HTTP 302
https://collector.effectivemeasure.net/sync_webhook/adform/7974635588630739833

Request Chain 78

https://match.adsrvr.org/track/cmf/generic?ttd_pid=effective-measure&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=effective-measure&ttd_tpi=1 HTTP 302
https://collector.effectivemeasure.net/sync_webhook/ttd/f852fa78-4ad4-408c-b09f-5539399c9f15

Request Chain 86

https://match.adsrvr.org/track/cmf/generic?ttd_pid=dbegppc&ttd_tpi=1&ttd_puid=40da2992-202e-46c3-bd6d-d27455ebb9ca,562f6df1-a7b0-42fe-9168-ad796040ed61 HTTP 302
https://api.permutive.com/v2.0/px/sync?ku=40da2992-202e-46c3-bd6d-d27455ebb9ca,562f6df1-a7b0-42fe-9168-ad796040ed61&alias=f852fa78-4ad4-408c-b09f-5539399c9f15&type=tradedesk

Request Chain 92

https://tagger.opecloud.com/dms/v2/noscript-image.gif HTTP 302
https://tagger.opecloud.com/dms/v2/noscript-image.gif?trackability-redirect=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1plusx_dmp&google_cm&state=2-6A3PWoWAZyvegboMoRS9qLCaTG7n&source=dms HTTP 302
https://tagger.opecloud.com/dbm/opecs.gif?state=2-6A3PWoWAZyvegboMoRS9qLCaTG7n&source=dms&google_gid=CAESECrUgZyTCvvyDas5rHQzd7w&google_cver=1

Request Chain 98

https://tagger.opecloud.com/dms/v2/pixel.gif?url=https%3A%2F%2Fwww.hellooha.com%2F&ref=&tz=0&screen=1600x1200x24&tref=&cmpstatus=notrequired&tcString=undefined&uspstatus=undefined HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1plusx_dmp&google_cm&state=2-lmww63mD%2FcULD7WIZOisDksH1UPv&source=dms HTTP 302
https://tagger.opecloud.com/dbm/opecs.gif?state=2-lmww63mD%2FcULD7WIZOisDksH1UPv&source=dms&google_gid=CAESECrUgZyTCvvyDas5rHQzd7w&google_cver=1

Request Chain 131

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEYgyV6qxQensXtd9SicDX0&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEYgyV6qxQensXtd9SicDX0&google_cver=1&C=1

Request Chain 132

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ya-cwKVADXnAMHABSkHzRwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEYgyV6qxQensXtd9SicDX0&google_cver=1

Request Chain 133

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGQZp06rXvQH01W8PY-WGLo&google_cver=1

Request Chain 134

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc4Njc3MjQ4MzI1MjU1MDczNA%3D%3D

Request Chain 135

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEYgyV6qxQensXtd9SicDX0&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEYgyV6qxQensXtd9SicDX0&google_cver=1&C=1

Request Chain 136

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ya-cwKVADXnAMHABSkHzSQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEYgyV6qxQensXtd9SicDX0&google_cver=1

Request Chain 137

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGQZp06rXvQH01W8PY-WGLo&google_cver=1

Request Chain 138

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYwMTI2MDgxMTA0NDg4Mzk3

Request Chain 151

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEE535ONjfZiZu-VH59qS7sc&google_cver=1&google_push=AYg5qPJ06o9RVzlOaDg4i1Hj5wv1QsSYYhOxwH939VkJ4RhW_Vztt0pqMH04wD4lH9buCpP8j2AbIvRPrkIR-Ii_6sJ5bp_UioQ3 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEE535ONjfZiZu-VH59qS7sc&google_cver=1&google_push=AYg5qPJ06o9RVzlOaDg4i1Hj5wv1QsSYYhOxwH939VkJ4RhW_Vztt0pqMH04wD4lH9buCpP8j2AbIvRPrkIR-Ii_6sJ5bp_UioQ3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ckpYSktlTFAxTVVJSmE1&google_gid=CAESEE535ONjfZiZu-VH59qS7sc&google_cver=1&google_push=AYg5qPJ06o9RVzlOaDg4i1Hj5wv1QsSYYhOxwH939VkJ4RhW_Vztt0pqMH04wD4lH9buCpP8j2AbIvRPrkIR-Ii_6sJ5bp_UioQ3

Request Chain 153

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEI0vKpEHyDkvLRE9oj5en_A&google_cver=1&google_push=AYg5qPKE8WjrPBoo4-8PUyJZF0bQFQYDlvK2ooCUVosbAURrJdWXhS6WS9c-46ScSlwi_BHMGKG4XZne6teH44peAtTU-m_CTKsm HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEI0vKpEHyDkvLRE9oj5en_A&google_cver=1&google_push=AYg5qPKE8WjrPBoo4-8PUyJZF0bQFQYDlvK2ooCUVosbAURrJdWXhS6WS9c-46ScSlwi_BHMGKG4XZne6teH44peAtTU-m_CTKsm HTTP 302
https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_uid=a5770a80-e63c-4c69-b134-1fb3c2ef6624 HTTP 302
https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_uid=a5770a80-e63c-4c69-b134-1fb3c2ef6624 HTTP 302
https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=489d4e93-a2bf-4e6e-9e67-6fe1220cc7be&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKE8WjrPBoo4-8PUyJZF0bQFQYDlvK2ooCUVosbAURrJdWXhS6WS9c-46ScSlwi_BHMGKG4XZne6teH44peAtTU-m_CTKsm&google_hm=pXcKgOY8TGmxNB-zwu9mJA==

Request Chain 154

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELd-RU9n2hzkTgOQr_8IrIs&google_cver=1&google_push=AYg5qPKpX-9D1EvvEgvhPw1qBikrthRK6ZY2oCDj51kAul1rrl9tnehbkb7OBMc4MiOkcl4cvcJ14UcDRqlhR_ZQXrYd4r2wbH0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKpX-9D1EvvEgvhPw1qBikrthRK6ZY2oCDj51kAul1rrl9tnehbkb7OBMc4MiOkcl4cvcJ14UcDRqlhR_ZQXrYd4r2wbH0&google_hm=NjMyNTYwNDUwOTY2ODcxOTg2NA%3D%3D

Request Chain 158

https://fw.adsafeprotected.com/rfw/ads.celtra.com/890300/58784809/471622dc/web.js?&clickUrl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCT5aav9yvYeipHdzJ7_UP1OKa0AjO9KTyZtiKo6_dDp2Sg5KgJRABIMHOgR9gu4aAgNAKoAG_puefAsgBCakCL-GjrY40tj6oAwGqBPgBT9Bv-OzB1t0gLrWfw7IC1xaCfi9fZyq4dCv6TMx_gn4MiE_6QbFAYG4ug8NxEWsmQB0yXmtuIw0iNaGrv9UXdz0xnTIBDTI6HiBuEpczH1yxhtq39SYx-N4RYugPtH2qYyrABIuq8LINpMAmLevX3ZdLFgOpuPfQAZzd8i2VekygJJUEaC81zpcgAVYcWgDsqm5Cx_F_TzYXMzlIsWF9kXLSCwyHy0_QjDxpywLqOyFGEJ5GBDt24oMQ7wbceeapg9_mviiBx1dGl8wArj7Q0rmjE-xh1cKYT_hbtVW8X7Eu9SE50UAe5X0Vogy8ctvUhDP9JVIWp1XABLWF1cnkA-AEA5AGAaAGTYAHqdmY4AGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTQzMzA0ODc2NDUzNTkxMTKACgOYCwHICwGADAGwE6WCxQ3QEwDYEwrYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRo60h0iYbLGZIy8MmPv7v40g%26sig%3DAOD64_1mVsUMmo0ZU1IP8Mjp_wBBKSRrHA%26client%3Dca-pub-2577219840435371%26dbm_c%3DAKAmf-BfaHe1yqm-Dbe3pREz3MfTrGKfgmxKFbvu69EHd_xt27b0shamw_Mck9r5lIwNUjUdMm-DSjXfuCLbLsyoIGcVXoOVHokIx5hKKoAGjHPe5ajJGynxkOeNV7q4UZ180wgXYKOfuHqu8mc1S1zRkGr6pQ9y3g%26cry%3D1%26dbm_d%3DAKAmf-BY8ZYICPM1xYgmq9zL7Bs6YRoWswofnX-7JAPA8CjfCtXrRkKSBHgqGDoxyfh0R45p8RIFEk5EKobT0nyLD-3-4BZ4rW5rLMmJ0xWdWccQ6iL-4RHpjxxEoHx8PHrY551-z-iNsnhuuRGa7wPjkgtASh7WHsHUBDdJuixs7IOoHPpl62Gf-M8GL9OJ-n6zUGn3k6H4UlH1fAj7bCUx-_bhQiKwVhoCRKkHIFSubcfoPv4NqRo-f5FxlHXFMtnCu7jqz_gBlK_gc2QOy9grOIEfdbvQf-EtpygKH7o5ewHIYWjNLJmoqOg3SRw8zHk5TRUPHUMTLjcnwa2UzVmgh3gGVWTnM_VeSBEIqZoauRGit4Iqup_rBZqWRhttWC2mhvCg2Rf4iJCbSKnms1jaZx09oz0X06JOGhcpLG7ykvjGHqjjA-OJYk36s1B8f2JccrEpUVDCkqqEybJIiYr7ebJLkaG49uo6pXiu66usAot40AyuVZE%26adurl%3D&expandDirection=undefined&preferredClickThroughWindow=new&clickEvent=advertiser&externalAdServer=DBM&tagVersion=html-standard-7&eas.JHtDUkVBVElWRV9JRH0%253D=395048052&externalCreativeId=395048052&externalSiteId=202457267114&externalSiteName=https%3A%2F%2Fwww.hellooha.com%2F&externalSupplierId=1&externalCampaignId=15442583423&externalSessionId=ABAjH0jBXCMtqjEX0N7NbUyRwP0y&externalBundleId=&dbmExchangeID=1&externalAudienceIds=&dbmPixelIdComma=&externalLineItemId=15442583423&scriptId=celtra-script-1&clientTimestamp=1638915264.083&clientTimeZoneOffsetInMinutes=0&hostPageLoadId=34383170104226113&adsafe_url=https%3A%2F%2Fwww.hellooha.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:90a9f9de-9334-0346-c891-27cd50a4f503,c:w9sDTI,sl:na,em:true,fr:false,thd:1,mn:app24ie,rg:ie,pt:1-5-15,br:c,abv:na,an:n,oam:0,nbld:0,mtim:4,fm:sQWRqsh+11%7C12%7C13%7C14*.890300-58784809%7C141%7C142%7C143%7C151,idMap:14*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:0,rend:0,renddet:na,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:rjss,et:18,oid:08d9fafd-57ab-11ec-bb95-02cb850ca5c2,v:19.8.270,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://ads.celtra.com/471622dc/web.js?&clickUrl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCT5aav9yvYeipHdzJ7_UP1OKa0AjO9KTyZtiKo6_dDp2Sg5KgJRABIMHOgR9gu4aAgNAKoAG_puefAsgBCakCL-GjrY40tj6oAwGqBPgBT9Bv-OzB1t0gLrWfw7IC1xaCfi9fZyq4dCv6TMx_gn4MiE_6QbFAYG4ug8NxEWsmQB0yXmtuIw0iNaGrv9UXdz0xnTIBDTI6HiBuEpczH1yxhtq39SYx-N4RYugPtH2qYyrABIuq8LINpMAmLevX3ZdLFgOpuPfQAZzd8i2VekygJJUEaC81zpcgAVYcWgDsqm5Cx_F_TzYXMzlIsWF9kXLSCwyHy0_QjDxpywLqOyFGEJ5GBDt24oMQ7wbceeapg9_mviiBx1dGl8wArj7Q0rmjE-xh1cKYT_hbtVW8X7Eu9SE50UAe5X0Vogy8ctvUhDP9JVIWp1XABLWF1cnkA-AEA5AGAaAGTYAHqdmY4AGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTQzMzA0ODc2NDUzNTkxMTKACgOYCwHICwGADAGwE6WCxQ3QEwDYEwrYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRo60h0iYbLGZIy8MmPv7v40g%26sig%3DAOD64_1mVsUMmo0ZU1IP8Mjp_wBBKSRrHA%26client%3Dca-pub-2577219840435371%26dbm_c%3DAKAmf-BfaHe1yqm-Dbe3pREz3MfTrGKfgmxKFbvu69EHd_xt27b0shamw_Mck9r5lIwNUjUdMm-DSjXfuCLbLsyoIGcVXoOVHokIx5hKKoAGjHPe5ajJGynxkOeNV7q4UZ180wgXYKOfuHqu8mc1S1zRkGr6pQ9y3g%26cry%3D1%26dbm_d%3DAKAmf-BY8ZYICPM1xYgmq9zL7Bs6YRoWswofnX-7JAPA8CjfCtXrRkKSBHgqGDoxyfh0R45p8RIFEk5EKobT0nyLD-3-4BZ4rW5rLMmJ0xWdWccQ6iL-4RHpjxxEoHx8PHrY551-z-iNsnhuuRGa7wPjkgtASh7WHsHUBDdJuixs7IOoHPpl62Gf-M8GL9OJ-n6zUGn3k6H4UlH1fAj7bCUx-_bhQiKwVhoCRKkHIFSubcfoPv4NqRo-f5FxlHXFMtnCu7jqz_gBlK_gc2QOy9grOIEfdbvQf-EtpygKH7o5ewHIYWjNLJmoqOg3SRw8zHk5TRUPHUMTLjcnwa2UzVmgh3gGVWTnM_VeSBEIqZoauRGit4Iqup_rBZqWRhttWC2mhvCg2Rf4iJCbSKnms1jaZx09oz0X06JOGhcpLG7ykvjGHqjjA-OJYk36s1B8f2JccrEpUVDCkqqEybJIiYr7ebJLkaG49uo6pXiu66usAot40AyuVZE%26adurl%3D&expandDirection=undefined&preferredClickThroughWindow=new&clickEvent=advertiser&externalAdServer=DBM&tagVersion=html-standard-7&eas.JHtDUkVBVElWRV9JRH0%253D=395048052&externalCreativeId=395048052&externalSiteId=202457267114&externalSiteName=https%3A%2F%2Fwww.hellooha.com%2F&externalSupplierId=1&externalCampaignId=15442583423&externalSessionId=ABAjH0jBXCMtqjEX0N7NbUyRwP0y&externalBundleId=&dbmExchangeID=1&externalAudienceIds=&dbmPixelIdComma=&externalLineItemId=15442583423&scriptId=celtra-script-1&clientTimestamp=1638915264.083&clientTimeZoneOffsetInMinutes=0&hostPageLoadId=34383170104226113

Request Chain 168

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEFAi5_ldbgrwuMzLcKaKRHU&google_cver=1&google_push=AYg5qPKgm_JF9OKRu4OFaeRH_KTUz2hgfmD0CI7oITvt-bI_pL6XlOwd-3WCztk6JyVQqEi7drbah-3DgEka0tOggPpuAjl1G5I HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=sOVhr9y-RwCoZVU_5Qx4_Q&google_push=AYg5qPKgm_JF9OKRu4OFaeRH_KTUz2hgfmD0CI7oITvt-bI_pL6XlOwd-3WCztk6JyVQqEi7drbah-3DgEka0tOggPpuAjl1G5I

Request Chain 202

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECrArrHLM1PXDGxGn8SRkKI&google_cver=1

Request Chain 204

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEGe0bqRtaW6T5pF6SGjrfmg&google_cver=1

Request Chain 257

https://a.tribalfusion.com/i.match?p=b6&u=CAESEGszdS_08ThzTTmpGBnmlOU&google_cver=1&google_push=AYg5qPJMVYN2CXtQ62PxM-KqsR3sjJ26GIP3f_a4R0ej4ve3unB57bcISF0OTg2_jLkUPhzLM1pKecif6MXlMRLRxKk0k4BROVRS&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJMVYN2CXtQ62PxM-KqsR3sjJ26GIP3f_a4R0ej4ve3unB57bcISF0OTg2_jLkUPhzLM1pKecif6MXlMRLRxKk0k4BROVRS%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGszdS_08ThzTTmpGBnmlOU&google_cver=1&google_push=AYg5qPJMVYN2CXtQ62PxM-KqsR3sjJ26GIP3f_a4R0ej4ve3unB57bcISF0OTg2_jLkUPhzLM1pKecif6MXlMRLRxKk0k4BROVRS&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJMVYN2CXtQ62PxM-KqsR3sjJ26GIP3f_a4R0ej4ve3unB57bcISF0OTg2_jLkUPhzLM1pKecif6MXlMRLRxKk0k4BROVRS%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 259

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEDfFLfHeot6NJ744jz7I7mM&google_cver=1&google_push=AYg5qPIlQQ8dB5CT5TB9fI2QJkK17ao1EdIlc795roQiR77NCoqTiKXQMdP2fTGkqx-2OIoJ2bSutK8opBScOFE-7GN88S3wj4I HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPIlQQ8dB5CT5TB9fI2QJkK17ao1EdIlc795roQiR77NCoqTiKXQMdP2fTGkqx-2OIoJ2bSutK8opBScOFE-7GN88S3wj4I&google_hm=1t4uIJe2Rwisz2dTxM1LOtY

Request Chain 260

https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEFg3XZubqPx4UOD19IL9ng0&google_cver=1&google_push=AYg5qPKqlqHgwFVzkSeAjhGvQ2L01_hmlIBAB0vle_8CboPXcX8nH2tTO7hkQHpEAt2GaXnlNH3rS7OI5SPWMJIp65emJTEg2bg HTTP 302
https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEFg3XZubqPx4UOD19IL9ng0&google_cver=1&google_push=AYg5qPKqlqHgwFVzkSeAjhGvQ2L01_hmlIBAB0vle_8CboPXcX8nH2tTO7hkQHpEAt2GaXnlNH3rS7OI5SPWMJIp65emJTEg2bg&checkcookies=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=CzwhL7QlBqyUzNd1nKdHyw&google_push=AYg5qPKqlqHgwFVzkSeAjhGvQ2L01_hmlIBAB0vle_8CboPXcX8nH2tTO7hkQHpEAt2GaXnlNH3rS7OI5SPWMJIp65emJTEg2bg

Request Chain 261

https://match.360yield.com/match/ebda?google_gid=CAESEF3sDcxCrw6LR_oVhC87j8U&google_cver=1&google_push=AYg5qPK7AD-eJn-_-OJpcZWnadXhOXyeA01__3Yz28lZ3QG8g752XuiWzqQzC5n0L7R4XyhqbI2nyyjTcKPp1-ANLQXcni-BrVsz HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEF3sDcxCrw6LR_oVhC87j8U&google_cver=1&google_push=AYg5qPK7AD-eJn-_-OJpcZWnadXhOXyeA01__3Yz28lZ3QG8g752XuiWzqQzC5n0L7R4XyhqbI2nyyjTcKPp1-ANLQXcni-BrVsz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GWUQgcS1QHWyYKWmMetGfg&google_push=AYg5qPK7AD-eJn-_-OJpcZWnadXhOXyeA01__3Yz28lZ3QG8g752XuiWzqQzC5n0L7R4XyhqbI2nyyjTcKPp1-ANLQXcni-BrVsz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GWUQgcS1QHWyYKWmMetGfg&google_push=AYg5qPK7AD-eJn-_-OJpcZWnadXhOXyeA01__3Yz28lZ3QG8g752XuiWzqQzC5n0L7R4XyhqbI2nyyjTcKPp1-ANLQXcni-BrVsz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GWUQgcS1QHWyYKWmMetGfg&google_push=AYg5qPK7AD-eJn-_-OJpcZWnadXhOXyeA01__3Yz28lZ3QG8g752XuiWzqQzC5n0L7R4XyhqbI2nyyjTcKPp1-ANLQXcni-BrVsz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GWUQgcS1QHWyYKWmMetGfg&google_push=AYg5qPK7AD-eJn-_-OJpcZWnadXhOXyeA01__3Yz28lZ3QG8g752XuiWzqQzC5n0L7R4XyhqbI2nyyjTcKPp1-ANLQXcni-BrVsz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GWUQgcS1QHWyYKWmMetGfg&google_push=AYg5qPK7AD-eJn-_-OJpcZWnadXhOXyeA01__3Yz28lZ3QG8g752XuiWzqQzC5n0L7R4XyhqbI2nyyjTcKPp1-ANLQXcni-BrVsz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GWUQgcS1QHWyYKWmMetGfg&google_push=AYg5qPK7AD-eJn-_-OJpcZWnadXhOXyeA01__3Yz28lZ3QG8g752XuiWzqQzC5n0L7R4XyhqbI2nyyjTcKPp1-ANLQXcni-BrVsz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GWUQgcS1QHWyYKWmMetGfg&google_push=AYg5qPK7AD-eJn-_-OJpcZWnadXhOXyeA01__3Yz28lZ3QG8g752XuiWzqQzC5n0L7R4XyhqbI2nyyjTcKPp1-ANLQXcni-BrVsz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GWUQgcS1QHWyYKWmMetGfg&google_push=AYg5qPK7AD-eJn-_-OJpcZWnadXhOXyeA01__3Yz28lZ3QG8g752XuiWzqQzC5n0L7R4XyhqbI2nyyjTcKPp1-ANLQXcni-BrVsz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GWUQgcS1QHWyYKWmMetGfg&google_push=AYg5qPK7AD-eJn-_-OJpcZWnadXhOXyeA01__3Yz28lZ3QG8g752XuiWzqQzC5n0L7R4XyhqbI2nyyjTcKPp1-ANLQXcni-BrVsz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GWUQgcS1QHWyYKWmMetGfg&google_push=AYg5qPK7AD-eJn-_-OJpcZWnadXhOXyeA01__3Yz28lZ3QG8g752XuiWzqQzC5n0L7R4XyhqbI2nyyjTcKPp1-ANLQXcni-BrVsz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GWUQgcS1QHWyYKWmMetGfg&google_push=AYg5qPK7AD-eJn-_-OJpcZWnadXhOXyeA01__3Yz28lZ3QG8g752XuiWzqQzC5n0L7R4XyhqbI2nyyjTcKPp1-ANLQXcni-BrVsz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GWUQgcS1QHWyYKWmMetGfg&google_push=AYg5qPK7AD-eJn-_-OJpcZWnadXhOXyeA01__3Yz28lZ3QG8g752XuiWzqQzC5n0L7R4XyhqbI2nyyjTcKPp1-ANLQXcni-BrVsz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GWUQgcS1QHWyYKWmMetGfg&google_push=AYg5qPK7AD-eJn-_-OJpcZWnadXhOXyeA01__3Yz28lZ3QG8g752XuiWzqQzC5n0L7R4XyhqbI2nyyjTcKPp1-ANLQXcni-BrVsz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GWUQgcS1QHWyYKWmMetGfg&google_push=AYg5qPK7AD-eJn-_-OJpcZWnadXhOXyeA01__3Yz28lZ3QG8g752XuiWzqQzC5n0L7R4XyhqbI2nyyjTcKPp1-ANLQXcni-BrVsz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GWUQgcS1QHWyYKWmMetGfg&google_push=AYg5qPK7AD-eJn-_-OJpcZWnadXhOXyeA01__3Yz28lZ3QG8g752XuiWzqQzC5n0L7R4XyhqbI2nyyjTcKPp1-ANLQXcni-BrVsz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GWUQgcS1QHWyYKWmMetGfg&google_push=AYg5qPK7AD-eJn-_-OJpcZWnadXhOXyeA01__3Yz28lZ3QG8g752XuiWzqQzC5n0L7R4XyhqbI2nyyjTcKPp1-ANLQXcni-BrVsz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GWUQgcS1QHWyYKWmMetGfg&google_push=AYg5qPK7AD-eJn-_-OJpcZWnadXhOXyeA01__3Yz28lZ3QG8g752XuiWzqQzC5n0L7R4XyhqbI2nyyjTcKPp1-ANLQXcni-BrVsz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GWUQgcS1QHWyYKWmMetGfg&google_push=AYg5qPK7AD-eJn-_-OJpcZWnadXhOXyeA01__3Yz28lZ3QG8g752XuiWzqQzC5n0L7R4XyhqbI2nyyjTcKPp1-ANLQXcni-BrVsz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GWUQgcS1QHWyYKWmMetGfg&google_push=AYg5qPK7AD-eJn-_-OJpcZWnadXhOXyeA01__3Yz28lZ3QG8g752XuiWzqQzC5n0L7R4XyhqbI2nyyjTcKPp1-ANLQXcni-BrVsz

Request Chain 265

https://pixel.adsafeprotected.com/rfw/st/878020/58502569/skeleton.js?adsafe_url=https%3A%2F%2Fwww.hellooha.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:d008e117-6110-ac25-fe9d-f3eb75d93a37,c:w9sEb8,sl:na,em:true,fr:false,thd:1,mn:app19ie,rg:ie,pt:1-5-15,br:c,abv:na,an:n,oam:0,nbld:0,mtim:109,fm:sQWRqI6+11%7C12%7C13%7C141%7C142%7C143%7C144%7C145%7C146%7C147%7C15*.878020-58502569%7C151%7C152%7C153%7C154,idMap:15*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:rjss,et:116,oid:093fe8b6-57ab-11ec-9b75-068792706006,v:19.8.270,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

299 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.hellooha.com/
Redirect Chain

http://www.hellooha.com/
https://www.hellooha.com/

75 KB
17 KB

299ms
234ms

Document
text/html

46.101.17.77
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hellooha.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

46.101.17.77 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

web1.hellooha.com

Software

nginx/1.12.2 / PHP/7.1.31

Resource Hash

a700d90af1780555383a5e787bdc0243b008b8612d1a1bf2d98e91cc7b7cfb47

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubdomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9

Response headers

server: nginx/1.12.2
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.1.31
cache-control: no-cache
date: Tue, 07 Dec 2021 22:14:21 GMT
strict-transport-security: max-age=16070400; includeSubdomains
content-encoding: gzip

Redirect headers

Server: nginx/1.12.2
Date: Tue, 07 Dec 2021 22:14:21 GMT
Content-Type: text/html
Content-Length: 185
Connection: keep-alive
Location: https://www.hellooha.com/

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 140ms
49ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-68314828-1

Requested by

Host: www.hellooha.com
URL: https://www.hellooha.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

006a1eff210eb25f0f507a80b6c2606176ddf86009acadb0472464f7c4778335

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:21 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36257
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 21:53:47 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 07 Dec 2021 22:14:21 GMT

GET
H2 200 all-newcss.min.css
static.hellooha.com/revamp/assets/minFiles/ 303 KB
54 KB 158ms
51ms Stylesheet
text/css 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.hellooha.com/revamp/assets/minFiles/all-newcss.min.css
Requested by: Host: www.hellooha.com
URL: https://www.hellooha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 8744f3b475abf639dfbc3cdd7ce3244aded872954a2b12ddd1241cf860d5e74c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:21 GMT
content-encoding: br
x-downloadsize: 310024
cdn-edgestorageid: 756
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 08/18/2021 08:06:05
cdn-pullzone: 87635
server: BunnyCDN-DE1-756
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-bo-server: UK-24
last-modified: Wed, 18 Aug 2021 06:05:41 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
x-bo-origindownloadtime: 8
content-type: text/css
cdn-cache: HIT
cdn-uid: f2b248df-ee3a-4310-ab4a-33df2016cf0e
cache-control: public, max-age=31919000
cdn-requestid: 5f2c669e43cf4b1a2e73ec1a0c059204
x-bo-cachehit: HIT
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/ 56 KB
11 KB 199ms
71ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css

Requested by

Host: www.hellooha.com
URL: https://www.hellooha.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1744430
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10022
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-de0a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zaspHtcDQm5p2%2B3fqbIRzaINefuaAVRC73Ldkvur8VHF6wnsfsZoxzizp5o7NzVFxP0dnofBgD16jfq5ZSkSUvVmVAFaf%2FE9q6S0Nw64h6UXnlIn0XYzI%2F%2B6Hz%2BkTEdwsn%2Bn2nlxhK%2B%2FyJKwiemQXKjm"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ba11b42fdc783a6-MXP
expires: Sun, 27 Nov 2022 22:14:21 GMT

GET
H2 200 moatheader.js Show response
z.moatads.com/choueirigroupheaderdfp445340272806/ 245 KB
85 KB 135ms
44ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/choueirigroupheaderdfp445340272806/moatheader.js
Requested by: Host: www.hellooha.com
URL: https://www.hellooha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 0b3b6737f2378f74bf570546886f61683154a325750dac18e96342063909ce6b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:21 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 10:35:04 GMT
server: AmazonS3
x-amz-request-id: 8JRXQFPKPGW0SMVA
etag: "26d2b9628f18833de2b638a8fce64a03"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=16044
accept-ranges: bytes
content-length: 86352
x-amz-id-2: n2oUUr1loUV7IihpH6389V18mswxys1Zhhs104wU2O4LgyJg4bhFbFC87Z8mOQAZctGp5pjhZR0=

GET
H2 200 user-img.jpg
static.hellooha.com/revamp/assets/imgs/ 2 KB
2 KB 59ms
52ms Image
image/webp 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.hellooha.com/revamp/assets/imgs/user-img.jpg
Requested by: Host: www.hellooha.com
URL: https://www.hellooha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: c7c3fb4e0527ee1610bb0852749cb6d8ce64690ba77959fcd4b509758142f34a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:21 GMT
x-downloadsize: 2895
cdn-edgestorageid: 756
x-bo-processingtime: 0
cdn-cachedat: 08/11/2021 09:25:57
cdn-pullzone: 87635
server: BunnyCDN-DE1-756
x-bo-server: DE-120
last-modified: Wed, 11 Aug 2021 07:25:57 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
x-bo-origindownloadtime: 68
content-type: image/webp
cdn-cache: HIT
cdn-uid: f2b248df-ee3a-4310-ab4a-33df2016cf0e
cache-control: public, max-age=31919000
x-bo-compressionratio: 31.81%
cdn-requestid: 8244c2ee610e2dac3327effe80969716
x-bo-cachehit: MISS
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 tzxwweecafj58_article.jpg
static.hellooha.com/uploads/thumbs/articles/slider/ 31 KB
31 KB 51ms
44ms Image
image/webp 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.hellooha.com/uploads/thumbs/articles/slider/tzxwweecafj58_article.jpg
Requested by: Host: www.hellooha.com
URL: https://www.hellooha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 102ea9c42972ee0c0a4d89fba1ed40b0908e78835246facddd9eccdf6b931a6a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:21 GMT
x-downloadsize: 85755
cdn-edgestorageid: 756
x-bo-processingtime: 7
cdn-cachedat: 12/07/2021 12:05:22
cdn-pullzone: 87635
content-length: 31678
server: BunnyCDN-DE1-756
x-bo-server: UK-24
last-modified: Tue, 07 Dec 2021 11:05:22 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
x-bo-origindownloadtime: 6
content-type: image/webp
cdn-cache: HIT
cdn-uid: f2b248df-ee3a-4310-ab4a-33df2016cf0e
cache-control: public, max-age=31919000
x-bo-compressionratio: 63.06%
cdn-requestid: b2a216465f1d3bf0e4122c0f023664db
x-bo-cachehit: MISS
cdn-requestcountrycode: GB
cdn-status: 200
x-bo-lb-server: UK-24
cdn-requestpullsuccess: True

GET
H2 200 yqorahtpfgu68_q.jpg
static.hellooha.com/uploads/thumbs/questions/slider/ 11 KB
11 KB 57ms
50ms Image
image/webp 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.hellooha.com/uploads/thumbs/questions/slider/yqorahtpfgu68_q.jpg
Requested by: Host: www.hellooha.com
URL: https://www.hellooha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 708d3501acd852feff74783cada1cab94685283511647116980645755be175ed

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:21 GMT
x-downloadsize: 22616
cdn-edgestorageid: 756
x-bo-processingtime: 1
cdn-cachedat: 12/07/2021 12:05:22
cdn-pullzone: 87635
content-length: 10988
server: BunnyCDN-DE1-756
x-bo-server: UK-24
last-modified: Tue, 07 Dec 2021 11:05:22 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
x-bo-origindownloadtime: 4
content-type: image/webp
cdn-cache: HIT
cdn-uid: f2b248df-ee3a-4310-ab4a-33df2016cf0e
cache-control: public, max-age=31919000
x-bo-compressionratio: 51.41%
cdn-requestid: cff25a29354ecbbf2b5458b56ddd2d49
x-bo-cachehit: MISS
cdn-requestcountrycode: GB
cdn-status: 200
x-bo-lb-server: UK-24
cdn-requestpullsuccess: True

GET
H2 200 sa.png
static.hellooha.com/revamp/assets/flags/ 928 B
1 KB 59ms
52ms Image
image/webp 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.hellooha.com/revamp/assets/flags/sa.png
Requested by: Host: www.hellooha.com
URL: https://www.hellooha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: a6bbccc6e22f2795fcec47e583922a5286616c877fd47eb30fd9e464dc2e453c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:21 GMT
x-downloadsize: 852
cdn-edgestorageid: 756
x-bo-processingtime: 0
cdn-cachedat: 08/11/2021 07:31:22
cdn-pullzone: 87635
server: BunnyCDN-DE1-756
x-bo-server: DE-138
last-modified: Wed, 11 Aug 2021 05:31:22 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
x-bo-origindownloadtime: 19
content-type: image/webp
cdn-cache: HIT
cdn-uid: f2b248df-ee3a-4310-ab4a-33df2016cf0e
cache-control: public, max-age=31919000
x-bo-compressionratio: 0%
cdn-requestid: 3e9a284db91f5d480f5430954e6adf68
x-bo-cachehit: MISS
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 specialist.png
static.hellooha.com/revamp/assets/flags/ 660 B
1 KB 60ms
53ms Image
image/webp 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.hellooha.com/revamp/assets/flags/specialist.png
Requested by: Host: www.hellooha.com
URL: https://www.hellooha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: e5f119b6c96dbd530e087dd4f9b5ad0ed3ef0ee8dec6b1e450194471db792230

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:21 GMT
x-downloadsize: 470
cdn-edgestorageid: 756
x-bo-processingtime: 0
cdn-cachedat: 08/11/2021 08:26:41
cdn-pullzone: 87635
server: BunnyCDN-DE1-756
x-bo-server: DE-95
last-modified: Wed, 11 Aug 2021 06:26:41 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
x-bo-origindownloadtime: 17
content-type: image/webp
cdn-cache: HIT
cdn-uid: f2b248df-ee3a-4310-ab4a-33df2016cf0e
cache-control: public, max-age=31919000
x-bo-compressionratio: 0%
cdn-requestid: 7a7026a46cc7c6c1573f9c48caa8cb83
x-bo-cachehit: MISS
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 55654.jpg
static.hellooha.com/uploads/thumbs/experts/small/ 604 B
1 KB 60ms
53ms Image
image/webp 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.hellooha.com/uploads/thumbs/experts/small/55654.jpg
Requested by: Host: www.hellooha.com
URL: https://www.hellooha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: d3ca16c048159adcb31851ab53a2524ef8e292838603faa80579372979a239d7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:21 GMT
x-downloadsize: 1762
cdn-edgestorageid: 756
x-bo-processingtime: 0
cdn-cachedat: 08/11/2021 07:57:51
cdn-pullzone: 87635
server: BunnyCDN-DE1-756
x-bo-server: DE-119
last-modified: Wed, 11 Aug 2021 05:57:51 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
x-bo-origindownloadtime: 77
content-type: image/webp
cdn-cache: HIT
cdn-uid: f2b248df-ee3a-4310-ab4a-33df2016cf0e
cache-control: public, max-age=31919000
x-bo-compressionratio: 65.72%
cdn-requestid: 42801e33548ecbb48c2c05a25dc43ded
x-bo-cachehit: MISS
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 us.png
static.hellooha.com/revamp/assets/flags/ 2 KB
2 KB 59ms
53ms Image
image/webp 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.hellooha.com/revamp/assets/flags/us.png
Requested by: Host: www.hellooha.com
URL: https://www.hellooha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 12ba8a7852f4c6bdd4877200026ca81def312fa10d993d5ad58c9391e7d1fd20

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:21 GMT
x-downloadsize: 1295
cdn-edgestorageid: 756
x-bo-processingtime: 0
cdn-cachedat: 08/11/2021 13:58:19
cdn-pullzone: 87635
server: BunnyCDN-DE1-756
x-bo-server: DE-138
last-modified: Wed, 11 Aug 2021 11:58:19 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
x-bo-origindownloadtime: 71
content-type: image/webp
cdn-cache: HIT
cdn-uid: f2b248df-ee3a-4310-ab4a-33df2016cf0e
cache-control: public, max-age=31919000
x-bo-compressionratio: 0%
cdn-requestid: a3b8bcd6a06ec6aa19c7af10c9c86f43
x-bo-cachehit: MISS
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 bh.png
static.hellooha.com/revamp/assets/flags/ 1 KB
2 KB 60ms
54ms Image
image/webp 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.hellooha.com/revamp/assets/flags/bh.png
Requested by: Host: www.hellooha.com
URL: https://www.hellooha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 9e8eb64b088eacae47e85f5850612710c9b2dab0baef130f73c66760a74e62de

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:22 GMT
x-downloadsize: 803
cdn-edgestorageid: 756
x-bo-processingtime: 0
cdn-cachedat: 08/11/2021 09:50:22
cdn-pullzone: 87635
server: BunnyCDN-DE1-756
x-bo-server: DE-136
last-modified: Wed, 11 Aug 2021 07:50:22 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
x-bo-origindownloadtime: 21
content-type: image/webp
cdn-cache: HIT
cdn-uid: f2b248df-ee3a-4310-ab4a-33df2016cf0e
cache-control: public, max-age=31919000
x-bo-compressionratio: 0%
cdn-requestid: 2bb78a29ce71af3c841c4838d40f3404
x-bo-cachehit: MISS
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ae.png
static.hellooha.com/revamp/assets/flags/ 838 B
1 KB 61ms
55ms Image
image/webp 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.hellooha.com/revamp/assets/flags/ae.png
Requested by: Host: www.hellooha.com
URL: https://www.hellooha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 6666c51526800383f1216019d51afcf30b5d58a18d9af1267f7bffa32607746b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:22 GMT
x-downloadsize: 770
cdn-edgestorageid: 756
x-bo-processingtime: 0
cdn-cachedat: 08/11/2021 09:50:22
cdn-pullzone: 87635
server: BunnyCDN-DE1-756
x-bo-server: DE-95
last-modified: Wed, 11 Aug 2021 07:50:22 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
x-bo-origindownloadtime: 18
content-type: image/webp
cdn-cache: HIT
cdn-uid: f2b248df-ee3a-4310-ab4a-33df2016cf0e
cache-control: public, max-age=31919000
x-bo-compressionratio: 0%
cdn-requestid: 9b4ecbde7c730d8a09e6e41d809f6e86
x-bo-cachehit: MISS
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 kw.png
static.hellooha.com/revamp/assets/flags/ 826 B
1 KB 60ms
54ms Image
image/webp 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.hellooha.com/revamp/assets/flags/kw.png
Requested by: Host: www.hellooha.com
URL: https://www.hellooha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 3c2dcf18a31a3c6e2d63609579d9083eeff184559b33f1102558997283948289

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:22 GMT
x-downloadsize: 778
cdn-edgestorageid: 756
x-bo-processingtime: 0
cdn-cachedat: 08/11/2021 11:14:08
cdn-pullzone: 87635
server: BunnyCDN-DE1-756
x-bo-server: DE-120
last-modified: Wed, 11 Aug 2021 09:14:08 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
x-bo-origindownloadtime: 68
content-type: image/webp
cdn-cache: HIT
cdn-uid: f2b248df-ee3a-4310-ab4a-33df2016cf0e
cache-control: public, max-age=31919000
x-bo-compressionratio: 0%
cdn-requestid: 27af1ec8a4bd4674a63b35273a0cb604
x-bo-cachehit: MISS
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 lb.png
static.hellooha.com/revamp/assets/flags/ 1 KB
2 KB 61ms
55ms Image
image/webp 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.hellooha.com/revamp/assets/flags/lb.png
Requested by: Host: www.hellooha.com
URL: https://www.hellooha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: d23ae748bb370a97419498032c3ba90aecc243f740b3232d8d046ab66d1b112b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:22 GMT
x-downloadsize: 943
cdn-edgestorageid: 756
x-bo-processingtime: 0
cdn-cachedat: 11/21/2021 12:18:09
cdn-pullzone: 87635
content-length: 1236
server: BunnyCDN-DE1-756
x-bo-server: UK-143
last-modified: Sun, 21 Nov 2021 11:18:09 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
x-bo-origindownloadtime: 2
content-type: image/webp
cdn-cache: HIT
cdn-uid: f2b248df-ee3a-4310-ab4a-33df2016cf0e
cache-control: public, max-age=31919000
x-bo-compressionratio: 0%
cdn-requestid: e199030eab938a20fa002cb11bb18c5d
x-bo-cachehit: MISS
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 csdhxybzahk23_q.jpg
static.hellooha.com/uploads/thumbs/questions/small/ 818 B
1 KB 64ms
58ms Image
image/webp 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.hellooha.com/uploads/thumbs/questions/small/csdhxybzahk23_q.jpg
Requested by: Host: www.hellooha.com
URL: https://www.hellooha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 51c4b27f52bb850ae843d8dc1f64a215a8fde17e8b1df9f2e2da64ad853e66b0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:22 GMT
x-downloadsize: 2282
cdn-edgestorageid: 756
x-bo-processingtime: 0
cdn-cachedat: 12/04/2021 21:22:52
cdn-pullzone: 87635
content-length: 818
server: BunnyCDN-DE1-756
x-bo-server: UK-143
last-modified: Sat, 04 Dec 2021 20:22:02 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
x-bo-origindownloadtime: 2
content-type: image/webp
cdn-cache: HIT
cdn-uid: f2b248df-ee3a-4310-ab4a-33df2016cf0e
cache-control: public, max-age=31919000
x-bo-compressionratio: 64.15%
cdn-requestid: a6e9859435a87e7372cd1bbafb788efd
x-bo-cachehit: HIT
cdn-requestcountrycode: GB
cdn-status: 200
x-bo-lb-server: UK-143
cdn-requestpullsuccess: True

GET
H2 200 ugondjehcsy46_q.jpg
static.hellooha.com/uploads/thumbs/questions/small/ 528 B
1 KB 61ms
55ms Image
image/webp 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.hellooha.com/uploads/thumbs/questions/small/ugondjehcsy46_q.jpg
Requested by: Host: www.hellooha.com
URL: https://www.hellooha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 3f510f46a5ed1d420f473581bf8008d4c70f6a8f9361a3b3dca7c9e05f47699b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:22 GMT
x-downloadsize: 1728
cdn-edgestorageid: 756
x-bo-processingtime: 0
cdn-cachedat: 12/04/2021 14:32:49
cdn-pullzone: 87635
content-length: 528
server: BunnyCDN-DE1-756
x-bo-server: UK-143
last-modified: Sat, 04 Dec 2021 13:32:49 GMT
cdn-proxyver: 1.01
cdn-requestpullcode: 200
x-bo-origindownloadtime: 2
content-type: image/webp
cdn-cache: HIT
cdn-uid: f2b248df-ee3a-4310-ab4a-33df2016cf0e
cache-control: public, max-age=31919000
x-bo-compressionratio: 69.44%
cdn-requestid: 25ca0ffac2037420a60988ef5734963a
x-bo-cachehit: MISS
cdn-requestcountrycode: GB
cdn-status: 200
x-bo-lb-server: UK-143
cdn-requestpullsuccess: True

GET
H2 200 mzgjfyherzh95_q.jpg
static.hellooha.com/uploads/thumbs/questions/small/ 818 B
1 KB 61ms
56ms Image
image/webp 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.hellooha.com/uploads/thumbs/questions/small/mzgjfyherzh95_q.jpg
Requested by: Host: www.hellooha.com
URL: https://www.hellooha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 6a8272dba4ea90364c5b576afdc8b987d4effdbc1bb57592c385aaff15b83dc6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:22 GMT
x-downloadsize: 2245
cdn-edgestorageid: 756
x-bo-processingtime: 0
cdn-cachedat: 12/02/2021 14:03:32
cdn-pullzone: 87635
content-length: 818
server: BunnyCDN-DE1-756
x-bo-server: UK-143
last-modified: Thu, 02 Dec 2021 13:03:32 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
x-bo-origindownloadtime: 2
content-type: image/webp
cdn-cache: HIT
cdn-uid: f2b248df-ee3a-4310-ab4a-33df2016cf0e
cache-control: public, max-age=31919000
x-bo-compressionratio: 63.56%
cdn-requestid: 630d3304c96c3158a4dce826c405da3e
x-bo-cachehit: MISS
cdn-requestcountrycode: GB
cdn-status: 200
x-bo-lb-server: UK-143
cdn-requestpullsuccess: True

GET
H2 200 saoqukheokb64_q.jpg
static.hellooha.com/uploads/thumbs/questions/small/ 708 B
1 KB 63ms
57ms Image
image/webp 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.hellooha.com/uploads/thumbs/questions/small/saoqukheokb64_q.jpg
Requested by: Host: www.hellooha.com
URL: https://www.hellooha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 3455287c571dc23b212528cae63899e44e2d261d864cfff21040eb46d1962f44

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:22 GMT
x-downloadsize: 2085
cdn-edgestorageid: 756
x-bo-processingtime: 0
cdn-cachedat: 12/03/2021 21:02:44
cdn-pullzone: 87635
content-length: 708
server: BunnyCDN-DE1-756
x-bo-server: UK-143
last-modified: Fri, 03 Dec 2021 20:01:25 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
x-bo-origindownloadtime: 0
content-type: image/webp
cdn-cache: HIT
cdn-uid: f2b248df-ee3a-4310-ab4a-33df2016cf0e
cache-control: public, max-age=31919000
x-bo-compressionratio: 66.04%
cdn-requestid: 73969dde6727dba7b99aa4c152755545
x-bo-cachehit: HIT
cdn-requestcountrycode: GB
cdn-status: 200
x-bo-lb-server: UK-143
cdn-requestpullsuccess: True

GET
H2 200 cspwafsamxc69_q.jpg
static.hellooha.com/uploads/thumbs/questions/small/ 924 B
1 KB 62ms
56ms Image
image/webp 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.hellooha.com/uploads/thumbs/questions/small/cspwafsamxc69_q.jpg
Requested by: Host: www.hellooha.com
URL: https://www.hellooha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: e8f2518027c7b59b052a5455c4b0f636e057e2f9e2b89859477582e2e46cdbbd

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:22 GMT
x-downloadsize: 2299
cdn-edgestorageid: 756
x-bo-processingtime: 0
cdn-cachedat: 12/03/2021 01:05:28
cdn-pullzone: 87635
content-length: 924
server: BunnyCDN-DE1-756
x-bo-server: UK-24
last-modified: Fri, 03 Dec 2021 00:05:28 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
x-bo-origindownloadtime: 1
content-type: image/webp
cdn-cache: HIT
cdn-uid: f2b248df-ee3a-4310-ab4a-33df2016cf0e
cache-control: public, max-age=31919000
x-bo-compressionratio: 59.81%
cdn-requestid: 6a291c07b45049e156280c1ef00a19a1
x-bo-cachehit: MISS
cdn-requestcountrycode: GB
cdn-status: 200
x-bo-lb-server: UK-24
cdn-requestpullsuccess: True

GET
H2 200 87899.png
static.hellooha.com/uploads/thumbs/experts/small/ 800 B
1 KB 64ms
59ms Image
image/webp 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.hellooha.com/uploads/thumbs/experts/small/87899.png
Requested by: Host: www.hellooha.com
URL: https://www.hellooha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 38b5979ff6a50eb5a6f384fc44b2766ed3edd57bb146cd90bc2d4a8867d2311f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:22 GMT
x-downloadsize: 4928
cdn-edgestorageid: 756
x-bo-processingtime: 0
cdn-cachedat: 12/07/2021 04:35:02
cdn-pullzone: 87635
content-length: 800
server: BunnyCDN-DE1-756
x-bo-server: UK-143
last-modified: Tue, 07 Dec 2021 03:35:02 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
x-bo-origindownloadtime: 2
content-type: image/webp
cdn-cache: HIT
cdn-uid: f2b248df-ee3a-4310-ab4a-33df2016cf0e
cache-control: public, max-age=31919000
x-bo-compressionratio: 83.77%
cdn-requestid: b681e9f6de98dfa5598ae8a23e454a20
x-bo-cachehit: MISS
cdn-requestcountrycode: GB
cdn-status: 200
x-bo-lb-server: UK-143
cdn-requestpullsuccess: True

GET
H2 200 93231.jpg
static.hellooha.com/uploads/thumbs/experts/small/ 924 B
1 KB 62ms
57ms Image
image/webp 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.hellooha.com/uploads/thumbs/experts/small/93231.jpg
Requested by: Host: www.hellooha.com
URL: https://www.hellooha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: ad7b7eabbb7dd29070caadc54220c06c87e94ddb0fcfb49cb3516ea48f5bd3d4

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:22 GMT
x-downloadsize: 2317
cdn-edgestorageid: 756
x-bo-processingtime: 0
cdn-cachedat: 12/07/2021 22:36:57
cdn-pullzone: 87635
content-length: 924
server: BunnyCDN-DE1-756
x-bo-server: UK-143
last-modified: Tue, 07 Dec 2021 21:36:57 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
x-bo-origindownloadtime: 2
content-type: image/webp
cdn-cache: HIT
cdn-uid: f2b248df-ee3a-4310-ab4a-33df2016cf0e
cache-control: public, max-age=31919000
x-bo-compressionratio: 60.12%
cdn-requestid: c18756dac93f654a13ae5a7e8cd7d1d6
x-bo-cachehit: MISS
cdn-requestcountrycode: GB
cdn-status: 200
x-bo-lb-server: UK-143
cdn-requestpullsuccess: True

GET
H2 200 44670.jpg
static.hellooha.com/uploads/thumbs/experts/small/ 1 KB
2 KB 63ms
58ms Image
image/webp 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.hellooha.com/uploads/thumbs/experts/small/44670.jpg
Requested by: Host: www.hellooha.com
URL: https://www.hellooha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 3b0390a8e6a14fe0a45056715e965cfe921c3a13f2161d76539610a211e0660a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:22 GMT
x-downloadsize: 2456
cdn-edgestorageid: 756
x-bo-processingtime: 0
cdn-cachedat: 12/07/2021 11:39:49
cdn-pullzone: 87635
content-length: 1136
server: BunnyCDN-DE1-756
x-bo-server: UK-143
last-modified: Tue, 07 Dec 2021 10:39:49 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
x-bo-origindownloadtime: 2
content-type: image/webp
cdn-cache: HIT
cdn-uid: f2b248df-ee3a-4310-ab4a-33df2016cf0e
cache-control: public, max-age=31919000
x-bo-compressionratio: 53.75%
cdn-requestid: 2d2677ea937cb9eb6bfdb99765478ba1
x-bo-cachehit: MISS
cdn-requestcountrycode: GB
cdn-status: 200
x-bo-lb-server: UK-143
cdn-requestpullsuccess: True

GET
H2 200 qimehvelgaw29_article.jpg
static.hellooha.com/uploads/thumbs/articles/normal/ 2 KB
3 KB 63ms
58ms Image
image/webp 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.hellooha.com/uploads/thumbs/articles/normal/qimehvelgaw29_article.jpg
Requested by: Host: www.hellooha.com
URL: https://www.hellooha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 0172a68e22818fc61f3acff8b00a981e21529ff5e708f5ee3482d3e1c28c2467

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:22 GMT
x-downloadsize: 8274
cdn-edgestorageid: 756
x-bo-processingtime: 0
cdn-cachedat: 12/06/2021 14:37:24
cdn-pullzone: 87635
content-length: 2260
server: BunnyCDN-DE1-756
x-bo-server: UK-143
last-modified: Mon, 06 Dec 2021 13:37:24 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
x-bo-origindownloadtime: 2
content-type: image/webp
cdn-cache: HIT
cdn-uid: f2b248df-ee3a-4310-ab4a-33df2016cf0e
cache-control: public, max-age=31919000
x-bo-compressionratio: 72.69%
cdn-requestid: cc8c75cff6adf30a8953a10f75960b0c
x-bo-cachehit: MISS
cdn-requestcountrycode: GB
cdn-status: 200
x-bo-lb-server: UK-143
cdn-requestpullsuccess: True

GET
H2 200 ohzjtbntrgt34_article.jpg
static.hellooha.com/uploads/thumbs/articles/normal/ 10 KB
10 KB 63ms
59ms Image
image/webp 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.hellooha.com/uploads/thumbs/articles/normal/ohzjtbntrgt34_article.jpg
Requested by: Host: www.hellooha.com
URL: https://www.hellooha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 6b08313f5f932e0f6b078523ba7e18180f2e38994ca09f0dfb706845a56f8e6b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:22 GMT
x-downloadsize: 21025
cdn-edgestorageid: 756
x-bo-processingtime: 1
cdn-cachedat: 12/05/2021 16:41:46
cdn-pullzone: 87635
content-length: 9774
server: BunnyCDN-DE1-756
x-bo-server: UK-24
last-modified: Sun, 05 Dec 2021 15:41:46 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
x-bo-origindownloadtime: 2
content-type: image/webp
cdn-cache: HIT
cdn-uid: f2b248df-ee3a-4310-ab4a-33df2016cf0e
cache-control: public, max-age=31919000
x-bo-compressionratio: 53.51%
cdn-requestid: b36e6120fc1586fd0821a0fa26a4f3e3
x-bo-cachehit: MISS
cdn-requestcountrycode: GB
cdn-status: 200
x-bo-lb-server: UK-24
cdn-requestpullsuccess: True

GET
H2 200 9.jpg
static.hellooha.com/revamp/assets/default/web/1/ 11 KB
11 KB 83ms
78ms Image
image/webp 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.hellooha.com/revamp/assets/default/web/1/9.jpg
Requested by: Host: www.hellooha.com
URL: https://www.hellooha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 5050d9f2c0b9a52a4aa0e670d89dc2f8d9bd5ed8ed7089fbeb554f0385dcf08c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:22 GMT
x-downloadsize: 5985
cdn-edgestorageid: 756
x-bo-processingtime: 0
cdn-cachedat: 12/07/2021 23:14:22
cdn-pullzone: 87635
content-length: 11164
server: BunnyCDN-DE1-756
x-bo-server: UK-143
last-modified: Tue, 07 Dec 2021 22:14:22 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
x-bo-origindownloadtime: 2
content-type: image/webp
cdn-cache: MISS
cdn-uid: f2b248df-ee3a-4310-ab4a-33df2016cf0e
cache-control: public, max-age=31919000
x-bo-compressionratio: 0%
cdn-requestid: c66d7fac22a30ef4a60e7887ccc8bb2a
x-bo-cachehit: MISS
cdn-requestcountrycode: GB
cdn-status: 200
x-bo-lb-server: UK-143
cdn-requestpullsuccess: True

GET
H2 200 video-598-757.jpg
static.hellooha.com/uploads/thumbs/videos/normal/ 7 KB
7 KB 74ms
70ms Image
image/webp 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.hellooha.com/uploads/thumbs/videos/normal/video-598-757.jpg
Requested by: Host: www.hellooha.com
URL: https://www.hellooha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 7cd3ecefc59b25e80c72ced6538e4c62a2b7c286f6dc9eb77d708ca5ec145ff8

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:22 GMT
x-downloadsize: 16795
cdn-edgestorageid: 756
x-bo-processingtime: 0
cdn-cachedat: 08/11/2021 11:31:23
cdn-pullzone: 87635
server: BunnyCDN-DE1-756
x-bo-server: DE-119
last-modified: Wed, 11 Aug 2021 09:31:23 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
x-bo-origindownloadtime: 95
content-type: image/webp
cdn-cache: HIT
cdn-uid: f2b248df-ee3a-4310-ab4a-33df2016cf0e
cache-control: public, max-age=31919000
x-bo-compressionratio: 59.81%
cdn-requestid: e65535cfa988af1e05ed278fe9bc713d
x-bo-cachehit: MISS
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 dmzplpmixzc35_article.jpg
static.hellooha.com/uploads/thumbs/articles/normal/ 4 KB
5 KB 64ms
59ms Image
image/webp 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.hellooha.com/uploads/thumbs/articles/normal/dmzplpmixzc35_article.jpg
Requested by: Host: www.hellooha.com
URL: https://www.hellooha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 6b07c9f6e79629bfca1b3f0d6977a8763197613c9c2b2fe52befa2cfd596bf76

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:22 GMT
x-downloadsize: 11839
cdn-edgestorageid: 756
x-bo-processingtime: 0
cdn-cachedat: 12/06/2021 14:37:24
cdn-pullzone: 87635
content-length: 4496
server: BunnyCDN-DE1-756
x-bo-server: UK-24
last-modified: Mon, 06 Dec 2021 13:37:24 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
x-bo-origindownloadtime: 2
content-type: image/webp
cdn-cache: HIT
cdn-uid: f2b248df-ee3a-4310-ab4a-33df2016cf0e
cache-control: public, max-age=31919000
x-bo-compressionratio: 62.02%
cdn-requestid: d6ab17d0fe2ce9dfde80ff46a3b57238
x-bo-cachehit: MISS
cdn-requestcountrycode: GB
cdn-status: 200
x-bo-lb-server: UK-24
cdn-requestpullsuccess: True

GET
H2 200 jjiybegfcay69_article.jpg
static.hellooha.com/uploads/thumbs/articles/normal/ 8 KB
9 KB 66ms
61ms Image
image/webp 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.hellooha.com/uploads/thumbs/articles/normal/jjiybegfcay69_article.jpg
Requested by: Host: www.hellooha.com
URL: https://www.hellooha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: c448c85c8b2ff2ee8bf39a9427dceef66b7f1af4b640629205c5aee61b63ead7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:22 GMT
x-downloadsize: 18097
cdn-edgestorageid: 756
x-bo-processingtime: 0
cdn-cachedat: 12/06/2021 14:37:24
cdn-pullzone: 87635
content-length: 8418
server: BunnyCDN-DE1-756
x-bo-server: UK-143
last-modified: Mon, 06 Dec 2021 13:37:24 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
x-bo-origindownloadtime: 4
content-type: image/webp
cdn-cache: HIT
cdn-uid: f2b248df-ee3a-4310-ab4a-33df2016cf0e
cache-control: public, max-age=31919000
x-bo-compressionratio: 53.48%
cdn-requestid: bb7782c77652e8cea1c7161767540c16
x-bo-cachehit: MISS
cdn-requestcountrycode: GB
cdn-status: 200
x-bo-lb-server: UK-143
cdn-requestpullsuccess: True

GET
H2 200 8.jpg
static.hellooha.com/revamp/assets/default/web/1/ 7 KB
7 KB 64ms
60ms Image
image/webp 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.hellooha.com/revamp/assets/default/web/1/8.jpg
Requested by: Host: www.hellooha.com
URL: https://www.hellooha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 9f71f8d5bc1e5c201feedabcdecb23afc8ebe4bc8975585ef595dca0ef1c4472

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:22 GMT
x-downloadsize: 4089
cdn-edgestorageid: 756
x-bo-processingtime: 0
cdn-cachedat: 12/06/2021 22:28:58
cdn-pullzone: 87635
content-length: 6798
server: BunnyCDN-DE1-756
x-bo-server: UK-24
last-modified: Mon, 06 Dec 2021 21:28:58 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
x-bo-origindownloadtime: 2
content-type: image/webp
cdn-cache: HIT
cdn-uid: f2b248df-ee3a-4310-ab4a-33df2016cf0e
cache-control: public, max-age=31919000
x-bo-compressionratio: 0%
cdn-requestid: 4e6e33fca9929050b690c257ee02a0f3
x-bo-cachehit: MISS
cdn-requestcountrycode: GB
cdn-status: 200
x-bo-lb-server: UK-24
cdn-requestpullsuccess: True

GET
H2 200 video-597-684.jpg
static.hellooha.com/uploads/thumbs/videos/normal/ 7 KB
8 KB 73ms
69ms Image
image/webp 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.hellooha.com/uploads/thumbs/videos/normal/video-597-684.jpg
Requested by: Host: www.hellooha.com
URL: https://www.hellooha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 0b227c9f991c4d79ad561ac5991e551af4eb4130cec962c6358f19831b02a111

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:22 GMT
x-downloadsize: 17920
cdn-edgestorageid: 756
x-bo-processingtime: 0
cdn-cachedat: 12/05/2021 16:41:46
cdn-pullzone: 87635
content-length: 7372
server: BunnyCDN-DE1-756
x-bo-server: UK-24
last-modified: Sun, 05 Dec 2021 15:41:46 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
x-bo-origindownloadtime: 2
content-type: image/webp
cdn-cache: HIT
cdn-uid: f2b248df-ee3a-4310-ab4a-33df2016cf0e
cache-control: public, max-age=31919000
x-bo-compressionratio: 58.86%
cdn-requestid: c3afe15ac5b2fe1f373045f7931213d5
x-bo-cachehit: MISS
cdn-requestcountrycode: GB
cdn-status: 200
x-bo-lb-server: UK-24
cdn-requestpullsuccess: True

GET
H2 200 hellooha-tv-logo.png
static.hellooha.com/revamp/assets/imgs/ 4 KB
5 KB 73ms
69ms Image
image/webp 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.hellooha.com/revamp/assets/imgs/hellooha-tv-logo.png
Requested by: Host: www.hellooha.com
URL: https://www.hellooha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: bce310764472b2e43072d99c42ba6777ecb21e465a5aac05b37765d40cf76194

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:22 GMT
x-downloadsize: 4319
cdn-edgestorageid: 756
x-bo-processingtime: 0
cdn-cachedat: 12/06/2021 14:37:24
cdn-pullzone: 87635
content-length: 4570
server: BunnyCDN-DE1-756
x-bo-server: UK-143
last-modified: Mon, 06 Dec 2021 13:37:24 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
x-bo-origindownloadtime: 2
content-type: image/webp
cdn-cache: HIT
cdn-uid: f2b248df-ee3a-4310-ab4a-33df2016cf0e
cache-control: public, max-age=31919000
x-bo-compressionratio: 0%
cdn-requestid: ccf6e02bd5e7f59fc90301ec41f6e45b
x-bo-cachehit: MISS
cdn-requestcountrycode: GB
cdn-status: 200
x-bo-lb-server: UK-143
cdn-requestpullsuccess: True

GET
H2 200 video-500-939.jpg
static.hellooha.com/uploads/thumbs/videos/big/ 57 KB
57 KB 67ms
63ms Image
image/webp 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.hellooha.com/uploads/thumbs/videos/big/video-500-939.jpg
Requested by: Host: www.hellooha.com
URL: https://www.hellooha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: eae6794dde8bff3425b5650d9f4e9da15103d1eb6beee4d4e9640be338f568fb

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:22 GMT
x-downloadsize: 116767
cdn-edgestorageid: 756
x-bo-processingtime: 8
cdn-cachedat: 12/07/2021 12:05:22
cdn-pullzone: 87635
content-length: 57904
server: BunnyCDN-DE1-756
x-bo-server: UK-24
last-modified: Tue, 07 Dec 2021 11:05:22 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
x-bo-origindownloadtime: 6
content-type: image/webp
cdn-cache: HIT
cdn-uid: f2b248df-ee3a-4310-ab4a-33df2016cf0e
cache-control: public, max-age=31919000
x-bo-compressionratio: 50.41%
cdn-requestid: 7dea79061a05009e68f8d5099d2138cf
x-bo-cachehit: MISS
cdn-requestcountrycode: GB
cdn-status: 200
x-bo-lb-server: UK-24
cdn-requestpullsuccess: True

GET
H2 200 video-320-397.jpg
static.hellooha.com/uploads/thumbs/videos/normal/ 9 KB
9 KB 72ms
69ms Image
image/webp 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.hellooha.com/uploads/thumbs/videos/normal/video-320-397.jpg
Requested by: Host: www.hellooha.com
URL: https://www.hellooha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: dc020ca98a332e1411c455aaa418d5dfef652a20aac8218b54180f86c671f2f0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:22 GMT
x-downloadsize: 19076
cdn-edgestorageid: 756
x-bo-processingtime: 0
cdn-cachedat: 12/07/2021 12:05:22
cdn-pullzone: 87635
content-length: 8820
server: BunnyCDN-DE1-756
x-bo-server: UK-143
last-modified: Tue, 07 Dec 2021 11:05:22 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
x-bo-origindownloadtime: 4
content-type: image/webp
cdn-cache: HIT
cdn-uid: f2b248df-ee3a-4310-ab4a-33df2016cf0e
cache-control: public, max-age=31919000
x-bo-compressionratio: 53.76%
cdn-requestid: f72a2e0981f85c7d5b0fc8dbbc391268
x-bo-cachehit: MISS
cdn-requestcountrycode: GB
cdn-status: 200
x-bo-lb-server: UK-143
cdn-requestpullsuccess: True

GET
H2 200 video-239-581.jpg
static.hellooha.com/uploads/thumbs/videos/normal/ 8 KB
9 KB 72ms
68ms Image
image/webp 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.hellooha.com/uploads/thumbs/videos/normal/video-239-581.jpg
Requested by: Host: www.hellooha.com
URL: https://www.hellooha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 863b4141689c4d33af87fccdd7d78b16cd0d6c185295619848fbb6a56e5a91af

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:22 GMT
x-downloadsize: 18522
cdn-edgestorageid: 756
x-bo-processingtime: 0
cdn-cachedat: 12/06/2021 18:40:38
cdn-pullzone: 87635
content-length: 8370
server: BunnyCDN-DE1-756
x-bo-server: UK-143
last-modified: Mon, 06 Dec 2021 17:40:38 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
x-bo-origindownloadtime: 3
content-type: image/webp
cdn-cache: HIT
cdn-uid: f2b248df-ee3a-4310-ab4a-33df2016cf0e
cache-control: public, max-age=31919000
x-bo-compressionratio: 54.81%
cdn-requestid: b9238ce20523a8353d639604770ec94b
x-bo-cachehit: MISS
cdn-requestcountrycode: GB
cdn-status: 200
x-bo-lb-server: UK-143
cdn-requestpullsuccess: True

GET
H2 200 video-145-996.jpg
static.hellooha.com/uploads/thumbs/videos/normal/ 7 KB
8 KB 73ms
69ms Image
image/webp 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.hellooha.com/uploads/thumbs/videos/normal/video-145-996.jpg
Requested by: Host: www.hellooha.com
URL: https://www.hellooha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 913adb2f13139e1370f47474f3dade8eb88d7c0ced5c74f342ee41512526ad4d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:22 GMT
x-downloadsize: 17703
cdn-edgestorageid: 756
x-bo-processingtime: 1
cdn-cachedat: 12/07/2021 12:05:22
cdn-pullzone: 87635
content-length: 7376
server: BunnyCDN-DE1-756
x-bo-server: UK-24
last-modified: Tue, 07 Dec 2021 11:05:22 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
x-bo-origindownloadtime: 2
content-type: image/webp
cdn-cache: HIT
cdn-uid: f2b248df-ee3a-4310-ab4a-33df2016cf0e
cache-control: public, max-age=31919000
x-bo-compressionratio: 58.33%
cdn-requestid: d42a67142cc17c44c547159af5195dba
x-bo-cachehit: MISS
cdn-requestcountrycode: GB
cdn-status: 200
x-bo-lb-server: UK-24
cdn-requestpullsuccess: True

GET
H2 200 video-96-492.jpg
static.hellooha.com/uploads/thumbs/videos/normal/ 8 KB
8 KB 73ms
69ms Image
image/webp 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.hellooha.com/uploads/thumbs/videos/normal/video-96-492.jpg
Requested by: Host: www.hellooha.com
URL: https://www.hellooha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 39eeaa90542f92247d65526135959d9ff07c3a1671298dfc1ad4a55c2b4b5f02

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:22 GMT
x-downloadsize: 17924
cdn-edgestorageid: 756
x-bo-processingtime: 1
cdn-cachedat: 11/20/2021 14:08:56
cdn-pullzone: 87635
content-length: 7816
server: BunnyCDN-DE1-756
x-bo-server: UK-24
last-modified: Sat, 20 Nov 2021 13:08:56 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
x-bo-origindownloadtime: 2
content-type: image/webp
cdn-cache: HIT
cdn-uid: f2b248df-ee3a-4310-ab4a-33df2016cf0e
cache-control: public, max-age=31919000
x-bo-compressionratio: 56.39%
cdn-requestid: 70d1f1e2d57c59ff43194c93523121c4
x-bo-cachehit: MISS
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 alljs.min.js Show response
static.hellooha.com/revamp/assets/minFiles/ 214 KB
70 KB 43ms
43ms Script
application/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.hellooha.com/revamp/assets/minFiles/alljs.min.js
Requested by: Host: www.hellooha.com
URL: https://www.hellooha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 3fbcb9760313b13bb167692e57ff16cc9097e23a59b11129ceed6e475af5a7f5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:21 GMT
content-encoding: br
x-downloadsize: 219280
cdn-edgestorageid: 756
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 08/18/2021 08:00:21
cdn-pullzone: 87635
server: BunnyCDN-DE1-756
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-bo-server: UK-24
last-modified: Wed, 18 Aug 2021 06:00:14 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
x-bo-origindownloadtime: 8
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
cdn-uid: f2b248df-ee3a-4310-ab4a-33df2016cf0e
cache-control: public, max-age=31919000
cdn-requestid: 75425ffc4fa0d068403749d79e12c695
x-bo-cachehit: HIT
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 jquery.jscroll.js Show response
static.hellooha.com/revamp/assets/js/jscroll/ 5 KB
3 KB 52ms
52ms Script
application/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.hellooha.com/revamp/assets/js/jscroll/jquery.jscroll.js
Requested by: Host: www.hellooha.com
URL: https://www.hellooha.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 34d9d24af4509b05f1446f40d4d25c94d8177c12c3c9991fc69d3f84dbd823a0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:21 GMT
content-encoding: br
x-downloadsize: 9716
cdn-edgestorageid: 756
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-bo-processingtime: 1
cdn-cachedat: 08/11/2021 02:31:43
cdn-pullzone: 87635
server: BunnyCDN-DE1-756
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-bo-server: DE-42
last-modified: Wed, 11 Aug 2021 00:31:43 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
x-bo-origindownloadtime: 19
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
cdn-uid: f2b248df-ee3a-4310-ab4a-33df2016cf0e
cache-control: public, max-age=31919000
x-bo-compressionratio: 0%
cdn-requestid: fb76b7ec4c3551efdd7202033e043c99
x-bo-cachehit: MISS
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 146ms
52ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.hellooha.com
URL: https://www.hellooha.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

799d10827528c1cf1c199537b65f470d307f04b5bd5f807155fcef877b09b109

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1066 / 857 of 1000 / last-modified: 1638903584"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27046
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 07 Dec 2021 22:14:22 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 133ms
40ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-68314828-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2362
date: Tue, 07 Dec 2021 21:35:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 07 Dec 2021 23:35:00 GMT

GET
H2 200 tag.js Show response
t.effectivemeasure.net/ 22 KB
7 KB 149ms
48ms Script
application/javascript 18.66.97.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.effectivemeasure.net/tag.js?1638
Requested by: Host: www.hellooha.com
URL: https://www.hellooha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-6.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be1c4031c965bdf06827008cc018d79cbed689468cd9be0e6810a56a5f6617d7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 04 Dec 2021 05:44:22 GMT
content-encoding: gzip
last-modified: Wed, 10 Jun 2020 01:00:17 GMT
server: AmazonS3
age: 318601
etag: W/"93cb9d1cb96864d82a396bd64bd41630"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: O3a7WZEATOQUEXh0NtsTxnF269jGh9BQ
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
cache-control: public, max-age=604800
x-amz-cf-pop: FRA56-P2
content-type: application/javascript
x-amz-cf-id: W8TEmIQ2zSrnSTjSIw4VL576u4T2MEPL6W4lzsHbdvQt3U468DIz6g==

GET
H2 200 icons.png
static.hellooha.com/revamp/assets/imgs/ 20 KB
21 KB 70ms
70ms Image
image/webp 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.hellooha.com/revamp/assets/imgs/icons.png
Requested by: Host: static.hellooha.com
URL: https://static.hellooha.com/revamp/assets/minFiles/all-newcss.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: e05e9d751ebce3fd641e75682d5e4d3f859ced382c0a6190ae5679d2e6681756

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://static.hellooha.com/revamp/assets/minFiles/all-newcss.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:22 GMT
x-downloadsize: 67065
cdn-edgestorageid: 756
x-bo-processingtime: 2
cdn-cachedat: 08/11/2021 11:53:33
cdn-pullzone: 87635
server: BunnyCDN-DE1-756
x-bo-server: DE-139
last-modified: Wed, 11 Aug 2021 09:53:33 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
x-bo-origindownloadtime: 102
content-type: image/webp
cdn-cache: HIT
cdn-uid: f2b248df-ee3a-4310-ab4a-33df2016cf0e
cache-control: public, max-age=31919000
x-bo-compressionratio: 68.82%
cdn-requestid: e91d27c1c0f4c2f0eab9447c39767466
x-bo-cachehit: MISS
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 logos.png
static.hellooha.com/revamp/assets/imgs/ 19 KB
20 KB 70ms
69ms Image
image/webp 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.hellooha.com/revamp/assets/imgs/logos.png
Requested by: Host: static.hellooha.com
URL: https://static.hellooha.com/revamp/assets/minFiles/all-newcss.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: f344276798df9aa1d360681b2647403f0b0f78ca1c9b974d6b5e287d0739154d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://static.hellooha.com/revamp/assets/minFiles/all-newcss.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:22 GMT
x-downloadsize: 45118
cdn-edgestorageid: 756
x-bo-processingtime: 1
cdn-cachedat: 08/11/2021 08:53:56
cdn-pullzone: 87635
server: BunnyCDN-DE1-756
x-bo-server: DE-133
last-modified: Wed, 11 Aug 2021 06:53:56 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
x-bo-origindownloadtime: 58
content-type: image/webp
cdn-cache: HIT
cdn-uid: f2b248df-ee3a-4310-ab4a-33df2016cf0e
cache-control: public, max-age=31919000
x-bo-compressionratio: 56.59%
cdn-requestid: 7160719adbda3b0a749efac40c5b4c24
x-bo-cachehit: MISS
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/ 74 KB
75 KB 206ms
138ms Font
application/octet-stream 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21b9f5c85149272e89310e9bc515a4b09bc41f2190f3a6d12355f98d51d11386

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css
Origin: https://www.hellooha.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:22 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 414792
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 75728
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-127d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0z%2FyQj3FxEYhu%2B2HsNMYyFz8umq9Yzt1ExidRmik3Kqc6wRV5BjtLhG6LhllQXptyFmtcGtOFT4J8HV59Qhl8Hk2bDJAMOyCCGmpucnEmgeRNCQYgo0gqzliIunwtaNo8vLa8zg8lvCwtPEvK8xiF%2Fek"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ba11b43fce959f5-MXP
expires: Sun, 27 Nov 2022 22:14:22 GMT

GET
H2 200 Dubai-Regular.woff2
static.hellooha.com/revamp/assets/fonts/ 50 KB
51 KB 148ms
65ms Font
application/octet-stream 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hellooha.com/revamp/assets/fonts/Dubai-Regular.woff2

Requested by

Host: static.hellooha.com
URL: https://static.hellooha.com/revamp/assets/minFiles/all-newcss.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-89-187-169-47.cdn77.com

Software

BunnyCDN-DE1-756 /

Resource Hash

950711f3f17b6e5cccc28117a6e8116960741883e1b06785d7d08ccc49f53b52

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubdomains

Request headers

Referer: https://static.hellooha.com/revamp/assets/minFiles/all-newcss.min.css
Origin: https://www.hellooha.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:22 GMT
cdn-edgestorageid: 756
access-control-allow-origin: *
cdn-cachedat: 08/08/2021 23:13:09
cdn-pullzone: 87635
content-length: 51332
server: BunnyCDN-DE1-756
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
last-modified: Fri, 19 Mar 2021 15:12:24 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 206
strict-transport-security: max-age=16070400; includeSubdomains
content-type: application/octet-stream
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-uid: f2b248df-ee3a-4310-ab4a-33df2016cf0e
cdn-requestid: a8863f09ff4918017dd6e1ff4c8ddbde
accept-ranges: bytes
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/ 74 KB
74 KB 268ms
201ms Font
application/octet-stream 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2a312366d18edca2c0b52242426d2d4bbc933707d663d93abad85e37307711f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css
Origin: https://www.hellooha.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:22 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 417228
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 75336
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-12648"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=00zSfwRqbYJ9lw5RQ6S8qpU6ZwGvS%2FxittBcojAhtPw5GbBiXu%2BRW2%2BBXNSLjL2DPRtnaebYzbWCP5ACglEB6sSZyvaQmDchrczJK4T20EjKVcIgPHqGxCtOoh0TSgE66K8CuSK2cwL6hm59JF6HkCZd"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ba11b43fce759f5-MXP
expires: Sun, 27 Nov 2022 22:14:22 GMT

GET
H3 200 fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/ 13 KB
14 KB 141ms
74ms Font
application/octet-stream 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/fa-regular-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e141b13f6023856285675982eb34b170be06bfd56b993953015ba767c508298e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css
Origin: https://www.hellooha.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:22 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6068090
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 13584
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-3510"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ia1Qy4rw%2FAIuNFM1G9t23A9lD8xAi6otCKFI6Ndm2GHrqIaYaXtIQpEaPfXPEGMYZYOg%2Bzuv%2FpG9QaLTGvGDruInIAMOPaAy%2Fh5ZoNg0%2F9Z5KIke3nPSfDEZEva42VflAUvxI30njEnY2jOmwikf8FW0"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ba11b43fce459f5-MXP
expires: Sun, 27 Nov 2022 22:14:22 GMT

GET
H2 200 Dubai-Bold.woff2
static.hellooha.com/revamp/assets/fonts/ 50 KB
51 KB 165ms
83ms Font
application/octet-stream 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hellooha.com/revamp/assets/fonts/Dubai-Bold.woff2

Requested by

Host: static.hellooha.com
URL: https://static.hellooha.com/revamp/assets/minFiles/all-newcss.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-89-187-169-47.cdn77.com

Software

BunnyCDN-DE1-756 /

Resource Hash

5d0b6c627a9041558a937fa750d04ca293cca97512a105dc920a14f23bf463e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubdomains

Request headers

Referer: https://static.hellooha.com/revamp/assets/minFiles/all-newcss.min.css
Origin: https://www.hellooha.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:22 GMT
cdn-edgestorageid: 756
access-control-allow-origin: *
cdn-cachedat: 08/11/2021 05:14:33
cdn-pullzone: 87635
content-length: 51688
server: BunnyCDN-DE1-756
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
last-modified: Fri, 19 Mar 2021 15:12:24 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 206
strict-transport-security: max-age=16070400; includeSubdomains
content-type: application/octet-stream
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-uid: f2b248df-ee3a-4310-ab4a-33df2016cf0e
cdn-requestid: 8a7749250802c75a2471b499df327163
accept-ranges: bytes
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 478 B
654 B 141ms
47ms Script
text/html 34.252.133.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-mix2djWwZ10QbMk%2BqjMratT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-5ZHC8H1EcAEJWg%3D%3D&sc=1&os=1-2Q%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&qr=0&url=https%3A%2F%2Fwww.hellooha.com%2F&pcode=choueirigroupheaderdfp445340272806&rx=439159463936&callback=MoatNadoAllJsonpRequest_4106354
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/choueirigroupheaderdfp445340272806/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.133.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-133-182.eu-west-1.compute.amazonaws.com
Software: TornadoServer/4.5.3 /
Resource Hash: 514f958441b8942483ecc4f02d0f0916a0bb0eb25a81b39c8dd9820930986c65

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:22 GMT
cache-control: max-age=900
server: TornadoServer/4.5.3
timing-allow-origin: *
etag: "5e4689650fb8479c98fe66e1a0106447f454ed38"
content-length: 478
content-type: text/html; charset=UTF-8

GET
H2 200 iframe.html Show response
z.moatads.com/hd09824092/ Frame C0DC 1 KB
2 KB 54ms
54ms Document
text/html 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/hd09824092/iframe.html
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/choueirigroupheaderdfp445340272806/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/

Response headers

x-amz-id-2: 73D3e7gxcIPreNQjXMP3sBLOtDnOj9JIZZAZT+rKOJq0P+BOTo5PtgBQZAYHCuyKcJbI7T6r3BA=
x-amz-request-id: 8G1K3X3ZFSCY1R8R
last-modified: Tue, 26 Jan 2021 22:41:39 GMT
etag: "4a9cbc2e5bc164313dace42a58bef141"
accept-ranges: bytes
content-type: text/html
content-length: 1374
server: AmazonS3
cache-control: max-age=2081
date: Tue, 07 Dec 2021 22:14:22 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 124 KB
42 KB 98ms
49ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PKS75S3

Requested by

Host: www.hellooha.com
URL: https://www.hellooha.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a5c4a1a198b34c336ca076ffe0dd5a6f4d03f987e9d89dc0a3ef98b6a7517f73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:22 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42996
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 07 Dec 2021 22:14:22 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 95ms
47ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=454152632&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hellooha.com%2F&ul=en-us&de=UTF-8&dt=%D8%AD%D9%84%D9%88%D9%84%20%D8%A7%D9%84%D9%82%D8%B6%D8%A7%D9%8A%D8%A7%20%D8%A7%D9%84%D8%A7%D8%AC%D8%AA%D9%85%D8%A7%D8%B9%D9%8A%D8%A9%20%D8%A7%D9%84%D9%85%D8%B9%D8%A7%D8%B5%D8%B1%D8%A9%20-%20%D8%AD%D9%84%D9%88%D9%87%D8%A7&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=897355147&gjid=1611044508&cid=552757844.1638915262&tid=UA-68314828-1&_gid=1739514437.1638915262&_r=1&gtm=2ouc10&z=118035283

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hellooha.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hellooha.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

get Show response
collector.effectivemeasure.net/beacon/
Redirect Chain

https://collector.effectivemeasure.net/beacon/get?cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1638915262152_1
https://collector.effectivemeasure.net/beacon/get?final=1&cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1638915262152_1

143 B
742 B

41ms
41ms

Script
text/javascript

54.170.178.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://collector.effectivemeasure.net/beacon/get?final=1&cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1638915262152_1

Requested by

Host: www.hellooha.com
URL: https://www.hellooha.com/

Protocol

HTTP/1.1

Server

54.170.178.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-170-178-48.eu-west-1.compute.amazonaws.com

Software

nginx/1.20.0 / Express

Resource Hash

c73212e269758faca86d4ac4a386b66d0a418246825789e5ca3ee424d60ef8dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 22:14:22 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx/1.20.0
X-Powered-By: Express
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 136
Expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 22:14:22 GMT
Server: nginx/1.20.0
X-Powered-By: Express
Vary: Accept
Content-Type: text/plain; charset=utf-8
Location: https://collector.effectivemeasure.net/beacon/get?final=1&cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1638915262152_1
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 160
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3 200 pubads_impl_2021120201.js Show response
securepubads.g.doubleclick.net/gpt/ 347 KB
116 KB 99ms
50ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

947dd8624842a892adc7ecc70ec3270e5792bb3cc509dd1ff5720f2f8fe66419

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119206
x-xss-protection: 0
last-modified: Thu, 02 Dec 2021 15:41:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 07 Dec 2021 22:14:22 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
446 B 109ms
35ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-68314828-1&cid=552757844.1638915262&jid=897355147&gjid=1611044508&_gid=1739514437.1638915262&_u=YEBAAUAAAAAAAC~&z=1196473205

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hellooha.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 07 Dec 2021 22:14:22 GMT
content-type: text/plain
access-control-allow-origin: https://www.hellooha.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js Show response
cdn.permutive.com/ 2 MB
337 KB 103ms
45ms Script
application/javascript 104.19.150.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
Requested by: Host: www.hellooha.com
URL: https://www.hellooha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.150.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1493f5a2d0198e8f0611dbd2fac2ddbd7a036f68451f793ed4c24dbd3b6b40c9

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:22 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: f3a06674-ebb9-4b9d-ba8f-0052018c0687
age: 1115
x-guploader-uploadid: ADPycds2vA-1V7AJfCbj7YnXSTSUwO4FKNJfY3TpVUEs_oUbt62khb_2JwgXjKHKx0xsOMXxSOff8yqyZ0sDN1zjfeYz0o2JQA
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-type: application/javascript
last-modified: Tue, 07 Dec 2021 12:55:23 GMT
server: cloudflare
etag: W/"893a7775e616f1f2b9c17bc019d33aac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=UHRD4A==, md5=iTp3deYW8fK5wXvAGdM6rA==
x-goog-generation: 1638881723980764
cache-control: public, max-age=900
x-goog-stored-content-length: 371505
cf-ray: 6ba11b45aed135cb-MAN
expires: Tue, 07 Dec 2021 22:29:22 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 144ms
53ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-68314828-1&cid=552757844.1638915262&jid=897355147&_u=YEBAAUAAAAAAAC~&z=1878920042

Requested by

Host: www.hellooha.com
URL: https://www.hellooha.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
501 B 171ms
53ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-68314828-1&cid=552757844.1638915262&jid=897355147&_u=YEBAAUAAAAAAAC~&z=1878920042

Requested by

Host: www.hellooha.com
URL: https://www.hellooha.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK detect Show response
detect-survey.effectivemeasure.net/ 19 B
461 B 144ms
40ms XHR
application/json 2600:9000:2251:dc00:1f:612c:5a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://detect-survey.effectivemeasure.net/detect?
Requested by: Host: t.effectivemeasure.net
URL: https://t.effectivemeasure.net/tag.js?1638
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:dc00:1f:612c:5a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: 703698fdddee88c290aad95747206c6aba8ad651f68172d2d52feedca0456d09

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 02:06:35 GMT
Via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
Connection: keep-alive
Age: 158867
X-Powered-By: Express
X-Cache: Hit from cloudfront
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
X-Amz-Cf-Pop: FRA60-P3
Content-Length: 19
X-Amz-Cf-Id: CqI_QeQdgpMkBYzYZcPEDBlQ8t8xIFAWLnkbp-trO7IeD9qBFPeV5g==

GET
H/1.1 200
OK sync_pixels Show response
collector.effectivemeasure.net/ 904 B
777 B 163ms
40ms XHR
application/json 54.170.178.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector.effectivemeasure.net/sync_pixels?pageURL=https%3A%2F%2Fwww.hellooha.com%2F&vt=ab7dea75-a0ee-4c19-8bfd-cf106cc952fc-17d96f64795-b8bdfd81
Requested by: Host: t.effectivemeasure.net
URL: https://t.effectivemeasure.net/tag.js?1638
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.170.178.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-170-178-48.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash: e9b3026971af721ac33eaed992249c8742270e0978597284778f6cf94d1df955

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 22:14:22 GMT
Content-Encoding: gzip
Server: nginx/1.20.0
X-Powered-By: Express
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 445
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK pixel
collector.effectivemeasure.net/ 35 B
288 B 41ms
41ms Image
image/gif 54.170.178.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector.effectivemeasure.net/pixel?et=pageview&ed=&br=t&vn=b21b8ec&tz=0&pu=https%3A%2F%2Fwww.hellooha.com%2F&vt=ab7dea75-a0ee-4c19-8bfd-cf106cc952fc-17d96f64795-b8bdfd81&vi=857a082b-61b6-48fe-9a39-ec32e52ecd25-17d96f647ae-dcfaf036&du=0&dt=0&c1=1&c3=1&pc=1&db=0&pr=&tt=%D8%AD%D9%84%D9%88%D9%84%20%D8%A7%D9%84%D9%82%D8%B6%D8%A7%D9%8A%D8%A7%20%D8%A7%D9%84%D8%A7%D8%AC%D8%AA%D9%85%D8%A7%D8%B9%D9%8A%D8%A9%20%D8%A7%D9%84%D9%85%D8%B9%D8%A7%D8%B5%D8%B1%D8%A9%20-%20%D8%AD%D9%84%D9%88%D9%87%D8%A7&te=232&sh=1200&sw=1600
Requested by: Host: www.hellooha.com
URL: https://www.hellooha.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.170.178.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-170-178-48.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 22:14:22 GMT
Server: nginx/1.20.0
X-Powered-By: Express
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 35
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 pxid Show response
f3a06674-ebb9-4b9d-ba8f-0052018c0687.prmutv.co/v2.0/ 46 B
454 B 117ms
37ms XHR
application/json 35.241.9.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://f3a06674-ebb9-4b9d-ba8f-0052018c0687.prmutv.co/v2.0/pxid?k=40da2992-202e-46c3-bd6d-d27455ebb9ca
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.9.241.35.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 50f83d97c52eddd1a6be35ca63b5163b19f32b2bc17e046fb60d8de3fb5547c8

Request headers

Referer: https://www.hellooha.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 07 Dec 2021 22:14:22 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://www.hellooha.com
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: clear
content-length: 64
via: 1.1 google

GET
H/1.1 200
OK getuidj Show response
ib.adnxs.com/ 11 B
692 B 140ms
52ms XHR
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: cdn.permutive.com
URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.hellooha.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 22:14:22 GMT
X-Proxy-Origin: 89.238.142.214; 89.238.142.214; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 488cf073-7189-4212-96cb-0fc05b314a5e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.hellooha.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 f3a06674-ebb9-4b9d-ba8f-0052018c0687-models.bin Show response
cdn.permutive.com/models/v2/ 148 KB
103 KB 85ms
35ms XHR
application/x-binary 104.19.150.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/models/v2/f3a06674-ebb9-4b9d-ba8f-0052018c0687-models.bin
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.150.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28c3d92e95cacf860845a870498047d50fb7589d3f8bcf646d87b6b49cf31b5f

Request headers

Referer: https://www.hellooha.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 07 Dec 2021 22:14:22 GMT
content-encoding: gzip
cf-cache-status: HIT
x-goog-meta-oid: f3a06674-ebb9-4b9d-ba8f-0052018c0687
age: 3263
x-guploader-uploadid: ADPycdu4_BT-NUqIYc91Xj4tgnVuUiUMsFizU-Q7O4cHX_7MQTdlhtn1IFWB_HuSdH3nRfBH1TCwTN6yVlSJn4N1Rk2Tg5EeNQ
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-type: application/x-binary
content-length: 104813
last-modified: Tue, 07 Dec 2021 06:02:13 GMT
server: cloudflare
etag: "5071cc75cf636baade536156f3767cdb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=W14qOA==, md5=UHHMdc9ja6reU2FW83Z82w==
x-goog-generation: 1638856933253716
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=900, no-transform
x-goog-stored-content-length: 104813
accept-ranges: bytes
cf-ray: 6ba11b475a26064c-MAN
expires: Tue, 07 Dec 2021 21:18:29 GMT

GET
H2 200 geoip Show response
api.permutive.com/v2.0/ 258 B
426 B 107ms
36ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=40da2992-202e-46c3-bd6d-d27455ebb9ca
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 9c509edb379d3eada4a7caf20512ab3d103e2bde38468ba2a1bba9b18c983821

Request headers

Referer: https://www.hellooha.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 07 Dec 2021 22:14:22 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://www.hellooha.com
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: clear
content-length: 170
via: 1.1 google

POST
H2 200 watson Show response
api.permutive.com/v2.0/ 190 B
241 B 111ms
41ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/watson?k=40da2992-202e-46c3-bd6d-d27455ebb9ca
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 3fc3c26e0a799d6674c02f8fbd9f97f6017e535612826ccc3466372dc1c8febb

Request headers

Referer: https://www.hellooha.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 07 Dec 2021 22:14:22 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: https://www.hellooha.com
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: clear
content-length: 170
via: 1.1 google

GET
H/1.1 200
OK set Show response
collector.effectivemeasure.net/beacon/ 97 B
652 B 41ms
41ms Script
text/javascript 54.170.178.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://collector.effectivemeasure.net/beacon/set?cookies=%7B%22gc%22%3A%22GB%22%2C%22mb%22%3A%220%22%7D&callback=cb1638915262152_2

Requested by

Host: t.effectivemeasure.net
URL: https://t.effectivemeasure.net/tag.js?1638

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.170.178.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-170-178-48.eu-west-1.compute.amazonaws.com

Software

nginx/1.20.0 / Express

Resource Hash

5fcfe06b81454efc92ed422981e0449737fb0530c6270aba47c20642688d0153

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 22:14:22 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx/1.20.0
X-Powered-By: Express
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 96
Expires: Thu, 01 Dec 1994 16:00:00 GMT

POST
H2 200 launchConfigs Show response
survey.effectivemeasure.net/ 2 B
122 B 113ms
113ms XHR
application/json 50.17.87.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://survey.effectivemeasure.net/launchConfigs
Requested by: Host: t.effectivemeasure.net
URL: https://t.effectivemeasure.net/tag.js?1638
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.17.87.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-17-87-205.compute-1.amazonaws.com
Software: / Express
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.hellooha.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: *
date: Tue, 07 Dec 2021 22:14:23 GMT
x-powered-by: Express
content-length: 2
content-type: application/json; charset=utf-8

OPTIONS
H2 204 launchConfigs
survey.effectivemeasure.net/ Frame 0
0 369ms
114ms Preflight 50.17.87.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://survey.effectivemeasure.net/launchConfigs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.17.87.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-17-87-205.compute-1.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.hellooha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 07 Dec 2021 22:14:22 GMT
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: content-type

GET
BLOB 200
OK 7588c410-76bc-4548-ad47-c7d601a86149
https://www.hellooha.com/ 2 MB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.hellooha.com/7588c410-76bc-4548-ad47-c7d601a86149
Requested by: Host: www.hellooha.com
URL: https://www.hellooha.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 313a203478fe480c297a51680c416cf3caa929b1de38b8a25e0a6a704ec30850

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length: 1610482

GET
H/1.1 200 9.gif
id5-sync.com/s/520/ 43 B
1009 B 168ms
41ms Image
image/gif 141.95.3.9
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/520/9.gif?puid=ab7dea75-a0ee-4c19-8bfd-cf106cc952fc&callback=https://collector.effectivemeasure.net/sync_webhook/mediarithmics/%7BID5UID%7D

Requested by

Host: www.hellooha.com
URL: https://www.hellooha.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

141.95.3.9 , France, ASN16276 (OVH, FR),

Reverse DNS

p32.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 22:14:11 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

GET
H/1.1

200
OK

67667aaf-590e-4c47-afb4-0c07f385fb25
collector.effectivemeasure.net/sync_webhook/carbon/
Redirect Chain

https://eus-api.ccgateway.net/v1/s/narratiive-syndication?puid=ab7dea75-a0ee-4c19-8bfd-cf106cc952fc&rdurl=https://collector.effectivemeasure.net/sync_webhook/carbon/{{ccuid}}
https://collector.effectivemeasure.net/sync_webhook/carbon/67667aaf-590e-4c47-afb4-0c07f385fb25

35 B
288 B

41ms
40ms

Image
image/gif

54.170.178.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector.effectivemeasure.net/sync_webhook/carbon/67667aaf-590e-4c47-afb4-0c07f385fb25
Requested by: Host: www.hellooha.com
URL: https://www.hellooha.com/
Protocol: HTTP/1.1
Server: 54.170.178.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-170-178-48.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 22:14:22 GMT
Server: nginx/1.20.0
X-Powered-By: Express
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 35
Expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

location: https://collector.effectivemeasure.net/sync_webhook/carbon/67667aaf-590e-4c47-afb4-0c07f385fb25
date: Tue, 07 Dec 2021 22:14:22 GMT
content-length: 118
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

google_gid
collector.effectivemeasure.net/sync_webhook/ddp/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=emi_ddp&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=emi_ddp&google_cm=&google_tc=
https://collector.effectivemeasure.net/sync_webhook/ddp/google_gid?google_gid=CAESEKSwIRfoQw9Wv7QVjEyzFtQ&google_cver=1

35 B
288 B

41ms
41ms

Image
image/gif

54.170.178.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector.effectivemeasure.net/sync_webhook/ddp/google_gid?google_gid=CAESEKSwIRfoQw9Wv7QVjEyzFtQ&google_cver=1
Requested by: Host: www.hellooha.com
URL: https://www.hellooha.com/
Protocol: HTTP/1.1
Server: 54.170.178.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-170-178-48.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 22:14:22 GMT
Server: nginx/1.20.0
X-Powered-By: Express
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 35
Expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://collector.effectivemeasure.net/sync_webhook/ddp/google_gid?google_gid=CAESEKSwIRfoQw9Wv7QVjEyzFtQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 320
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

b0e561af-dcbe-4700-a865-553fe50c78fd
collector.effectivemeasure.net/sync_webhook/mediamath/
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https://collector.effectivemeasure.net/sync_webhook/mediamath/[MM_UUID]
https://collector.effectivemeasure.net/sync_webhook/mediamath/b0e561af-dcbe-4700-a865-553fe50c78fd

35 B
288 B

39ms
38ms

Image
image/gif

54.170.178.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector.effectivemeasure.net/sync_webhook/mediamath/b0e561af-dcbe-4700-a865-553fe50c78fd
Requested by: Host: www.hellooha.com
URL: https://www.hellooha.com/
Protocol: HTTP/1.1
Server: 54.170.178.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-170-178-48.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 22:14:22 GMT
Server: nginx/1.20.0
X-Powered-By: Express
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 35
Expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

Date: Tue, 07 Dec 2021 22:14:22 GMT
Server: MT3 4103 f8fad19 master cdg-pixel-x8 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://collector.effectivemeasure.net/sync_webhook/mediamath/b0e561af-dcbe-4700-a865-553fe50c78fd
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Tue, 07 Dec 2021 22:14:21 GMT

GET
H/1.1

200
OK

b53d38afb17da9461733db0521eef12f
collector.effectivemeasure.net/sync_webhook/lotame/
Redirect Chain

https://bcp.crwdcntrl.net/5/c=10063?https://collector.effectivemeasure.net/sync_webhook/lotame/${profile_id}
https://bcp.crwdcntrl.net/5/ct=y/c=10063?https://collector.effectivemeasure.net/sync_webhook/lotame/${profile_id}
https://collector.effectivemeasure.net/sync_webhook/lotame/b53d38afb17da9461733db0521eef12f

35 B
288 B

39ms
38ms

Image
image/gif

54.170.178.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector.effectivemeasure.net/sync_webhook/lotame/b53d38afb17da9461733db0521eef12f
Requested by: Host: www.hellooha.com
URL: https://www.hellooha.com/
Protocol: HTTP/1.1
Server: 54.170.178.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-170-178-48.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 22:14:22 GMT
Server: nginx/1.20.0
X-Powered-By: Express
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 35
Expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:22 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://collector.effectivemeasure.net/sync_webhook/lotame/b53d38afb17da9461733db0521eef12f
cache-control: no-cache
x-server: 10.45.24.189
content-length: 0
expires: 0

GET
H/1.1

200
OK

7974635588630739833
collector.effectivemeasure.net/sync_webhook/adform/
Redirect Chain

https://dmp.adform.net/serving/cookie/match?party=1181
https://dmp.adform.net/serving/cookie/match?CC=1&party=1181
https://collector.effectivemeasure.net/sync_webhook/adform/7974635588630739833

35 B
288 B

41ms
41ms

Image
image/gif

54.170.178.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector.effectivemeasure.net/sync_webhook/adform/7974635588630739833
Requested by: Host: www.hellooha.com
URL: https://www.hellooha.com/
Protocol: HTTP/1.1
Server: 54.170.178.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-170-178-48.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 22:14:22 GMT
Server: nginx/1.20.0
X-Powered-By: Express
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 35
Expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:22 GMT
server: nginx
location: https://collector.effectivemeasure.net/sync_webhook/adform/7974635588630739833
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 204 usermatch.gif
beacon.krxd.net/ 0
338 B 139ms
41ms Image
text/plain 54.154.13.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=narratiive&partner_uid=ab7dea75-a0ee-4c19-8bfd-cf106cc952fc
Requested by: Host: www.hellooha.com
URL: https://www.hellooha.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.13.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-13-77.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:22 GMT
cache-control: private, no-cache, no-store
x-request-time: D=38 t=1638915262
x-served-by: beacon-n024-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

f852fa78-4ad4-408c-b09f-5539399c9f15
collector.effectivemeasure.net/sync_webhook/ttd/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=effective-measure&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=effective-measure&ttd_tpi=1
https://collector.effectivemeasure.net/sync_webhook/ttd/f852fa78-4ad4-408c-b09f-5539399c9f15

35 B
288 B

40ms
40ms

Image
image/gif

54.170.178.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector.effectivemeasure.net/sync_webhook/ttd/f852fa78-4ad4-408c-b09f-5539399c9f15
Requested by: Host: www.hellooha.com
URL: https://www.hellooha.com/
Protocol: HTTP/1.1
Server: 54.170.178.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-170-178-48.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 22:14:22 GMT
Server: nginx/1.20.0
X-Powered-By: Express
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 35
Expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:22 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://collector.effectivemeasure.net/sync_webhook/ttd/f852fa78-4ad4-408c-b09f-5539399c9f15
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 215

GET
H/1.1 200
OK salesforce
collector.effectivemeasure.net/sync_cbpixel/ 35 B
288 B 83ms
41ms Image
image/gif 54.170.178.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector.effectivemeasure.net/sync_cbpixel/salesforce
Requested by: Host: www.hellooha.com
URL: https://www.hellooha.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.170.178.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-170-178-48.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 22:14:22 GMT
Server: nginx/1.20.0
X-Powered-By: Express
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 35
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK set Show response
collector.effectivemeasure.net/beacon/ 100 B
549 B 75ms
39ms Script
text/javascript 54.170.178.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://collector.effectivemeasure.net/beacon/set?cookies=%7B%22dmp%22%3A%221638915262590%22%7D&callback=cb1638915262152_3

Requested by

Host: t.effectivemeasure.net
URL: https://t.effectivemeasure.net/tag.js?1638

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.170.178.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-170-178-48.eu-west-1.compute.amazonaws.com

Software

nginx/1.20.0 / Express

Resource Hash

d24a88cfa081080ac8df23079b26c3d03e2e1ea2647d26918a8323fd840c48b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 22:14:22 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx/1.20.0
X-Powered-By: Express
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 93
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
BLOB 200
OK 46f4fcad-745a-4503-bbf8-e084ffad30cc
https://www.hellooha.com/ 22 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.hellooha.com/46f4fcad-745a-4503-bbf8-e084ffad30cc
Requested by: Host: www.hellooha.com
URL: https://www.hellooha.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4b7ca476bbd6754bf6111aeb860dc7d3d51c4b62291c0d068b90a1fa38553c96

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length: 22499

POST
H2 200 identify Show response
api.permutive.com/v2.0/ 50 B
327 B 113ms
49ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/identify?k=40da2992-202e-46c3-bd6d-d27455ebb9ca
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: aec41abbc53ceebe8c5bf8d3da1b6e84f90e56d78afd94629f332810bc5ba7ee

Request headers

Referer: https://www.hellooha.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 07 Dec 2021 22:14:22 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: https://www.hellooha.com
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: clear
content-length: 70
via: 1.1 google

POST
H2 200 tpd Show response
api.permutive.com/v2.0/ 2 B
90 B 37ms
37ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/tpd?k=40da2992-202e-46c3-bd6d-d27455ebb9ca
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.hellooha.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 07 Dec 2021 22:14:22 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: https://www.hellooha.com
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: clear
content-length: 22
via: 1.1 google

GET
H/1.1 200
OK 562f6df1-a7b0-42fe-9168-ad796040ed61
collector.effectivemeasure.net/sync_webhook/permutive/ 35 B
288 B 42ms
41ms Image
image/gif 54.170.178.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector.effectivemeasure.net/sync_webhook/permutive/562f6df1-a7b0-42fe-9168-ad796040ed61
Requested by: Host: www.hellooha.com
URL: https://www.hellooha.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.170.178.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-170-178-48.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 22:14:22 GMT
Server: nginx/1.20.0
X-Powered-By: Express
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 35
Expires: Thu, 01 Dec 1994 16:00:00 GMT

POST segment
api.permutive.com/adv/v2/ 0
0

GET
H2

201

sync
api.permutive.com/v2.0/px/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=dbegppc&ttd_tpi=1&ttd_puid=40da2992-202e-46c3-bd6d-d27455ebb9ca,562f6df1-a7b0-42fe-9168-ad796040ed61
https://api.permutive.com/v2.0/px/sync?ku=40da2992-202e-46c3-bd6d-d27455ebb9ca,562f6df1-a7b0-42fe-9168-ad796040ed61&alias=f852fa78-4ad4-408c-b09f-5539399c9f15&type=tradedesk

35 B
107 B

37ms
36ms

Image
image/gif

34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.permutive.com/v2.0/px/sync?ku=40da2992-202e-46c3-bd6d-d27455ebb9ca,562f6df1-a7b0-42fe-9168-ad796040ed61&alias=f852fa78-4ad4-408c-b09f-5539399c9f15&type=tradedesk
Requested by: Host: www.hellooha.com
URL: https://www.hellooha.com/
Protocol: H2
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:22 GMT
via: 1.1 google
server: Permutive
alt-svc: clear
content-length: 35
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:22 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://api.permutive.com/v2.0/px/sync?ku=40da2992-202e-46c3-bd6d-d27455ebb9ca,562f6df1-a7b0-42fe-9168-ad796040ed61&alias=f852fa78-4ad4-408c-b09f-5539399c9f15&type=tradedesk
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 377

GET
H2 200 evidon-sitenotice-tag.js Show response
c.evidon.com/sitenotice/ 63 KB
17 KB 145ms
44ms Script
application/x-javascript 104.111.244.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Requested by: Host: www.hellooha.com
URL: https://www.hellooha.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.244.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-187.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 938c77a89e7d38efbff80ca2324b5191f90c6d790c247e0aabaae93bd62a7763

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:23 GMT
content-encoding: gzip
last-modified: Tue, 26 Oct 2021 20:19:58 GMT
server: AkamaiNetStorage
etag: "bb570c03cfa8a9909bf9644a3e5f5d80:1635279598.00544"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 16600
expires: Thu, 09 Dec 2021 22:14:23 GMT

GET
H2 200 country.js Show response
c.evidon.com/geo/ 253 B
464 B 165ms
64ms Script
application/x-javascript 104.111.244.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/geo/country.js
Requested by: Host: www.hellooha.com
URL: https://www.hellooha.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.244.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-187.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8937d691335c724e00112aa7715c3d801b29df4218e674aa9935fcd1183c7f4e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:23 GMT
content-encoding: gzip
last-modified: Sat, 14 Mar 2020 22:45:10 GMT
server: AkamaiNetStorage
etag: "ad5a60b092c0a1e65fa2392194bf2b00:1584225910.664905"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 179

GET
H2 200 snthemes.js Show response
c.evidon.com/sitenotice/5406/ 358 KB
7 KB 166ms
65ms Script
application/x-javascript 104.111.244.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/5406/snthemes.js
Requested by: Host: www.hellooha.com
URL: https://www.hellooha.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.244.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-187.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 1d6242130c995f7a7f0e58c20b53771114569cd61a2d4b71b869afa4224d5867

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:23 GMT
content-encoding: gzip
last-modified: Tue, 07 Dec 2021 11:34:23 GMT
server: AkamaiNetStorage
etag: "bd221a856d26484987c92f37d3b65c95:1638876862.793891"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 7026
expires: Thu, 09 Dec 2021 22:14:23 GMT

GET
H2 200 settings.js Show response
c.evidon.com/sitenotice/5406/hellooha/ 10 KB
2 KB 169ms
69ms Script
application/x-javascript 104.111.244.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/5406/hellooha/settings.js
Requested by: Host: www.hellooha.com
URL: https://www.hellooha.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.244.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-187.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 0f43d2a052e5fbbd13accee33c3f5f7e4a58012cc0d389f9ffe6d48fb390c025

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:23 GMT
content-encoding: gzip
last-modified: Sun, 28 Nov 2021 07:07:05 GMT
server: AkamaiNetStorage
etag: "58933ee2ca409675fa3943488ee0d4d7:1638083225.193474"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1436
expires: Thu, 09 Dec 2021 22:14:23 GMT

GET
H2 200 tagger.js Show response
tagger.opecloud.com/dms/v2/ 959 B
850 B 143ms
43ms Script
text/javascript 3.64.158.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagger.opecloud.com/dms/v2/tagger.js
Requested by: Host: www.hellooha.com
URL: https://www.hellooha.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.158.25 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-158-25.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bc9399a1d9cf60902f99fc281b1f891001e088e5da2a9eabd80b989a693f0bd2

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:23 GMT
content-encoding: gzip
cache-control: private, max-age=3600
p3p: CP="ADMa OUR IND DSP NON COR"
content-length: 504
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8

GET
H2

200

opecs.gif
tagger.opecloud.com/dbm/
Redirect Chain

https://tagger.opecloud.com/dms/v2/noscript-image.gif
https://tagger.opecloud.com/dms/v2/noscript-image.gif?trackability-redirect=true
https://cm.g.doubleclick.net/pixel?google_nid=1plusx_dmp&google_cm&state=2-6A3PWoWAZyvegboMoRS9qLCaTG7n&source=dms
https://tagger.opecloud.com/dbm/opecs.gif?state=2-6A3PWoWAZyvegboMoRS9qLCaTG7n&source=dms&google_gid=CAESECrUgZyTCvvyDas5rHQzd7w&google_cver=1

35 B
211 B

53ms
53ms

Image
image/gif

3.64.158.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tagger.opecloud.com/dbm/opecs.gif?state=2-6A3PWoWAZyvegboMoRS9qLCaTG7n&source=dms&google_gid=CAESECrUgZyTCvvyDas5rHQzd7w&google_cver=1
Protocol: H2
Server: 3.64.158.25 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-158-25.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:23 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 51
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://tagger.opecloud.com/dbm/opecs.gif?state=2-6A3PWoWAZyvegboMoRS9qLCaTG7n&source=dms&google_gid=CAESECrUgZyTCvvyDas5rHQzd7w&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 351
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 156ms
52ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=www.hellooha.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 22:14:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 152ms
57ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.hellooha.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 22:14:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 39 KB
16 KB 357ms
357ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1274005952116071&correlator=1023222731799683&output=ldjh&impl=fifs&eid=21068767&vrg=2021120201&ptt=17&sc=1&sfv=1-0-38&ecs=20211207&iu_parts=7229%3A21806012766%2CHellooha%2CHomepage&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=970x90%7C970x250%7C728x90%2C2x2%2C300x250%7C300x600&prev_scp=pos%3DLeaderboard%26adslot%3DLeaderboard%26m_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%7Cpos%3DN_W_Homepage%7Cpos%3DMPU%26adslot%3DMPU%26m_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dgv_obscenity%252Cgv_adult%252Cgv_hatespeech%252Cmoat_unsafe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable%26permutive%3D39078%252Crts%26puid%3D562f6df1-a7b0-42fe-9168-ad796040ed61%26ptime%3D1638915262560%26pt%3Dhomepage%26platform%3Dweb%26Topic%3D%25D8%25A7%25D9%2584%25D8%25B1%25D8%25A6%25D9%258A%25D8%25B3%25D9%258A%25D8%25A9&cookie_enabled=1&bc=31&abxe=1&lmt=1638915263&dt=1638915263410&dlt=1638915261741&idt=619&frm=20&biw=1600&bih=1200&oid=2&adxs=315%2C359%2C155&adys=130%2C620%2C890&adks=1199704972%2C3750250352%2C1030947372&ucis=1%7C2%7C3&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.hellooha.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1320x5941%7C1290x560%7C330x3134&msz=1290x90%7C410x0%7C300x0&ga_vid=552757844.1638915262&ga_sid=1638915263&ga_hid=454152632&ga_fc=true&fws=0%2C128%2C0&ohw=0%2C0%2C0&btvi=0%7C0%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

1d6c5a324055af971d59fb264c403945dad5d1510c0994f12c429d982cca2ed7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16255
x-xss-protection: 0
google-lineitem-id: -1,-2,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-2,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.hellooha.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 144ms
53ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cbc5b9894f80ac765e8317b989cce90177626a3755694ea1974012a90be359f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 22:14:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8498
x-xss-protection: 0

GET
H2 200 container.html Show response
9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4A19 6 KB
4 KB 157ms
49ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 07 Dec 2021 22:14:23 GMT
expires: Wed, 07 Dec 2022 22:14:23 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

opecs.gif
tagger.opecloud.com/dbm/
Redirect Chain

https://tagger.opecloud.com/dms/v2/pixel.gif?url=https%3A%2F%2Fwww.hellooha.com%2F&ref=&tz=0&screen=1600x1200x24&tref=&cmpstatus=notrequired&tcString=undefined&uspstatus=undefined
https://cm.g.doubleclick.net/pixel?google_nid=1plusx_dmp&google_cm&state=2-lmww63mD%2FcULD7WIZOisDksH1UPv&source=dms
https://tagger.opecloud.com/dbm/opecs.gif?state=2-lmww63mD%2FcULD7WIZOisDksH1UPv&source=dms&google_gid=CAESECrUgZyTCvvyDas5rHQzd7w&google_cver=1

35 B
211 B

51ms
51ms

Image
image/gif

3.64.158.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tagger.opecloud.com/dbm/opecs.gif?state=2-lmww63mD%2FcULD7WIZOisDksH1UPv&source=dms&google_gid=CAESECrUgZyTCvvyDas5rHQzd7w&google_cver=1
Protocol: H2
Server: 3.64.158.25 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-158-25.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:23 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 51
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://tagger.opecloud.com/dbm/opecs.gif?state=2-lmww63mD%2FcULD7WIZOisDksH1UPv&source=dms&google_gid=CAESECrUgZyTCvvyDas5rHQzd7w&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 353
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 en.js Show response
c.evidon.com/sitenotice/5406/translations/ 60 KB
6 KB 45ms
45ms Script
application/x-javascript 104.111.244.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/5406/translations/en.js
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.244.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-187.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6d09a77e4b577c4b009003c1c21a40d3cbe2254e432763483c1046097f3189e3

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:23 GMT
content-encoding: gzip
last-modified: Tue, 07 Dec 2021 11:34:21 GMT
server: AkamaiNetStorage
etag: "e50f776c72ecbf400e6501b9b5bd9b21:1638876861.719518"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 6188
expires: Thu, 09 Dec 2021 22:14:23 GMT

GET
H2 200 evidon-banner.js Show response
c.evidon.com/sitenotice/ 12 KB
4 KB 44ms
44ms Script
application/x-javascript 104.111.244.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/evidon-banner.js
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.244.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-187.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 90e96b8ddeddfd57732f5a8da1654a24c24e10692703d3cbaa203ba9164b1c0f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:23 GMT
content-encoding: gzip
last-modified: Tue, 26 Oct 2021 20:19:58 GMT
server: AkamaiNetStorage
etag: "d3cae5c9f2de37800cf22ffd4777e27c:1635279598.624818"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 3311
expires: Thu, 09 Dec 2021 22:14:23 GMT

GET
H2 204 2
l.evidon.com/site/v3/5406/24949/6/1/2/ 0
120 B 368ms
118ms Image
text/plain 54.161.40.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.evidon.com/site/v3/5406/24949/6/1/2/2?consent=0&regulationid=0&regulationconsenttypeid=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.161.40.243 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-161-40-243.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:23 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

GET
H2 204 19178
l.evidon.com/site/v3/5406/24949/6/1/2/2/ 0
121 B 329ms
118ms Image
text/plain 54.161.40.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.evidon.com/site/v3/5406/24949/6/1/2/2/19178?consent=0&regulationid=0&regulationconsenttypeid=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.161.40.243 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-161-40-243.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:23 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

GET
H2 204 19178
l.evidon.com/site/v3/5406/24949/6/4/2/2/ 0
120 B 320ms
118ms Image
text/plain 54.161.40.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.evidon.com/site/v3/5406/24949/6/4/2/2/19178?consent=0&regulationid=0&regulationconsenttypeid=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.161.40.243 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-161-40-243.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:23 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 144ms
54ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Tue, 07 Dec 2021 22:14:23 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8146 13 KB
5 KB 94ms
41ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Tue, 07 Dec 2021 21:38:23 GMT
expires: Wed, 07 Dec 2022 21:38:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2160
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D3B6 783 B
536 B 108ms
56ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9c1990b37f19dbb6c09ae48b116c19839cfd9e4fd1a81ea7bf59a1f57ce2c3dd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-23rlmvI75CT/VJ54N7TR4w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 07 Dec 2021 22:14:23 GMT
date: Tue, 07 Dec 2021 22:14:23 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-23rlmvI75CT/VJ54N7TR4w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 88ED 6 KB
3 KB 90ms
42ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 07 Dec 2021 22:14:23 GMT
expires: Wed, 07 Dec 2022 22:14:23 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 619E 6 KB
3 KB 91ms
44ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 07 Dec 2021 22:14:23 GMT
expires: Wed, 07 Dec 2022 22:14:23 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 44ms
43ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CHOUEIRIGROUPDFP_PREBID_HEADER1&hp=1&zMoatAdUnit1=Hellooha&zMoatAdUnit2=Homepage&wf=1&ra=3&pxm=2&sgs=3&vb=3&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1638915262033&de=720733468038&rx=439159463936&m=0&ar=8ab009d7785-clean&iw=41a656a&q=1&cb=0&cu=1638915262033&ll=2&lm=0&ln=0&em=0&en=0&d=38317631%3A727636631%3A1304154191%3A138224993577&cm=1&zGSRC=1&gu=https%3A%2F%2Fwww.hellooha.com%2F&id=1&ii=4&bo=Hellooha&bd=Homepage&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=choueirigroupheaderdfp445340272806&fd=1&ac=1&it=500&pe=1%3A676%3A676%3A1642%3A764&fs=196017&na=643654724&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:23 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 07 Dec 2021 22:14:23 GMT

GET
H3 200 4Sfc45HFswufgCf8fQCX22Ys6cavju9jIH_-ShQytV0.js Show response
pagead2.googlesyndication.com/bg/ Frame 8146 35 KB
13 KB 91ms
42ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4Sfc45HFswufgCf8fQCX22Ys6cavju9jIH_-ShQytV0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e127dce391c5b30b9f8027fc7d0097db662ce9c6af8eef63207ffe4a1432b55d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 19:02:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 97899
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13379
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Dec 2022 19:02:44 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D3B6 0
0 110ms
77ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120201&jk=1274005952116071&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

POST
H2 200 identify Show response
api.permutive.com/v2.0/ 50 B
135 B 42ms
41ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/identify?k=40da2992-202e-46c3-bd6d-d27455ebb9ca
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: aec41abbc53ceebe8c5bf8d3da1b6e84f90e56d78afd94629f332810bc5ba7ee

Request headers

Referer: https://www.hellooha.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 07 Dec 2021 22:14:23 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: https://www.hellooha.com
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: clear
content-length: 70
via: 1.1 google

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 44ms
44ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CHOUEIRIGROUPDFP_PREBID_HEADER1&hp=1&zMoatAdUnit1=Hellooha&zMoatAdUnit2=Homepage&wf=1&ra=3&pxm=2&sgs=3&vb=3&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1638915262033&de=691256382744&rx=439159463936&m=0&ar=8ab009d7785-clean&iw=41a656a&q=2&cb=0&cu=1638915262033&ll=2&lm=0&ln=0&em=0&en=0&d=38317631%3A727636631%3A1304154191%3A138224993577&cm=1&zGSRC=1&gu=https%3A%2F%2Fwww.hellooha.com%2F&id=1&ii=4&bo=Hellooha&bd=Homepage&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=choueirigroupheaderdfp445340272806&fd=1&ac=1&it=500&pe=1%3A676%3A676%3A1642%3A764&fs=196017&na=1114116533&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:23 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 07 Dec 2021 22:14:23 GMT

POST
H2 201 events Show response
api.permutive.com/v2.0/ 1 KB
863 B 37ms
37ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/events?enrich=true&sdkp=true&k=40da2992-202e-46c3-bd6d-d27455ebb9ca
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 069d489c02fcb6c54e9846ea7bc5e4ecfb3214816740a1c52a4404e34b3a9897

Request headers

Referer: https://www.hellooha.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 07 Dec 2021 22:14:23 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: https://www.hellooha.com
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: clear
content-length: 791
via: 1.1 google

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame ABB5 624 B
733 B 143ms
51ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCj-8KCAhj06K-8ATAB&v=APEucNVoZF1H_VrqY1wJriOcIR5OsacSZnDCPqNonzGGZ-NRoKMZ0CprXP1RsPX2isC-l7E_r5iEKRyqxXwc-D6lxFulkwWidujp3tO_2djnCAW28vXJ4S13KVBVsvDhMyXf53xi6zsadnc7iaJPqksERqcPFh2RrRIMt7tH4lMMJs4LuoGbuDE

Requested by

Host: 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
URL: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 07 Dec 2021 22:14:24 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 88ED 12 KB
9 KB 165ms
74ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CIIEsZDNY9-Zajh10wrLh3q0JKl93mf8RDq-NC2gV1sAlm6efh8K2Hz8_GUQ3hMMveBhaR9TONFPtGktUeaEmAD7krahD0OgaZ87T1MjyimjnbySOjFbN54mQ7mThDiXkpzwFm9-WrxbG5Y-Flbw4Ep_DfnQ&cry=1&dbm_d=AKAmf-BqzQ7xiJWIqw69XYqbsg697nXrIedllNIvrwmEO1cVndMHUCq2bv7rTHpU2TXRgMofj51YtJEcgtuHN9kn5jyEzq9dhJdJjhDFDwv8PR_cAn9FRa8DkP29tfQjxiL-c2e4HzFiKdcEzwLpsg6-Vj_HupDgv5-fy_88jA8QBRiXyiptApc8sUxFF9CoYQmCktsxwcaBSsp79M3e49rjJA9STJuhPR2MvaiuYcRKRVVHLpgIWrz1ArBtVEna1rwRTD38gr1nG53dSTyGM8LEDs4bMNE1foicAjOIlo5KgEIUwUCK0nIu2860dAdemgq0M_QJVg26tHTci8DWou2ksovmdoC5tQbmdxOU2eEKt_ZP4flJUJKvP6bEwyjK654p7K5aNkxt4BL3Is73MYa-HCyhHvRqDJNLOvrBY0iCo0xbLtl_9lm-N2OaUj3fTDFXGieTdjgt8m6aocag7IlQbnUavmYfO9L36G7SESqwBmIywDzj11vdlLydHyeCKg8qM3lnnYlg4HvwBa84aOpkOdCkE4LFqoT9EkU5DX0FlL1-eMKlyLJ3848TG0K80Rhke38ICNQS6lLdyqESEiPtGc0-CQQ_AEMk-h3Mdt8Ho0Gd3IoMG3qf1RWHISMzIb9ejQiDUSiS7kq5cKjbsD35MVzBrUk3yNZ44ZZRG_853W_0ofk275kyiXTMUzdZYd9_WZs6DMREyghLIfHt2Q01NGGMnGS5hVdmsqp5hSpsK-jkALE5cqLN6f16qPGOw1U2t2E3EyY9mfvgjDz-yFbFW9a2yyyjyXCaoq5gf--nOXLq79whx4_Mu43h3WxcPOg_-2UYsF24IXE0jcLTwzsYJFlw-NshpokgtkrZuSCIXaZrML4AAMKNygq62cAFXL3R6yMwnH-GOs5zmygjY1qFFU-sKdPAUwxvMPz3b4PS-sp7hRx4kWUFoNithYXVLlm9DsWwzoaUk30goiIYxh-QR8qjhTq_3kOc4MIbYt7rys5s4h2pf-DRCMy8R08jwDALDF4gCyIwsmBqJMvS4OAr3XMbdECuFn0OVaeuigDjy4OZrdkb8zU7dSsYhcwqrdWr1G5AtCJ9kR5b6XjmoOHD4uweF4jimE2iYDRwo72xSGG5sAFRiSPpTvEDZmN3lw71WanOAD0xhb3Gkpflrhqc2fClvTL7D09fkeAbOeLcKLS-CvBVw_iUOAYyJGde-_CVTqPLLpzP_9NvBfuObxpe5v5T-6si1yFZwD8MIg_FYvLPLobyUY58ZyNJHZfRofzgzdcFKMkrF6Th_DebyHRg_aqQ2dK8PXsfhyxXFCrAtrYERo2z4UgKtIsxlqTWAENv7WmNxikxwBegap4Uiwx3z2y4C2kMpaMhfl22smO_rtqwVCHE7gRVegm_-MzvjSreDLWcj45YYmikuLg6L9rpld_p_Iz-MLsubxyvRO0SqfkHQ8ef_WRfWH2_X4-sLMy6pG7mSaAhMeXoRFNQu7jE1o7c8HlO7pPYD1HXw-iu82bemptfcN_Ssx0hQuRJzMjWpMsW61z147wGTZJkJh2tH_xzEzsGSXFkVEhdTsGU0jMcgqPc_DS88htrBu9ig0iGYK29Ho9tXtV7h5IujWNZqPlIWTqXc09blqIqzfPiUGq9Ph4FeYFBz583ZI2w9n9xbak0sfKeAQW94c1qKd-orjsG1qI24GSjZnI8cg7SxqfJ7YSWTLN_VqUtT6bhkgrW-ve8tqts6i23kpxJAkYWDzFh0Vml8QkxYV8RBp7BG3MJeHZFGEDUA6YzmI4C2dPdlYT0G9117XnhXSDQRktW9T6onBozuiNkMEcmLA-nDW_iIRH3fPpClwTFi9Ce7FApNCRriDvN4-9GkTbHSwypsq0LxgnuOcGDXQp9LJTicNOGrCiJd23iN_S38XRPS6mjVsiTLuvyJXpZrCLiatppZV9HCvPd7R6J58EdDcpqjWRSjBdJdraV9iQiTp7dTr0Szmzaf63rgigm1joHrNS5UEWuH86YIcrcYFp0dAu_RlcS5InHiHvnYyTpDatHCyvmZpExSESen4KjZ7-P1LBwoqb5j3GG7fkpnqDKMLrBMAgQgGdDL1YOXcquVRBvg3hwhUlzRMK15zqevOn4YaRXnxnlZWyfngHVHtmeVuDnGU1dSSrVWemZjDXc2MHw4S1gygyXxeivoEGOOa-f3Rm4rd7c7bjky-azrlp41eZ-clkcvW5ljpdruGwH111jSUE4ZeDq2ce9PjOMLm6SAXLX9N9fxW-CWL8deSAGgrPRVzRFQEGP1O92pAYXbuA6Qu9HOGq05-tAQQ5ZgUIlGN7kyA_1JQpRPHl8DJX2B9RiwqywwNgCxTMjVJAjH4YUstb941XPqZBDzocZpXp720lYRkZk1YezM35FddyGsTylEeK6Lpjt8u5PcQTKMuu9OFR2Qquq4I-RN6o7x7c2ll-I8Da1fYCBaFlSwGT2MV1bytXTSEMu3WgYI4G-iayl_Wp9YFZUkbC6NE05WErH-iN-dfSnWsilnCi7wOdhpnoxGzyfab16rpK9oStjbKRszGdQLzGLzrx7YLmFZyOx47uuK02mo4FqoHne8UYMs_aBRjxAgQeFYT6qDmUEtH0NxG8ShVa_2OTD59UX3XewtvMubNtiVnaV1n1Vu92Uq-iJ-uWkzroBrqwPD3uBlGVAKoxulqT1JTWIGL366ZS0j05pf7lSTYkQq2YlsN5_adfs85J-586eKJOK_ZUmD8rAZB0czxQZqKAOuIk1vMDtaDoLztvVjU8lJs1xgFE7RJrcBCEBgyeHdgGBkYnkgjkHbJCOtrpXsWdAiQkpSVJf3ZuwtTuslJqCEyp0FeOshhCiBqgtd4nyZR-tM7Ay3DOMVP0M6cSqpHqgz53YMKuxaNM4CfLxTpcdT73ewM6XKGPFCq4-wGxdZ4DfgLrkmWJC0YDGK028C8nJXeijSNoGEKrEiEbp1_dLmOKYCNbBp8l5daovOuSQ5BqFfjSJmvfSrxOuIEejLof_oAeXUrFGnw30lvVSMxDfe_J2R-7zB7HYm5yC2DVC122TdPL10t42QCSg74CLq0vWyuujmzRzqTtpGGS7Ppc9pQVG_13IXq-LdQMjS24o3oMG7_CJkXeF5gkCEKi--OrARmj621I-5d3Jg-jcJf2gQnaAXXTZjaGqzebs2id66vtnWydmazf5Jxy0COECekqAk-LzW5u6FErLYnHXw1PKGfAcWcrr12afgWiKdiGm513yfQQMiKpRXyFzLlEpqkMy0K9rIFyxgQ1c8yjWd4CuYeOW3HWeS1cid6ZGKICgrY_lLeBUyoN7-dWkoMcAIm2h7GB0jYc6eNVVIgW914XYgZq7KvodWHjtNTJUaGgjv1Irw2-DG6M7E-GXLF-N0QvLEW0NDS5wQLpCXGrOkgVsCmyAjXy4BAPlURKSzAQmziT6JwPySiVP6FXJ2rAye0w6t0Knlzl8CGjS9GnXt3WfaWjQ9ryCFyuLdDQBM0y2kvl3kXQB7mSPReKNGkIWRyt_-xiflNxY8MTPoxmgEXgDtPhd-6bWKlUKSkQ7iyduOfXOrJMS-hSzKsBUNDywJHcTT4-UWQGISMU3wETXsDhBqshKDS3dK4aTCkt0wL59BAvm_cRamDLh_RZKueYQ1pejMvRN8XScTNZjczHXpe-u5w&cid=CAASEuRo60h0iYbLGZIy8MmPv7v40g&rfl=1%2Chttps%253A%252F%252Fwww.hellooha.com%252F%240

Requested by

Host: www.hellooha.com
URL: https://www.hellooha.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1da79f0cd28e3a3f17ff863d07deaac24ecf1ff02c39079c3d38fd3d67d204f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8888
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 88ED 42 B
63 B 74ms
73ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ByPCE60jh6uqoGVmf4Pedcf_hB87L_uP5xNgu_tOPHmfB6TyUt_ldTTJeLRKWAvRqqYexZnjIypq_VjoKIInjYaOFRY4IpHHMm4Jqy6PABbxefTfo

Requested by

Host: 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
URL: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 88ED 47 KB
14 KB 153ms
56ms Script
application/javascript 34.250.155.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10933&advId=25368344&campId=15442583423&pubId=1&chanId=202457267114&placementId=395048052&dealId=549644393847897261&adsafe_par&impId=ABAjH0jBXCMtqjEX0N7NbUyRwP0y&bidurl=https://www.hellooha.com/
Requested by: Host: 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
URL: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.155.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-155-46.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a8b37af5843e5e9f7556508dc4a077ac38499de81a0613f3e4c7d86f9282936c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:24 GMT
content-encoding: gzip
x-server-name: app13.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211206/r20110914/client/ Frame 88ED 2 KB
1 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211206/r20110914/client/window_focus_fy2019.js

Requested by

Host: 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
URL: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:13:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Dec 2021 22:13:50 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 88ED 119 KB
37 KB 151ms
58ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
URL: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 07 Dec 2021 22:14:24 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211206/r20110914/client/ Frame 88ED 15 KB
6 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211206/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
URL: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28277814cf8060f9fe40684129799beca6dc209f3b04c72ccde70b93c6c5c15b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 21:21:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3165
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6455
x-xss-protection: 0
server: cafe
etag: 3508882476506594800
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Dec 2021 21:21:38 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B131 624 B
340 B 148ms
60ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLeO4gEQ7NyYlQIYwt_kmgEwAQ&v=APEucNWsiPt9hdAnOFGQ_Q2HiBEdLs6wYjXUaFUVhWzf09pyoEs6auwOlLKfULmtB7akbdb_RPK-81-2DFsdXpr-mGeOk8mmaO5fRFB530ZEI1uJrVVr_uE3OFARYA7Mx-lJWhrV7sx6eankMztDbafZgnFtROV2yHrmrgx1cD9assDXAnRwvWA

Requested by

Host: 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
URL: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 07 Dec 2021 22:14:24 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 619E 55 KB
27 KB 197ms
108ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BdYGuHmNk4XdGqPMUaxbUa5VgYfC-QD3iwbJB368Cw-Nbu3vEBsN7C5iquDhiQ5jXXIcmvV5h8pJw8vxe2T9q6SmK6PGpuhUy3GTX_db8vXLh2fCp9AbvAx0hMqqoS0aX0fd6GoTstH-6IgxIxznvi9h9CqA&dbm_d=AKAmf-BbzQhkmxqGv8y4oJPbkeAavr6-cO6RzG4iNy1VcVaV4lcbQFZ2AVik17Kt1T80iBewN84RwQEnCAQmY0Xp_mOV3l7k3Gzt2yTZQEpBb-XAPZgrEzZIQRrK6znKwUUpjPPcVPbWGTA4awzX3E8ZOSk6KVrUebW_BK1cJoHDHtsetu2mSRDn6IEthjq2EiTjlWJhZgD36YHwdvlBaNtuel6WbG91_egI9SxefzirXBmiaH6gQub8Sj5-H0Q5bHHkHQ7JrMf5c85h5aVBWEhv-9EJM7Vvx2MZhDuQ1izFhFZhl6ysMO9MDmK3piED4XMzSPuG9SNvj4xBCL0z2tSp5iglMq5v_EuZOt5Oejb7i6wQ7RQK5rvvAT_Gajr_8v-sjmpVo7TJ5cpFIj7Qdv33snYRTTho02x6h9vHQz4ybfpvfXtAm0He0OYlR2rnzmNeaWIl_hi2lU0HXJqRpQkdTKeYEsU84U0Sm1GLcFIHEx2lCbPcRcP-9ZayJLZpAPcDzHjlUuD4WfcDPaSDWPixAbCsxSCZ8DHeoky-ISNECPvgq2AJXaKWYdwdLTRXuZZQCv-XhQzc0dMkMWmuGLWf4dtD9frlLWXHEcipmUh_GnD_g9jRIkwAPV59dlWfX55w8sZUHJ9tkotlTFza7Gq-dS1SoYYsUqMu3h_mllW8EgGLmfxeQkmM1QzRCCnGA_eV4btCB9DyjCe-XXMRScBjdTFxEFMrioXVjbJVmKpMzLRttP9i_7LkqP5Z9t6pBLQCbg66q-3IhDTWjENcC338XlYpbEDzc1vbGLEJAtJATU2ubHV1yMW2rRQRUM8DNZTqQp6SLkkiwARwQk7aR1eRvbAq12opFbGrCvqjRA3nyYBuoeLf3lmN80RKwx_W20l-1ERFR7nWGd-yVRqr-Qj5hkjAtkDzpr7OIdSVcJkxWDNf8jxc5MYK36axVtTVyf7opHgKdUUO9psLyn10x3oEF1tRre3DqnOPcykQeEkSDCT1ZgH8ejd1zGBFKyOdyh1fgpUwMfvEQ-N2ozDMBFxBUOiobYqcYy9KGb9izK9eaCizSQM5rxewkCBiGt4OR0-VXKx3AwWG7zmBxjXx6LC4rG9aWdsWJfkR4N1EoYcBo9LZfGGFeuFV9fBvG2ULWiFmXcwfrbOjVBORPti6bxhOUGn-IhOXVgHtwGHbfyHAjhQjtRzQaRLwPXj_hp1NpbDu5GCOoQ_FczN7yONS5c-c-pLYJJ7N_JcZ-T2BEtn_Mpa2R6J5OX-mrDbxV4K6jqlXc0GrK3u60yxSSraqX8QTonKWsnES4JUeF6gnWhy2pclNeXSAhqabT1XQQ3LEp4Sl_MamMfeXJi4JG3T2Uo4WjMB5Z4OvaxbqlGLN6KF9Sp4ohAoeTjWDriAGZwrABEG3FYmr5adCX5L6F6kLrVmrre4VV5yF6Zma7ITo0lqHnDdlR8Gg6X03ueIMFRa7YphoaeIlB4Kx0h_7jm7-ciMC_Cj4s_gslJDbnOvM4qx4N90uMZlJFs23Rwei-5Pr182LdeJVTUJRDiQh9wx5lTs72MpZMsJC3G5TYN3ah0bJJR0WF23bVb6BpPHSwVVUlXkyrBzMm2pRvydL0NQwxTFD843I7ZnfxfsbWZfL1StEypXhh9w2hdxgbD52MYQz2bUIWGzwmqJMkcd_NRSIywcr2kYDOX0gMwAAwjMUUK1s83afRWxsS6rOVhqKDI9LVNQL1N09MOD4-BHT00g4_dbNXRTjTLQKeFr7D-ztMdrnVlK3NNF0k15H2L44VeyY1_UTOsAJfpom0PeEwykHBv-mDR90TOxqB9Rh5dmOQqnLDAZWsQEHvXfvQaGtlXElpbRjfWKFOBm7_VqIJPt2I4Wx_VyfuVNLv8_MwemGFtJkfxKiA0mV0nZbr6erMCcacMWrV_NGJy-f-4r5Gk9rGxxkyY04s96f0R9tTSRtndLDQq_GqfCcshlZK_SvONHbBsWmufsXsic18c3hisiOzBf2e-MhCAFnWVYSNe97jHOnFszWkLWUNK0KFDoCj-KSW1G3CBsz0w3vKfX8cN-ZXfXg9ntgousP4cuExgw2xwGaf5NwBMphRlFIApO31_4SsXI_jRKI1wFqt1RD-lC0niLmH5RwFbe10aLNeDs9tkykEzAQ6v7hf_6dkVPg6y_HLJZdcAcM1e5KrAnc8v5w-n73Xl9GKUW-xMOKeBhUd-K4D-E9VzO9SOvrvfz3DLs63RfhwzZ2EYKjjAKdKV_mcoaYdGEwdBJeFexbJ1ke97e9frJUNiNpefTMJnzaknFIYvNsSUuK1aP5J3rQZD3TN1qZsOVZfKMuoV5g2gZsuzz-IrU8wfenqhjKS_ewuNVK4Xuo0M05zRKisBxFIJQBx0UUqJL0YoalcHT_h3TFBNJzyFdYVK_PBsj-eV8cETp4Y68KndaHYTVpWnrSE07YJa6QofPoDoWfnD_TRddg35mPH0EnywWGagsdu4TX6hJF0DEj8ToHzXFp8fWejD8pmf7M6f9qVjThmvBG7wnxee20FFJYo3AC_7eQtNX8U-loEETg-qkAJmB4MYAXA0_rOYqnjaj7_r-2InVXXqoAsD4vhREvYRdC4VY8N6_Ov005KkrwNFLaULq4J0cy1nuKllLyl-JYH44cO0JaB1Zu8YvcqAXXaZ3mx5eDubgTn-Lj-NPJsuif2oCRuB3kT-OFphKP5gvUlJgeVMdzi4iMW21-iRotyJJulz2q73IPGP4ldB6NvP0A6xGBGlAUCYswW2AG0VXr7sNGfXCFADoPrlj2XezNPNJOVjWadv3AAKKzj2o-DtSfmTitfz-0I62DvgMwPCnqKFu5vgv-oDQlAALupDkXgN4xkYTO3Se99RqJgdVs-7G59i8rKd1AechTKYkD_x0y8JZHH2PdogriuyI-eusFeEHJDmqojj4MTlGdtD3YQDZIuZiRRLaYk378G1gVx8jEIXH0ebrjjIoUxn1ojJK6MxLYjXk24Kw3p-EzQkCjHBjREyp8Lq4IY5Bkw0wQJrwx8ksOc5uabE3dVLB6jpF2qlQtT0EMi20GDAOHGqY_rm2zDGiqngof8PFLKv8jfxuS4P06s41v5NAMZg0NKz4YXLy0t0jyIDpH8QGoMPbled98mHz5gKOa4xEzdE1uSotMP1mUMRGV8KjkwlEDVte2nh7pJqkhopeKqqZbR4uXVC3rs2GwbVd-rKMmZZAjhDG_RWS2eHTVKnUWxbKcOdLeyt9JCjqHaE6COSS9FNlm4npwk9Vr&cid=CAASEuRo87e5G2I2jXhfm0Q7lDC1UA&rfl=1%2Chttps%253A%252F%252Fwww.hellooha.com%252F%240

Requested by

Host: www.hellooha.com
URL: https://www.hellooha.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428ed4d04e8d5fbd85d11656692c4eeed02456c536f1cf241c0c394bf168d3ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27720
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 619E 42 B
63 B 74ms
73ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CuIYLuD_9hqlCwvDrBOMFn2wxUCfv6s8uoLiQQVnxljOri052xnbDGW37FHjoHeHvcFCdk83UFd-ls9vkEfd1_B3vydWP3R1zkDU0y5oHBw3_6IM8

Requested by

Host: 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
URL: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211206/r20110914/client/ Frame 619E 2 KB
1 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211206/r20110914/client/window_focus_fy2019.js

Requested by

Host: 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
URL: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:13:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Dec 2021 22:13:50 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 619E 119 KB
37 KB 178ms
89ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
URL: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 07 Dec 2021 22:14:24 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211206/r20110914/client/ Frame 619E 15 KB
6 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211206/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
URL: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28277814cf8060f9fe40684129799beca6dc209f3b04c72ccde70b93c6c5c15b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 21:21:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3165
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6455
x-xss-protection: 0
server: cafe
etag: 3508882476506594800
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Dec 2021 21:21:38 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 619E 0
0 48ms
47ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQDxXAkSDKlGZOvH_r6DyBC7-ZFdB7K6afNJqx6J2uHkqirymCzzdwUwXdkVw8ZxeAMR8RgYfYsBAhIyjUnOjcnU7_70g
Requested by: Host: 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
URL: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 learn
ae-gmtdmp.mookie1.com/t/v2/ 43 B
324 B 127ms
41ms Image
image/gif 35.186.238.175
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ae-gmtdmp.mookie1.com/t/v2/learn?tagid=V2_969251&src.rand=%5Btimestamp%5D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.175 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 175.238.186.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:24 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 78ms
78ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120201&jk=1274005952116071&bg=!HR6lHlrNAAaQHwIOkB87ACkAdvg8WjtGGomlv4uT9iTJkGhCEcneQ-XQy72QcYxzctjPKG7MoaY7ZQIAAABUUgAAAAtoAQcKAKNM5G2P3uTQrE7JHg9K9HOLvFr5Eim1aZKPQMZ0QVnIHAhhJzFtRS69Zcb55XhYXAlsl0Z2S4hbZU2uALRQKuYS6qslkDyDaApyGFX0SeZ5VC10rS0TinXZsm3Uy_bpK_pRyC1IeD1DFe57oVWEBkaLkNJQhZ2ymgxlzGS4ZMxoCA4zUZFjqb79jOO6YC9RtpNkzs2gnd2VmQkx5MiYsEUKRcNnmQKoJeI1KebEoqeHuE_m0NYWfPM7fYiYLrCorKLmlmlNA57_MI3hIJy0S_9zybqlTXz0C4E8_kkzGTA6nayvOcPrCZkJ9ZEjzdpIpqnlhJT5Hd_0-kqe5s5DykpA4QhGnNXv7HyfjNgwcCLbHAQTNTX059qrwM5bwg68ohCfgJbgiNvFH6bDldI_fUB7yPT-POG6_LqnXpn7bYC6rH-WXgnsM4V4EGXHb6ky3GPT07j7VR3yHBk04WkHxO1M5I1yxTAH66t8-VJ6FD4cduDKD9DABH-KCYj1SpH_KpeKwuatDQoHMFCk-eBRZB6JdZyGHBfLJvQ50QpWmEHW1TMSv6hPsmMBElDe45-3n4Di000vZPCXQ7tYwxgULVEEFrkFujNRPcZ6qKa1nJZvkjhZkzH0c5mlII0EoQu0Yq3CsP0CURmo_SDZ407xIZCe67Ju8nyWFzzWUPwQ0DOotFACmwGQ7lASnNWOOB9ri6wLkDTeA3O4tJgkQnlaaPRLYvPD1xPDgIO4hQ0U8mGeRUYiIhc91-5scL5RyuSeB92n4NlibqlXKPeLRC5WKhSb4jU6yuIIJT2200mhaOhZHdg2M8oAdfhd6ooiANXRni1EHJDzKs6eyzqzQDJYna-f413XWGiW-iUPM6EOMnRwV1rRJ6Rm1euOVUAcfpgKE7qnizwA4F9UJ3d2_MpvKfxgAO-VRoHa3dwYiUtdOUJJ5WdTSzsFa5_iYD-PyczCULayLKRU7Jk1RsPUtyU_e__XFGbv5Np_CZdhW_KGKfIHnYXAACuR8GJhcGDsD1X17dSefgrmm7suoKPwVZtnlo3dQb9kl5ImL6pPCOmRh75YIM5hcUezAaTSQ59RhXMcZwiFpPtRiYilIRVTcASmyKZbVqbFL7TOUIQMZLvJtUw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame ABB5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEYgyV6qxQensXtd9SicDX0&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEYgyV6qxQensXtd9SicDX0&google_cver=1&C=1

43 B
1013 B

73ms
73ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEYgyV6qxQensXtd9SicDX0&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCj-8KCAhj06K-8ATAB&v=APEucNVoZF1H_VrqY1wJriOcIR5OsacSZnDCPqNonzGGZ-NRoKMZ0CprXP1RsPX2isC-l7E_r5iEKRyqxXwc-D6lxFulkwWidujp3tO_2djnCAW28vXJ4S13KVBVsvDhMyXf53xi6zsadnc7iaJPqksERqcPFh2RrRIMt7tH4lMMJs4LuoGbuDE
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 22:14:24 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 07 Dec 2021 22:14:24 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 22:14:24 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEYgyV6qxQensXtd9SicDX0&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Tue, 07 Dec 2021 22:14:24 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame ABB5
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ya-cwKVADXnAMHABSkHzRwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEYgyV6qxQensXtd9SicDX0&google_cver=1

43 B
892 B

55ms
55ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEYgyV6qxQensXtd9SicDX0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCj-8KCAhj06K-8ATAB&v=APEucNVoZF1H_VrqY1wJriOcIR5OsacSZnDCPqNonzGGZ-NRoKMZ0CprXP1RsPX2isC-l7E_r5iEKRyqxXwc-D6lxFulkwWidujp3tO_2djnCAW28vXJ4S13KVBVsvDhMyXf53xi6zsadnc7iaJPqksERqcPFh2RrRIMt7tH4lMMJs4LuoGbuDE
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 22:14:24 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 07 Dec 2021 22:14:24 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEYgyV6qxQensXtd9SicDX0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame ABB5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGQZp06rXvQH01W8PY-WGLo&google_cver=1

43 B
1006 B

92ms
43ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGQZp06rXvQH01W8PY-WGLo&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCj-8KCAhj06K-8ATAB&v=APEucNVoZF1H_VrqY1wJriOcIR5OsacSZnDCPqNonzGGZ-NRoKMZ0CprXP1RsPX2isC-l7E_r5iEKRyqxXwc-D6lxFulkwWidujp3tO_2djnCAW28vXJ4S13KVBVsvDhMyXf53xi6zsadnc7iaJPqksERqcPFh2RrRIMt7tH4lMMJs4LuoGbuDE

Protocol

HTTP/1.1

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 22:14:24 GMT
X-Proxy-Origin: 89.238.142.214; 89.238.142.214; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 6c91ae68-26e9-4309-81ad-22ae2993eed4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGQZp06rXvQH01W8PY-WGLo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ABB5
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc4Njc3MjQ4MzI1MjU1MDczNA%3D%3D

170 B
188 B

53ms
52ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc4Njc3MjQ4MzI1MjU1MDczNA%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 22:14:24 GMT
X-Proxy-Origin: 89.238.142.214; 89.238.142.214; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 0496a018-4e90-4364-accc-2dbc5d8b2803
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc4Njc3MjQ4MzI1MjU1MDczNA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B131
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEYgyV6qxQensXtd9SicDX0&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEYgyV6qxQensXtd9SicDX0&google_cver=1&C=1

43 B
1012 B

63ms
62ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEYgyV6qxQensXtd9SicDX0&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLeO4gEQ7NyYlQIYwt_kmgEwAQ&v=APEucNWsiPt9hdAnOFGQ_Q2HiBEdLs6wYjXUaFUVhWzf09pyoEs6auwOlLKfULmtB7akbdb_RPK-81-2DFsdXpr-mGeOk8mmaO5fRFB530ZEI1uJrVVr_uE3OFARYA7Mx-lJWhrV7sx6eankMztDbafZgnFtROV2yHrmrgx1cD9assDXAnRwvWA
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 22:14:24 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 07 Dec 2021 22:14:24 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 22:14:24 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEYgyV6qxQensXtd9SicDX0&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Tue, 07 Dec 2021 22:14:24 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B131
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ya-cwKVADXnAMHABSkHzSQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEYgyV6qxQensXtd9SicDX0&google_cver=1

43 B
892 B

59ms
59ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEYgyV6qxQensXtd9SicDX0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLeO4gEQ7NyYlQIYwt_kmgEwAQ&v=APEucNWsiPt9hdAnOFGQ_Q2HiBEdLs6wYjXUaFUVhWzf09pyoEs6auwOlLKfULmtB7akbdb_RPK-81-2DFsdXpr-mGeOk8mmaO5fRFB530ZEI1uJrVVr_uE3OFARYA7Mx-lJWhrV7sx6eankMztDbafZgnFtROV2yHrmrgx1cD9assDXAnRwvWA
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 22:14:24 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 07 Dec 2021 22:14:24 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEYgyV6qxQensXtd9SicDX0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame B131
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGQZp06rXvQH01W8PY-WGLo&google_cver=1

43 B
1006 B

125ms
42ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGQZp06rXvQH01W8PY-WGLo&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLeO4gEQ7NyYlQIYwt_kmgEwAQ&v=APEucNWsiPt9hdAnOFGQ_Q2HiBEdLs6wYjXUaFUVhWzf09pyoEs6auwOlLKfULmtB7akbdb_RPK-81-2DFsdXpr-mGeOk8mmaO5fRFB530ZEI1uJrVVr_uE3OFARYA7Mx-lJWhrV7sx6eankMztDbafZgnFtROV2yHrmrgx1cD9assDXAnRwvWA

Protocol

HTTP/1.1

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 22:14:24 GMT
X-Proxy-Origin: 89.238.142.214; 89.238.142.214; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 41a2ea55-9055-4cb6-9548-2faea8878f6e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGQZp06rXvQH01W8PY-WGLo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B131
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYwMTI2MDgxMTA0NDg4Mzk3

170 B
188 B

51ms
51ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYwMTI2MDgxMTA0NDg4Mzk3

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 22:14:24 GMT
X-Proxy-Origin: 89.238.142.214; 89.238.142.214; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 8e18d51c-d71f-400f-8b11-4e3e05a3ade6
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYwMTI2MDgxMTA0NDg4Mzk3
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 88ED 41 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CIIEsZDNY9-Zajh10wrLh3q0JKl93mf8RDq-NC2gV1sAlm6efh8K2Hz8_GUQ3hMMveBhaR9TONFPtGktUeaEmAD7krahD0OgaZ87T1MjyimjnbySOjFbN54mQ7mThDiXkpzwFm9-WrxbG5Y-Flbw4Ep_DfnQ&cry=1&dbm_d=AKAmf-BqzQ7xiJWIqw69XYqbsg697nXrIedllNIvrwmEO1cVndMHUCq2bv7rTHpU2TXRgMofj51YtJEcgtuHN9kn5jyEzq9dhJdJjhDFDwv8PR_cAn9FRa8DkP29tfQjxiL-c2e4HzFiKdcEzwLpsg6-Vj_HupDgv5-fy_88jA8QBRiXyiptApc8sUxFF9CoYQmCktsxwcaBSsp79M3e49rjJA9STJuhPR2MvaiuYcRKRVVHLpgIWrz1ArBtVEna1rwRTD38gr1nG53dSTyGM8LEDs4bMNE1foicAjOIlo5KgEIUwUCK0nIu2860dAdemgq0M_QJVg26tHTci8DWou2ksovmdoC5tQbmdxOU2eEKt_ZP4flJUJKvP6bEwyjK654p7K5aNkxt4BL3Is73MYa-HCyhHvRqDJNLOvrBY0iCo0xbLtl_9lm-N2OaUj3fTDFXGieTdjgt8m6aocag7IlQbnUavmYfO9L36G7SESqwBmIywDzj11vdlLydHyeCKg8qM3lnnYlg4HvwBa84aOpkOdCkE4LFqoT9EkU5DX0FlL1-eMKlyLJ3848TG0K80Rhke38ICNQS6lLdyqESEiPtGc0-CQQ_AEMk-h3Mdt8Ho0Gd3IoMG3qf1RWHISMzIb9ejQiDUSiS7kq5cKjbsD35MVzBrUk3yNZ44ZZRG_853W_0ofk275kyiXTMUzdZYd9_WZs6DMREyghLIfHt2Q01NGGMnGS5hVdmsqp5hSpsK-jkALE5cqLN6f16qPGOw1U2t2E3EyY9mfvgjDz-yFbFW9a2yyyjyXCaoq5gf--nOXLq79whx4_Mu43h3WxcPOg_-2UYsF24IXE0jcLTwzsYJFlw-NshpokgtkrZuSCIXaZrML4AAMKNygq62cAFXL3R6yMwnH-GOs5zmygjY1qFFU-sKdPAUwxvMPz3b4PS-sp7hRx4kWUFoNithYXVLlm9DsWwzoaUk30goiIYxh-QR8qjhTq_3kOc4MIbYt7rys5s4h2pf-DRCMy8R08jwDALDF4gCyIwsmBqJMvS4OAr3XMbdECuFn0OVaeuigDjy4OZrdkb8zU7dSsYhcwqrdWr1G5AtCJ9kR5b6XjmoOHD4uweF4jimE2iYDRwo72xSGG5sAFRiSPpTvEDZmN3lw71WanOAD0xhb3Gkpflrhqc2fClvTL7D09fkeAbOeLcKLS-CvBVw_iUOAYyJGde-_CVTqPLLpzP_9NvBfuObxpe5v5T-6si1yFZwD8MIg_FYvLPLobyUY58ZyNJHZfRofzgzdcFKMkrF6Th_DebyHRg_aqQ2dK8PXsfhyxXFCrAtrYERo2z4UgKtIsxlqTWAENv7WmNxikxwBegap4Uiwx3z2y4C2kMpaMhfl22smO_rtqwVCHE7gRVegm_-MzvjSreDLWcj45YYmikuLg6L9rpld_p_Iz-MLsubxyvRO0SqfkHQ8ef_WRfWH2_X4-sLMy6pG7mSaAhMeXoRFNQu7jE1o7c8HlO7pPYD1HXw-iu82bemptfcN_Ssx0hQuRJzMjWpMsW61z147wGTZJkJh2tH_xzEzsGSXFkVEhdTsGU0jMcgqPc_DS88htrBu9ig0iGYK29Ho9tXtV7h5IujWNZqPlIWTqXc09blqIqzfPiUGq9Ph4FeYFBz583ZI2w9n9xbak0sfKeAQW94c1qKd-orjsG1qI24GSjZnI8cg7SxqfJ7YSWTLN_VqUtT6bhkgrW-ve8tqts6i23kpxJAkYWDzFh0Vml8QkxYV8RBp7BG3MJeHZFGEDUA6YzmI4C2dPdlYT0G9117XnhXSDQRktW9T6onBozuiNkMEcmLA-nDW_iIRH3fPpClwTFi9Ce7FApNCRriDvN4-9GkTbHSwypsq0LxgnuOcGDXQp9LJTicNOGrCiJd23iN_S38XRPS6mjVsiTLuvyJXpZrCLiatppZV9HCvPd7R6J58EdDcpqjWRSjBdJdraV9iQiTp7dTr0Szmzaf63rgigm1joHrNS5UEWuH86YIcrcYFp0dAu_RlcS5InHiHvnYyTpDatHCyvmZpExSESen4KjZ7-P1LBwoqb5j3GG7fkpnqDKMLrBMAgQgGdDL1YOXcquVRBvg3hwhUlzRMK15zqevOn4YaRXnxnlZWyfngHVHtmeVuDnGU1dSSrVWemZjDXc2MHw4S1gygyXxeivoEGOOa-f3Rm4rd7c7bjky-azrlp41eZ-clkcvW5ljpdruGwH111jSUE4ZeDq2ce9PjOMLm6SAXLX9N9fxW-CWL8deSAGgrPRVzRFQEGP1O92pAYXbuA6Qu9HOGq05-tAQQ5ZgUIlGN7kyA_1JQpRPHl8DJX2B9RiwqywwNgCxTMjVJAjH4YUstb941XPqZBDzocZpXp720lYRkZk1YezM35FddyGsTylEeK6Lpjt8u5PcQTKMuu9OFR2Qquq4I-RN6o7x7c2ll-I8Da1fYCBaFlSwGT2MV1bytXTSEMu3WgYI4G-iayl_Wp9YFZUkbC6NE05WErH-iN-dfSnWsilnCi7wOdhpnoxGzyfab16rpK9oStjbKRszGdQLzGLzrx7YLmFZyOx47uuK02mo4FqoHne8UYMs_aBRjxAgQeFYT6qDmUEtH0NxG8ShVa_2OTD59UX3XewtvMubNtiVnaV1n1Vu92Uq-iJ-uWkzroBrqwPD3uBlGVAKoxulqT1JTWIGL366ZS0j05pf7lSTYkQq2YlsN5_adfs85J-586eKJOK_ZUmD8rAZB0czxQZqKAOuIk1vMDtaDoLztvVjU8lJs1xgFE7RJrcBCEBgyeHdgGBkYnkgjkHbJCOtrpXsWdAiQkpSVJf3ZuwtTuslJqCEyp0FeOshhCiBqgtd4nyZR-tM7Ay3DOMVP0M6cSqpHqgz53YMKuxaNM4CfLxTpcdT73ewM6XKGPFCq4-wGxdZ4DfgLrkmWJC0YDGK028C8nJXeijSNoGEKrEiEbp1_dLmOKYCNbBp8l5daovOuSQ5BqFfjSJmvfSrxOuIEejLof_oAeXUrFGnw30lvVSMxDfe_J2R-7zB7HYm5yC2DVC122TdPL10t42QCSg74CLq0vWyuujmzRzqTtpGGS7Ppc9pQVG_13IXq-LdQMjS24o3oMG7_CJkXeF5gkCEKi--OrARmj621I-5d3Jg-jcJf2gQnaAXXTZjaGqzebs2id66vtnWydmazf5Jxy0COECekqAk-LzW5u6FErLYnHXw1PKGfAcWcrr12afgWiKdiGm513yfQQMiKpRXyFzLlEpqkMy0K9rIFyxgQ1c8yjWd4CuYeOW3HWeS1cid6ZGKICgrY_lLeBUyoN7-dWkoMcAIm2h7GB0jYc6eNVVIgW914XYgZq7KvodWHjtNTJUaGgjv1Irw2-DG6M7E-GXLF-N0QvLEW0NDS5wQLpCXGrOkgVsCmyAjXy4BAPlURKSzAQmziT6JwPySiVP6FXJ2rAye0w6t0Knlzl8CGjS9GnXt3WfaWjQ9ryCFyuLdDQBM0y2kvl3kXQB7mSPReKNGkIWRyt_-xiflNxY8MTPoxmgEXgDtPhd-6bWKlUKSkQ7iyduOfXOrJMS-hSzKsBUNDywJHcTT4-UWQGISMU3wETXsDhBqshKDS3dK4aTCkt0wL59BAvm_cRamDLh_RZKueYQ1pejMvRN8XScTNZjczHXpe-u5w&cid=CAASEuRo60h0iYbLGZIy8MmPv7v40g&rfl=1%2Chttps%253A%252F%252Fwww.hellooha.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 20:02:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7897
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Dec 2022 20:02:47 GMT

GET
H2 200 main.gr.19.8.270.js Show response
static.adsafeprotected.com/ Frame 88ED 187 KB
60 KB 225ms
77ms Script
application/javascript 2600:9000:223f:7800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.270.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10933&advId=25368344&campId=15442583423&pubId=1&chanId=202457267114&placementId=395048052&dealId=549644393847897261&adsafe_par&impId=ABAjH0jBXCMtqjEX0N7NbUyRwP0y&bidurl=https://www.hellooha.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:7800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 255d7536bc23ccf8c9daaffa1e8985fad893b4a6e879989d4a743cef3a14a234

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:41:19 GMT
content-encoding: gzip
age: 1297986
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 22 Nov 2021 21:26:13 GMT
server: AmazonS3
etag: W/"97555862abc91b6f26be3ae590ed242e"
vary: Accept-Encoding
x-amz-version-id: SdE4MbHi75sePjhKKdXAKekDupsz0WTg
via: 1.1 0afa2d721972ae312ad1dd54e47c43cb.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
content-type: application/javascript
x-amz-cf-id: UgTnP8SnufPA1wwiJ4oh7i2ENtW3CHjtWBNE3TyvppK_iRPvOBaPmA==

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 31B0 1 KB
749 B 41ms
41ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
URL: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 07 Dec 2021 05:53:44 GMT
expires: Wed, 08 Dec 2021 05:53:44 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 58840
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 web.js Show response
fw.adsafeprotected.com/rjss/ads.celtra.com/890300/58784809/471622dc/ Frame 88ED 233 KB
78 KB 59ms
46ms Script
application/javascript 34.250.155.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/ads.celtra.com/890300/58784809/471622dc/web.js?&clickUrl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCT5aav9yvYeipHdzJ7_UP1OKa0AjO9KTyZtiKo6_dDp2Sg5KgJRABIMHOgR9gu4aAgNAKoAG_puefAsgBCakCL-GjrY40tj6oAwGqBPgBT9Bv-OzB1t0gLrWfw7IC1xaCfi9fZyq4dCv6TMx_gn4MiE_6QbFAYG4ug8NxEWsmQB0yXmtuIw0iNaGrv9UXdz0xnTIBDTI6HiBuEpczH1yxhtq39SYx-N4RYugPtH2qYyrABIuq8LINpMAmLevX3ZdLFgOpuPfQAZzd8i2VekygJJUEaC81zpcgAVYcWgDsqm5Cx_F_TzYXMzlIsWF9kXLSCwyHy0_QjDxpywLqOyFGEJ5GBDt24oMQ7wbceeapg9_mviiBx1dGl8wArj7Q0rmjE-xh1cKYT_hbtVW8X7Eu9SE50UAe5X0Vogy8ctvUhDP9JVIWp1XABLWF1cnkA-AEA5AGAaAGTYAHqdmY4AGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTQzMzA0ODc2NDUzNTkxMTKACgOYCwHICwGADAGwE6WCxQ3QEwDYEwrYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRo60h0iYbLGZIy8MmPv7v40g%26sig%3DAOD64_1mVsUMmo0ZU1IP8Mjp_wBBKSRrHA%26client%3Dca-pub-2577219840435371%26dbm_c%3DAKAmf-BfaHe1yqm-Dbe3pREz3MfTrGKfgmxKFbvu69EHd_xt27b0shamw_Mck9r5lIwNUjUdMm-DSjXfuCLbLsyoIGcVXoOVHokIx5hKKoAGjHPe5ajJGynxkOeNV7q4UZ180wgXYKOfuHqu8mc1S1zRkGr6pQ9y3g%26cry%3D1%26dbm_d%3DAKAmf-BY8ZYICPM1xYgmq9zL7Bs6YRoWswofnX-7JAPA8CjfCtXrRkKSBHgqGDoxyfh0R45p8RIFEk5EKobT0nyLD-3-4BZ4rW5rLMmJ0xWdWccQ6iL-4RHpjxxEoHx8PHrY551-z-iNsnhuuRGa7wPjkgtASh7WHsHUBDdJuixs7IOoHPpl62Gf-M8GL9OJ-n6zUGn3k6H4UlH1fAj7bCUx-_bhQiKwVhoCRKkHIFSubcfoPv4NqRo-f5FxlHXFMtnCu7jqz_gBlK_gc2QOy9grOIEfdbvQf-EtpygKH7o5ewHIYWjNLJmoqOg3SRw8zHk5TRUPHUMTLjcnwa2UzVmgh3gGVWTnM_VeSBEIqZoauRGit4Iqup_rBZqWRhttWC2mhvCg2Rf4iJCbSKnms1jaZx09oz0X06JOGhcpLG7ykvjGHqjjA-OJYk36s1B8f2JccrEpUVDCkqqEybJIiYr7ebJLkaG49uo6pXiu66usAot40AyuVZE%26adurl%3D&expandDirection=undefined&preferredClickThroughWindow=new&clickEvent=advertiser&externalAdServer=DBM&tagVersion=html-standard-7&eas.JHtDUkVBVElWRV9JRH0%253D=395048052&externalCreativeId=395048052&externalSiteId=202457267114&externalSiteName=https%3A%2F%2Fwww.hellooha.com%2F&externalSupplierId=1&externalCampaignId=15442583423&externalSessionId=ABAjH0jBXCMtqjEX0N7NbUyRwP0y&externalBundleId=&dbmExchangeID=1&externalAudienceIds=&dbmPixelIdComma=&externalLineItemId=15442583423&scriptId=celtra-script-1&clientTimestamp=1638915264.083&clientTimeZoneOffsetInMinutes=0&hostPageLoadId=34383170104226113
Requested by: Host: 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
URL: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.155.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-155-46.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 57b564118d70fa2d621e923e0e7a8542726a3ee4073ce055ef1f809ee090becf

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:24 GMT
content-encoding: gzip
x-server-name: app24.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
DATA 200
OK truncated
/ Frame 88ED 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f6e99e27c7f34214e180997bd5b855499bac6a10e54b0feec8c81bfe61923ae

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211206/r20110914/ Frame 619E 24 KB
9 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211206/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BdYGuHmNk4XdGqPMUaxbUa5VgYfC-QD3iwbJB368Cw-Nbu3vEBsN7C5iquDhiQ5jXXIcmvV5h8pJw8vxe2T9q6SmK6PGpuhUy3GTX_db8vXLh2fCp9AbvAx0hMqqoS0aX0fd6GoTstH-6IgxIxznvi9h9CqA&dbm_d=AKAmf-BbzQhkmxqGv8y4oJPbkeAavr6-cO6RzG4iNy1VcVaV4lcbQFZ2AVik17Kt1T80iBewN84RwQEnCAQmY0Xp_mOV3l7k3Gzt2yTZQEpBb-XAPZgrEzZIQRrK6znKwUUpjPPcVPbWGTA4awzX3E8ZOSk6KVrUebW_BK1cJoHDHtsetu2mSRDn6IEthjq2EiTjlWJhZgD36YHwdvlBaNtuel6WbG91_egI9SxefzirXBmiaH6gQub8Sj5-H0Q5bHHkHQ7JrMf5c85h5aVBWEhv-9EJM7Vvx2MZhDuQ1izFhFZhl6ysMO9MDmK3piED4XMzSPuG9SNvj4xBCL0z2tSp5iglMq5v_EuZOt5Oejb7i6wQ7RQK5rvvAT_Gajr_8v-sjmpVo7TJ5cpFIj7Qdv33snYRTTho02x6h9vHQz4ybfpvfXtAm0He0OYlR2rnzmNeaWIl_hi2lU0HXJqRpQkdTKeYEsU84U0Sm1GLcFIHEx2lCbPcRcP-9ZayJLZpAPcDzHjlUuD4WfcDPaSDWPixAbCsxSCZ8DHeoky-ISNECPvgq2AJXaKWYdwdLTRXuZZQCv-XhQzc0dMkMWmuGLWf4dtD9frlLWXHEcipmUh_GnD_g9jRIkwAPV59dlWfX55w8sZUHJ9tkotlTFza7Gq-dS1SoYYsUqMu3h_mllW8EgGLmfxeQkmM1QzRCCnGA_eV4btCB9DyjCe-XXMRScBjdTFxEFMrioXVjbJVmKpMzLRttP9i_7LkqP5Z9t6pBLQCbg66q-3IhDTWjENcC338XlYpbEDzc1vbGLEJAtJATU2ubHV1yMW2rRQRUM8DNZTqQp6SLkkiwARwQk7aR1eRvbAq12opFbGrCvqjRA3nyYBuoeLf3lmN80RKwx_W20l-1ERFR7nWGd-yVRqr-Qj5hkjAtkDzpr7OIdSVcJkxWDNf8jxc5MYK36axVtTVyf7opHgKdUUO9psLyn10x3oEF1tRre3DqnOPcykQeEkSDCT1ZgH8ejd1zGBFKyOdyh1fgpUwMfvEQ-N2ozDMBFxBUOiobYqcYy9KGb9izK9eaCizSQM5rxewkCBiGt4OR0-VXKx3AwWG7zmBxjXx6LC4rG9aWdsWJfkR4N1EoYcBo9LZfGGFeuFV9fBvG2ULWiFmXcwfrbOjVBORPti6bxhOUGn-IhOXVgHtwGHbfyHAjhQjtRzQaRLwPXj_hp1NpbDu5GCOoQ_FczN7yONS5c-c-pLYJJ7N_JcZ-T2BEtn_Mpa2R6J5OX-mrDbxV4K6jqlXc0GrK3u60yxSSraqX8QTonKWsnES4JUeF6gnWhy2pclNeXSAhqabT1XQQ3LEp4Sl_MamMfeXJi4JG3T2Uo4WjMB5Z4OvaxbqlGLN6KF9Sp4ohAoeTjWDriAGZwrABEG3FYmr5adCX5L6F6kLrVmrre4VV5yF6Zma7ITo0lqHnDdlR8Gg6X03ueIMFRa7YphoaeIlB4Kx0h_7jm7-ciMC_Cj4s_gslJDbnOvM4qx4N90uMZlJFs23Rwei-5Pr182LdeJVTUJRDiQh9wx5lTs72MpZMsJC3G5TYN3ah0bJJR0WF23bVb6BpPHSwVVUlXkyrBzMm2pRvydL0NQwxTFD843I7ZnfxfsbWZfL1StEypXhh9w2hdxgbD52MYQz2bUIWGzwmqJMkcd_NRSIywcr2kYDOX0gMwAAwjMUUK1s83afRWxsS6rOVhqKDI9LVNQL1N09MOD4-BHT00g4_dbNXRTjTLQKeFr7D-ztMdrnVlK3NNF0k15H2L44VeyY1_UTOsAJfpom0PeEwykHBv-mDR90TOxqB9Rh5dmOQqnLDAZWsQEHvXfvQaGtlXElpbRjfWKFOBm7_VqIJPt2I4Wx_VyfuVNLv8_MwemGFtJkfxKiA0mV0nZbr6erMCcacMWrV_NGJy-f-4r5Gk9rGxxkyY04s96f0R9tTSRtndLDQq_GqfCcshlZK_SvONHbBsWmufsXsic18c3hisiOzBf2e-MhCAFnWVYSNe97jHOnFszWkLWUNK0KFDoCj-KSW1G3CBsz0w3vKfX8cN-ZXfXg9ntgousP4cuExgw2xwGaf5NwBMphRlFIApO31_4SsXI_jRKI1wFqt1RD-lC0niLmH5RwFbe10aLNeDs9tkykEzAQ6v7hf_6dkVPg6y_HLJZdcAcM1e5KrAnc8v5w-n73Xl9GKUW-xMOKeBhUd-K4D-E9VzO9SOvrvfz3DLs63RfhwzZ2EYKjjAKdKV_mcoaYdGEwdBJeFexbJ1ke97e9frJUNiNpefTMJnzaknFIYvNsSUuK1aP5J3rQZD3TN1qZsOVZfKMuoV5g2gZsuzz-IrU8wfenqhjKS_ewuNVK4Xuo0M05zRKisBxFIJQBx0UUqJL0YoalcHT_h3TFBNJzyFdYVK_PBsj-eV8cETp4Y68KndaHYTVpWnrSE07YJa6QofPoDoWfnD_TRddg35mPH0EnywWGagsdu4TX6hJF0DEj8ToHzXFp8fWejD8pmf7M6f9qVjThmvBG7wnxee20FFJYo3AC_7eQtNX8U-loEETg-qkAJmB4MYAXA0_rOYqnjaj7_r-2InVXXqoAsD4vhREvYRdC4VY8N6_Ov005KkrwNFLaULq4J0cy1nuKllLyl-JYH44cO0JaB1Zu8YvcqAXXaZ3mx5eDubgTn-Lj-NPJsuif2oCRuB3kT-OFphKP5gvUlJgeVMdzi4iMW21-iRotyJJulz2q73IPGP4ldB6NvP0A6xGBGlAUCYswW2AG0VXr7sNGfXCFADoPrlj2XezNPNJOVjWadv3AAKKzj2o-DtSfmTitfz-0I62DvgMwPCnqKFu5vgv-oDQlAALupDkXgN4xkYTO3Se99RqJgdVs-7G59i8rKd1AechTKYkD_x0y8JZHH2PdogriuyI-eusFeEHJDmqojj4MTlGdtD3YQDZIuZiRRLaYk378G1gVx8jEIXH0ebrjjIoUxn1ojJK6MxLYjXk24Kw3p-EzQkCjHBjREyp8Lq4IY5Bkw0wQJrwx8ksOc5uabE3dVLB6jpF2qlQtT0EMi20GDAOHGqY_rm2zDGiqngof8PFLKv8jfxuS4P06s41v5NAMZg0NKz4YXLy0t0jyIDpH8QGoMPbled98mHz5gKOa4xEzdE1uSotMP1mUMRGV8KjkwlEDVte2nh7pJqkhopeKqqZbR4uXVC3rs2GwbVd-rKMmZZAjhDG_RWS2eHTVKnUWxbKcOdLeyt9JCjqHaE6COSS9FNlm4npwk9Vr&cid=CAASEuRo87e5G2I2jXhfm0Q7lDC1UA&rfl=1%2Chttps%253A%252F%252Fwww.hellooha.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2da3cec06fc8ccae40077ed49d5eb86f550a110d914ee611611ba688f0fd610c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:11:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 162
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9505
x-xss-protection: 0
server: cafe
etag: 2191309775366055064
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Dec 2021 22:11:42 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211206/r20110914/elements/html/ Frame 619E 8 KB
3 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211206/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:07:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 415
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Dec 2021 22:07:29 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 619E 0
571 B 180ms
87ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssJDmwcZ8qwgF66EtSjjZXi62QWBPc4M7UjCMWVB5P-POQAcqQLpPhHtI6orQwhnSnVofkUg5nD_PVOKQsAcyh8QxFIeT1EqYNu3yiRRJ2YdxLSTn75YHUwCoOkN_RD7hbW3IBc0Irk3yHZ96qHGK6ZxkEI1i3Yn1z5Giyw2zK6BQXtKv5ZITa1Wyzp9IIQHC47YvOTRjDBCGLrpogKhpdv7Cfxx9KjC9TDvNdfUq7tQ6sdRVAV3mF-x7nJBmIpnc0YbeMs_LutNd_X2iPIU2tAITEYMow6mWZMrAL3T_UaHjkhKUuMSTYu4_JeA84BELz_gMjsOXpO2tK9bChcBlkOt9QWXra_NMcfDaSbZSc8aphER6UXOPZaj9knrhBOvMy8wKJiKnvL2w0eLG1NLkVGN4ozACccbz8QKJ3FbHzTCPo0iMumLUmNiRVuAcdG8AXESYIt8w55_HNBtxP25FEXwZDi_cZPB06SGwBxokj0h9XfTAaVuKlsqOcduHV3pQp_LoDnLxBLszzhGAMZ00oDq-wzZrLpnE20DFOfNwfcY2ZROoBh54LpDjQEoWuT8xJ9eEATrG_31BbdO9uXkv-O6jOsSKncj4a2upIa7gIO67JW1Xtz10oor5l27pmmi_xAXLWPRD_ju08ujbO4yk-NtSFv8cQuI_Q5_90L-kIB9odj1Zi5EohaEM4HQIGtZKe-dSOcQOh3MFdM_kO0vJfkCVIL_-kfldw0Q4s2O1ParM284VVLfjTZ5T7P4hO7E9Q4YiRQWUgQl5iB7RP_qIZwBpWs8YYeANpECYWGp6oeBHCWspGOkfG-VQ_c_BcDp5WpF0gBAMSRXM7pnF0YMenGg6wggfogtvnc3_31qRd4bCjA3BtUZ8miivbOFFKI0BSCcbs9WA95uTWq_ZCa5hGrNAxKLpt85jeQTLBN-Ot_jcs7Ln3LVvfWjStqy6KKUbnKCz84yRMpfSNHLqba-hmhTZa6Ty9a19cJih9sXWPCKfHkmWzAkPY0Q9hd5B17vmpn36mbyLZ7ylP1rCEoYZrrESGKgZHeq0q0qLKlRTacxluGdgeCTzuyMoOYH38cuZZuUIXdd1wmaSCuYGn0t5rs1VMqyttzdz7qe3VCJpCyCW9s3lJf6CzLH1Z04cFtn90aJRzwhI7Rci8UxoPR14_cRYQXO7P3g1A8hAk7zjrqqPStPnUBiA_Luf-YxxVa-QoO3VGWfDA2IM6bGmoDQeJMvSP87sW_SadV_Zvqf93-41uJRAIcStocpZBXRwJuS1jYQOxpMOltdCGV6atQJw&sai=AMfl-YTohBQ3g01rIfs4Ie6lHy4P5OZFZhSq-xty3PZX1JgEFc3_QVJAl_zfln2xJU1aoHugqWniHR3p1r2mPNb7M6lmp8UDTLAWrTZwh10hJwef-1R065NFFJ1JK-YfpnUIHxQgt2LuvIvO5Oq6iZFSm2CvcbKxW__tzdgRWwG6WzhLXHT58PgqkDM&sig=Cg0ArKJSzBAkzF_MoFcrEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211206.90307&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Tue, 07 Dec 2021 22:14:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 619E 41 KB
15 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 20:02:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7897
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Dec 2022 20:02:47 GMT

GET
H2 200 2430278200372250040
s0.2mdn.net/simgad/ Frame 619E 149 KB
150 KB 138ms
45ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/2430278200372250040?sqp=-oaymwEOCKwCENgEIAFIZFABWAE&rs=AOga4qnmyzSkVMzfOopMSVwKeuWcDYMdoA

Requested by

Host: 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
URL: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc78cc7e95dee919cbfc30192b760125632f16d780af5bd3ac71744605ddcf77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 11:31:31 GMT
x-content-type-options: nosniff
age: 556973
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 152580
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 19:52:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Dec 2022 11:31:31 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 5385 22 KB
8 KB 40ms
40ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Tue, 07 Dec 2021 21:44:41 GMT
expires: Wed, 07 Dec 2022 21:44:41 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1783
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 31B0 0
104 B 165ms
80ms Image
text/plain 2a02:fa8:8806:12::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEJDMsJfPFVxKc3mqilyEFIE&google_cver=1&google_push=AYg5qPLDTW4x02DfFNadNuMsnCqVpEMVW5eW29qNfFoH6y5nMpC8e0EBCChVXqk1qTLYkY9P0GiZxVQVnMKl5Bq0y0DdJCzcKkw
Requested by: Host: 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
URL: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:24 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 31B0
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEE535ONjfZiZu-VH59qS7sc&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEE535ONjfZiZu-VH59qS7sc&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ckpYSktlTFAxTVVJSmE1&google_gid=CAESEE535ONjfZiZu-VH59qS7sc&google_cver=1&google_push=AYg5qPJ06o9RVzlOaDg4i1Hj5wv1QsSYYhOxwH939VkJ4Rh...

170 B
188 B

52ms
51ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ckpYSktlTFAxTVVJSmE1&google_gid=CAESEE535ONjfZiZu-VH59qS7sc&google_cver=1&google_push=AYg5qPJ06o9RVzlOaDg4i1Hj5wv1QsSYYhOxwH939VkJ4RhW_Vztt0pqMH04wD4lH9buCpP8j2AbIvRPrkIR-Ii_6sJ5bp_UioQ3

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 22:14:24 GMT
Server: PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-077b4b1cfd9a8648d@us-west-2a@dxedge-app-us-west-2-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ckpYSktlTFAxTVVJSmE1&google_gid=CAESEE535ONjfZiZu-VH59qS7sc&google_cver=1&google_push=AYg5qPJ06o9RVzlOaDg4i1Hj5wv1QsSYYhOxwH939VkJ4RhW_Vztt0pqMH04wD4lH9buCpP8j2AbIvRPrkIR-Ii_6sJ5bp_UioQ3
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 31B0 0
191 B 100ms
32ms Image
text/plain 66.155.71.149
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEARYXmVrh2elisrv6Dr5NDI&google_cver=1&google_push=AYg5qPIj0xAH1_DH4EFZbuf6RX3FkaSRqUcGwLBeg6-WWPhmqaFDt9g_zz_LOLwOnxJIKqztza8L5dQzOFMPmPj7r238kW8SSbQ
Requested by: Host: 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
URL: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:23 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 31B0
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEI0vKpEHyDkvLRE9oj5en_A&google_cver=1&google_push=AYg5qPKE8WjrPBoo4-8PUyJZF0bQFQYDlvK2ooCUVosbAURrJdWXhS6WS9c-46ScSlwi_BHMGKG4XZne6teH44peAtTU...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEI0vKpEHyDkvLRE9oj5en_A&google_cver=1&google_push=AYg5qPKE8WjrPBoo4-8PUyJZF0bQFQYDlvK2ooCUVosbAURrJdWXhS6WS9c-46ScSlwi_BHMGKG4XZne6teH44...
https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_uid=a5770a80-e63c-4c69-b134-1fb3c2ef6624
https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_uid=a5770a80-e63c-4c69-b134-1fb3c2ef6624
https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=489d4e93-a2bf-4e6e-9e67-6fe1220cc7be&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKE8WjrPBoo4-8PUyJZF0bQFQYDlvK2ooCUVosbAURrJdWXhS6WS9c-46ScSlwi_BHMGKG4XZne6teH44peAtTU-m_CTKsm&google_hm=pXcKgOY8TGmxNB-zwu9mJA==

170 B
188 B

52ms
52ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKE8WjrPBoo4-8PUyJZF0bQFQYDlvK2ooCUVosbAURrJdWXhS6WS9c-46ScSlwi_BHMGKG4XZne6teH44peAtTU-m_CTKsm&google_hm=pXcKgOY8TGmxNB-zwu9mJA==

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKE8WjrPBoo4-8PUyJZF0bQFQYDlvK2ooCUVosbAURrJdWXhS6WS9c-46ScSlwi_BHMGKG4XZne6teH44peAtTU-m_CTKsm&google_hm=pXcKgOY8TGmxNB-zwu9mJA==
Date: Tue, 07 Dec 2021 22:14:24 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 31B0
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELd-RU9n2hzkTgOQr_8IrIs&google_cver=1&google_push=AYg5qPKpX-9D1EvvEgvhPw1qBikrthRK6ZY2oCDj51kAul1rrl9tnehbkb7OBMc4MiOkcl4cvcJ14UcDRqlhR_ZQXrYd4r2...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKpX-9D1EvvEgvhPw1qBikrthRK6ZY2oCDj51kAul1rrl9tnehbkb7OBMc4MiOkcl4cvcJ14UcDRqlhR_ZQXrYd4r2wbH0&google_hm=NjMyNTYwNDUwOTY2ODcxOTg...

170 B
188 B

51ms
51ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKpX-9D1EvvEgvhPw1qBikrthRK6ZY2oCDj51kAul1rrl9tnehbkb7OBMc4MiOkcl4cvcJ14UcDRqlhR_ZQXrYd4r2wbH0&google_hm=NjMyNTYwNDUwOTY2ODcxOTg2NA%3D%3D

Requested by

Host: 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
URL: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 07 Dec 2021 22:14:24 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKpX-9D1EvvEgvhPw1qBikrthRK6ZY2oCDj51kAul1rrl9tnehbkb7OBMc4MiOkcl4cvcJ14UcDRqlhR_ZQXrYd4r2wbH0&google_hm=NjMyNTYwNDUwOTY2ODcxOTg2NA%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H2 200 dot.gif
s0.2mdn.net/ Frame 31B0 43 B
175 B 198ms
118ms Image
image/gif 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEJqq1Z9PChdqr_VzIA3tVC0&google_cver=1&google_push=AYg5qPJg06UOSGQhWJmLUB1buntkgT17rOoC_CXrQ80AgYn-wyA2Q-BtXfU25pBs4cMBzZfN7jDxJTJcd5GCyl-2G6Cec-qkzwes

Requested by

Host: 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
URL: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Dec 2021 22:14:24 GMT

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 31B0 0
75 B 140ms
36ms Image
text/plain 185.86.139.104
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEEPgBwzWymx35hBSAIDbtJ4&google_cver=1&google_push=AYg5qPLHUDWPxdDfDohW6HXzkvTR0tIp_PhEBUleBjzIOLpYL6qrPEsjcD7JdGPUSI0BbxShSESPtdBaeZneN8S6MctAT5GkhWzb
Requested by: Host: 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
URL: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:23 GMT
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 31B0 0
12 B 49ms
49ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JcLUXXvj6kqrUkSRZVSShqLk5xQVb7l-Z4pY6wIoCGC8DOmZb1shoPKa6jX22t7hL19qJL

Requested by

Host: 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
URL: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:24 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1

200
OK

web.js Show response
ads.celtra.com/471622dc/ Frame 88ED
Redirect Chain

https://fw.adsafeprotected.com/rfw/ads.celtra.com/890300/58784809/471622dc/web.js?&clickUrl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCT5aav9yvYeipHdzJ7_UP1OKa0AjO9KTyZt...
https://ads.celtra.com/471622dc/web.js?&clickUrl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCT5aav9yvYeipHdzJ7_UP1OKa0AjO9KTyZtiKo6_dDp2Sg5KgJRABIMHOgR9gu4aAgNAKoAG_puefA...

17 KB
6 KB

193ms
56ms

Script
application/javascript

18.198.153.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.celtra.com/471622dc/web.js?&clickUrl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCT5aav9yvYeipHdzJ7_UP1OKa0AjO9KTyZtiKo6_dDp2Sg5KgJRABIMHOgR9gu4aAgNAKoAG_puefAsgBCakCL-GjrY40tj6oAwGqBPgBT9Bv-OzB1t0gLrWfw7IC1xaCfi9fZyq4dCv6TMx_gn4MiE_6QbFAYG4ug8NxEWsmQB0yXmtuIw0iNaGrv9UXdz0xnTIBDTI6HiBuEpczH1yxhtq39SYx-N4RYugPtH2qYyrABIuq8LINpMAmLevX3ZdLFgOpuPfQAZzd8i2VekygJJUEaC81zpcgAVYcWgDsqm5Cx_F_TzYXMzlIsWF9kXLSCwyHy0_QjDxpywLqOyFGEJ5GBDt24oMQ7wbceeapg9_mviiBx1dGl8wArj7Q0rmjE-xh1cKYT_hbtVW8X7Eu9SE50UAe5X0Vogy8ctvUhDP9JVIWp1XABLWF1cnkA-AEA5AGAaAGTYAHqdmY4AGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTQzMzA0ODc2NDUzNTkxMTKACgOYCwHICwGADAGwE6WCxQ3QEwDYEwrYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRo60h0iYbLGZIy8MmPv7v40g%26sig%3DAOD64_1mVsUMmo0ZU1IP8Mjp_wBBKSRrHA%26client%3Dca-pub-2577219840435371%26dbm_c%3DAKAmf-BfaHe1yqm-Dbe3pREz3MfTrGKfgmxKFbvu69EHd_xt27b0shamw_Mck9r5lIwNUjUdMm-DSjXfuCLbLsyoIGcVXoOVHokIx5hKKoAGjHPe5ajJGynxkOeNV7q4UZ180wgXYKOfuHqu8mc1S1zRkGr6pQ9y3g%26cry%3D1%26dbm_d%3DAKAmf-BY8ZYICPM1xYgmq9zL7Bs6YRoWswofnX-7JAPA8CjfCtXrRkKSBHgqGDoxyfh0R45p8RIFEk5EKobT0nyLD-3-4BZ4rW5rLMmJ0xWdWccQ6iL-4RHpjxxEoHx8PHrY551-z-iNsnhuuRGa7wPjkgtASh7WHsHUBDdJuixs7IOoHPpl62Gf-M8GL9OJ-n6zUGn3k6H4UlH1fAj7bCUx-_bhQiKwVhoCRKkHIFSubcfoPv4NqRo-f5FxlHXFMtnCu7jqz_gBlK_gc2QOy9grOIEfdbvQf-EtpygKH7o5ewHIYWjNLJmoqOg3SRw8zHk5TRUPHUMTLjcnwa2UzVmgh3gGVWTnM_VeSBEIqZoauRGit4Iqup_rBZqWRhttWC2mhvCg2Rf4iJCbSKnms1jaZx09oz0X06JOGhcpLG7ykvjGHqjjA-OJYk36s1B8f2JccrEpUVDCkqqEybJIiYr7ebJLkaG49uo6pXiu66usAot40AyuVZE%26adurl%3D&expandDirection=undefined&preferredClickThroughWindow=new&clickEvent=advertiser&externalAdServer=DBM&tagVersion=html-standard-7&eas.JHtDUkVBVElWRV9JRH0%253D=395048052&externalCreativeId=395048052&externalSiteId=202457267114&externalSiteName=https%3A%2F%2Fwww.hellooha.com%2F&externalSupplierId=1&externalCampaignId=15442583423&externalSessionId=ABAjH0jBXCMtqjEX0N7NbUyRwP0y&externalBundleId=&dbmExchangeID=1&externalAudienceIds=&dbmPixelIdComma=&externalLineItemId=15442583423&scriptId=celtra-script-1&clientTimestamp=1638915264.083&clientTimeZoneOffsetInMinutes=0&hostPageLoadId=34383170104226113
Requested by: Host: 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
URL: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 18.198.153.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-153-20.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 338c37a4c6d02f3fbb563a6915e79d1f5385e34e05bd4eb4a67c71aa47afda4b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 22:14:23 GMT
content-encoding: gzip
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 5890
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:24 GMT
x-server-name: app25.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://ads.celtra.com/471622dc/web.js?&clickUrl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCT5aav9yvYeipHdzJ7_UP1OKa0AjO9KTyZtiKo6_dDp2Sg5KgJRABIMHOgR9gu4aAgNAKoAG_puefAsgBCakCL-GjrY40tj6oAwGqBPgBT9Bv-OzB1t0gLrWfw7IC1xaCfi9fZyq4dCv6TMx_gn4MiE_6QbFAYG4ug8NxEWsmQB0yXmtuIw0iNaGrv9UXdz0xnTIBDTI6HiBuEpczH1yxhtq39SYx-N4RYugPtH2qYyrABIuq8LINpMAmLevX3ZdLFgOpuPfQAZzd8i2VekygJJUEaC81zpcgAVYcWgDsqm5Cx_F_TzYXMzlIsWF9kXLSCwyHy0_QjDxpywLqOyFGEJ5GBDt24oMQ7wbceeapg9_mviiBx1dGl8wArj7Q0rmjE-xh1cKYT_hbtVW8X7Eu9SE50UAe5X0Vogy8ctvUhDP9JVIWp1XABLWF1cnkA-AEA5AGAaAGTYAHqdmY4AGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTQzMzA0ODc2NDUzNTkxMTKACgOYCwHICwGADAGwE6WCxQ3QEwDYEwrYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRo60h0iYbLGZIy8MmPv7v40g%26sig%3DAOD64_1mVsUMmo0ZU1IP8Mjp_wBBKSRrHA%26client%3Dca-pub-2577219840435371%26dbm_c%3DAKAmf-BfaHe1yqm-Dbe3pREz3MfTrGKfgmxKFbvu69EHd_xt27b0shamw_Mck9r5lIwNUjUdMm-DSjXfuCLbLsyoIGcVXoOVHokIx5hKKoAGjHPe5ajJGynxkOeNV7q4UZ180wgXYKOfuHqu8mc1S1zRkGr6pQ9y3g%26cry%3D1%26dbm_d%3DAKAmf-BY8ZYICPM1xYgmq9zL7Bs6YRoWswofnX-7JAPA8CjfCtXrRkKSBHgqGDoxyfh0R45p8RIFEk5EKobT0nyLD-3-4BZ4rW5rLMmJ0xWdWccQ6iL-4RHpjxxEoHx8PHrY551-z-iNsnhuuRGa7wPjkgtASh7WHsHUBDdJuixs7IOoHPpl62Gf-M8GL9OJ-n6zUGn3k6H4UlH1fAj7bCUx-_bhQiKwVhoCRKkHIFSubcfoPv4NqRo-f5FxlHXFMtnCu7jqz_gBlK_gc2QOy9grOIEfdbvQf-EtpygKH7o5ewHIYWjNLJmoqOg3SRw8zHk5TRUPHUMTLjcnwa2UzVmgh3gGVWTnM_VeSBEIqZoauRGit4Iqup_rBZqWRhttWC2mhvCg2Rf4iJCbSKnms1jaZx09oz0X06JOGhcpLG7ykvjGHqjjA-OJYk36s1B8f2JccrEpUVDCkqqEybJIiYr7ebJLkaG49uo6pXiu66usAot40AyuVZE%26adurl%3D&expandDirection=undefined&preferredClickThroughWindow=new&clickEvent=advertiser&externalAdServer=DBM&tagVersion=html-standard-7&eas.JHtDUkVBVElWRV9JRH0%253D=395048052&externalCreativeId=395048052&externalSiteId=202457267114&externalSiteName=https%3A%2F%2Fwww.hellooha.com%2F&externalSupplierId=1&externalCampaignId=15442583423&externalSessionId=ABAjH0jBXCMtqjEX0N7NbUyRwP0y&externalBundleId=&dbmExchangeID=1&externalAudienceIds=&dbmPixelIdComma=&externalLineItemId=15442583423&scriptId=celtra-script-1&clientTimestamp=1638915264.083&clientTimeZoneOffsetInMinutes=0&hostPageLoadId=34383170104226113
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 3B03 80 KB
21 KB 155ms
146ms Script
application/javascript 2600:9000:223f:7800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
URL: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:7800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 18:55:08 GMT
content-encoding: gzip
age: 9515957
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 0afa2d721972ae312ad1dd54e47c43cb.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
content-type: application/javascript
x-amz-cf-id: X1WNgwFHuZCOFDLMr9d_cUUG8QNGsHqGpX6vFzeVdy7uIGsF802roQ==

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F2DB 1 KB
749 B 41ms
41ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
URL: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 07 Dec 2021 05:53:44 GMT
expires: Wed, 08 Dec 2021 05:53:44 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 58840
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 619E 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82a3eec8fdbeb0cd337c747f4df28a593bacbb8e93690825d5abef75397f53b1

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8866 22 KB
8 KB 40ms
40ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Tue, 07 Dec 2021 21:44:41 GMT
expires: Wed, 07 Dec 2022 21:44:41 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1783
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 88ED 43 B
215 B 363ms
115ms Image
image/gif 18.207.27.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=890300&asId=90a9f9de-9334-0346-c891-27cd50a4f503&tv=%7Bc:w9sDUv,pingTime:-2,time:66,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:395,beZ:396,mfA:399,cmA:401,inA:401,inZ:405,prA:405,prZ:410,si:412,poA:413,poZ:430,cmZ:430,mfZ:430,loA:455,loZ:457,ltA:460,ltZ:460%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:0,h:0,t:17%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:0,n:66,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:17,wc:0.0.1600.1200,bkn:%7Bpiv:%5B58~1%5D,as:%5B58~na.na%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sQWRqsh+11%7C12%7C13%7C14*.890300-58784809%7C141%7C142%7C143%7C151,idMap:14*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:na,sinceFw:47,readyFired:true%7D&br=c
Requested by: Host: 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
URL: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.207.27.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-207-27-110.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:24 GMT
x-server-name: dt23.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 4Sfc45HFswufgCf8fQCX22Ys6cavju9jIH_-ShQytV0.js Show response
pagead2.googlesyndication.com/bg/ Frame 5385 35 KB
13 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4Sfc45HFswufgCf8fQCX22Ys6cavju9jIH_-ShQytV0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e127dce391c5b30b9f8027fc7d0097db662ce9c6af8eef63207ffe4a1432b55d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 19:02:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 97900
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13379
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Dec 2022 19:02:44 GMT

GET cs
ad.turn.com/r/ Frame F2DB 0
0

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame F2DB 0
103 B 79ms
77ms Image
text/plain 2a02:fa8:8806:12::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEJDMsJfPFVxKc3mqilyEFIE&google_cver=1&google_push=AYg5qPKZokffEBj_kL4t2TOAL8sjIrE-MEAENJLAQ6wGidHCXsKwfgKAZVfSr5c-fBET8b0hFWrkAZcQAuy0B963Ao4yUCzjmYY
Requested by: Host: 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
URL: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:24 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET ping_match.gif
pm.w55c.net/ Frame F2DB 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F2DB
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEFAi5_ldbgrwuMzLcKaKRHU&google_cver=1&google_push=AYg5qPKgm_JF9OKRu4OFaeRH_KTUz2hgfmD0CI7oITvt-bI_pL6XlOwd-3WCztk6JyVQqEi7drbah-3DgEka0tOg...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=sOVhr9y-RwCoZVU_5Qx4_Q&google_push=AYg5qPKgm_JF9OKRu4OFaeRH_KTUz2hgfmD0CI7oITvt-bI_pL6XlOwd-3WCztk6JyVQqEi7drbah-3DgEka0tOggPpuAjl1G5I

170 B
188 B

52ms
51ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=sOVhr9y-RwCoZVU_5Qx4_Q&google_push=AYg5qPKgm_JF9OKRu4OFaeRH_KTUz2hgfmD0CI7oITvt-bI_pL6XlOwd-3WCztk6JyVQqEi7drbah-3DgEka0tOggPpuAjl1G5I

Requested by

Host: 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
URL: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 07 Dec 2021 22:14:24 GMT
Server: MT3 4103 f8fad19 master cdg-pixel-x31 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=sOVhr9y-RwCoZVU_5Qx4_Q&google_push=AYg5qPKgm_JF9OKRu4OFaeRH_KTUz2hgfmD0CI7oITvt-bI_pL6XlOwd-3WCztk6JyVQqEi7drbah-3DgEka0tOggPpuAjl1G5I
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 07 Dec 2021 22:14:23 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame F2DB 43 B
351 B 97ms
32ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEO4iexl1AHYNOysITJuRS6Q&google_cver=1&google_push=AYg5qPJj6xDIZXHtXfIr555m7ACx660JRFSCgNXgR2v9AQl9OOlGz59UJFcjRzdwyRy2PKFj5WwpRGSRODr-DYA0cVpFrMFfilk
Requested by: Host: 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
URL: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:23 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 6bf71tr82fjuh9s4ukoihneha9kdjiig

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame F2DB 0
75 B 52ms
36ms Image
text/plain 185.86.139.104
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEEPgBwzWymx35hBSAIDbtJ4&google_cver=1&google_push=AYg5qPKtDzZNKlpRU_SpdakPhqdMGST2SV1h5ZLNNd-I0YNCh2uVyENeXfrBg4k_TcXgFO7PBzHSu24tvkOHreCJTpAkXnO_Gw
Requested by: Host: 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
URL: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:24 GMT
content-length: 0

GET
H3 200 dot.gif
s0.2mdn.net/ Frame F2DB 43 B
65 B 98ms
48ms Image
image/gif 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEDc-FPZzuYVh0rw1o_0ysZU&google_cver=1&google_push=AYg5qPKx9TrY-nAm7PXyCEXVscVeRyYN25gc_c16pXthcDZi2OCXCc7C9RrbrcqS-SwxVnd2ATyPdHg9UMxnVemn5D14mivxPCJN

Requested by

Host: 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
URL: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Dec 2021 22:14:24 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame F2DB 0
12 B 50ms
49ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KhZPnKDxFGmLTOnpiWWPpMSurkfXB0lIHvpf7uuZNeSz_SwnJHgPH5N-xHJZY_CyFNjkZKdg

Requested by

Host: 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
URL: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:24 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 4Sfc45HFswufgCf8fQCX22Ys6cavju9jIH_-ShQytV0.js Show response
pagead2.googlesyndication.com/bg/ Frame 8866 35 KB
13 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4Sfc45HFswufgCf8fQCX22Ys6cavju9jIH_-ShQytV0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e127dce391c5b30b9f8027fc7d0097db662ce9c6af8eef63207ffe4a1432b55d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 19:02:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 97900
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13379
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Dec 2022 19:02:44 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 50ms
50ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAdUnit1=Hellooha&zMoatAdUnit2=Homepage&wf=1&ra=3&pxm=2&sgs=3&vb=3&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2F9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&i=CHOUEIRIGROUPDFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-mix2djWwZ10QbMk%2BqjMratT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-5ZHC8H1EcAEJWg%3D%3D&sc=1&os=1-2Q%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&qr=0&url=https%3A%2F%2Fwww.hellooha.com%2F&pcode=choueirigroupheaderdfp445340272806&rx=439159463936&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=970&rm=1&fy=315&gp=130&zGSRC=1&gu=https%3A%2F%2Fwww.hellooha.com%2F&id=1&ii=4&f=0&j=&t=1638915262033&de=720733468038&cu=1638915262033&m=2278&ar=8ab009d7785-clean&iw=41a656a&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=130&lb=6414&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A676%3A676%3A1642%3A764&as=0&ag=17&an=0&gf=17&gg=0&ix=17&ic=17&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=17&bx=0&dj=1&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=34&cd=0&ah=34&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=38317631%3A727636631%3A1304154191%3A138224993577&cm=1&bo=Hellooha&bd=Homepage&gw=choueirigroupheaderdfp445340272806&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=196017&na=639090732&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:24 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 07 Dec 2021 22:14:24 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 619E 0
23 B 128ms
78ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 22:14:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 6727 80 KB
21 KB 66ms
66ms Script
application/javascript 2600:9000:223f:7800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
URL: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:7800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 18:55:08 GMT
content-encoding: gzip
age: 9515957
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 0afa2d721972ae312ad1dd54e47c43cb.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
content-type: application/javascript
x-amz-cf-id: POFX631Y1dEk8Sqi04ztHKA4RVYPTht16vdSltFejLtv3lurO3YjpQ==

GET
H2 200 mon
pixel.adsafeprotected.com/ Frame 88ED 43 B
215 B 43ms
43ms Image
image/gif 34.250.155.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10933&advId=25368344&campId=15442583423&pubId=1&chanId=202457267114&placementId=395048052&dealId=549644393847897261&adsafe_par&impId=ABAjH0jBXCMtqjEX0N7NbUyRwP0y&bidurl=https://www.hellooha.com/&adsafe_url=https%3A%2F%2Fwww.hellooha.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:e475f2ff-be50-51c1-86df-a89784f6eb19,c:w9sDWz,sl:na,em:true,fr:false,thd:1,mn:app13ie,rg:ie,pt:1-5-15,br:c,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,mtim:291,fm:sQWRqqy+11%7C12%7C13%7C14*.10933%7C141%7C142%7C1431%7C144%7C151%7C152%7C153,idMap:14*,pl:CV8L.VEBo.0YtC,rmeas:0,rend:0,renddet:na,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:301,oid:08cb54f5-57ab-11ec-a2ba-062810ec67f6,v:19.8.270,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
URL: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.155.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-155-46.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:24 GMT
x-server-name: app10.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 88ED 43 B
215 B 208ms
116ms Image
image/gif 18.207.27.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=890300&asId=90a9f9de-9334-0346-c891-27cd50a4f503&tv=%7Bc:w9sDX1,pingTime:-2.1,time:222,type:a,clog:%5B%7Bpiv:-1,vs:n,r:,w:0,h:0,t:17%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:0,n:222,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:17,wc:0.0.1600.1200,bkn:%7Bpiv:%5B213~1%5D,as:%5B213~na.na%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sQWRqqy+11%7C12%7C13%7C14*.890300-58784809%7C141%7C142%7C143%7C151,idMap:14.e475f2ff-be50-51c1-86df-a89784f6eb19.32_10933%7C14*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:na,sinceFw:47,readyFired:true%7D&br=c
Requested by: Host: 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
URL: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.207.27.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-207-27-110.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:24 GMT
x-server-name: dt01.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 45ms
45ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAdUnit1=Hellooha&zMoatAdUnit2=Homepage&wf=1&ra=3&pxm=2&sgs=3&vb=3&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2F9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&i=CHOUEIRIGROUPDFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-mix2djWwZ10QbMk%2BqjMratT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-5ZHC8H1EcAEJWg%3D%3D&sc=1&os=1-2Q%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&qr=0&url=https%3A%2F%2Fwww.hellooha.com%2F&pcode=choueirigroupheaderdfp445340272806&rx=439159463936&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=600&w=300&rm=1&fy=155&gp=1050&zGSRC=1&gu=https%3A%2F%2Fwww.hellooha.com%2F&id=1&ii=4&f=0&j=&t=1638915262033&de=691256382744&cu=1638915262033&m=2282&ar=8ab009d7785-clean&iw=41a656a&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=1050&lb=6414&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=25&vx=25%3A-%3A-&pe=1%3A676%3A676%3A1642%3A764&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&ez=1&pg=25&pf=0&ib=1&cc=0&bw=0&bx=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=7&cd=0&ah=7&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=38317631%3A727636631%3A1304154191%3A138224993577&cm=1&bo=Hellooha&bd=Homepage&gw=choueirigroupheaderdfp445340272806&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&tc=0&fs=196017&na=188645187&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:24 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 07 Dec 2021 22:14:24 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 88ED 43 B
216 B 183ms
115ms Image
image/gif 18.207.27.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=e475f2ff-be50-51c1-86df-a89784f6eb19&tv=%7Bc:w9sDXp,pingTime:-2,time:353,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:287,beZ:289,mfA:578,cmA:579,inA:579,inZ:582,prA:582,prZ:587,si:589,poA:589,poZ:600,cmZ:600,mfZ:600,loA:621,loZ:623,ltA:640,ltZ:640%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:0,h:0,t:301%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:0,n:353,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:301,wc:0.0.1600.1200,bkn:%7Bpiv:%5B60~1%5D,as:%5B60~na.na%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:sQWRqqy+11%7C12%7C13%7C14*.10933%7C141%7C142%7C1431%7C144%7C151%7C152%7C153,idMap:14.90a9f9de-9334-0346-c891-27cd50a4f503.7_890300-58784809%7C14*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:na,sinceFw:50,readyFired:true%7D&br=c
Requested by: Host: 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
URL: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.207.27.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-207-27-110.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:24 GMT
x-server-name: dt05.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 100ms
49ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=www.hellooha.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 22:14:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 100ms
50ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.hellooha.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 22:14:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 19 KB
10 KB 246ms
245ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1274005952116071&correlator=1573858214258036&output=ldjh&impl=fifs&eid=21068767&vrg=2021120201&ptt=17&sc=1&sfv=1-0-38&ecs=20211207&iu_parts=7229%3A21806012766%2CHellooha%2CHomepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x600&ris=1&rcs=1&prev_scp=pos%3DMPU%26adslot%3DMPU%26m_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData&eri=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dgv_obscenity%252Cgv_adult%252Cgv_hatespeech%252Cmoat_unsafe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable%26permutive%3D39078%252Crts%26puid%3D562f6df1-a7b0-42fe-9168-ad796040ed61%26ptime%3D1638915262560%26pt%3Dhomepage%26platform%3Dweb%26Topic%3D%25D8%25A7%25D9%2584%25D8%25B1%25D8%25A6%25D9%258A%25D8%25B3%25D9%258A%25D8%25A9&cookie=ID%3D971a67e560b2f646%3AT%3D1638915263%3AS%3DALNI_MYJVDlJYOc-iJ-Ix6o48XYbk-0KOw&bc=31&abxe=1&lmt=1638915264&dt=1638915264435&dlt=1638915261741&idt=619&frm=20&biw=1600&bih=1200&oid=2&adxs=155&adys=1050&adks=1030947372&ucis=3&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.hellooha.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=330x3134&msz=300x600&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=552757844.1638915262&ga_sid=1638915263&ga_hid=454152632&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

09eb634aba71065813950316a4f1bcd90f6846f08c00867fac09987699fe4e11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10251
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.hellooha.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 web.js Show response
cache-ssl.celtra.com/api/creatives/4d1854ac/compiled/ Frame 88ED 624 KB
152 KB 192ms
61ms Script
application/javascript 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cache-ssl.celtra.com/api/creatives/4d1854ac/compiled/web.js?v=46-5b09507d4c&secure=1&cachedVariantChoices=W10-&isPurposePreview=0&eventMetadataExperiment=newMeta&inmobi=0
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/ads.celtra.com/890300/58784809/471622dc/web.js?&clickUrl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCT5aav9yvYeipHdzJ7_UP1OKa0AjO9KTyZtiKo6_dDp2Sg5KgJRABIMHOgR9gu4aAgNAKoAG_puefAsgBCakCL-GjrY40tj6oAwGqBPgBT9Bv-OzB1t0gLrWfw7IC1xaCfi9fZyq4dCv6TMx_gn4MiE_6QbFAYG4ug8NxEWsmQB0yXmtuIw0iNaGrv9UXdz0xnTIBDTI6HiBuEpczH1yxhtq39SYx-N4RYugPtH2qYyrABIuq8LINpMAmLevX3ZdLFgOpuPfQAZzd8i2VekygJJUEaC81zpcgAVYcWgDsqm5Cx_F_TzYXMzlIsWF9kXLSCwyHy0_QjDxpywLqOyFGEJ5GBDt24oMQ7wbceeapg9_mviiBx1dGl8wArj7Q0rmjE-xh1cKYT_hbtVW8X7Eu9SE50UAe5X0Vogy8ctvUhDP9JVIWp1XABLWF1cnkA-AEA5AGAaAGTYAHqdmY4AGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTQzMzA0ODc2NDUzNTkxMTKACgOYCwHICwGADAGwE6WCxQ3QEwDYEwrYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRo60h0iYbLGZIy8MmPv7v40g%26sig%3DAOD64_1mVsUMmo0ZU1IP8Mjp_wBBKSRrHA%26client%3Dca-pub-2577219840435371%26dbm_c%3DAKAmf-BfaHe1yqm-Dbe3pREz3MfTrGKfgmxKFbvu69EHd_xt27b0shamw_Mck9r5lIwNUjUdMm-DSjXfuCLbLsyoIGcVXoOVHokIx5hKKoAGjHPe5ajJGynxkOeNV7q4UZ180wgXYKOfuHqu8mc1S1zRkGr6pQ9y3g%26cry%3D1%26dbm_d%3DAKAmf-BY8ZYICPM1xYgmq9zL7Bs6YRoWswofnX-7JAPA8CjfCtXrRkKSBHgqGDoxyfh0R45p8RIFEk5EKobT0nyLD-3-4BZ4rW5rLMmJ0xWdWccQ6iL-4RHpjxxEoHx8PHrY551-z-iNsnhuuRGa7wPjkgtASh7WHsHUBDdJuixs7IOoHPpl62Gf-M8GL9OJ-n6zUGn3k6H4UlH1fAj7bCUx-_bhQiKwVhoCRKkHIFSubcfoPv4NqRo-f5FxlHXFMtnCu7jqz_gBlK_gc2QOy9grOIEfdbvQf-EtpygKH7o5ewHIYWjNLJmoqOg3SRw8zHk5TRUPHUMTLjcnwa2UzVmgh3gGVWTnM_VeSBEIqZoauRGit4Iqup_rBZqWRhttWC2mhvCg2Rf4iJCbSKnms1jaZx09oz0X06JOGhcpLG7ykvjGHqjjA-OJYk36s1B8f2JccrEpUVDCkqqEybJIiYr7ebJLkaG49uo6pXiu66usAot40AyuVZE%26adurl%3D&expandDirection=undefined&preferredClickThroughWindow=new&clickEvent=advertiser&externalAdServer=DBM&tagVersion=html-standard-7&eas.JHtDUkVBVElWRV9JRH0%253D=395048052&externalCreativeId=395048052&externalSiteId=202457267114&externalSiteName=https%3A%2F%2Fwww.hellooha.com%2F&externalSupplierId=1&externalCampaignId=15442583423&externalSessionId=ABAjH0jBXCMtqjEX0N7NbUyRwP0y&externalBundleId=&dbmExchangeID=1&externalAudienceIds=&dbmPixelIdComma=&externalLineItemId=15442583423&scriptId=celtra-script-1&clientTimestamp=1638915264.083&clientTimeZoneOffsetInMinutes=0&hostPageLoadId=34383170104226113&adsafe_url=https%3A%2F%2Fwww.hellooha.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:90a9f9de-9334-0346-c891-27cd50a4f503,c:w9sDTI,sl:na,em:true,fr:false,thd:1,mn:app24ie,rg:ie,pt:1-5-15,br:c,abv:na,an:n,oam:0,nbld:0,mtim:4,fm:sQWRqsh+11%7C12%7C13%7C14*.890300-58784809%7C141%7C142%7C143%7C151,idMap:14*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:0,rend:0,renddet:na,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:rjss,et:18,oid:08d9fafd-57ab-11ec-bb95-02cb850ca5c2,v:19.8.270,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 1732be15d4d13843321771eb3d44a3d2ebf2751e4334ef000f051c58caa1dece

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 09:01:05 GMT
content-encoding: gzip
age: 47599
x-cache: Hit from cloudfront
content-length: 155165
access-control-allow-origin: *
server: Apache
etag: "9d719859de0d03604bc33803338be72c61ee2ec4e59d259159e2a80dfd533e27"
vary: Accept-Encoding
x-varnish: 11468811 1212453
via: 1.1 varnish (Varnish/5.0), 1.1 7463e2e784b132604afa3cd91a5d39a3.cloudfront.net (CloudFront)
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: iJlQ0ly748RNJpnIKCzl7Ve1opzZJHm0r4U31pIf07C1UmWPXaV0iw==

GET
DATA 200
OK truncated
/ Frame 88ED 167 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d26432e661658ef9d3d538b1f71b1478193f6c141f1cd7dfed03e5b677d178c2

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK 5b209135-831b-4c4c-a83f-2ce0aec2652a
https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/ Frame 88ED 167 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/5b209135-831b-4c4c-a83f-2ce0aec2652a
Requested by: Host: 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
URL: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d26432e661658ef9d3d538b1f71b1478193f6c141f1cd7dfed03e5b677d178c2

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length: 167
Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5385 0
20 B 77ms
76ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BuvrowNyvYaPmAY753gP8rrSwBwAAAAA4AeAEAg&bg=!ZmWlZSHNAAaQHwIOkB87ACkAdvg8Wpfdz9QnK97j2_TJy0M4qM6fzbmShNeBggvOj9GHMOlIJKzlvAIAAACVUgAAABNoAQcKAFOgbgvi3vXYPqyRj5mHWAIWIysCk_XYytL7dHEt2v5_7JoONbOegQU2AaQay0a7aa2hQAoqA26DzK7ltyn5n_7CzQvpufU5hA3pS3XyIUdEB5E9rpkC_og5ohKoY6KF7YIGKWMQVtbd0c3yo-NnLlE6NgB3vgfaTjbEAFtEu6lUCFjYMz44dPN_IQmcp1AvMPMqw-97d1kMksNMrdDJEeuyVuMe5A8evvhl7wiWRrrIObnt9-2CPlie3Np5DH9ByWC4OwbsUZ0RSkbKbPKpv8wgvz_c27li24TUhN9UXumHKnCy78AlqOg6M3cSGovYZhp-TIiT9-LZw7ZX4ZDnl2oT4Cjq5S7a-fceo3eu94DpELZCokFQypuSIntH1QmglFBvdsVJ86BF1-3NsjkGLUH3gt-Iy8P4DRcCdS-iqcrFHSFS7Tjl_fBsNZw2tFTBUR53GySLgw5pPlBpoavXdiO4TYkNL74EeZjljd9TzhsfJRjOIH5yHre5_bckrByWngu9OwRm6EKNAHkbiU8qMvZm0C7rgTB5CqGPDigjrLDovGn0lgQV7_cyNPzrQKrEDoJ5TL6cshgyoorx6XjCeWK3NqAIQ0gOoANsM6nz7DNn608VQwiszMg7jkyEkkuv1NVA8xMipgzVv-66Rm-osLjXWzvLlLlN7eALBqsZbVd4_tQLMdn31_Lg3U6EeQTNGrCxW0BezN4dXcMC7nQLY5TIyWRFiFNoksJMYi70fJYFGW8tpSYRyjf_hDTd5tqD6xJvq7GwT9uCAaZqDB6Q_0ezEkJwDSwpYTQsbjd8bQSWkC88_1E8PYG5vwoMtAGWrOabB_7RApJB206PCAiUJ4Cojcp1mE_UTocIg646kW7H6liZVTi72RAaaDIPLb61NNuXKePWz5Ea5K0eRuR30FMuDZPQMVO3iRqYIhmT-bKXbZW-okplTjy1MEkoH7_cJ_HnYz0ab0p7v1uzPOUd_gXeHfuZfm_Dt_-b5QRomHGGKsmvQTOqcaVutmlhN3b7jlx-M18UX9u5sS7VlcqqDn6ADrpvoV0BqPh8l6qOXkSwAw0gj_n_zoU7Fai70ob3QQ_3ZzRewzcsYNiUOCFUQpPgW6MII19pgJgz8R74EH2vWU7WTNI

Requested by

Host: 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
URL: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8866 0
20 B 78ms
77ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BXi1mwNyvYe7hApTH7gPFnbLYAgAAAAA4AeAEAg&bg=!zs2lzYnNAAaQHwIOkB87ACkAdvg8WpdMAhUOffy9rQED6ltx496NnVDuq7Il2se9KySuAnAQesjSNQIAAABnUgAAAApoAQcKAFu2nRFhS0kwCfhlpfSGQHcagagBl-2uaZKXaB8shKQELqXKARe3okxXL0zaWTWiwPnUlUvWG5vVMrHXRtAVXAPAwvny4Slrs964p5VVEPI8Ljrk1ruukxDfmjsXmQMQ-sg7l8p9qQ_uYwavuaL3cAgpybDCJzvsEec1dYiT-wYcsOeZZCpIOZft4wj0fRMnnAsz8P3nvQJYDsa73N2mzi1AHFSTnvCLbArORHfXPr8C5999n_nf9f2yroASESsGte2n4n4aKSgSSAGpEt2t3j8WNXv-D-fvHFGCO4ZujAWtrgI73ucyWoRiXE_1DhWJRU20ereE_emq30hYDFq1DczjRIC1dH1jRxl2a9YU1y3gLPPzDXD5JoHbAOltV0nTMzL-99O8wcSD7aBh5ZdAhsHrgORX5r2FashJIQ9LEfk_Lq9Mapno5oqFzvdiXKjwS8AzjYWI0wOZoqohcwss-hHfnPtMDh_JADUZb8D2WsFHTA1g19Wxltw43-U9BLKrOEnUznBA8Bp_d4KCQfN7DZKGqA_7DeyUVpwXwptKOvz34_991Qr7zdzTRIoRUrwHV3yMwnn7xwnM9j22vK-eCzD9WkUGsnfijo7EmR9PcbZg0lBXMG3wfjpHYbVOP8LCLGgTej3kawfuKnpEDUa6ksxuW_AyyBeTCuYcumpAfdjTp_gYca3jlLXgIBqWcc7upAiRMDR8XRN4UHoE07gEf74ypHLNohM8Yx3Nbx9Vc2S_4P7QpJi9pVVTmZkZ-ptkKoL4T1XEiVlFP06HEgUm3qLoeXR58xhjq8rtQOv-Osh_u91e95Tn0SdPJRl9g-l1TJ5Bc7uPR84Y5dmcArcDiU9vaMzKxFXLaplbzbiKqNbnhd7Tsw4-UD2TZ3Id1h7QCiJu5TeJO436ap5BfvpJHJCyzrqtI0cOeVK9SmA_jr_iF13-l1nggDXVig5sWVklZlDZt0H1V9jF1FcvvduF2gNEnYJ9tBSpZUuzfBQ1q7JgRra-llKN3ce6sQui-v4ghi11B5Ua8WbkM1v3Yet-Kh7fkETCbkqi84CUmnF6mGw0jcAlqJo3msbdH5kQRD0Va211vCANA_5IVmNtXZbepcIjL2IaR8iGwoeKAmsm9yZfl7rxdATOsMF6l0B3iuaRWacDEYzzeQgdX-PZm8wpWg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 events Show response
api.permutive.com/v2.0/batch/ 101 B
179 B 37ms
37ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=40da2992-202e-46c3-bd6d-d27455ebb9ca
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: c1e8b47c62be8435dd301fcc7e857f2ea2a88bfb518314fc8bf37b8b979693a4

Request headers

Referer: https://www.hellooha.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 07 Dec 2021 22:14:24 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: https://www.hellooha.com
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: clear
content-length: 111
via: 1.1 google

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 619E 0
0

GET
H3 200 container.html Show response
9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C2D9 6 KB
3 KB 41ms
40ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 07 Dec 2021 22:14:23 GMT
expires: Wed, 07 Dec 2022 22:14:23 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 45ms
45ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CHOUEIRIGROUPDFP_PREBID_HEADER1&hp=1&zMoatAdUnit1=Hellooha&zMoatAdUnit2=Homepage&wf=1&ra=3&pxm=2&sgs=3&vb=3&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1638915262033&de=184462548680&rx=439159463936&m=0&ar=8ab009d7785-clean&iw=41a656a&q=3&cb=0&cu=1638915262033&ll=2&lm=0&ln=0&em=0&en=0&d=38317631%3A727636631%3A1304154191%3A138237668598&cm=1&zGSRC=1&gu=https%3A%2F%2Fwww.hellooha.com%2F&id=1&ii=4&bo=Hellooha&bd=Homepage&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=choueirigroupheaderdfp445340272806&fd=1&ac=1&it=500&pe=1%3A676%3A676%3A1642%3A764&fs=196017&na=369164657&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:24 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 07 Dec 2021 22:14:24 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 88ED 43 B
215 B 115ms
115ms Image
image/gif 18.207.27.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=890300&asId=90a9f9de-9334-0346-c891-27cd50a4f503&tv=%7Bc:w9sE2G,pingTime:-10,time:573,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ni4wLjQ2NjQuNDUgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1638915264757%7C%7C56fbb27599d61f8e87dd4a5950a83f48%7C%7Cb4088f046bf9a570f2964ffc86d258ff%7C%7C065ada428afe2933c975b34d63ac8d44%7C%7Ccea3f03e13254de23cded341b84ff53b%7C%7Ca3e2230db6dfd2ac8a1065bd5c284580%7C%7C3b51a7cf636f85ccdcee1e95601be9f2%7C%7C5728f908d9dd4238fe19df5921c2414b%7C%7C1629390669%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.207.27.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-207-27-110.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:24 GMT
x-server-name: dt07.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 140B 640 B
316 B 52ms
52ms Document
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CK_PCBDdhLiuAhiu-pK7ATAB&v=APEucNULkOnmznQBse37REJW2RRkAOLY6BwUlTY4LlSGzn0PqRoGA_nkS46-CGcFQG7aSXuh37FVTzVhJd9skJVLvYxLfj0YQxnwZ_pCo6rrcqi7PaazLZQH2YKw1K9652NviCxjcWgioGRiouuALvd8Tw53vQi4H-QApmVEp05IPdr-9Q54Fyc

Requested by

Host: 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
URL: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 07 Dec 2021 22:14:24 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C2D9 24 KB
14 KB 77ms
77ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CkH7uXiL37NM6BwATLokwLjSHBpsuQj2flyRL9QKZFEGlHrTNVJJolSARohdjeMgxam9Ua6CkUpdhvYfs66OIlwZr_7vl2m70VYv4FEb8sqhnEfWQyntF7jTS77fbUeHCKdg7oRSczZhZCVjfhQEERjviXYQ&cry=1&dbm_d=AKAmf-DEoSxJE8Jb_YsIuvZ3IvobNGMZ4N-I3avonyIUtatUUrRxHwnFZsfRDHr7b__rlM1UrVCoDRXp-012o2fUh7tMZQncZprRdMcJAsSyXVwXQNz0zSBiRETSzrGZA7oq5pRIbuV_-nm0EZFtK8e_S-_GBbHa8LyCEMuEYUBftQrywYgRgF9TI9poqmE6Rsw3FiCbjHUGLwy8ZofZ-uIYJbnPZFxd0xUO0NEveSB2po44qIuN2tqxwgN7xmGHaCok82dTwnIyjXEADGn6hPKcmt3rFukr6AA5zd8FbtuYncCFQK3LXr1nzn4idVKJtLfeHi43i1THs1fNaTMr3DJZm0PtJs-2HxPVOJYFCJ8iAIntG-s8Asd1dtrEkZ00gbE6S9j1yTfncWuN3a33Q1bCQGJMk1Y0tVN79AVjLhNDp-khoTQRmVFMWveMZoWGG_YxnKDuNYQNWIBVEG3ZbguE0gk81xYeGM0RFI6fRYJWuadc-0AllI_QTv8iDQh1DVAdiS3qN4ChySiwY16nRXUWQ2e4rFkocXMQZMpkhnl0wJLodqQBFPhIPbDhR90XcmHS9_ePeJao6AJ4ImbJDkq2q0A6A5v4PhP6kfga_b4jXpqrBkBxRYxPi-yNmcWaJDJrH9uRFvkuEVd_GT2ABkQQycY6oZ3T8V7KXzi3SyTyOCIBA_bMXpr5kgDkAM0QhngqhqhBuBT8S1Dis91KSmXLPqSlJW_Mv52eHmWzQ8U_eNktXx5ESbaBNXbE4KblxIicRGtl0jpVR3SJwzv1vrkghj90nkN1JQtkahVMv56x_7QBBRmtzORIyow_04WYEriFsCyffEU1kU9Rqy6YvZX6BjsaWUJA5vdxHObVZd1q9Q6WEOONgqrRPvBRj1YNqsiTIZDXsQw4yzqY-cA1S9k4CTdArZd3Ey1AKXkJsVdCxsugXOPVtsV33c4irFTL7rfbFgyoazK5nIWki0mgc3ddg-DWR1mn2ghVkeLx1qApBXgPBr-kFlWDqRfQmuHXDa3J76T1bnO0UKN2aRnCwlr0DfiOTl1BH_AztkZwcO-X1e7GvIqVFT3UDDauFmY_4egYUrTQ8S9A0naJ6opRPZ_HmZaNN1VflqfpmM8w5n6r1NcIWi4YlucKla7IingMzVrgi58gmowAiAOu1wDkbeXmeqYQcRedl5cEJT4pJ0chdPy5BkY67Lw6Bjl16hpQpsSNt6U-MQAkapz3TvAByNdUOEgowf-Km4_GVeath8USXBDwLjdBDr3aJU0a1BRheuZVejC9I9B-0etUlNdYYdWQdX7kGZy78VMUHfM1sACxZyjvSTsUTX0NB45gxewtfNb7OXpb6VxrrANdAEl812GLFEAtdhkfLJ2_vsw6dgQzML4ENByXtwi_5R-mOvZAPfaJ0_O9kk55RMLn-6s2hTHa5w1L7kk8QB7B4QBsE3JSCn1ugl1LXbDdFDr_SVGSJ-2a4ia6YzwsxqC4vqzH73q3wA_EvJyNbb6DOA0K9hkhepDR1xFPS0kWuN9jDpersh5RzQybbv0ebsU4a_6oatM4r3a3pkcLGpuwCLM8eldxBaIacex4IVFDwRS5vFguit0tJ5whncm-hZ_g2zXBFzlT7Zy9NBZpoBwPOtk_4argOa04fyapufh-8Y-oyCrkuzePy91qxIAk-fqn-JojQ71cvPRe13_KLKuymx-o5G5NAdV1Hj_mLUpx9hANG6KgcQGlfHHW3LnWDeUrsmQnSNb6-Cw9jcwpFnijsfmynswSCahFt3vya4dco23qMSBQcPMHgvNpw4aL7nbLiPRy2TF7csLOcxtifFG-7s9TAmmYD3f6kEa__aYNQth1am5egX2JId_0Vl1NehSLbuwFSIhmTCRl0RLBrKUMT3SCQjP06B0NSzd3Ua8qevjyiQ9W2HBgIDs9X6Ix10RKjWm5_pBYu_HlWrawyuNuMzuGp7pjKNSZKm93UkZNF4tb_WRNbIzu1Kt5qod-hjKHA5DevUBlGV1K-Id9e3s1ZCkPsK3CKc_mj0HOgtYqzz_8JoUv2E1Kbr0-qUOZFcsJVimZOQHopVbnpeOIvCXpI4iSnYZHpYsWwLUhx1Vwt3gwiM8C8VUo-4d-kxCppQXz68JMi6QYjwB1yXRNsHtS7ByUG-Tz6F_0GfcTYxE3wS7pRatKbm5topWQxHgf11IMxvW3mO9bPMoTL1Rnx9nx3NbqWZ0OzwDHttvMhNmngzo4K6Vlr6ZVReiM9ZlZgZ6DbRhcgFXZAT0tnobL_B7-4U1rtCdErDXhz0XEAA5XtZZxPJpDNWhu-Lcv249xmt5f5x4qRYEbQ_BQlu4Y5sfVtCqbPMgoFKzUKudMP1psPImQDHBBtDE4ul51O3bNnfU1-qOV0YPgH5nh_9OiqHUz0KPZPmicsFbvnmfS1ad8Kj8MZT-qQg5EhPsGgpD-lY6FUHF3UOHE2L0mogwALbJ9DZNTTY7devdFcYoxjVxA85HaVUA0uyQhmS1x0ze54o9c48JsPJUsvIyMVPQFuMDWi0-HLnHJPQNuxIz_4K_5Tr7cFzAlwy4wEIJo-O340tXoZjEiX4m198uACsJzxI5tN_C1RiZG5-IAIUhyCT3eSW7w2AhggIQNQlkdQDKTern0OetW75njhkHCzFnIJjf6nloyjz1EKmqpdb1tEPHf8eAeBxxAMfjeWt3D6HRQ2L4iHatl-dulX3SdopgcX2Dz00OLHZGp89XA1XWhaag4TgHgfNmJ2skdE0mI3KedOVg40TmtBsK8CwGdi8airm8Z5n99x7dry5Oe_Xoo8jTh1J1AdcHmu_2T8JTP8nqmxNf_J7MypcxF9QzUrFSuFtqUwEYu-lbQBZtS6PEbKQDaP56FdvYvsxt48xmyqKc9Hj7Aaf7b6Mmxss0nUKNVezPyo_8r4Kjjsesz3-zSYJ12bmorc6uyuGCg3eu-YFzNCIK_3iVGF60aSnlOsWFnrGPLJQrysdnNBA9EWXL_BrUiY4hs11-AglbIUG343tRVD8SipqRapcoUyJ3tyYm7oj9bqPtYgqIsCmuJyaZeXOSF9UdHHbFMc15u4tluEJ7auFMwVEirXqMvFAbRKIaEqU7j4pGW_CK0EQis16s6n16WSxnMVbAGhV-9T6Jz-MuYRiCipRXS_VXSAOD8R1x2XciZKgrPqCUvnjkCFcQIrbI&cid=CAASEuRodrALQHoBuqtbDiEicsfwvQ&rfl=1%2Chttps%253A%252F%252Fwww.hellooha.com%252F%240

Requested by

Host: www.hellooha.com
URL: https://www.hellooha.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

44d9484c6e02e2d8f4b47c5f5afe29a8db586e4af0bb7ad13d9a3a04d713bbcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14347
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C2D9 42 B
63 B 74ms
73ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BoptGJW3OOV3ZzsDMlz6PIUB5fuJFNYzrusOgiOhE1pQy2UYwxBgxBHjOZ_jtduvc4LZdmCLbYZ8Usr61aS9Yj8i9uvXDE2_WAF9N8I2YXyCA4qTE

Requested by

Host: 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
URL: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame C2D9 9 KB
4 KB 89ms
41ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
URL: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c45a7b49c14477cd160a83d4ee1fb8c311e12314e042d0647c68bec62f16fe29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 485
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4486
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 19:29:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 07 Dec 2021 23:06:19 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/878020/58502569/ Frame C2D9 46 KB
13 KB 44ms
43ms Script
application/javascript 34.250.155.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/878020/58502569/skeleton.js
Requested by: Host: 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
URL: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.155.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-155-46.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1c5e58dd093b3c02e864c4434006e882e914c86b4279e4de4f288b797d5aeff7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:24 GMT
content-encoding: gzip
x-server-name: app19.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211206/r20110914/client/ Frame C2D9 2 KB
1 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211206/r20110914/client/window_focus_fy2019.js

Requested by

Host: 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
URL: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:13:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Dec 2021 22:13:50 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C2D9 119 KB
36 KB 98ms
51ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
URL: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 07 Dec 2021 22:14:24 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211206/r20110914/client/ Frame C2D9 15 KB
6 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211206/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
URL: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28277814cf8060f9fe40684129799beca6dc209f3b04c72ccde70b93c6c5c15b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 21:21:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3166
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6455
x-xss-protection: 0
server: cafe
etag: 3508882476506594800
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Dec 2021 21:21:38 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 140B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECrArrHLM1PXDGxGn8SRkKI&google_cver=1

43 B
275 B

49ms
32ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECrArrHLM1PXDGxGn8SRkKI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK_PCBDdhLiuAhiu-pK7ATAB&v=APEucNULkOnmznQBse37REJW2RRkAOLY6BwUlTY4LlSGzn0PqRoGA_nkS46-CGcFQG7aSXuh37FVTzVhJd9skJVLvYxLfj0YQxnwZ_pCo6rrcqi7PaazLZQH2YKw1K9652NviCxjcWgioGRiouuALvd8Tw53vQi4H-QApmVEp05IPdr-9Q54Fyc
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.221.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:24 GMT
via: 1.1 google
server: OXGW/16.221.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECrArrHLM1PXDGxGn8SRkKI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 140B 43 B
145 B 103ms
35ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK_PCBDdhLiuAhiu-pK7ATAB&v=APEucNULkOnmznQBse37REJW2RRkAOLY6BwUlTY4LlSGzn0PqRoGA_nkS46-CGcFQG7aSXuh37FVTzVhJd9skJVLvYxLfj0YQxnwZ_pCo6rrcqi7PaazLZQH2YKw1K9652NviCxjcWgioGRiouuALvd8Tw53vQi4H-QApmVEp05IPdr-9Q54Fyc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.221.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:24 GMT
content-encoding: gzip
server: OXGW/16.221.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 140B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEGe0bqRtaW6T5pF6SGjrfmg&google_cver=1

23 B
172 B

128ms
72ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEGe0bqRtaW6T5pF6SGjrfmg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK_PCBDdhLiuAhiu-pK7ATAB&v=APEucNULkOnmznQBse37REJW2RRkAOLY6BwUlTY4LlSGzn0PqRoGA_nkS46-CGcFQG7aSXuh37FVTzVhJd9skJVLvYxLfj0YQxnwZ_pCo6rrcqi7PaazLZQH2YKw1K9652NviCxjcWgioGRiouuALvd8Tw53vQi4H-QApmVEp05IPdr-9Q54Fyc
Protocol: H2
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.6 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:24 GMT
cache-control: max-age=0, no-cache, no-store
expires: Tue, 07 Dec 2021 22:14:24 GMT
server: akka-http/10.2.6
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEGe0bqRtaW6T5pF6SGjrfmg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 140B 23 B
172 B 176ms
68ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK_PCBDdhLiuAhiu-pK7ATAB&v=APEucNULkOnmznQBse37REJW2RRkAOLY6BwUlTY4LlSGzn0PqRoGA_nkS46-CGcFQG7aSXuh37FVTzVhJd9skJVLvYxLfj0YQxnwZ_pCo6rrcqi7PaazLZQH2YKw1K9652NviCxjcWgioGRiouuALvd8Tw53vQi4H-QApmVEp05IPdr-9Q54Fyc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.6 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:24 GMT
cache-control: max-age=0, no-cache, no-store
expires: Tue, 07 Dec 2021 22:14:24 GMT
server: akka-http/10.2.6
content-length: 23
content-type: image/gif

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211206/r20110914/ Frame C2D9 24 KB
9 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211206/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CkH7uXiL37NM6BwATLokwLjSHBpsuQj2flyRL9QKZFEGlHrTNVJJolSARohdjeMgxam9Ua6CkUpdhvYfs66OIlwZr_7vl2m70VYv4FEb8sqhnEfWQyntF7jTS77fbUeHCKdg7oRSczZhZCVjfhQEERjviXYQ&cry=1&dbm_d=AKAmf-DEoSxJE8Jb_YsIuvZ3IvobNGMZ4N-I3avonyIUtatUUrRxHwnFZsfRDHr7b__rlM1UrVCoDRXp-012o2fUh7tMZQncZprRdMcJAsSyXVwXQNz0zSBiRETSzrGZA7oq5pRIbuV_-nm0EZFtK8e_S-_GBbHa8LyCEMuEYUBftQrywYgRgF9TI9poqmE6Rsw3FiCbjHUGLwy8ZofZ-uIYJbnPZFxd0xUO0NEveSB2po44qIuN2tqxwgN7xmGHaCok82dTwnIyjXEADGn6hPKcmt3rFukr6AA5zd8FbtuYncCFQK3LXr1nzn4idVKJtLfeHi43i1THs1fNaTMr3DJZm0PtJs-2HxPVOJYFCJ8iAIntG-s8Asd1dtrEkZ00gbE6S9j1yTfncWuN3a33Q1bCQGJMk1Y0tVN79AVjLhNDp-khoTQRmVFMWveMZoWGG_YxnKDuNYQNWIBVEG3ZbguE0gk81xYeGM0RFI6fRYJWuadc-0AllI_QTv8iDQh1DVAdiS3qN4ChySiwY16nRXUWQ2e4rFkocXMQZMpkhnl0wJLodqQBFPhIPbDhR90XcmHS9_ePeJao6AJ4ImbJDkq2q0A6A5v4PhP6kfga_b4jXpqrBkBxRYxPi-yNmcWaJDJrH9uRFvkuEVd_GT2ABkQQycY6oZ3T8V7KXzi3SyTyOCIBA_bMXpr5kgDkAM0QhngqhqhBuBT8S1Dis91KSmXLPqSlJW_Mv52eHmWzQ8U_eNktXx5ESbaBNXbE4KblxIicRGtl0jpVR3SJwzv1vrkghj90nkN1JQtkahVMv56x_7QBBRmtzORIyow_04WYEriFsCyffEU1kU9Rqy6YvZX6BjsaWUJA5vdxHObVZd1q9Q6WEOONgqrRPvBRj1YNqsiTIZDXsQw4yzqY-cA1S9k4CTdArZd3Ey1AKXkJsVdCxsugXOPVtsV33c4irFTL7rfbFgyoazK5nIWki0mgc3ddg-DWR1mn2ghVkeLx1qApBXgPBr-kFlWDqRfQmuHXDa3J76T1bnO0UKN2aRnCwlr0DfiOTl1BH_AztkZwcO-X1e7GvIqVFT3UDDauFmY_4egYUrTQ8S9A0naJ6opRPZ_HmZaNN1VflqfpmM8w5n6r1NcIWi4YlucKla7IingMzVrgi58gmowAiAOu1wDkbeXmeqYQcRedl5cEJT4pJ0chdPy5BkY67Lw6Bjl16hpQpsSNt6U-MQAkapz3TvAByNdUOEgowf-Km4_GVeath8USXBDwLjdBDr3aJU0a1BRheuZVejC9I9B-0etUlNdYYdWQdX7kGZy78VMUHfM1sACxZyjvSTsUTX0NB45gxewtfNb7OXpb6VxrrANdAEl812GLFEAtdhkfLJ2_vsw6dgQzML4ENByXtwi_5R-mOvZAPfaJ0_O9kk55RMLn-6s2hTHa5w1L7kk8QB7B4QBsE3JSCn1ugl1LXbDdFDr_SVGSJ-2a4ia6YzwsxqC4vqzH73q3wA_EvJyNbb6DOA0K9hkhepDR1xFPS0kWuN9jDpersh5RzQybbv0ebsU4a_6oatM4r3a3pkcLGpuwCLM8eldxBaIacex4IVFDwRS5vFguit0tJ5whncm-hZ_g2zXBFzlT7Zy9NBZpoBwPOtk_4argOa04fyapufh-8Y-oyCrkuzePy91qxIAk-fqn-JojQ71cvPRe13_KLKuymx-o5G5NAdV1Hj_mLUpx9hANG6KgcQGlfHHW3LnWDeUrsmQnSNb6-Cw9jcwpFnijsfmynswSCahFt3vya4dco23qMSBQcPMHgvNpw4aL7nbLiPRy2TF7csLOcxtifFG-7s9TAmmYD3f6kEa__aYNQth1am5egX2JId_0Vl1NehSLbuwFSIhmTCRl0RLBrKUMT3SCQjP06B0NSzd3Ua8qevjyiQ9W2HBgIDs9X6Ix10RKjWm5_pBYu_HlWrawyuNuMzuGp7pjKNSZKm93UkZNF4tb_WRNbIzu1Kt5qod-hjKHA5DevUBlGV1K-Id9e3s1ZCkPsK3CKc_mj0HOgtYqzz_8JoUv2E1Kbr0-qUOZFcsJVimZOQHopVbnpeOIvCXpI4iSnYZHpYsWwLUhx1Vwt3gwiM8C8VUo-4d-kxCppQXz68JMi6QYjwB1yXRNsHtS7ByUG-Tz6F_0GfcTYxE3wS7pRatKbm5topWQxHgf11IMxvW3mO9bPMoTL1Rnx9nx3NbqWZ0OzwDHttvMhNmngzo4K6Vlr6ZVReiM9ZlZgZ6DbRhcgFXZAT0tnobL_B7-4U1rtCdErDXhz0XEAA5XtZZxPJpDNWhu-Lcv249xmt5f5x4qRYEbQ_BQlu4Y5sfVtCqbPMgoFKzUKudMP1psPImQDHBBtDE4ul51O3bNnfU1-qOV0YPgH5nh_9OiqHUz0KPZPmicsFbvnmfS1ad8Kj8MZT-qQg5EhPsGgpD-lY6FUHF3UOHE2L0mogwALbJ9DZNTTY7devdFcYoxjVxA85HaVUA0uyQhmS1x0ze54o9c48JsPJUsvIyMVPQFuMDWi0-HLnHJPQNuxIz_4K_5Tr7cFzAlwy4wEIJo-O340tXoZjEiX4m198uACsJzxI5tN_C1RiZG5-IAIUhyCT3eSW7w2AhggIQNQlkdQDKTern0OetW75njhkHCzFnIJjf6nloyjz1EKmqpdb1tEPHf8eAeBxxAMfjeWt3D6HRQ2L4iHatl-dulX3SdopgcX2Dz00OLHZGp89XA1XWhaag4TgHgfNmJ2skdE0mI3KedOVg40TmtBsK8CwGdi8airm8Z5n99x7dry5Oe_Xoo8jTh1J1AdcHmu_2T8JTP8nqmxNf_J7MypcxF9QzUrFSuFtqUwEYu-lbQBZtS6PEbKQDaP56FdvYvsxt48xmyqKc9Hj7Aaf7b6Mmxss0nUKNVezPyo_8r4Kjjsesz3-zSYJ12bmorc6uyuGCg3eu-YFzNCIK_3iVGF60aSnlOsWFnrGPLJQrysdnNBA9EWXL_BrUiY4hs11-AglbIUG343tRVD8SipqRapcoUyJ3tyYm7oj9bqPtYgqIsCmuJyaZeXOSF9UdHHbFMc15u4tluEJ7auFMwVEirXqMvFAbRKIaEqU7j4pGW_CK0EQis16s6n16WSxnMVbAGhV-9T6Jz-MuYRiCipRXS_VXSAOD8R1x2XciZKgrPqCUvnjkCFcQIrbI&cid=CAASEuRodrALQHoBuqtbDiEicsfwvQ&rfl=1%2Chttps%253A%252F%252Fwww.hellooha.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2da3cec06fc8ccae40077ed49d5eb86f550a110d914ee611611ba688f0fd610c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:11:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 162
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9505
x-xss-protection: 0
server: cafe
etag: 2191309775366055064
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Dec 2021 22:11:42 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C2D9 41 KB
15 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 20:02:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7897
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Dec 2022 20:02:47 GMT

GET
H2 200 arrow.png
cache-ssl.celtra.com/api/blobs/d98e9f2ab223bbd47ecebc7ae8bcda42f58737e1f8e4e1c7d1ad0c1b0264d042/ Frame 19B2 509 B
1 KB 44ms
43ms Image
image/png 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/d98e9f2ab223bbd47ecebc7ae8bcda42f58737e1f8e4e1c7d1ad0c1b0264d042/arrow.png?transform=crush&quality=256
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 3b933069cd1c2fb5812b4e94c0509fee884b7b51666447ea1102428029b49132

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 05:27:29 GMT
via: 1.1 varnish (Varnish/5.0), 1.1 7463e2e784b132604afa3cd91a5d39a3.cloudfront.net (CloudFront)
age: 406015
x-cache: Hit from cloudfront
content-length: 509
server: Apache
etag: "3b933069cd1c2fb5812b4e94c0509fee884b7b51666447ea1102428029b49132"
x-varnish: 101452777 97558664
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: 1JuGx6WuaBe8Pl9ESkQS6gpf2Dshv3AghCvxjm3U_4DsnPqWbWSuew==

GET
H2 200 BG.jpg
cache-ssl.celtra.com/api/blobs/46b57926bbae2b9312912c5294ba7d12676beb6197919d3dff4f5d402d006651/ Frame 19B2 18 KB
19 KB 57ms
56ms Image
image/jpeg 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/46b57926bbae2b9312912c5294ba7d12676beb6197919d3dff4f5d402d006651/BG.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 6a3c2f9bb5a084e1185c2e3281310cc083ab0afb467db53d468b95b4a32bd357

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 05:27:29 GMT
via: 1.1 varnish (Varnish/5.0), 1.1 7463e2e784b132604afa3cd91a5d39a3.cloudfront.net (CloudFront)
age: 406014
x-cache: Hit from cloudfront
content-length: 18683
server: Apache
etag: "6a3c2f9bb5a084e1185c2e3281310cc083ab0afb467db53d468b95b4a32bd357"
x-varnish: 60659539 93620828
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: 5EJxzC7jCHb5TmyugiwEgraT5sejowxbepxiTkmIoQRYLqCxL7G0AQ==

GET
H2 200 CTA.png
cache-ssl.celtra.com/api/blobs/1a0a04bb4eb305c2944b3112c87120d779b65d4b1d3873661ec17d5deacbf41e/ Frame 19B2 1 KB
2 KB 43ms
42ms Image
image/png 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/1a0a04bb4eb305c2944b3112c87120d779b65d4b1d3873661ec17d5deacbf41e/CTA.png?transform=crush&quality=256
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 61cd8cf1888939b4ec5e6413135fe11d628891db9c8484b58e54a2c69f39d2d8

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 05:27:29 GMT
via: 1.1 varnish (Varnish/5.0), 1.1 7463e2e784b132604afa3cd91a5d39a3.cloudfront.net (CloudFront)
age: 406015
x-cache: Hit from cloudfront
content-length: 1230
server: Apache
etag: "61cd8cf1888939b4ec5e6413135fe11d628891db9c8484b58e54a2c69f39d2d8"
x-varnish: 100965397 99750913
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: R9kwYI307lwns2u-GkmFuXV4FpqVXish944WOXE7hI3TllVAaegq2g==

GET
H2 200 LOGO.png
cache-ssl.celtra.com/api/blobs/6eb1459943b1a23a43af4c58eb099644491823f5ab9552b09e115a27c4c3688c/ Frame 19B2 13 KB
13 KB 55ms
54ms Image
image/png 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/6eb1459943b1a23a43af4c58eb099644491823f5ab9552b09e115a27c4c3688c/LOGO.png?transform=crush&quality=256
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 635b6ad86ecdd1177433a2194124586d1cacb118a7baaf14d16335345d5ffe4a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 05:28:38 GMT
via: 1.1 varnish (Varnish/5.0), 1.1 7463e2e784b132604afa3cd91a5d39a3.cloudfront.net (CloudFront)
age: 405945
x-cache: Hit from cloudfront
content-length: 13076
server: Apache
etag: "635b6ad86ecdd1177433a2194124586d1cacb118a7baaf14d16335345d5ffe4a"
x-varnish: 94277222 94277206
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: 4Q3uwM0XtluEK1SudIjdmYEA4EEjvhbKklWiyTkUyjjM0HaiUncd0Q==

GET
H2 200 BB1_TEXT1.png
cache-ssl.celtra.com/api/blobs/a2ae4410f377ebdf7c6d88db20b857dcc099ca8e7e2f9bbb21f81549ac9443d9/ Frame 19B2 2 KB
2 KB 57ms
56ms Image
image/png 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/a2ae4410f377ebdf7c6d88db20b857dcc099ca8e7e2f9bbb21f81549ac9443d9/BB1_TEXT1.png?transform=crush&quality=256
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 7f1d8fef6b4a62e4ae29802a2673ef905726c57e4ec910bd8f389f7eb5950259

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 05:28:52 GMT
via: 1.1 varnish (Varnish/5.0), 1.1 7463e2e784b132604afa3cd91a5d39a3.cloudfront.net (CloudFront)
age: 405932
x-cache: Hit from cloudfront
content-length: 2005
server: Apache
etag: "7f1d8fef6b4a62e4ae29802a2673ef905726c57e4ec910bd8f389f7eb5950259"
x-varnish: 96734116
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: BfgGV7rdwuwdsOHQsWnq9rPNUd48-e0ZKXrrdQv8SQP-86XsQW-2vw==

GET
H2 200 254a8d270f1ec6cc338b78055b179ead7aedecf9eaf1edf1f4f0c48bd6de92e1
cache-ssl.celtra.com/api/videoThumb/ Frame 19B2 21 KB
22 KB 146ms
54ms Image
image/jpeg 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/videoThumb/254a8d270f1ec6cc338b78055b179ead7aedecf9eaf1edf1f4f0c48bd6de92e1?position=50&transform=crush&resize=nullx300&quality=90&colorAccurate=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 59c753ebd1c308c85bfe35b8480e1bd2743c23f32db6001f3895cf8ffe57dcea

Request headers

Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
Origin: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 05:27:29 GMT
via: 1.1 varnish (Varnish/5.0), 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
age: 406014
x-cache: Hit from cloudfront
content-length: 21475
server: Apache
etag: "59c753ebd1c308c85bfe35b8480e1bd2743c23f32db6001f3895cf8ffe57dcea"
x-varnish: 97422097 9597788
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: hi2tlBIlPwZdlwNlFopbHC-30OccVd14whGpQwazL9GNcd1BBACNUg==

GET
H2 200 video_bg.png
cache-ssl.celtra.com/api/blobs/ac3cab58562a44fa1f45624d417ca34d31e88be8b21403ff9c351db65c23cdac/ Frame 19B2 464 B
972 B 56ms
55ms Image
image/png 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/ac3cab58562a44fa1f45624d417ca34d31e88be8b21403ff9c351db65c23cdac/video_bg.png?transform=crush&quality=256
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: bcc59c24f224637485430ab6f1d50211c138e28743791a3326390e5b95f6aae9

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 05:27:29 GMT
via: 1.1 varnish (Varnish/5.0), 1.1 7463e2e784b132604afa3cd91a5d39a3.cloudfront.net (CloudFront)
age: 406015
x-cache: Hit from cloudfront
content-length: 464
server: Apache
etag: "bcc59c24f224637485430ab6f1d50211c138e28743791a3326390e5b95f6aae9"
x-varnish: 92574569 85297860
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: B6MwH0AGUYkVqkrYyZmcBTIPLYKFvZ1oyQcdH_jr4ikYKB72FDO89Q==

GET
H2 200 bf5d2c822713dbf6445c6cb368a584a03b1e484b2091656b410a8dde19a2ac39
cache-ssl.celtra.com/api/videoThumb/ Frame 19B2 19 KB
20 KB 167ms
76ms Image
image/jpeg 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/videoThumb/bf5d2c822713dbf6445c6cb368a584a03b1e484b2091656b410a8dde19a2ac39?position=50&transform=crush&resize=nullx300&quality=90&colorAccurate=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 3eac71d92628867edca73b7a13b855bd454e13b04291e7c47717b39876b49cee

Request headers

Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
Origin: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 05:27:29 GMT
via: 1.1 varnish (Varnish/5.0), 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
age: 406014
x-cache: Hit from cloudfront
content-length: 19788
server: Apache
etag: "3eac71d92628867edca73b7a13b855bd454e13b04291e7c47717b39876b49cee"
x-varnish: 22376526 96445738
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: JgS3Z2CDU_YBqHEyTzIREgVYpLC_yIEucWixQvXgN6tjlA0OySiMMA==

GET
H2 200 c9bce41cfa59507d3fdf9d1dbb32e4d796790ccd20f38678f551885d4ece76a3
cache-ssl.celtra.com/api/videoThumb/ Frame 19B2 23 KB
23 KB 178ms
88ms Image
image/jpeg 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/videoThumb/c9bce41cfa59507d3fdf9d1dbb32e4d796790ccd20f38678f551885d4ece76a3?position=50&transform=crush&resize=nullx300&quality=90&colorAccurate=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: ca7f2218d408268d0c08f681b915618f030da7f9df122c697d337e19ca0dbf4d

Request headers

Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
Origin: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 05:27:29 GMT
via: 1.1 varnish (Varnish/5.0), 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
age: 406014
x-cache: Hit from cloudfront
content-length: 23392
server: Apache
etag: "ca7f2218d408268d0c08f681b915618f030da7f9df122c697d337e19ca0dbf4d"
x-varnish: 97422099 22376467
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: afE_7_IEx11TKzh7Mr9fDjKIBBMIqFYSgLDfY_HOn3NOmteWm1FoBQ==

GET
H2 200 BB1_TEXT2.png
cache-ssl.celtra.com/api/blobs/28fae43d2362c72f33206e8f666e9cce6dbdc7ee52dd838879f3b8ea8c2e5bda/ Frame 19B2 1 KB
2 KB 62ms
62ms Image
image/png 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/28fae43d2362c72f33206e8f666e9cce6dbdc7ee52dd838879f3b8ea8c2e5bda/BB1_TEXT2.png?transform=crush&quality=256
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 2d1fc4f6bc371a811750f097f91d1f168b5985ce5257d456522b1b2572b4bcde

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 05:28:52 GMT
via: 1.1 varnish (Varnish/5.0), 1.1 7463e2e784b132604afa3cd91a5d39a3.cloudfront.net (CloudFront)
age: 405932
x-cache: Hit from cloudfront
content-length: 1299
server: Apache
etag: "2d1fc4f6bc371a811750f097f91d1f168b5985ce5257d456522b1b2572b4bcde"
x-varnish: 47222281
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: 1TkWEJORLNnWrniS0y_wldYGob_sjtPnFva-OS9Dzg_Wmb43QLwpuw==

GET
H2 200 BB1_TEXT3.png
cache-ssl.celtra.com/api/blobs/e19142cfe4f4381d8a7ba8c9f5c1a8d38b5560e39cf2a2992fab2a9d8300c82a/ Frame 19B2 1 KB
2 KB 55ms
55ms Image
image/png 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/e19142cfe4f4381d8a7ba8c9f5c1a8d38b5560e39cf2a2992fab2a9d8300c82a/BB1_TEXT3.png?transform=crush&quality=256
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 5b9bb6fcdb235c80a13f761ef0dca7d8aa5ffb1e265698735b7f3b25d73def74

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 05:27:29 GMT
via: 1.1 varnish (Varnish/5.0), 1.1 7463e2e784b132604afa3cd91a5d39a3.cloudfront.net (CloudFront)
age: 406015
x-cache: Hit from cloudfront
content-length: 1216
server: Apache
etag: "5b9bb6fcdb235c80a13f761ef0dca7d8aa5ffb1e265698735b7f3b25d73def74"
x-varnish: 98635072 98635003
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: JAafmJfYA7kROzzsNUeHUKl183vv7x1OtzF39H7KwqaNQW97yf3cvw==

GET
H2 200 grade.png
cache-ssl.celtra.com/api/blobs/e3913baf3e668840c76a09983b8aa3499ab69d4ab74b39ead67141ae8d69e515/ Frame 19B2 11 KB
12 KB 63ms
63ms Image
image/png 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/e3913baf3e668840c76a09983b8aa3499ab69d4ab74b39ead67141ae8d69e515/grade.png?transform=crush&quality=256
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 1f8409426ca82dfe9d9671da680ca01cdda490796fad1ac4502fb7159409db47

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 05:28:52 GMT
via: 1.1 varnish (Varnish/5.0), 1.1 7463e2e784b132604afa3cd91a5d39a3.cloudfront.net (CloudFront)
age: 405932
x-cache: Hit from cloudfront
content-length: 11284
server: Apache
etag: "1f8409426ca82dfe9d9671da680ca01cdda490796fad1ac4502fb7159409db47"
x-varnish: 81608968
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: 8TYFjOYqATE7PI_6WYPRZSO59wznLUgAStIjxUSZJxv_EoBGqSL1eg==

GET
H3 200 impl_v81.js Show response
www.googletagservices.com/dcm/ Frame C2D9 41 KB
17 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v81.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 09:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 479285
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17189
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 19:28:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Dec 2022 09:06:19 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E39A 22 KB
8 KB 40ms
40ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Tue, 07 Dec 2021 21:44:41 GMT
expires: Wed, 07 Dec 2022 21:44:41 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1783
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 B26709132.317335525;dc_ver=81.236;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=1964084974;ord=nhxwkd;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCNsK-wNyvYc7vHeaL9u8P8JC... Show response
ad.doubleclick.net/ddm/adj/N789069.3848558MATTERKIND2/ Frame C2D9 42 KB
22 KB 172ms
78ms Script
text/javascript 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N789069.3848558MATTERKIND2/B26709132.317335525;dc_ver=81.236;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=1964084974;ord=nhxwkd;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCNsK-wNyvYc7vHeaL9u8P8JCU6AzMvsiBZ5jazsPQDvTCtauuARABIMHOgR9gu4aAgNAKoAHoxPDRAcgBCakCL-GjrY40tj6oAwGqBPwBT9DKH13ZpnAg53JX5fr12VN364OPwk2DPnS-SGmfpLdN7BQRQFpjwTE4j2rDcCB9SUYIzFaTzPAPnJ1ykS-gbABm0Xh7vBLlegAgy38FPcFftRn-k1VPGYLlpIIW9OJ3JGPU3nThyTxXMU5Wh1C1t1rWVkhe_akiRpXK5JN9bdcdJ8liNB32xq1_fw54JMDnhkKXLi4PfTeHh_WAjU93Kpzx3aIe9d0SpsftLOPFzBmONfN79KtThs-pfpBKxWvBc8tQZj0ctZ_Lbg9yt567tmaWrudCcwDSY3nQ00Urj4QfM82oZPX8ntVqqfakxVPUjJGSBkeN7oszgQbtwATXkdu37gPgBAOQBgGgBk2AB4C7j64CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi00MzMwNDg3NjQ1MzU5MTEygAoDmAsByAsBgAwBsBO54cAN0BMA2BMN2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRodrALQHoBuqtbDiEicsfwvQ%26sig%3DAOD64_2GyEmRXdws231fVmWDfW3BAGoJhw%26client%3Dca-pub-2577219840435371%26dbm_c%3DAKAmf-BgK1F8XNJNoiDsjgXozVrym4YYQKWFD5fNbShH4qBPLSz_ScMEWoNCSmEK_r5GIy_COPESmnTsnUeMx3ZOw4ztZGTPVCEwk2yjQlZR-_15OAWpG2QEzlLC73SHI06Zz5n9cjltlW0WYSXlmG2yi_B7BIVpoA%26cry%3D1%26dbm_d%3DAKAmf-A-2xDpN8slqn3y3YPaWJ_-ZjVuXceTPE1TEvGLkqX5kwhY5TBn1lLW1magiD-H-ElJ4YFuw6Y3HMu1g4T_JBoHPAlXQp2h-4mGnxOc1Xc44iIyzZ_0z_XPuyApIP9_UEBJN4gSuFunVpYoWGxPXlYnFw3qti45a8jLKoaPlfWH5Y5CjIx_QPn5iTHbV7JcfUuY28fFhrK5z1LwcOK99OP3QCshOwHL_W4c07vLTFw-xRlULp4BcI1JQkfy2AyeZRnU8zbJE6wYleOoqBT3Ndit-aiM2K0qwUwQARaDwk_B10W9GR1iJmExfkjswi5JPqwTmq8SScx0fXdH3BM7tP6k4ayg8ufd5JYT72tw5-vCUpRyT3zaR84ANdCMNKvYH5sakbZ3iNU9FWBIjmzXoui1v5bIbs0MAh22mJbcm7H1dVdsaMW1rMNbHIKsGInB8eadGJMpnfDVZHKBU7NfnciI-uF26Q%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.hellooha.com%2F$0;xdt=1;crlt=k*Gk8UuaQg;sttr=51;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v81.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

1354c5bb5d2103aacfb1e58c355cb34045f542bd79bb146d1df1829b9370d6c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21672
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ZhD25ev4EfR-XFP19TbfDo9DHcMa9GGM1cDlPvVEM3Q.js Show response
pagead2.googlesyndication.com/bg/ Frame E39A 35 KB
13 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ZhD25ev4EfR-XFP19TbfDo9DHcMa9GGM1cDlPvVEM3Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6610f6e5ebf811f47e5c53f5f536df0e8f431dc31af4618cd5c0e53ef5443374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 19:44:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8972
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13522
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Dec 2022 19:44:52 GMT

POST
H2 200 state Show response
api.permutive.com/v1.0/ 0
87 B 43ms
43ms XHR
text/plain 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v1.0/state?fetch_unseen=true&k=40da2992-202e-46c3-bd6d-d27455ebb9ca
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hellooha.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 07 Dec 2021 22:14:25 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: POST
access-control-allow-origin: https://www.hellooha.com
access-control-max-age: 86400
access-control-allow-credentials: true
alt-svc: clear
content-length: 20
via: 1.1 google
access-control-expose-headers: *

GET
H2 200 arrow.png
cache-ssl.celtra.com/api/blobs/d98e9f2ab223bbd47ecebc7ae8bcda42f58737e1f8e4e1c7d1ad0c1b0264d042/ Frame 19B2 509 B
1 KB 46ms
44ms Image
image/png 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/d98e9f2ab223bbd47ecebc7ae8bcda42f58737e1f8e4e1c7d1ad0c1b0264d042/arrow.png?transform=crush&quality=256
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 3b933069cd1c2fb5812b4e94c0509fee884b7b51666447ea1102428029b49132

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 05:27:29 GMT
via: 1.1 varnish (Varnish/5.0), 1.1 7463e2e784b132604afa3cd91a5d39a3.cloudfront.net (CloudFront)
age: 406016
x-cache: Hit from cloudfront
content-length: 509
server: Apache
etag: "3b933069cd1c2fb5812b4e94c0509fee884b7b51666447ea1102428029b49132"
x-varnish: 101452777 97558664
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: zUnAB1LmF1r8UZlTnowaSa0_cVpQtvPKGiFCpNyZ9FX045NQHZt8ag==

GET
H2 200 BG.jpg
cache-ssl.celtra.com/api/blobs/46b57926bbae2b9312912c5294ba7d12676beb6197919d3dff4f5d402d006651/ Frame 19B2 18 KB
19 KB 47ms
45ms Image
image/jpeg 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/46b57926bbae2b9312912c5294ba7d12676beb6197919d3dff4f5d402d006651/BG.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 6a3c2f9bb5a084e1185c2e3281310cc083ab0afb467db53d468b95b4a32bd357

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 05:27:29 GMT
via: 1.1 varnish (Varnish/5.0), 1.1 7463e2e784b132604afa3cd91a5d39a3.cloudfront.net (CloudFront)
age: 406015
x-cache: Hit from cloudfront
content-length: 18683
server: Apache
etag: "6a3c2f9bb5a084e1185c2e3281310cc083ab0afb467db53d468b95b4a32bd357"
x-varnish: 60659539 93620828
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: GRG6YaizHr4m-KXkMAJfktaoZUoVSODxBMrKooiK3M6hQSG2S8PkWQ==

GET
H2 200 CTA.png
cache-ssl.celtra.com/api/blobs/1a0a04bb4eb305c2944b3112c87120d779b65d4b1d3873661ec17d5deacbf41e/ Frame 19B2 1 KB
2 KB 43ms
41ms Image
image/png 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/1a0a04bb4eb305c2944b3112c87120d779b65d4b1d3873661ec17d5deacbf41e/CTA.png?transform=crush&quality=256
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 61cd8cf1888939b4ec5e6413135fe11d628891db9c8484b58e54a2c69f39d2d8

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 05:27:29 GMT
via: 1.1 varnish (Varnish/5.0), 1.1 7463e2e784b132604afa3cd91a5d39a3.cloudfront.net (CloudFront)
age: 406016
x-cache: Hit from cloudfront
content-length: 1230
server: Apache
etag: "61cd8cf1888939b4ec5e6413135fe11d628891db9c8484b58e54a2c69f39d2d8"
x-varnish: 100965397 99750913
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: YXvM_J-x_KbniEHspp8roL0kdSYoem-VROQtzhh6a21PXR4T1APbdA==

GET
H2 200 LOGO.png
cache-ssl.celtra.com/api/blobs/6eb1459943b1a23a43af4c58eb099644491823f5ab9552b09e115a27c4c3688c/ Frame 19B2 13 KB
13 KB 44ms
42ms Image
image/png 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/6eb1459943b1a23a43af4c58eb099644491823f5ab9552b09e115a27c4c3688c/LOGO.png?transform=crush&quality=256
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 635b6ad86ecdd1177433a2194124586d1cacb118a7baaf14d16335345d5ffe4a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 05:28:38 GMT
via: 1.1 varnish (Varnish/5.0), 1.1 7463e2e784b132604afa3cd91a5d39a3.cloudfront.net (CloudFront)
age: 405946
x-cache: Hit from cloudfront
content-length: 13076
server: Apache
etag: "635b6ad86ecdd1177433a2194124586d1cacb118a7baaf14d16335345d5ffe4a"
x-varnish: 94277222 94277206
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: pCNn83tXZUxfD4laOoCUgznXkbmfmH5-vyQ2ab72fzHDXoffX4-Fqg==

GET
H2 200 BB1_TEXT1.png
cache-ssl.celtra.com/api/blobs/a2ae4410f377ebdf7c6d88db20b857dcc099ca8e7e2f9bbb21f81549ac9443d9/ Frame 19B2 2 KB
2 KB 49ms
47ms Image
image/png 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/a2ae4410f377ebdf7c6d88db20b857dcc099ca8e7e2f9bbb21f81549ac9443d9/BB1_TEXT1.png?transform=crush&quality=256
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 7f1d8fef6b4a62e4ae29802a2673ef905726c57e4ec910bd8f389f7eb5950259

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 05:28:52 GMT
via: 1.1 varnish (Varnish/5.0), 1.1 7463e2e784b132604afa3cd91a5d39a3.cloudfront.net (CloudFront)
age: 405933
x-cache: Hit from cloudfront
content-length: 2005
server: Apache
etag: "7f1d8fef6b4a62e4ae29802a2673ef905726c57e4ec910bd8f389f7eb5950259"
x-varnish: 96734116
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: rmVds8LDSmei4-WmyEZQZf_nRvLa3sgIlbRAUE15v5MT0c6pKG73ZQ==

GET
H2 200 video_bg.png
cache-ssl.celtra.com/api/blobs/ac3cab58562a44fa1f45624d417ca34d31e88be8b21403ff9c351db65c23cdac/ Frame 19B2 464 B
972 B 44ms
43ms Image
image/png 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/ac3cab58562a44fa1f45624d417ca34d31e88be8b21403ff9c351db65c23cdac/video_bg.png?transform=crush&quality=256
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: bcc59c24f224637485430ab6f1d50211c138e28743791a3326390e5b95f6aae9

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 05:27:29 GMT
via: 1.1 varnish (Varnish/5.0), 1.1 7463e2e784b132604afa3cd91a5d39a3.cloudfront.net (CloudFront)
age: 406016
x-cache: Hit from cloudfront
content-length: 464
server: Apache
etag: "bcc59c24f224637485430ab6f1d50211c138e28743791a3326390e5b95f6aae9"
x-varnish: 92574569 85297860
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: TeS_qeUPZJJ7_vTE9mLz5SoPcdfyTW9cg4q0QbWOrgV6jyGv3hJJkA==

GET
H2 200 BB1_TEXT2.png
cache-ssl.celtra.com/api/blobs/28fae43d2362c72f33206e8f666e9cce6dbdc7ee52dd838879f3b8ea8c2e5bda/ Frame 19B2 1 KB
2 KB 50ms
49ms Image
image/png 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/28fae43d2362c72f33206e8f666e9cce6dbdc7ee52dd838879f3b8ea8c2e5bda/BB1_TEXT2.png?transform=crush&quality=256
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 2d1fc4f6bc371a811750f097f91d1f168b5985ce5257d456522b1b2572b4bcde

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 05:28:52 GMT
via: 1.1 varnish (Varnish/5.0), 1.1 7463e2e784b132604afa3cd91a5d39a3.cloudfront.net (CloudFront)
age: 405933
x-cache: Hit from cloudfront
content-length: 1299
server: Apache
etag: "2d1fc4f6bc371a811750f097f91d1f168b5985ce5257d456522b1b2572b4bcde"
x-varnish: 47222281
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: z6vTpzck_w4_s6zMDUGqimp3iMa2V1TXZKbtgDW_ZJP_Cjj5jsJK9g==

GET
H2 200 BB1_TEXT3.png
cache-ssl.celtra.com/api/blobs/e19142cfe4f4381d8a7ba8c9f5c1a8d38b5560e39cf2a2992fab2a9d8300c82a/ Frame 19B2 1 KB
2 KB 44ms
43ms Image
image/png 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/e19142cfe4f4381d8a7ba8c9f5c1a8d38b5560e39cf2a2992fab2a9d8300c82a/BB1_TEXT3.png?transform=crush&quality=256
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 5b9bb6fcdb235c80a13f761ef0dca7d8aa5ffb1e265698735b7f3b25d73def74

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 05:27:29 GMT
via: 1.1 varnish (Varnish/5.0), 1.1 7463e2e784b132604afa3cd91a5d39a3.cloudfront.net (CloudFront)
age: 406016
x-cache: Hit from cloudfront
content-length: 1216
server: Apache
etag: "5b9bb6fcdb235c80a13f761ef0dca7d8aa5ffb1e265698735b7f3b25d73def74"
x-varnish: 98635072 98635003
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: VrybE6J24x49k0gMi48qj8MLnEcN7tihZiSMQilU7aLXsVrNbk3clQ==

GET
H2 200 grade.png
cache-ssl.celtra.com/api/blobs/e3913baf3e668840c76a09983b8aa3499ab69d4ab74b39ead67141ae8d69e515/ Frame 19B2 11 KB
12 KB 45ms
44ms Image
image/png 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/e3913baf3e668840c76a09983b8aa3499ab69d4ab74b39ead67141ae8d69e515/grade.png?transform=crush&quality=256
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 1f8409426ca82dfe9d9671da680ca01cdda490796fad1ac4502fb7159409db47

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 05:28:52 GMT
via: 1.1 varnish (Varnish/5.0), 1.1 7463e2e784b132604afa3cd91a5d39a3.cloudfront.net (CloudFront)
age: 405933
x-cache: Hit from cloudfront
content-length: 11284
server: Apache
etag: "1f8409426ca82dfe9d9671da680ca01cdda490796fad1ac4502fb7159409db47"
x-varnish: 81608968
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: g6fzR2gY1hgis97zx2mKIbhm0poj6lFs7ptuLvmHFKLmpreUNxgZAQ==

GET
H/1.1 200
OK eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjM4OTE1MjY0eGQ3YWE2MmM5ZTBlYzNmeDgyNjczMTk5IiwiYWNjb3VudElkIjoiZTI3M2E4OGYiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIyMTU2NTg5OTU4Nzg5MjIxMiIsImluZGV4I...
track.celtra.com/json/ Frame 88ED 35 B
242 B 196ms
46ms Image
image/gif 18.195.140.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjM4OTE1MjY0eGQ3YWE2MmM5ZTBlYzNmeDgyNjczMTk5IiwiYWNjb3VudElkIjoiZTI3M2E4OGYiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIyMTU2NTg5OTU4Nzg5MjIxMiIsImluZGV4IjowLCJjbGllbnRUaW1lc3RhbXAiOjE2Mzg5MTUyNjQuNzcyLCJzY29wZSI6Imdsb2JhbCIsInVzZXJBZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ni4wLjQ2NjQuNDUgU2FmYXJpLzUzNy4zNiIsIm9yaWVudGF0aW9uIjowLCJ0b3Btb3N0UmVhY2hhYmxlV2luZG93Ijp7IndpZHRoIjo5NzAsImhlaWdodCI6MjUwfSwiaG9zdFdpbmRvdyI6eyJ3aWR0aCI6OTcwLCJoZWlnaHQiOjI1MH0sIm5lc3RpbmciOnsiaWZyYW1lIjp0cnVlLCJmcmllbmRseUlmcmFtZSI6ZmFsc2UsImlhYkZyaWVuZGx5SWZyYW1lIjpmYWxzZSwiaG9zdGlsZUlmcmFtZSI6dHJ1ZSwiaWZyYW1lRGVwdGgiOjB9LCJwYWdlVmlzaWJpbGl0eUFwaSI6dHJ1ZSwicmVxdWVzdEFuaW1hdGlvbkZyYW1lIjp0cnVlLCJ0b3BXaW5kb3dOYXRpdmVSQUZTdXBwb3J0ZWQiOnRydWUsImFsbG93Tm9uTmF0aXZlUkFGRm9yVmlld2FibGVUaW1lVXNlZCI6ZmFsc2UsImNsaWVudFRpbWVab25lT2Zmc2V0SW5NaW51dGVzIjowLCJzdXBwb3J0c0NvbnRhaW5lclZpZXdhYmlsaXR5IjpmYWxzZSwic3VwcG9ydHNDb250YWluZXJJbml0aWFsVmlld2FiaWxpdHkiOmZhbHNlLCJ0YWdQYXJlbnRXaWR0aCI6OTcwLCJ0YWdQYXJlbnRIZWlnaHQiOjAsImFtcERldGVjdGVkIjpmYWxzZSwiYW1wTmVzdGluZ0xldmVsIjoiIiwic2FmZUZyYW1lRGV0ZWN0ZWQiOmZhbHNlLCJmZXRjaFN1cHBvcnRlZCI6dHJ1ZSwiYXNhcEVuYWJsZWQiOm51bGwsIm5hdGl2ZVByb21pc2VzU3VwcG9ydGVkIjp0cnVlLCJiZWFjb25TdXBwb3J0ZWQiOnRydWUsIkludGVyc2VjdGlvbk9ic2VydmVyU3VwcG9ydGVkIjp0cnVlLCJpc011dGF0aW9uT2JzZXJ2ZXJTdXBwb3J0ZWQiOnRydWUsIndlYlZpZXciOm51bGwsImlzV2luZG93T3Blbk5hdGl2ZSI6dHJ1ZSwicHJvdG9Mb2FkaW5nIjp7ImRhdGFMb2FkU3RhdHVzIjoic3VwcG9ydGVkIiwiYmxvYkxvYWRTdGF0dXMiOiJzdXBwb3J0ZWQifSwibmFtZSI6ImVudmlyb25tZW50SW5mbyJ9LHsic2Vzc2lvbklkIjoiczE2Mzg5MTUyNjR4ZDdhYTYyYzllMGVjM2Z4ODI2NzMxOTkiLCJhY2NvdW50SWQiOiJlMjczYTg4ZiIsInN0cmVhbSI6ImFkRXZlbnRzIiwiaW5zdGFudGlhdGlvbiI6IjIxNTY1ODk5NTg3ODkyMjEyIiwiaW5kZXgiOjEsImNsaWVudFRpbWVzdGFtcCI6MTYzODkxNTI2NS4wNjEsIm5hbWUiOiJjcmVhdGl2ZUxvYWRlZCIsInZpZXdhYmlsaXR5MDBNZWFzdXJhYmxlIjpmYWxzZSwidmlld2FiaWxpdHk1MDFNZWFzdXJhYmxlIjpmYWxzZSwidmlld2FibGVUaW1lTWVhc3VyYWJsZSI6ZmFsc2UsImNkblZhcmlhbnQiOiJub25lIn1dfQ==?crc32c=3847974708
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.140.94 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-140-94.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 22:14:25 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjM4OTE1MjY0eGQ3YWE2MmM5ZTBlYzNmeDgyNjczMTk5IiwiYWNjb3VudElkIjoiZTI3M2E4OGYiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIyMTU2NTg5OTU4Nzg5MjIxMiIsImluZGV4IjoyLCJjbGllbnRUaW1lc3RhbXAiOjE2Mzg5MTUyNjUuMDY1LCJ1bml0TmFtZSI6ImJhbm5lciIsInVuaXRWYXJpYW50TG9jYWxJZCI6Miwic2NyZWVuTG9jYWxJZCI6bnVsbCwic2NyZWVuVGl0bGUiOm51bGwsInNjcmVlbklzTWFzdGVyIjpudWxsLCJvYmplY3RMb2NhbElkIjpudWxsLCJvYmplY3ROYW1lIjpudWxsLCJvYmplY3RDbGF6eiI6bnVsbCwiaW5pdGlhdGlvblRpbWVzdGFtcCI6MTYzODkxNTI2NS4wNjQsIm5hbWUiOiJ2aWV3U2hvd24iLCJ2aWV3TmFtZSI6Ijk3MCB4IDI1MCIsImNsYXp6IjoiQ3JlYXRpdmVVbml0VmFyaWFudCIsImRlc2lnblNpemUiOnsid2lkdGgiOjk3MCwiaGVpZ2h0IjoyNTB9LCJhdmFpbGFibGVTaXplIjp7IndpZHRoIjo5NzAsImhlaWdodCI6MjUwfX1dfQ==?crc32c=1446403907
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.140.94 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-140-94.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 22:14:25 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 254a8d270f1ec6cc338b78055b179ead7aedecf9eaf1edf1f4f0c48bd6de92e1
cache-ssl.celtra.com/api/videoThumb/ Frame 19B2 21 KB
21 KB 43ms
43ms Image
image/jpeg 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/videoThumb/254a8d270f1ec6cc338b78055b179ead7aedecf9eaf1edf1f4f0c48bd6de92e1?position=50&transform=crush&resize=nullx300&quality=90&colorAccurate=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 59c753ebd1c308c85bfe35b8480e1bd2743c23f32db6001f3895cf8ffe57dcea

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 05:27:29 GMT
via: 1.1 varnish (Varnish/5.0), 1.1 7463e2e784b132604afa3cd91a5d39a3.cloudfront.net (CloudFront)
age: 406015
x-cache: Hit from cloudfront
content-length: 21475
server: Apache
etag: "59c753ebd1c308c85bfe35b8480e1bd2743c23f32db6001f3895cf8ffe57dcea"
x-varnish: 97422097 9597788
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: BsLiYgp7IVTTlVyojYbj8hGTXVy_ZwTQwFqecopiDp2duMghyWAjZA==

GET
H2 200 bf5d2c822713dbf6445c6cb368a584a03b1e484b2091656b410a8dde19a2ac39
cache-ssl.celtra.com/api/videoThumb/ Frame 19B2 19 KB
20 KB 42ms
42ms Image
image/jpeg 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/videoThumb/bf5d2c822713dbf6445c6cb368a584a03b1e484b2091656b410a8dde19a2ac39?position=50&transform=crush&resize=nullx300&quality=90&colorAccurate=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 3eac71d92628867edca73b7a13b855bd454e13b04291e7c47717b39876b49cee

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 05:27:29 GMT
via: 1.1 varnish (Varnish/5.0), 1.1 7463e2e784b132604afa3cd91a5d39a3.cloudfront.net (CloudFront)
age: 406015
x-cache: Hit from cloudfront
content-length: 19788
server: Apache
etag: "3eac71d92628867edca73b7a13b855bd454e13b04291e7c47717b39876b49cee"
x-varnish: 22376526 96445738
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: U5VwV2jbHp9Tv1SX0_X8bJ56yrdJc0FejkNHAZqBIA-RKOsa5FPnQQ==

GET
H2 200 c9bce41cfa59507d3fdf9d1dbb32e4d796790ccd20f38678f551885d4ece76a3
cache-ssl.celtra.com/api/videoThumb/ Frame 19B2 23 KB
23 KB 43ms
43ms Image
image/jpeg 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/videoThumb/c9bce41cfa59507d3fdf9d1dbb32e4d796790ccd20f38678f551885d4ece76a3?position=50&transform=crush&resize=nullx300&quality=90&colorAccurate=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: ca7f2218d408268d0c08f681b915618f030da7f9df122c697d337e19ca0dbf4d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 05:27:29 GMT
via: 1.1 varnish (Varnish/5.0), 1.1 7463e2e784b132604afa3cd91a5d39a3.cloudfront.net (CloudFront)
age: 406015
x-cache: Hit from cloudfront
content-length: 23392
server: Apache
etag: "ca7f2218d408268d0c08f681b915618f030da7f9df122c697d337e19ca0dbf4d"
x-varnish: 97422099 22376467
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: 5RFJ7QHyPosUdMVJWewfGarHUB6LbfzAGZisZntm3qUAsynYymQbOw==

GET
H2 206 video.webm
cache-ssl.celtra.com/api/videoStream/bf5d2c822713dbf6445c6cb368a584a03b1e484b2091656b410a8dde19a2ac39/vp9_served_720p/ Frame 19B2 576 KB
577 KB 54ms
47ms Media
video/webm 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cache-ssl.celtra.com/api/videoStream/bf5d2c822713dbf6445c6cb368a584a03b1e484b2091656b410a8dde19a2ac39/vp9_served_720p/video.webm?transform=VideoStream&celtraCacheBust=46-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 3d3a43a30c22a50e8369417ee578f24105f590dc823b5757923b48336095aa1f

Request headers

Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 03 Dec 2021 05:27:30 GMT
via: 1.1 varnish (Varnish/5.0), 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
age: 406015
x-cache: Hit from cloudfront
Content-Range: bytes 0-589527/589528
Content-Length: 589528
server: Apache
etag: "3d3a43a30c22a50e8369417ee578f24105f590dc823b5757923b48336095aa1f"
x-varnish: 9597803 18526207
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: video/webm
x-amz-cf-id: a5VBfcjolgVlM1gVE5Vm5tTeqIY172KRZlQ7Q3BZjxDf9v5enx40zA==

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjM4OTE1MjY0eGQ3YWE2MmM5ZTBlYzNmeDgyNjczMTk5IiwiYWNjb3VudElkIjoiZTI3M2E4OGYiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIyMTU2NTg5OTU4Nzg5MjIxMiIsImluZGV4IjozLCJjbGllbnRUaW1lc3RhbXAiOjE2Mzg5MTUyNjUuMDgzLCJ1bml0TmFtZSI6ImJhbm5lciIsInVuaXRWYXJpYW50TG9jYWxJZCI6Miwic2NyZWVuTG9jYWxJZCI6MjEsInNjcmVlblRpdGxlIjoiU3RhcnQgY29weSIsInNjcmVlbklzTWFzdGVyIjpmYWxzZSwib2JqZWN0TG9jYWxJZCI6bnVsbCwib2JqZWN0TmFtZSI6bnVsbCwib2JqZWN0Q2xhenoiOm51bGwsImluaXRpYXRpb25UaW1lc3RhbXAiOjE2Mzg5MTUyNjUuMDgzLCJuYW1lIjoic2NyZWVuU2hvd24ifSx7InNlc3Npb25JZCI6InMxNjM4OTE1MjY0eGQ3YWE2MmM5ZTBlYzNmeDgyNjczMTk5IiwiYWNjb3VudElkIjoiZTI3M2E4OGYiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIyMTU2NTg5OTU4Nzg5MjIxMiIsImluZGV4Ijo0LCJjbGllbnRUaW1lc3RhbXAiOjE2Mzg5MTUyNjUuMDgzLCJuYW1lIjoiY3JlYXRpdmVSZW5kZXJlZCJ9LHsic2Vzc2lvbklkIjoiczE2Mzg5MTUyNjR4ZDdhYTYyYzllMGVjM2Z4ODI2NzMxOTkiLCJhY2NvdW50SWQiOiJlMjczYTg4ZiIsInN0cmVhbSI6ImFkRXZlbnRzIiwiaW5zdGFudGlhdGlvbiI6IjIxNTY1ODk5NTg3ODkyMjEyIiwiaW5kZXgiOjUsImNsaWVudFRpbWVzdGFtcCI6MTYzODkxNTI2NS4wODQsInVuaXROYW1lIjoiYmFubmVyIiwidW5pdFZhcmlhbnRMb2NhbElkIjoyLCJzY3JlZW5Mb2NhbElkIjoyMSwic2NyZWVuVGl0bGUiOiJTdGFydCBjb3B5Iiwic2NyZWVuSXNNYXN0ZXIiOmZhbHNlLCJvYmplY3RMb2NhbElkIjozOCwib2JqZWN0TmFtZSI6IlN3aXBleSBHcm91cCAxIiwib2JqZWN0Q2xhenoiOiJTd2lwZXlHcm91cCIsImluaXRpYXRpb25UaW1lc3RhbXAiOjE2Mzg5MTUyNjUuMDg0LCJuYW1lIjoiaXRlbUZvY3VzZWQiLCJpdGVtIjoxfSx7InNlc3Npb25JZCI6InMxNjM4OTE1MjY0eGQ3YWE2MmM5ZTBlYzNmeDgyNjczMTk5IiwiYWNjb3VudElkIjoiZTI3M2E4OGYiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIyMTU2NTg5OTU4Nzg5MjIxMiIsImluZGV4Ijo2LCJjbGllbnRUaW1lc3RhbXAiOjE2Mzg5MTUyNjUuMDg1LCJ1bml0TmFtZSI6ImJhbm5lciIsInVuaXRWYXJpYW50TG9jYWxJZCI6Miwic2NyZWVuTG9jYWxJZCI6MjEsInNjcmVlblRpdGxlIjoiU3RhcnQgY29weSIsInNjcmVlbklzTWFzdGVyIjpmYWxzZSwib2JqZWN0TG9jYWxJZCI6MzgsIm9iamVjdE5hbWUiOiJTd2lwZXkgR3JvdXAgMSIsIm9iamVjdENsYXp6IjoiU3dpcGV5R3JvdXAiLCJpbml0aWF0aW9uVGltZXN0YW1wIjoxNjM4OTE1MjY1LjA4NCwibmFtZSI6ImN1c3RvbSIsImxhYmVsIjoiaW4tdmlldyAtIFZpZGVvMSJ9LHsic2Vzc2lvbklkIjoiczE2Mzg5MTUyNjR4ZDdhYTYyYzllMGVjM2Z4ODI2NzMxOTkiLCJhY2NvdW50SWQiOiJlMjczYTg4ZiIsInN0cmVhbSI6ImFkRXZlbnRzIiwiaW5zdGFudGlhdGlvbiI6IjIxNTY1ODk5NTg3ODkyMjEyIiwiaW5kZXgiOjcsImNsaWVudFRpbWVzdGFtcCI6MTYzODkxNTI2NS4wODgsInVuaXROYW1lIjoiYmFubmVyIiwidW5pdFZhcmlhbnRMb2NhbElkIjoyLCJzY3JlZW5Mb2NhbElkIjoyMSwic2NyZWVuVGl0bGUiOiJTdGFydCBjb3B5Iiwic2NyZWVuSXNNYXN0ZXIiOmZhbHNlLCJvYmplY3RMb2NhbElkIjo1Miwib2JqZWN0TmFtZSI6IkRFTElWRVJPT19FTkdMSVNIXzEyU0VDT05EU18xOTIwWDEwODAiLCJvYmplY3RDbGF6eiI6IlZpZGVvIiwiaW5pdGlhdGlvblRpbWVzdGFtcCI6MTYzODkxNTI2NS4wODYsIm5hbWUiOiJ2aWRlb011dGVkIn0seyJzZXNzaW9uSWQiOiJzMTYzODkxNTI2NHhkN2FhNjJjOWUwZWMzZng4MjY3MzE5OSIsImFjY291bnRJZCI6ImUyNzNhODhmIiwic3RyZWFtIjoiYWRFdmVudHMiLCJpbnN0YW50aWF0aW9uIjoiMjE1NjU4OTk1ODc4OTIyMTIiLCJpbmRleCI6OCwiY2xpZW50VGltZXN0YW1wIjoxNjM4OTE1MjY1LjA4OSwidW5pdE5hbWUiOiJiYW5uZXIiLCJ1bml0VmFyaWFudExvY2FsSWQiOjIsInNjcmVlbkxvY2FsSWQiOjIxLCJzY3JlZW5UaXRsZSI6IlN0YXJ0IGNvcHkiLCJzY3JlZW5Jc01hc3RlciI6ZmFsc2UsIm9iamVjdExvY2FsSWQiOjUyLCJvYmplY3ROYW1lIjoiREVMSVZFUk9PX0VOR0xJU0hfMTJTRUNPTkRTXzE5MjBYMTA4MCIsIm9iamVjdENsYXp6IjoiVmlkZW8iLCJpbml0aWF0aW9uVGltZXN0YW1wIjoxNjM4OTE1MjY1LjA4NiwibmFtZSI6InZpZGVvUGxheUF0dGVtcHRlZCIsImZpbGVuYW1lIjoiVklERU8xLm1wNCIsInRyYWNrYWJsZSI6dHJ1ZSwidXNlckluaXRpYXRlZCI6ZmFsc2UsImF1dG9SZXBsYXkiOmZhbHNlLCJzdGFydE11dGVkIjp0cnVlLCJ2aWRlb1BsYXllck1vZGUiOiJpbmxpbmUiLCJlbmdpbmVUeXBlIjoiaHRtbDUiLCJzb3VyY2VUeXBlIjoiRmlsZSIsInNvdXJjZSI6ImJmNWQyYzgyMjcxM2RiZjY0NDVjNmNiMzY4YTU4NGEwM2IxZTQ4NGIyMDkxNjU2YjQxMGE4ZGRlMTlhMmFjMzkiLCJsYWJlbCI6IkRFTElWRVJPT19FTkdMSVNIXzEyU0VDT05EU18xOTIwWDEwODAifSx7InNlc3Npb25JZCI6InMxNjM4OTE1MjY0eGQ3YWE2MmM5ZTBlYzNmeDgyNjczMTk5IiwiYWNjb3VudElkIjoiZTI3M2E4OGYiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIyMTU2NTg5OTU4Nzg5MjIxMiIsImluZGV4Ijo5LCJjbGllbnRUaW1lc3RhbXAiOjE2Mzg5MTUyNjUuMDg5LCJ1bml0TmFtZSI6ImJhbm5lciIsInVuaXRWYXJpYW50TG9jYWxJZCI6Miwic2NyZWVuTG9jYWxJZCI6MjEsInNjcmVlblRpdGxlIjoiU3RhcnQgY29weSIsInNjcmVlbklzTWFzdGVyIjpmYWxzZSwib2JqZWN0TG9jYWxJZCI6NTIsIm9iamVjdE5hbWUiOiJERUxJVkVST09fRU5HTElTSF8xMlNFQ09ORFNfMTkyMFgxMDgwIiwib2JqZWN0Q2xhenoiOiJWaWRlbyIsImluaXRpYXRpb25UaW1lc3RhbXAiOjE2Mzg5MTUyNjUuMDg5LCJuYW1lIjoidmlld1Nob3duIiwidmlld05hbWUiOiJERUxJVkVST09fRU5HTElTSF8xMlNFQ09ORFNfMTkyMFgxMDgwIiwiY2xhenoiOiJWaWRlbyIsImZpbGVuYW1lIjoiVklERU8xLm1wNCIsImxhYmVsIjoiREVMSVZFUk9PX0VOR0xJU0hfMTJTRUNPTkRTXzE5MjBYMTA4MCIsInNvdXJjZSI6ImJmNWQyYzgyMjcxM2RiZjY0NDVjNmNiMzY4YTU4NGEwM2IxZTQ4NGIyMDkxNjU2YjQxMGE4ZGRlMTlhMmFjMzkiLCJzb3VyY2VUeXBlIjoiRmlsZSIsInVzZXJJbml0aWF0ZWQiOmZhbHNlLCJzdGFydE11dGVkIjp0cnVlLCJ2aWRlb1BsYXllck1vZGUiOiJpbmxpbmUiLCJ2aWV3YWJpbGl0eVN0YXJ0VHJpZ2dlclJhdGlvIjowLjA1LCJ2aWV3YWJpbGl0eVBhdXNlVHJpZ2dlclJhdGlvIjowLjA1LCJkdXJhdGlvbiI6MTEuOTkwNTMzfV19?crc32c=3702773537
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.140.94 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-140-94.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 22:14:25 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjM4OTE1MjY0eGQ3YWE2MmM5ZTBlYzNmeDgyNjczMTk5IiwiYWNjb3VudElkIjoiZTI3M2E4OGYiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIyMTU2NTg5OTU4Nzg5MjIxMiIsImluZGV4IjoxMCwiY2xpZW50VGltZXN0YW1wIjoxNjM4OTE1MjY1LjEwMiwidW5pdE5hbWUiOiJiYW5uZXIiLCJ1bml0VmFyaWFudExvY2FsSWQiOjIsInNjcmVlbkxvY2FsSWQiOjIxLCJzY3JlZW5UaXRsZSI6IlN0YXJ0IGNvcHkiLCJzY3JlZW5Jc01hc3RlciI6ZmFsc2UsIm9iamVjdExvY2FsSWQiOjUyLCJvYmplY3ROYW1lIjoiREVMSVZFUk9PX0VOR0xJU0hfMTJTRUNPTkRTXzE5MjBYMTA4MCIsIm9iamVjdENsYXp6IjoiVmlkZW8iLCJpbml0aWF0aW9uVGltZXN0YW1wIjoxNjM4OTE1MjY1LjA4NiwiZHVyYXRpb24iOjExLjk5MDUzMywibmFtZSI6InZpZGVvRHVyYXRpb25VcGRhdGUifV19?crc32c=34483445
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.140.94 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-140-94.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 22:14:25 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjM4OTE1MjY0eGQ3YWE2MmM5ZTBlYzNmeDgyNjczMTk5IiwiYWNjb3VudElkIjoiZTI3M2E4OGYiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIyMTU2NTg5OTU4Nzg5MjIxMiIsImluZGV4IjoxMSwiY2xpZW50VGltZXN0YW1wIjoxNjM4OTE1MjY1LjExMiwidW5pdE5hbWUiOiJiYW5uZXIiLCJ1bml0VmFyaWFudExvY2FsSWQiOjIsInNjcmVlbkxvY2FsSWQiOjIxLCJzY3JlZW5UaXRsZSI6IlN0YXJ0IGNvcHkiLCJzY3JlZW5Jc01hc3RlciI6ZmFsc2UsIm9iamVjdExvY2FsSWQiOjUyLCJvYmplY3ROYW1lIjoiREVMSVZFUk9PX0VOR0xJU0hfMTJTRUNPTkRTXzE5MjBYMTA4MCIsIm9iamVjdENsYXp6IjoiVmlkZW8iLCJpbml0aWF0aW9uVGltZXN0YW1wIjoxNjM4OTE1MjY1LjA4NiwibmFtZSI6InZpZGVvUHJlc2V0U2VsZWN0ZWQiLCJ2aWRlb1ByZXNldCI6InZwOV9zZXJ2ZWRfNzIwcCJ9XX0=?crc32c=3156407502
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.140.94 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-140-94.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 22:14:25 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 88ED 42 B
64 B 85ms
85ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsua6wAbRXzEqUAcpivmY6xF2j6l3ZRVIaXWNeJ3AqDxdpt0_NtIVVslu4PGr9-JmewaNOFpi4fVm7om7eQMNd3o9xxKE7EhqP4QfK6afpPrvtoRHQGDcw&sai=AMfl-YRcY7NvHdQYUgIdrPkRKS6CcfId1u1J-m4q_r7MT7QiRDgB3W8umbjeJEKPqUJ9W97QwzAaQ9g2ENQV6FbWVA_w3qQfpsdLSokokCQknmkUw-mtCaGWHKu-3KO1&sig=Cg0ArKJSzPHjOiFVBBI2EAE&cid=CAASEuRo60h0iYbLGZIy8MmPv7v40g&id=lidar2&mcvt=1004&p=130,315,380,1285&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1199704972&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638915263791&rpt=328&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211206/r20110914/elements/html/ Frame C2D9 8 KB
3 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211206/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N789069.3848558MATTERKIND2/B26709132.317335525;dc_ver=81.236;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=1964084974;ord=nhxwkd;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCNsK-wNyvYc7vHeaL9u8P8JCU6AzMvsiBZ5jazsPQDvTCtauuARABIMHOgR9gu4aAgNAKoAHoxPDRAcgBCakCL-GjrY40tj6oAwGqBPwBT9DKH13ZpnAg53JX5fr12VN364OPwk2DPnS-SGmfpLdN7BQRQFpjwTE4j2rDcCB9SUYIzFaTzPAPnJ1ykS-gbABm0Xh7vBLlegAgy38FPcFftRn-k1VPGYLlpIIW9OJ3JGPU3nThyTxXMU5Wh1C1t1rWVkhe_akiRpXK5JN9bdcdJ8liNB32xq1_fw54JMDnhkKXLi4PfTeHh_WAjU93Kpzx3aIe9d0SpsftLOPFzBmONfN79KtThs-pfpBKxWvBc8tQZj0ctZ_Lbg9yt567tmaWrudCcwDSY3nQ00Urj4QfM82oZPX8ntVqqfakxVPUjJGSBkeN7oszgQbtwATXkdu37gPgBAOQBgGgBk2AB4C7j64CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi00MzMwNDg3NjQ1MzU5MTEygAoDmAsByAsBgAwBsBO54cAN0BMA2BMN2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRodrALQHoBuqtbDiEicsfwvQ%26sig%3DAOD64_2GyEmRXdws231fVmWDfW3BAGoJhw%26client%3Dca-pub-2577219840435371%26dbm_c%3DAKAmf-BgK1F8XNJNoiDsjgXozVrym4YYQKWFD5fNbShH4qBPLSz_ScMEWoNCSmEK_r5GIy_COPESmnTsnUeMx3ZOw4ztZGTPVCEwk2yjQlZR-_15OAWpG2QEzlLC73SHI06Zz5n9cjltlW0WYSXlmG2yi_B7BIVpoA%26cry%3D1%26dbm_d%3DAKAmf-A-2xDpN8slqn3y3YPaWJ_-ZjVuXceTPE1TEvGLkqX5kwhY5TBn1lLW1magiD-H-ElJ4YFuw6Y3HMu1g4T_JBoHPAlXQp2h-4mGnxOc1Xc44iIyzZ_0z_XPuyApIP9_UEBJN4gSuFunVpYoWGxPXlYnFw3qti45a8jLKoaPlfWH5Y5CjIx_QPn5iTHbV7JcfUuY28fFhrK5z1LwcOK99OP3QCshOwHL_W4c07vLTFw-xRlULp4BcI1JQkfy2AyeZRnU8zbJE6wYleOoqBT3Ndit-aiM2K0qwUwQARaDwk_B10W9GR1iJmExfkjswi5JPqwTmq8SScx0fXdH3BM7tP6k4ayg8ufd5JYT72tw5-vCUpRyT3zaR84ANdCMNKvYH5sakbZ3iNU9FWBIjmzXoui1v5bIbs0MAh22mJbcm7H1dVdsaMW1rMNbHIKsGInB8eadGJMpnfDVZHKBU7NfnciI-uF26Q%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.hellooha.com%2F$0;xdt=1;crlt=k*Gk8UuaQg;sttr=51;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:07:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Dec 2021 22:07:29 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame C2D9 0
23 B 77ms
77ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstMu74n1RPXmgn3k-eW6ojuHxXVLaJYXLrhdYZfCiHyuLuL6NDLjWq2O_AhoOcmNl3zCwb2zRF1XOVEnCTXn7yJklU2xgebz3QI1mNwops1o0VOeEpEQ_PLq8py0WwYCUfKyrGecJScc7vT6_8yItcE3zbO&sig=Cg0ArKJSzFM0Z1X1d8zrEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211206.53858&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 22:14:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 6459849514400331582
s0.2mdn.net/simgad/ Frame C2D9 28 KB
28 KB 43ms
42ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/6459849514400331582

Requested by

Host: 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
URL: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dba4e5bf9e449b681b2da922fa4bcb98cd480826c80be8039a962945513061c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 05:02:40 GMT
x-content-type-options: nosniff
age: 407505
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28616
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 20:19:25 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 03 Dec 2022 05:02:40 GMT

GET
H2 200 main.gr.19.8.270.js Show response
static.adsafeprotected.com/ Frame C2D9 187 KB
60 KB 67ms
67ms Script
application/javascript 2600:9000:223f:7800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.270.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/878020/58502569/skeleton.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:7800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 255d7536bc23ccf8c9daaffa1e8985fad893b4a6e879989d4a743cef3a14a234

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:41:19 GMT
content-encoding: gzip
age: 1297987
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 22 Nov 2021 21:26:13 GMT
server: AmazonS3
etag: W/"97555862abc91b6f26be3ae590ed242e"
vary: Accept-Encoding
x-amz-version-id: SdE4MbHi75sePjhKKdXAKekDupsz0WTg
via: 1.1 0afa2d721972ae312ad1dd54e47c43cb.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
content-type: application/javascript
x-amz-cf-id: olxKIZDm9B4PJQa2t-D8uUwT9s2zxNa1l1qSutv1ElE_1KH2ppxLng==

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5C48 1 KB
749 B 45ms
44ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
URL: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 07 Dec 2021 05:53:44 GMT
expires: Wed, 08 Dec 2021 05:53:44 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 58841
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame C2D9 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7051f61bc57372c581e289e3a6f5ec3c785785ed1af632f3c8dc3c7afac037ce

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 38E0 22 KB
8 KB 41ms
40ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Tue, 07 Dec 2021 21:44:41 GMT
expires: Wed, 07 Dec 2022 21:44:41 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1784
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C2D9 0
20 B 74ms
73ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodarir&v=30&d=1&s=1&f=0.01&bgai=B_IoHwdyvYdv_BLvb7_UPpuSzgAUAAAAAOAHgBAI

Requested by

Host: 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
URL: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 45ms
44ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAdUnit1=Hellooha&zMoatAdUnit2=Homepage&wf=1&ra=3&pxm=2&sgs=3&vb=3&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2F9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&i=CHOUEIRIGROUPDFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-mix2djWwZ10QbMk%2BqjMratT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-5ZHC8H1EcAEJWg%3D%3D&sc=1&os=1-2Q%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&qr=0&url=https%3A%2F%2Fwww.hellooha.com%2F&pcode=choueirigroupheaderdfp445340272806&rx=439159463936&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&rm=1&fy=155&gp=1050&zGSRC=1&gu=https%3A%2F%2Fwww.hellooha.com%2F&id=1&ii=4&f=0&j=&t=1638915262033&de=184462548680&cu=1638915262033&m=3189&ar=8ab009d7785-clean&iw=41a656a&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=1050&lb=6414&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=60&vx=60%3A-%3A-&pe=1%3A676%3A676%3A1642%3A764&as=0&ag=52&an=0&gf=0&gg=0&ix=0&ic=0&ez=1&aj=1&pg=60&pf=0&ib=1&cc=0&bw=52&bx=0&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=104&cd=0&ah=104&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=38317631%3A727636631%3A1304154191%3A138237668598&cm=1&bo=Hellooha&bd=Homepage&gw=choueirigroupheaderdfp445340272806&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&tc=0&fs=196017&na=247925818&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:25 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 07 Dec 2021 22:14:25 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame C2D9 0
23 B 77ms
77ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 22:14:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E39A 0
20 B 79ms
79ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B3QEewNyvYfrJMI7Yx_AP8NCK6AsAAAAAOAHgBAI&bg=!lZalltLNAAaQHwIOkB87ACkAdvg8Wo8vwn8u9Yku4COy6JOXhkd2YvK4N-ipFoPB1fNRiXQIU7mhYwIAAACMUgAAAB9oAQeZAw3C9Z_eHAdcw5XKw8OXVZ9EGTCXDjKqdJob0TM4sM5RwUO32bgf_rggqdsXtMSP7yRdcZSKs-gTF0_4LTqw69YNIZqqP6Fmxh8Vjo4HihtPwfx0Sh9nJPO62296xNtvx7oS_kA7FL5xCMP_WT4tTF6WlxzrSJtpEywMBwekpa2WG7liKYsuAjWt_QuSKhdZHOMxCm6D104bcOSWQwrb7-S4uL4qCKyT1gle2eZTFHQNph1avisBoonl349lN1BU2X3pV76mzvU77-RGSBuFeVVInm36fByhoDwUuPppqafKODsvxF6dvc3WkzObcAE5Chw-zC4BIfgKjvjMpcm8TbnlACkKJyLBFcnuUjzeCVUd8CQJNPm6Pnf8hB4TcDzlxYD57NvYiVl--Xl4FBR5c8O60LRvTiel01Az079sISNfWfMh2FyyE9HlSMftKnlqlqLIMmWgtgm16yI_Qng2dGR4vIn65swZUXUvQOjrnMt6dY8Ej7zyPnpqhLjevnLHt8FvL_3te5HhJf0PQ0xhCBRRuL1_Ws0s1VEjh3OOturKXBHWfMn1BYnZNcFuzF5wk7i8ZC7QixlKVNERueZT-RwH8bqos-VlX4hKBwclqn-vOVutMA5r7xun34dPWs8MK96IC1scHwHg3p5vlaWRqL0KwGlqpzqCcS-fJn6cDTlPD2dpCvpBpkMJbqcc1I-QcwTuPnDaV4Ej19JjR3O4bbHCrwPFZz7_vzOvtu9kpI79NJJYY8nkCULSoJ7Ewp3sryzcA4KztpBG-PbvhJYUqL15mPhIYHNZlPPXZSbNFFvvA1DtN3lS6L2QRPXCZEXl3L2PheHAOyuptyA8hwPzL4NhMWQbelwuVpHnmcP31A0jg1wLFThuJAdKRJu0BJVtqbvQ7rZ_DgiFG7iSiw7YN4PxzeOQNXEMEW5UdZ--IN5R2hf4R2lWa58b9-E4c-wWYV2zCHuDcASJFbUHiC7fdj_Y7uDSXTO9EEIMTIkJIsEYAP4iqHfLtWbkSqTKQLYUrX5Cg3FlnKzbTyFEPrzl

Requested by

Host: 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
URL: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjM4OTE1MjY0eGQ3YWE2MmM5ZTBlYzNmeDgyNjczMTk5IiwiYWNjb3VudElkIjoiZTI3M2E4OGYiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIyMTU2NTg5OTU4Nzg5MjIxMiIsImluZGV4IjoxMiwiY2xpZW50VGltZXN0YW1wIjoxNjM4OTE1MjY1LjI1LCJ1bml0TmFtZSI6ImJhbm5lciIsInVuaXRWYXJpYW50TG9jYWxJZCI6Miwic2NyZWVuTG9jYWxJZCI6MjEsInNjcmVlblRpdGxlIjoiU3RhcnQgY29weSIsInNjcmVlbklzTWFzdGVyIjpmYWxzZSwib2JqZWN0TG9jYWxJZCI6NTIsIm9iamVjdE5hbWUiOiJERUxJVkVST09fRU5HTElTSF8xMlNFQ09ORFNfMTkyMFgxMDgwIiwib2JqZWN0Q2xhenoiOiJWaWRlbyIsImluaXRpYXRpb25UaW1lc3RhbXAiOjE2Mzg5MTUyNjUuMDg2LCJmcm9tIjowLCJ0byI6MC4wMjQ1ODQsIm5hbWUiOiJ2aWRlb1BsYXllZFNlZ21lbnQiLCJtdXRlZCI6dHJ1ZSwiZnVsbHNjcmVlbiI6ZmFsc2UsImdhemUiOmZhbHNlfV19?crc32c=1845876058
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.140.94 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-140-94.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 22:14:25 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET /
google2waycm.netmng.com/cm/ Frame 5C48 0
0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 5C48
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEGszdS_08ThzTTmpGBnmlOU&google_cver=1&google_push=AYg5qPJMVYN2CXtQ62PxM-KqsR3sjJ26GIP3f_a4R0ej4ve3unB57bcISF0OTg2_jLkUPhzLM1pKecif6MXlMRLRxKk0k4BROVRS&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGszdS_08ThzTTmpGBnmlOU&google_cver=1&google_push=AYg5qPJMVYN2CXtQ62PxM-KqsR3sjJ26GIP3f_a4R0ej4ve3unB57bcISF0OTg2_jLkUPhzLM1pKecif6MXlMRLRxKk0k4BROVR...

43 B
411 B

237ms
236ms

Image
image/gif

2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGszdS_08ThzTTmpGBnmlOU&google_cver=1&google_push=AYg5qPJMVYN2CXtQ62PxM-KqsR3sjJ26GIP3f_a4R0ej4ve3unB57bcISF0OTg2_jLkUPhzLM1pKecif6MXlMRLRxKk0k4BROVRS&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJMVYN2CXtQ62PxM-KqsR3sjJ26GIP3f_a4R0ej4ve3unB57bcISF0OTg2_jLkUPhzLM1pKecif6MXlMRLRxKk0k4BROVRS%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:25 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6ba11b5a4d060e22-MXP
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:25 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 272
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6ba11b58ca920e22-MXP
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGszdS_08ThzTTmpGBnmlOU&google_cver=1&google_push=AYg5qPJMVYN2CXtQ62PxM-KqsR3sjJ26GIP3f_a4R0ej4ve3unB57bcISF0OTg2_jLkUPhzLM1pKecif6MXlMRLRxKk0k4BROVRS&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJMVYN2CXtQ62PxM-KqsR3sjJ26GIP3f_a4R0ej4ve3unB57bcISF0OTg2_jLkUPhzLM1pKecif6MXlMRLRxKk0k4BROVRS%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 5C48 70 B
264 B 42ms
41ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESENKH8j_n6cykRPzrGPqjOEw&google_cver=1&google_push=AYg5qPLHRfFcWyKJNQ05qRC8gNZ-GaIrjScisofKzMWXjyt_aPqJjXpA9UfjxB6vSffY3-fikldl4PyS4yCgYK_dmiwkEcVLYP_h
Requested by: Host: 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
URL: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:25 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5C48
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEDfFLfHeot6NJ744jz7I7mM&google_cver=1&google_push=AYg5qPIlQQ8dB5CT5TB9fI2QJkK17ao1EdIlc795roQiR77NCoqTiKXQMdP2fTGkqx-2OIoJ2bSutK8opBS...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPIlQQ8dB5CT5TB9fI2QJkK17ao1EdIlc795roQiR77NCoqTiKXQMdP2fTGkqx-2OIoJ2bSutK8opBScOFE-7GN88S3wj4I&google_hm=1t4uIJe2Rwisz2dTxM1LOtY

170 B
188 B

51ms
50ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPIlQQ8dB5CT5TB9fI2QJkK17ao1EdIlc795roQiR77NCoqTiKXQMdP2fTGkqx-2OIoJ2bSutK8opBScOFE-7GN88S3wj4I&google_hm=1t4uIJe2Rwisz2dTxM1LOtY

Requested by

Host: 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
URL: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:25 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 302
p3p: CP="NOI DSP COR NID CUR OUR NOR"
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPIlQQ8dB5CT5TB9fI2QJkK17ao1EdIlc795roQiR77NCoqTiKXQMdP2fTGkqx-2OIoJ2bSutK8opBScOFE-7GN88S3wj4I&google_hm=1t4uIJe2Rwisz2dTxM1LOtY
cache-control: no-cache, must-revalidate
content-type: text/html;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5C48
Redirect Chain

https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEFg3XZubqPx4UOD19IL9ng0&google_cver=1&google_push=AYg5qPKqlqHgwFVzkSeAjhGvQ2L01_hmlIBAB0vle_8CboPXcX8nH2tTO7hkQ...
https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEFg3XZubqPx4UOD19IL9ng0&google_cver=1&google_push=AYg5qPKqlqHgwFVzkSeAjhGvQ2L01_hmlIBAB0vle_8CboPXcX8nH2tTO7hkQ...
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=CzwhL7QlBqyUzNd1nKdHyw&google_push=AYg5qPKqlqHgwFVzkSeAjhGvQ2L01_hmlIBAB0vle_8CboPXcX8nH2tTO7hkQHpEAt2GaXnlNH3rS7OI5...

170 B
188 B

52ms
52ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=CzwhL7QlBqyUzNd1nKdHyw&google_push=AYg5qPKqlqHgwFVzkSeAjhGvQ2L01_hmlIBAB0vle_8CboPXcX8nH2tTO7hkQHpEAt2GaXnlNH3rS7OI5SPWMJIp65emJTEg2bg

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 07 Dec 2021 22:14:25 GMT
Server: nginx
Vary: Accept
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=CzwhL7QlBqyUzNd1nKdHyw&google_push=AYg5qPKqlqHgwFVzkSeAjhGvQ2L01_hmlIBAB0vle_8CboPXcX8nH2tTO7hkQHpEAt2GaXnlNH3rS7OI5SPWMJIp65emJTEg2bg
Connection: close
Content-Type: text/plain; charset=utf-8
Content-Length: 237

GET

pixel
cm.g.doubleclick.net/ Frame 5C48
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEF3sDcxCrw6LR_oVhC87j8U&google_cver=1&google_push=AYg5qPK7AD-eJn-_-OJpcZWnadXhOXyeA01__3Yz28lZ3QG8g752XuiWzqQzC5n0L7R4XyhqbI2nyyjTcKPp1-ANLQXcni...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEF3sDcxCrw6LR_oVhC87j8U&google_cver=1&google_push=AYg5qPK7AD-eJn-_-OJpcZWnadXhOXyeA01__3Yz28lZ3QG8g752XuiWzqQzC5n0L7R4XyhqbI2nyyjTcKPp1-AN...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GWUQgcS1QHWyYKWmMetGfg&google_push=AYg5qPK7AD-eJn-_-OJpcZWnadXhOXyeA01__3Yz28lZ3QG8g752XuiWzqQzC5n0L7R4XyhqbI2nyyjTcKPp1-A...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GWUQgcS1QHWyYKWmMetGfg&google_push=AYg5qPK7AD-eJn-_-OJpcZWnadXhOXyeA01__3Yz28lZ3QG8g752XuiWzqQzC5n0L7R4XyhqbI2nyyjTcKPp1-A...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GWUQgcS1QHWyYKWmMetGfg&google_push=AYg5qPK7AD-eJn-_-OJpcZWnadXhOXyeA01__3Yz28lZ3QG8g752XuiWzqQzC5n0L7R4XyhqbI2nyyjTcKPp1-A...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GWUQgcS1QHWyYKWmMetGfg&google_push=AYg5qPK7AD-eJn-_-OJpcZWnadXhOXyeA01__3Yz28lZ3QG8g752XuiWzqQzC5n0L7R4XyhqbI2nyyjTcKPp1-A...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GWUQgcS1QHWyYKWmMetGfg&google_push=AYg5qPK7AD-eJn-_-OJpcZWnadXhOXyeA01__3Yz28lZ3QG8g752XuiWzqQzC5n0L7R4XyhqbI2nyyjTcKPp1-A...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GWUQgcS1QHWyYKWmMetGfg&google_push=AYg5qPK7AD-eJn-_-OJpcZWnadXhOXyeA01__3Yz28lZ3QG8g752XuiWzqQzC5n0L7R4XyhqbI2nyyjTcKPp1-A...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GWUQgcS1QHWyYKWmMetGfg&google_push=AYg5qPK7AD-eJn-_-OJpcZWnadXhOXyeA01__3Yz28lZ3QG8g752XuiWzqQzC5n0L7R4XyhqbI2nyyjTcKPp1-A...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GWUQgcS1QHWyYKWmMetGfg&google_push=AYg5qPK7AD-eJn-_-OJpcZWnadXhOXyeA01__3Yz28lZ3QG8g752XuiWzqQzC5n0L7R4XyhqbI2nyyjTcKPp1-A...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GWUQgcS1QHWyYKWmMetGfg&google_push=AYg5qPK7AD-eJn-_-OJpcZWnadXhOXyeA01__3Yz28lZ3QG8g752XuiWzqQzC5n0L7R4XyhqbI2nyyjTcKPp1-A...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GWUQgcS1QHWyYKWmMetGfg&google_push=AYg5qPK7AD-eJn-_-OJpcZWnadXhOXyeA01__3Yz28lZ3QG8g752XuiWzqQzC5n0L7R4XyhqbI2nyyjTcKPp1-A...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GWUQgcS1QHWyYKWmMetGfg&google_push=AYg5qPK7AD-eJn-_-OJpcZWnadXhOXyeA01__3Yz28lZ3QG8g752XuiWzqQzC5n0L7R4XyhqbI2nyyjTcKPp1-A...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GWUQgcS1QHWyYKWmMetGfg&google_push=AYg5qPK7AD-eJn-_-OJpcZWnadXhOXyeA01__3Yz28lZ3QG8g752XuiWzqQzC5n0L7R4XyhqbI2nyyjTcKPp1-A...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GWUQgcS1QHWyYKWmMetGfg&google_push=AYg5qPK7AD-eJn-_-OJpcZWnadXhOXyeA01__3Yz28lZ3QG8g752XuiWzqQzC5n0L7R4XyhqbI2nyyjTcKPp1-A...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GWUQgcS1QHWyYKWmMetGfg&google_push=AYg5qPK7AD-eJn-_-OJpcZWnadXhOXyeA01__3Yz28lZ3QG8g752XuiWzqQzC5n0L7R4XyhqbI2nyyjTcKPp1-A...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GWUQgcS1QHWyYKWmMetGfg&google_push=AYg5qPK7AD-eJn-_-OJpcZWnadXhOXyeA01__3Yz28lZ3QG8g752XuiWzqQzC5n0L7R4XyhqbI2nyyjTcKPp1-A...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GWUQgcS1QHWyYKWmMetGfg&google_push=AYg5qPK7AD-eJn-_-OJpcZWnadXhOXyeA01__3Yz28lZ3QG8g752XuiWzqQzC5n0L7R4XyhqbI2nyyjTcKPp1-A...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GWUQgcS1QHWyYKWmMetGfg&google_push=AYg5qPK7AD-eJn-_-OJpcZWnadXhOXyeA01__3Yz28lZ3QG8g752XuiWzqQzC5n0L7R4XyhqbI2nyyjTcKPp1-A...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GWUQgcS1QHWyYKWmMetGfg&google_push=AYg5qPK7AD-eJn-_-OJpcZWnadXhOXyeA01__3Yz28lZ3QG8g752XuiWzqQzC5n0L7R4XyhqbI2nyyjTcKPp1-A...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GWUQgcS1QHWyYKWmMetGfg&google_push=AYg5qPK7AD-eJn-_-OJpcZWnadXhOXyeA01__3Yz28lZ3QG8g752XuiWzqQzC5n0L7R4XyhqbI2nyyjTcKPp1-A...

0
0

GET
H3 200 dot.gif
s0.2mdn.net/ Frame 5C48 43 B
65 B 49ms
48ms Image
image/gif 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEDc-FPZzuYVh0rw1o_0ysZU&google_cver=1&google_push=AYg5qPJx5m8auNPgcJbtgSCodfkVzzap3R9DOFP8kPJnsI-tkpRrS_L2m4LXyhjuzHAqEeUChGbZ1Kia88uQTn-cTA072PKdq8rh

Requested by

Host: 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
URL: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Dec 2021 22:14:25 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 5C48 0
12 B 52ms
51ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KomUYp7laagi49yY_l4PcxQAzSFfQeW5OCETsA-bbgKl3eL4Xb0Zrf2mFV4O3H0U6_gCsBLw

Requested by

Host: 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
URL: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 22:14:25 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 ZhD25ev4EfR-XFP19TbfDo9DHcMa9GGM1cDlPvVEM3Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 38E0 35 KB
13 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ZhD25ev4EfR-XFP19TbfDo9DHcMa9GGM1cDlPvVEM3Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6610f6e5ebf811f47e5c53f5f536df0e8f431dc31af4618cd5c0e53ef5443374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 19:44:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8973
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13522
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Dec 2022 19:44:52 GMT

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame C2D9
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/878020/58502569/skeleton.js?adsafe_url=https%3A%2F%2Fwww.hellooha.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.g...
https://static.adsafeprotected.com/skeleton.js

17 B
464 B

62ms
62ms

Script
application/javascript

2600:9000:223f:7800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
URL: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2600:9000:223f:7800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:35:57 GMT
via: 1.1 0afa2d721972ae312ad1dd54e47c43cb.cloudfront.net (CloudFront)
age: 13268309
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: lfxxFrvk9MEIh_q-Dsxr6tsc6drpblXthWuyrmxh6r2jfMI5yyhZKQ==

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:25 GMT
x-server-name: app05.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame E73E 80 KB
21 KB 66ms
66ms Script
application/javascript 2600:9000:223f:7800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
URL: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:7800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 18:55:08 GMT
content-encoding: gzip
age: 9515958
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 0afa2d721972ae312ad1dd54e47c43cb.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
content-type: application/javascript
x-amz-cf-id: nA615NEKYbD5nscK47K7YNkqFrBPmH0qOvg1meFjDrIOtnkxtTTdeQ==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C2D9 43 B
215 B 124ms
124ms Image
image/gif 18.207.27.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=878020&asId=d008e117-6110-ac25-fe9d-f3eb75d93a37&tv=%7Bc:w9sEbp,pingTime:-3,time:133,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:116%7D,%7Bpiv:0,vs:o,r:l,t:133%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:133,n:133,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:116,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B23~1,0~0%5D,as:%5B23~300.250%5D%7D%7D,%7Bsl:o,t:133,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sQWRqqy+11%7C12%7C13%7C14.890300-58784809%7C141%7C142%7C143%7C144%7C145%7C146%7C147%7C15*.878020-58502569%7C151%7C152%7C153%7C154,idMap:15*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Requested by: Host: 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
URL: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.207.27.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-207-27-110.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:25 GMT
x-server-name: dt16.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C2D9 43 B
215 B 115ms
115ms Image
image/gif 18.207.27.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=878020&asId=d008e117-6110-ac25-fe9d-f3eb75d93a37&tv=%7Bc:w9sEbq,pingTime:-6,time:134,type:i,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:134,n:133,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:116,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B23~1,0~0%5D,as:%5B23~300.250%5D%7D%7D,%7Bsl:o,t:133,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sQWRqqy+11%7C12%7C13%7C14.890300-58784809%7C141%7C142%7C143%7C144%7C145%7C146%7C147%7C15*.878020-58502569%7C151%7C152%7C153%7C154,idMap:15*,rmeas:1,rend:1,renddet:IMG.qs%7D&tpiLookup=ao:www.hellooha.com*&br=c
Requested by: Host: 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
URL: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.207.27.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-207-27-110.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:25 GMT
x-server-name: dt17.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C2D9 43 B
215 B 114ms
114ms Image
image/gif 18.207.27.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=878020&asId=d008e117-6110-ac25-fe9d-f3eb75d93a37&tv=%7Bc:w9sEbz,pingTime:-2,time:143,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:70,bdZ:115,beA:472,beZ:474,mfA:582,cmA:582,inA:582,inZ:583,prA:583,prZ:585,si:589,poA:589,poZ:596,cmZ:596,mfZ:596,loA:607,loZ:608,ltA:616,ltZ:616%7D%7D,sca:%7Bdfp:%7Bdf:2,sz:300.250,dom:img%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:116%7D,%7Bpiv:0,vs:o,r:l,t:133%7D,%7Bpiv:60,vs:pp,r:,t:137%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:137,n:133,pp:6,pm:0%7D,slEvents:%5B%7Bsl:n,t:116,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B23~1,0~0%5D,as:%5B23~300.250%5D%7D%7D,%7Bsl:o,t:133,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B4~0%5D,as:%5B4~300.250%5D%7D%7D,%7Bsl:pp,t:137,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:60,obst:0,th:0,reas:,bkn:%7Bpiv:%5B6~50%5D,as:%5B6~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sQWRqqy+11%7C12%7C13%7C14.890300-58784809%7C141%7C142%7C143%7C144%7C145%7C146%7C147%7C15*.878020-58502569%7C151%7C152%7C153%7C154,idMap:15*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:IMG.qs,sinceFw:27,readyFired:true%7D&br=c
Requested by: Host: 9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
URL: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.207.27.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-207-27-110.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:25 GMT
x-server-name: dt18.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 46ms
46ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&zMoatAdUnit1=Hellooha&zMoatAdUnit2=Homepage&wf=1&ra=3&pxm=2&sgs=3&vb=3&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=CHOUEIRIGROUPDFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-mix2djWwZ10QbMk%2BqjMratT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-5ZHC8H1EcAEJWg%3D%3D&sc=1&os=1-2Q%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&qr=0&url=https%3A%2F%2Fwww.hellooha.com%2F&pcode=choueirigroupheaderdfp445340272806&rx=439159463936&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=970&rm=1&fy=315&gp=130&zGSRC=1&gu=https%3A%2F%2Fwww.hellooha.com%2F&id=1&ii=4&f=0&j=&t=1638915262033&de=720733468038&cu=1638915262033&m=3286&ar=8ab009d7785-clean&iw=41a656a&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=130&lb=6414&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A676%3A676%3A1642%3A764&as=1&ag=1028&an=17&gi=1&gf=1028&gg=17&ix=1028&ic=1028&ez=1&ck=1028&kw=948&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1028&bx=17&ci=1028&jz=948&dj=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=948&cd=34&ah=948&am=34&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=38317631%3A727636631%3A1304154191%3A138224993577&cm=1&bo=Hellooha&bd=Homepage&gw=choueirigroupheaderdfp445340272806&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=196017&na=1253280932&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:25 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 07 Dec 2021 22:14:25 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 44ms
44ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&zMoatAdUnit1=Hellooha&zMoatAdUnit2=Homepage&wf=1&ra=3&pxm=2&sgs=3&vb=3&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=CHOUEIRIGROUPDFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-mix2djWwZ10QbMk%2BqjMratT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-5ZHC8H1EcAEJWg%3D%3D&sc=1&os=1-2Q%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&qr=0&url=https%3A%2F%2Fwww.hellooha.com%2F&pcode=choueirigroupheaderdfp445340272806&rx=439159463936&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=2&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=970&rm=1&fy=315&gp=130&zGSRC=1&gu=https%3A%2F%2Fwww.hellooha.com%2F&id=1&ii=4&f=0&j=&t=1638915262033&de=720733468038&cu=1638915262033&m=3286&ar=8ab009d7785-clean&iw=41a656a&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=130&lb=6414&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A676%3A676%3A1642%3A764&as=1&ag=1028&an=1028&gi=1&gf=1028&gg=1028&ix=1028&ic=1028&ez=1&ck=1028&kw=948&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1028&bx=1028&ci=1028&jz=948&dj=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=948&cd=948&ah=948&am=948&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=38317631%3A727636631%3A1304154191%3A138224993577&cm=1&bo=Hellooha&bd=Homepage&gw=choueirigroupheaderdfp445340272806&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=196017&na=1381427373&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:25 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 07 Dec 2021 22:14:25 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 44ms
44ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&zMoatAdUnit1=Hellooha&zMoatAdUnit2=Homepage&wf=1&ra=3&pxm=2&sgs=3&vb=3&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=CHOUEIRIGROUPDFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-mix2djWwZ10QbMk%2BqjMratT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-5ZHC8H1EcAEJWg%3D%3D&sc=1&os=1-2Q%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&qr=0&url=https%3A%2F%2Fwww.hellooha.com%2F&pcode=choueirigroupheaderdfp445340272806&rx=439159463936&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=3&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=970&rm=1&fy=315&gp=130&zGSRC=1&gu=https%3A%2F%2Fwww.hellooha.com%2F&id=1&ii=4&f=0&j=&t=1638915262033&de=720733468038&cu=1638915262033&m=3287&ar=8ab009d7785-clean&iw=41a656a&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=130&lb=6414&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A676%3A676%3A1642%3A764&as=1&ag=1028&an=1028&gi=1&gf=1028&gg=1028&ix=1028&ic=1028&ez=1&ck=1028&kw=948&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1028&bx=1028&ci=1028&jz=948&dj=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=948&cd=948&ah=948&am=948&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=38317631%3A727636631%3A1304154191%3A138224993577&cm=1&bo=Hellooha&bd=Homepage&gw=choueirigroupheaderdfp445340272806&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=196017&na=998714353&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:25 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 07 Dec 2021 22:14:25 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 88ED 43 B
215 B 114ms
114ms Image
image/gif 18.207.27.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=890300&asId=90a9f9de-9334-0346-c891-27cd50a4f503&tv=%7Bc:w9sEdU,time:1269,type:e,im:%7Bpci:%7Btdr:1167%7D%7D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:71,o:1198,n:1185,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:17,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:vc,cc:0.0.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1176~1%5D,as:%5B1173~na.na,3~970.250%5D%7D%7D,%7Bsl:o,t:1185,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:vc,cc:0.0.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B13~0%5D,as:%5B13~970.250%5D%7D%7D,%7Bsl:i,t:1198,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:vc,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B71~100%5D,as:%5B71~970.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:118,fm:sQWRqqy+11%7C12%7C13%7C14*.890300-58784809%7C141%7C142%7C143%7C15.878020-58502569%7C151,idMap:14.e475f2ff-be50-51c1-86df-a89784f6eb19.32_10933%7C14*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.207.27.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-207-27-110.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:25 GMT
x-server-name: dt11.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 38E0 0
20 B 76ms
76ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B_IoHwdyvYdv_BLvb7_UPpuSzgAUAAAAAOAHgBAI&bg=!s7ClsPTNAAaQHwIOkB87ACkAdvg8WgrKE60-CjqC8EbmkAFgT6H2flnidhe-jFyXB2I8wMlVfSSYagIAAABmUgAAAAloAQeZAxAQcWHLPhMtxyfbsSFqJ4EUfQlaActHNs21posIOrlTi12iWfqHNZ_hKAAxj6h6w5LqATYRGVWjkoeOXRogisCRrvQMrwkIqFjlbcQxj0VE1lPd3SwsLW8HSL6hJqnzSqSOU7MjYEI8CMix77ukd0sQkmBOyxiPTI-0zYG9cfJ8CQHbiNrLHbbvLzZipJkHunVx_hGY8Igxvbu7JzIe0hoXOZmjjRM0sYy1xXIM-TE2srDPBQeY7yHjqSLYD_JEu_bi-cuavxHO72r2GtTpfbpcWllU9sKaLleCxM5RnRpIfqcOf0xtcGVwJn24PUI9tujKFPdSfBzZLTEeTJvO81a9jMSuJRsvn7d9CfXYV09dvbF1_XH0I-g6aIEQuf9bPHIPO69GThZE-QNhR2C6fqVwKqtdIIzBUY3xUDV9hwr3y0JH2eO2N7OjGiTQG_8qrFAzKL7rM14weQStT5UnkOLHYm9R_NIbA2Ope0g-rXQy3LCuKo9rw6rhBkr2odJMHkbBuMXc7Xm4ayI09RtF4UVgkmdZ5uSEO0FgFQMPhhEgJwz1vE_res8NNwgqXunIVOjz7Mv4RdfVFgm7Bg86fGTE06hQDsvLCXTo_0FUGJ1ntSS0Y8J_taP-cMtnvl7jxdyeIbXe0YIpvRFvbly4PtgNOmtHk9yaveM3pV7MHC4gfVSwO7AMlCrjBRGZsVAeiS_icNmfLwKIUmxi7ai0mIz6FtH5fpot6I4XhdlWAjihThzYkwZapUV8Bk0hCCKWDxpxwb0b6wLMi0WcC1GZS-WJI4nV2ErCEN03QuQJ7BjgkWI04ETMKuFaPr3XD0kgZQLfZWezux9x1rMnlqUG2luJUb28tGGCRrrRhKpWOXY5t9gy5DyAuGbpojrX_mxwW_8-jx1ddkFIIk-UoHFtmpUQ9ATRRB6944oUimClTtC3E-scGzzsov0ORV8HjP1Dhsg5010ly68cjR7YHRVW41cMDwkTHttU8KQmw3J6hP7RI83fu_1tLUGEhRJsYWaNbF-R0MGzCor5U0ehQZqAg9tF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C2D9 43 B
215 B 114ms
114ms Image
image/gif 18.207.27.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=878020&asId=d008e117-6110-ac25-fe9d-f3eb75d93a37&tv=%7Bc:w9sEe3,time:297,type:e,im:%7Bimprf:%7Bttecl:646,ecd:63,tsecr:4%7D%7D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:137,n:133,pp:160,pm:0%7D,slEvents:%5B%7Bsl:n,t:116,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B23~1,0~0%5D,as:%5B23~300.250%5D%7D%7D,%7Bsl:o,t:133,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B4~0%5D,as:%5B4~300.250%5D%7D%7D,%7Bsl:pp,t:137,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:60,obst:0,th:0,reas:,bkn:%7Bpiv:%5B160~50%5D,as:%5B160~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:124,fm:sQWRqqy+11%7C12%7C13%7C14.890300-58784809%7C141%7C142%7C143%7C144%7C145%7C146%7C147%7C15*.878020-58502569%7C151%7C152%7C153%7C154,idMap:15*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.207.27.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-207-27-110.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:25 GMT
x-server-name: dt10.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 88ED 43 B
215 B 116ms
115ms Image
image/gif 18.207.27.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=e475f2ff-be50-51c1-86df-a89784f6eb19&tv=%7Bc:w9sEeR,pingTime:-8,time:1435,type:l,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:0,n:1435,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:301,wc:0.0.1600.1200,bkn:%7Bpiv:%5B1142~1%5D,as:%5B1142~na.na%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:187,fm:sQWRqqy+11%7C12%7C13%7C14*.10933%7C141%7C142%7C1431%7C144%7C15.878020-58502569%7C151%7C152%7C153,idMap:14.90a9f9de-9334-0346-c891-27cd50a4f503.7_890300-58784809%7C14*,rmeas:1,rend:0,renddet:na%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.207.27.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-207-27-110.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:25 GMT
x-server-name: dt15.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 88ED 43 B
215 B 116ms
116ms Image
image/gif 18.207.27.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=e475f2ff-be50-51c1-86df-a89784f6eb19&tv=%7Bc:w9sEf4,pingTime:0,time:1448,type:pf,im:%7Bpci:%7Btdr:1140%7D%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:0,h:0,t:301%7D,%7Bw:970,h:250,t:1440%7D,%7Bpiv:0,vs:o,r:l,t:1441%7D,%7Bpiv:100,vs:i,r:,t:1447%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1,o:1447,n:1441,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:301,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:vc,cc:0.0.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1148~1%5D,as:%5B1147~na.na,1~970.250%5D%7D%7D,%7Bsl:o,t:1441,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:vc,cc:0.0.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B6~0%5D,as:%5B6~970.250%5D%7D%7D,%7Bsl:i,t:1447,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:vc,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1~100%5D,as:%5B1~970.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:187,fm:sQWRqqy+11%7C12%7C13%7C14*.10933%7C141%7C142%7C1431%7C144%7C15.878020-58502569%7C151%7C152%7C153,idMap:14.90a9f9de-9334-0346-c891-27cd50a4f503.7_890300-58784809%7C14*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.207.27.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-207-27-110.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:25 GMT
x-server-name: dt18.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 88ED 43 B
215 B 117ms
117ms Image
image/gif 18.207.27.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=e475f2ff-be50-51c1-86df-a89784f6eb19&tv=%7Bc:w9sEgH,pingTime:-10,time:1549,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ni4wLjQ2NjQuNDUgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1638915264757%7C%7C56fbb27599d61f8e87dd4a5950a83f48%7C%7Cb4088f046bf9a570f2964ffc86d258ff%7C%7C065ada428afe2933c975b34d63ac8d44%7C%7Ccea3f03e13254de23cded341b84ff53b%7C%7Ca3e2230db6dfd2ac8a1065bd5c284580%7C%7C3b51a7cf636f85ccdcee1e95601be9f2%7C%7C5728f908d9dd4238fe19df5921c2414b%7C%7C1629390669,sca:%7Bspg:90a9f9de-9334-0346-c891-27cd50a4f503%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.207.27.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-207-27-110.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:25 GMT
x-server-name: dt22.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C2D9 42 B
64 B 80ms
79ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstNV0VLE_Nk77Afk0g2cxdD_widj0jH893UD8VH2Q99tOiSXOeM5OObCunsrcJxUjFFkECbhWH6B5i5T_n6W1zIFfRBiHM3on-IXeMk5JT3KnHI8keaOg&sai=AMfl-YQrJrXs1Jlcyr0vggtJ4QEUjI8o7IJA_orWi4oNi4nuOBOuWYUDFauRH5WlDC9voZciDdF7K6mlHzhADOLLd36e0mNSKvSglB2GRd92zRMDG42fvyQoqZVVL6En&sig=Cg0ArKJSzFx0dYaaz2JzEAE&cid=CAASEuRodrALQHoBuqtbDiEicsfwvQ&id=lidar2&mcvt=1000&p=1050,155,1304,455&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=0.59&if=1&app=0&itpl=20&adk=1030947372&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638915264694&rpt=547&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C2D9 42 B
64 B 75ms
74ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssl-4qzE5LGQnIgtSnmLce_blNcs-17X4O4sVNBrveU9pgWxpVETqJXl_GI5Pni48JMCCL4O02E4C0KUnu1k906vtancNXEtsE&sig=Cg0ArKJSzCDNdtc8BgFqEAE&id=lidar2&mcvt=1001&p=0,0,250,300&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=0.6&if=1&app=0&itpl=32&adk=1964084974&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638915264694&rpt=549&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 events Show response
api.permutive.com/v2.0/batch/ 101 B
180 B 37ms
36ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=40da2992-202e-46c3-bd6d-d27455ebb9ca
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: d78372c3bf23738c6fe75d55a1b4f4bb81f2f3722914465ec23b717db0dae7a7

Request headers

Referer: https://www.hellooha.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 07 Dec 2021 22:14:26 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: https://www.hellooha.com
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: clear
content-length: 112
via: 1.1 google

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C2D9 43 B
215 B 117ms
117ms Image
image/gif 18.207.27.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=878020&asId=d008e117-6110-ac25-fe9d-f3eb75d93a37&tv=%7Bc:w9sErC,pingTime:1,time:1138,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:116%7D,%7Bpiv:0,vs:o,r:l,t:133%7D,%7Bpiv:60,vs:pp,r:,t:137%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:137,n:133,pp:1001,pm:0%7D,slEvents:%5B%7Bsl:n,t:116,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B23~1,0~0%5D,as:%5B23~300.250%5D%7D%7D,%7Bsl:o,t:133,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B4~0%5D,as:%5B4~300.250%5D%7D%7D,%7Bsl:pp,t:137,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:60,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~50%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:116,fm:sQWRqqy+11%7C12%7C13%7C14.890300-58784809%7C141%7C142%7C143%7C144%7C145%7C146%7C147%7C15*.878020-58502569%7C151%7C152%7C153%7C154,idMap:15*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.207.27.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-207-27-110.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:26 GMT
x-server-name: dt22.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 44ms
44ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&zMoatAdUnit1=Hellooha&zMoatAdUnit2=Homepage&wf=1&ra=3&pxm=2&sgs=3&vb=3&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=CHOUEIRIGROUPDFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-mix2djWwZ10QbMk%2BqjMratT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-5ZHC8H1EcAEJWg%3D%3D&sc=1&os=1-2Q%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&qr=0&url=https%3A%2F%2Fwww.hellooha.com%2F&pcode=choueirigroupheaderdfp445340272806&rx=439159463936&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&rm=1&fy=155&gp=1050&zGSRC=1&gu=https%3A%2F%2Fwww.hellooha.com%2F&id=1&ii=4&f=0&j=&t=1638915262033&de=184462548680&cu=1638915262033&m=4294&ar=8ab009d7785-clean&iw=41a656a&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=1050&lb=6414&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=60&vx=60%3A-%3A-&pe=1%3A676%3A676%3A1642%3A764&as=1&ag=1158&an=52&gf=0&gg=0&ix=0&ic=0&ez=1&ck=1158&kw=1008&aj=1&pg=60&pf=60&ib=1&cc=1&bw=1158&bx=52&ci=1158&jz=1008&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1008&cd=104&ah=1008&am=104&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=38317631%3A727636631%3A1304154191%3A138237668598&cm=1&bo=Hellooha&bd=Homepage&gw=choueirigroupheaderdfp445340272806&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&tc=0&fs=196017&na=1871223270&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:26 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 07 Dec 2021 22:14:26 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjM4OTE1MjY0eGQ3YWE2MmM5ZTBlYzNmeDgyNjczMTk5IiwiYWNjb3VudElkIjoiZTI3M2E4OGYiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIyMTU2NTg5OTU4Nzg5MjIxMiIsImluZGV4IjoxMywiY2xpZW50VGltZXN0YW1wIjoxNjM4OTE1MjY2LjM3MSwidW5pdE5hbWUiOiJiYW5uZXIiLCJ1bml0VmFyaWFudExvY2FsSWQiOjIsInNjcmVlbkxvY2FsSWQiOjIxLCJzY3JlZW5UaXRsZSI6IlN0YXJ0IGNvcHkiLCJzY3JlZW5Jc01hc3RlciI6ZmFsc2UsIm9iamVjdExvY2FsSWQiOjUyLCJvYmplY3ROYW1lIjoiREVMSVZFUk9PX0VOR0xJU0hfMTJTRUNPTkRTXzE5MjBYMTA4MCIsIm9iamVjdENsYXp6IjoiVmlkZW8iLCJpbml0aWF0aW9uVGltZXN0YW1wIjoxNjM4OTE1MjY1LjA4NiwibmFtZSI6InZpZGVvU3RhcnQiLCJsYWJlbCI6IkRFTElWRVJPT19FTkdMSVNIXzEyU0VDT05EU18xOTIwWDEwODAifSx7InNlc3Npb25JZCI6InMxNjM4OTE1MjY0eGQ3YWE2MmM5ZTBlYzNmeDgyNjczMTk5IiwiYWNjb3VudElkIjoiZTI3M2E4OGYiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIyMTU2NTg5OTU4Nzg5MjIxMiIsImluZGV4IjoxNCwiY2xpZW50VGltZXN0YW1wIjoxNjM4OTE1MjY2LjM3MSwidW5pdE5hbWUiOiJiYW5uZXIiLCJ1bml0VmFyaWFudExvY2FsSWQiOjIsInNjcmVlbkxvY2FsSWQiOjIxLCJzY3JlZW5UaXRsZSI6IlN0YXJ0IGNvcHkiLCJzY3JlZW5Jc01hc3RlciI6ZmFsc2UsIm9iamVjdExvY2FsSWQiOjUyLCJvYmplY3ROYW1lIjoiREVMSVZFUk9PX0VOR0xJU0hfMTJTRUNPTkRTXzE5MjBYMTA4MCIsIm9iamVjdENsYXp6IjoiVmlkZW8iLCJpbml0aWF0aW9uVGltZXN0YW1wIjoxNjM4OTE1MjY1LjA4NiwiZnJvbSI6MC4wMjQ1ODQsInRvIjowLjk3NTM0NSwibmFtZSI6InZpZGVvUGxheWVkU2VnbWVudCIsIm11dGVkIjp0cnVlLCJmdWxsc2NyZWVuIjpmYWxzZSwiZ2F6ZSI6ZmFsc2V9XX0=?crc32c=2444753072
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.140.94 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-140-94.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 22:14:26 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 88ED 43 B
215 B 114ms
114ms Image
image/gif 18.207.27.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=890300&asId=90a9f9de-9334-0346-c891-27cd50a4f503&tv=%7Bc:w9sEsU,pingTime:1,time:2199,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:0,h:0,t:17%7D,%7Bw:970,h:250,t:1182%7D,%7Bpiv:0,vs:o,r:l,t:1185%7D,%7Bpiv:100,vs:i,r:,t:1198%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:1198,n:1185,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:17,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:vc,cc:0.0.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1176~1%5D,as:%5B1173~na.na,3~970.250%5D%7D%7D,%7Bsl:o,t:1185,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:vc,cc:0.0.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B13~0%5D,as:%5B13~970.250%5D%7D%7D,%7Bsl:i,t:1198,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:vc,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~970.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:116,fm:sQWRqqy+11%7C12%7C13%7C14*.890300-58784809%7C141%7C142%7C143%7C15.878020-58502569%7C151,idMap:14.e475f2ff-be50-51c1-86df-a89784f6eb19.32_10933%7C14*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.207.27.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-207-27-110.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:26 GMT
x-server-name: dt03.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 88ED 43 B
215 B 113ms
113ms Image
image/gif 18.207.27.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=890300&asId=90a9f9de-9334-0346-c891-27cd50a4f503&tv=%7Bc:w9sEsU,pingTime:1,time:2199,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:0,h:0,t:17%7D,%7Bw:970,h:250,t:1182%7D,%7Bpiv:0,vs:o,r:l,t:1185%7D,%7Bpiv:100,vs:i,r:,t:1198%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:1198,n:1185,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:17,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:vc,cc:0.0.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1176~1%5D,as:%5B1173~na.na,3~970.250%5D%7D%7D,%7Bsl:o,t:1185,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:vc,cc:0.0.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B13~0%5D,as:%5B13~970.250%5D%7D%7D,%7Bsl:i,t:1198,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:vc,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~970.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:116,fm:sQWRqqy+11%7C12%7C13%7C14*.890300-58784809%7C141%7C142%7C143%7C15.878020-58502569%7C151,idMap:14.e475f2ff-be50-51c1-86df-a89784f6eb19.32_10933%7C14*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.207.27.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-207-27-110.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:26 GMT
x-server-name: dt02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 88ED 43 B
215 B 114ms
113ms Image
image/gif 18.207.27.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=e475f2ff-be50-51c1-86df-a89784f6eb19&tv=%7Bc:w9sEvd,pingTime:1,time:2449,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:0,h:0,t:301%7D,%7Bw:970,h:250,t:1440%7D,%7Bpiv:0,vs:o,r:l,t:1441%7D,%7Bpiv:100,vs:i,r:,t:1447%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1002,o:1447,n:1441,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:301,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:vc,cc:0.0.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1148~1%5D,as:%5B1147~na.na,1~970.250%5D%7D%7D,%7Bsl:o,t:1441,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:vc,cc:0.0.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B6~0%5D,as:%5B6~970.250%5D%7D%7D,%7Bsl:i,t:1447,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:vc,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~970.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:119,fm:sQWRqqy+11%7C12%7C13%7C14*.10933%7C141%7C142%7C1431%7C144%7C15.878020-58502569%7C151%7C152%7C153,idMap:14.90a9f9de-9334-0346-c891-27cd50a4f503.7_890300-58784809%7C14*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.207.27.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-207-27-110.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:26 GMT
x-server-name: dt18.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 88ED 43 B
215 B 115ms
115ms Image
image/gif 18.207.27.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=e475f2ff-be50-51c1-86df-a89784f6eb19&tv=%7Bc:w9sEvd,pingTime:1,time:2449,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:0,h:0,t:301%7D,%7Bw:970,h:250,t:1440%7D,%7Bpiv:0,vs:o,r:l,t:1441%7D,%7Bpiv:100,vs:i,r:,t:1447%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1002,o:1447,n:1441,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:301,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:vc,cc:0.0.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1148~1%5D,as:%5B1147~na.na,1~970.250%5D%7D%7D,%7Bsl:o,t:1441,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:vc,cc:0.0.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B6~0%5D,as:%5B6~970.250%5D%7D%7D,%7Bsl:i,t:1447,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:vc,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~970.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:119,fm:sQWRqqy+11%7C12%7C13%7C14*.10933%7C141%7C142%7C1431%7C144%7C15.878020-58502569%7C151%7C152%7C153,idMap:14.90a9f9de-9334-0346-c891-27cd50a4f503.7_890300-58784809%7C14*,rmeas:1,rend:1,renddet:DIV.qs.sn,metricId:publ1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.207.27.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-207-27-110.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:26 GMT
x-server-name: dt19.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 88ED 43 B
215 B 115ms
115ms Image
image/gif 18.207.27.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=e475f2ff-be50-51c1-86df-a89784f6eb19&tv=%7Bc:w9sEve,pingTime:1,time:2450,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:0,h:0,t:301%7D,%7Bw:970,h:250,t:1440%7D,%7Bpiv:0,vs:o,r:l,t:1441%7D,%7Bpiv:100,vs:i,r:,t:1447%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1003,o:1447,n:1441,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:301,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:vc,cc:0.0.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1148~1%5D,as:%5B1147~na.na,1~970.250%5D%7D%7D,%7Bsl:o,t:1441,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:vc,cc:0.0.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B6~0%5D,as:%5B6~970.250%5D%7D%7D,%7Bsl:i,t:1447,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:vc,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1003~100%5D,as:%5B1003~970.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:119,fm:sQWRqqy+11%7C12%7C13%7C14*.10933%7C141%7C142%7C1431%7C144%7C15.878020-58502569%7C151%7C152%7C153,idMap:14.90a9f9de-9334-0346-c891-27cd50a4f503.7_890300-58784809%7C14*,rmeas:1,rend:1,renddet:DIV.qs.sn,metricId:grpm1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.207.27.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-207-27-110.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:26 GMT
x-server-name: dt20.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C2D9 43 B
215 B 114ms
114ms Image
image/gif 18.207.27.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=878020&asId=d008e117-6110-ac25-fe9d-f3eb75d93a37&tv=%7Bc:w9sExQ,pingTime:-10,time:1524,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ni4wLjQ2NjQuNDUgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1638915264757%7C%7C56fbb27599d61f8e87dd4a5950a83f48%7C%7Cb4088f046bf9a570f2964ffc86d258ff%7C%7C065ada428afe2933c975b34d63ac8d44%7C%7Ccea3f03e13254de23cded341b84ff53b%7C%7Ca3e2230db6dfd2ac8a1065bd5c284580%7C%7C3b51a7cf636f85ccdcee1e95601be9f2%7C%7C5728f908d9dd4238fe19df5921c2414b%7C%7C1629390669,sca:%7Bspg:90a9f9de-9334-0346-c891-27cd50a4f503%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.207.27.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-207-27-110.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:26 GMT
x-server-name: dt01.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjM4OTE1MjY0eGQ3YWE2MmM5ZTBlYzNmeDgyNjczMTk5IiwiYWNjb3VudElkIjoiZTI3M2E4OGYiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIyMTU2NTg5OTU4Nzg5MjIxMiIsImluZGV4IjoxNSwiY2xpZW50VGltZXN0YW1wIjoxNjM4OTE1MjY2Ljc4NywidW5pdE5hbWUiOiJiYW5uZXIiLCJ1bml0VmFyaWFudExvY2FsSWQiOjIsInNjcmVlbkxvY2FsSWQiOjIxLCJzY3JlZW5UaXRsZSI6IlN0YXJ0IGNvcHkiLCJzY3JlZW5Jc01hc3RlciI6ZmFsc2UsIm9iamVjdExvY2FsSWQiOjUyLCJvYmplY3ROYW1lIjoiREVMSVZFUk9PX0VOR0xJU0hfMTJTRUNPTkRTXzE5MjBYMTA4MCIsIm9iamVjdENsYXp6IjoiVmlkZW8iLCJpbml0aWF0aW9uVGltZXN0YW1wIjoxNjM4OTE1MjY2Ljc4NywibmFtZSI6ImN1c3RvbSIsImxhYmVsIjoidmlld2VkIC0gMjUlIC0gdmlkZW8xIn1dfQ==?crc32c=4221663953
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.140.94 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-140-94.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 22:14:26 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

POST
H2 200 events Show response
api.permutive.com/v2.0/batch/ 101 B
176 B 37ms
37ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=40da2992-202e-46c3-bd6d-d27455ebb9ca
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 43078449b705c074a3f41dd87e8086f4bcfe21912037c31fe80f9ff4a9607723

Request headers

Referer: https://www.hellooha.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 07 Dec 2021 22:14:26 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: https://www.hellooha.com
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: clear
content-length: 111
via: 1.1 google

POST
H2 200 state Show response
api.permutive.com/v1.0/ 0
84 B 38ms
38ms XHR
text/plain 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v1.0/state?fetch_unseen=false&k=40da2992-202e-46c3-bd6d-d27455ebb9ca
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f3a06674-ebb9-4b9d-ba8f-0052018c0687-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hellooha.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 07 Dec 2021 22:14:27 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: POST
access-control-allow-origin: https://www.hellooha.com
access-control-max-age: 86400
access-control-allow-credentials: true
alt-svc: clear
content-length: 20
via: 1.1 google
access-control-expose-headers: *

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjM4OTE1MjY0eGQ3YWE2MmM5ZTBlYzNmeDgyNjczMTk5IiwiYWNjb3VudElkIjoiZTI3M2E4OGYiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIyMTU2NTg5OTU4Nzg5MjIxMiIsImluZGV4IjoxNiwiY2xpZW50VGltZXN0YW1wIjoxNjM4OTE1MjY3LjUwMSwidW5pdE5hbWUiOiJiYW5uZXIiLCJ1bml0VmFyaWFudExvY2FsSWQiOjIsInNjcmVlbkxvY2FsSWQiOjIxLCJzY3JlZW5UaXRsZSI6IlN0YXJ0IGNvcHkiLCJzY3JlZW5Jc01hc3RlciI6ZmFsc2UsIm9iamVjdExvY2FsSWQiOjUyLCJvYmplY3ROYW1lIjoiREVMSVZFUk9PX0VOR0xJU0hfMTJTRUNPTkRTXzE5MjBYMTA4MCIsIm9iamVjdENsYXp6IjoiVmlkZW8iLCJpbml0aWF0aW9uVGltZXN0YW1wIjoxNjM4OTE1MjY1LjA4NiwiZnJvbSI6MC45NzUzNDUsInRvIjoyLjIyNTMyOCwibmFtZSI6InZpZGVvUGxheWVkU2VnbWVudCIsIm11dGVkIjp0cnVlLCJmdWxsc2NyZWVuIjpmYWxzZSwiZ2F6ZSI6ZmFsc2V9XX0=?crc32c=2669992398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.140.94 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-140-94.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 22:14:27 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjM4OTE1MjY0eGQ3YWE2MmM5ZTBlYzNmeDgyNjczMTk5IiwiYWNjb3VudElkIjoiZTI3M2E4OGYiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIyMTU2NTg5OTU4Nzg5MjIxMiIsImluZGV4IjoxNywiY2xpZW50VGltZXN0YW1wIjoxNjM4OTE1MjY4LjI4NywidW5pdE5hbWUiOiJiYW5uZXIiLCJ1bml0VmFyaWFudExvY2FsSWQiOjIsInNjcmVlbkxvY2FsSWQiOjIxLCJzY3JlZW5UaXRsZSI6IlN0YXJ0IGNvcHkiLCJzY3JlZW5Jc01hc3RlciI6ZmFsc2UsIm9iamVjdExvY2FsSWQiOjUyLCJvYmplY3ROYW1lIjoiREVMSVZFUk9PX0VOR0xJU0hfMTJTRUNPTkRTXzE5MjBYMTA4MCIsIm9iamVjdENsYXp6IjoiVmlkZW8iLCJpbml0aWF0aW9uVGltZXN0YW1wIjoxNjM4OTE1MjY4LjI4NywibmFtZSI6ImN1c3RvbSIsImxhYmVsIjoidmlld2VkIC0gNTAlIC0gdmlkZW8xIn1dfQ==?crc32c=2912987203
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.140.94 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-140-94.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 22:14:28 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjM4OTE1MjY0eGQ3YWE2MmM5ZTBlYzNmeDgyNjczMTk5IiwiYWNjb3VudElkIjoiZTI3M2E4OGYiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIyMTU2NTg5OTU4Nzg5MjIxMiIsImluZGV4IjoxOCwiY2xpZW50VGltZXN0YW1wIjoxNjM4OTE1MjY4LjM3MSwidW5pdE5hbWUiOiJiYW5uZXIiLCJ1bml0VmFyaWFudExvY2FsSWQiOjIsInNjcmVlbkxvY2FsSWQiOjIxLCJzY3JlZW5UaXRsZSI6IlN0YXJ0IGNvcHkiLCJzY3JlZW5Jc01hc3RlciI6ZmFsc2UsIm9iamVjdExvY2FsSWQiOjUyLCJvYmplY3ROYW1lIjoiREVMSVZFUk9PX0VOR0xJU0hfMTJTRUNPTkRTXzE5MjBYMTA4MCIsIm9iamVjdENsYXp6IjoiVmlkZW8iLCJpbml0aWF0aW9uVGltZXN0YW1wIjoxNjM4OTE1MjY1LjA4NiwibmFtZSI6InZpZGVvRmlyc3RRdWFydGlsZSIsImxhYmVsIjoiREVMSVZFUk9PX0VOR0xJU0hfMTJTRUNPTkRTXzE5MjBYMTA4MCJ9LHsic2Vzc2lvbklkIjoiczE2Mzg5MTUyNjR4ZDdhYTYyYzllMGVjM2Z4ODI2NzMxOTkiLCJhY2NvdW50SWQiOiJlMjczYTg4ZiIsInN0cmVhbSI6ImFkRXZlbnRzIiwiaW5zdGFudGlhdGlvbiI6IjIxNTY1ODk5NTg3ODkyMjEyIiwiaW5kZXgiOjE5LCJjbGllbnRUaW1lc3RhbXAiOjE2Mzg5MTUyNjguMzcxLCJ1bml0TmFtZSI6ImJhbm5lciIsInVuaXRWYXJpYW50TG9jYWxJZCI6Miwic2NyZWVuTG9jYWxJZCI6MjEsInNjcmVlblRpdGxlIjoiU3RhcnQgY29weSIsInNjcmVlbklzTWFzdGVyIjpmYWxzZSwib2JqZWN0TG9jYWxJZCI6NTIsIm9iamVjdE5hbWUiOiJERUxJVkVST09fRU5HTElTSF8xMlNFQ09ORFNfMTkyMFgxMDgwIiwib2JqZWN0Q2xhenoiOiJWaWRlbyIsImluaXRpYXRpb25UaW1lc3RhbXAiOjE2Mzg5MTUyNjUuMDg2LCJmcm9tIjoyLjIyNTMyOCwidG8iOjIuOTc0ODM1LCJuYW1lIjoidmlkZW9QbGF5ZWRTZWdtZW50IiwibXV0ZWQiOnRydWUsImZ1bGxzY3JlZW4iOmZhbHNlLCJnYXplIjpmYWxzZX1dfQ==?crc32c=1816569170
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.140.94 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-140-94.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 22:14:28 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjM4OTE1MjY0eGQ3YWE2MmM5ZTBlYzNmeDgyNjczMTk5IiwiYWNjb3VudElkIjoiZTI3M2E4OGYiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIyMTU2NTg5OTU4Nzg5MjIxMiIsImluZGV4IjoyMCwiY2xpZW50VGltZXN0YW1wIjoxNjM4OTE1MjY5LjI1LCJ1bml0TmFtZSI6ImJhbm5lciIsInVuaXRWYXJpYW50TG9jYWxJZCI6Miwic2NyZWVuTG9jYWxJZCI6MjEsInNjcmVlblRpdGxlIjoiU3RhcnQgY29weSIsInNjcmVlbklzTWFzdGVyIjpmYWxzZSwib2JqZWN0TG9jYWxJZCI6NTIsIm9iamVjdE5hbWUiOiJERUxJVkVST09fRU5HTElTSF8xMlNFQ09ORFNfMTkyMFgxMDgwIiwib2JqZWN0Q2xhenoiOiJWaWRlbyIsImluaXRpYXRpb25UaW1lc3RhbXAiOjE2Mzg5MTUyNjUuMDg2LCJmcm9tIjoyLjk3NDgzNSwidG8iOjMuOTc0ODU1LCJuYW1lIjoidmlkZW9QbGF5ZWRTZWdtZW50IiwibXV0ZWQiOnRydWUsImZ1bGxzY3JlZW4iOmZhbHNlLCJnYXplIjpmYWxzZX1dfQ==?crc32c=289179896
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.140.94 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-140-94.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 22:14:29 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 46ms
46ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatAdUnit1=Hellooha&zMoatAdUnit2=Homepage&wf=1&ra=3&pxm=2&sgs=3&vb=3&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=CHOUEIRIGROUPDFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-mix2djWwZ10QbMk%2BqjMratT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-5ZHC8H1EcAEJWg%3D%3D&sc=1&os=1-2Q%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&qr=0&url=https%3A%2F%2Fwww.hellooha.com%2F&pcode=choueirigroupheaderdfp445340272806&rx=439159463936&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=970&rm=1&fy=315&gp=130&zGSRC=1&gu=https%3A%2F%2Fwww.hellooha.com%2F&id=1&ii=4&f=0&j=&t=1638915262033&de=720733468038&cu=1638915262033&m=7312&ar=8ab009d7785-clean&iw=41a656a&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=130&lb=6414&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A676%3A676%3A1642%3A764&as=1&ag=5054&an=1028&gi=1&gf=5054&gg=1028&ix=5054&ic=5054&ez=1&ck=1028&kw=948&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5054&bx=1028&ci=1028&jz=948&dj=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4871&cd=948&ah=4871&am=948&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=38317631%3A727636631%3A1304154191%3A138224993577&cm=1&bo=Hellooha&bd=Homepage&gw=choueirigroupheaderdfp445340272806&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=196017&na=227115295&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.hellooha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 22:14:29 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 07 Dec 2021 22:14:29 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjM4OTE1MjY0eGQ3YWE2MmM5ZTBlYzNmeDgyNjczMTk5IiwiYWNjb3VudElkIjoiZTI3M2E4OGYiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIyMTU2NTg5OTU4Nzg5MjIxMiIsImluZGV4IjoyMSwiY2xpZW50VGltZXN0YW1wIjoxNjM4OTE1MjY5Ljc4NywidW5pdE5hbWUiOiJiYW5uZXIiLCJ1bml0VmFyaWFudExvY2FsSWQiOjIsInNjcmVlbkxvY2FsSWQiOjIxLCJzY3JlZW5UaXRsZSI6IlN0YXJ0IGNvcHkiLCJzY3JlZW5Jc01hc3RlciI6ZmFsc2UsIm9iamVjdExvY2FsSWQiOjUyLCJvYmplY3ROYW1lIjoiREVMSVZFUk9PX0VOR0xJU0hfMTJTRUNPTkRTXzE5MjBYMTA4MCIsIm9iamVjdENsYXp6IjoiVmlkZW8iLCJpbml0aWF0aW9uVGltZXN0YW1wIjoxNjM4OTE1MjY5Ljc4NywibmFtZSI6ImN1c3RvbSIsImxhYmVsIjoidmlld2VkIC0gNzUlIC0gdmlkZW8xIn1dfQ==?crc32c=1605887116
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.140.94 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-140-94.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 22:14:29 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET dt
dt.adsafeprotected.com/ Frame C2D9 0
0

GET pixel.gif
px.moatads.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.permutive.com
URL: https://api.permutive.com/adv/v2/segment?new-session=true&k=40da2992-202e-46c3-bd6d-d27455ebb9ca

Domain: ad.turn.com
URL: https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKY--RI_bVSvR9CM_1SrXVc&google_cver=1&google_push=AYg5qPIvdDh58FHL3ZsCqtaDz_Vq2KDDbvqM4jFwyk0lvo_gUttRq7oeM2-NXJUYEBAEyZbJiYhmiYqP7eyP6rVqXQvREMcxLVg

Domain: pm.w55c.net
URL: https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEE535ONjfZiZu-VH59qS7sc&google_cver=1&google_push=AYg5qPIVRHQ_Ub9fondOA9QPt2jAojCzGb5tlJXE9HO1P0N8JDbXIHnS83Eq3Bal9ScxcJiqyD0uyheUEqYtJ8xW7xCarPUButk

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu5K9HJrLwjsDygQ9lhQjfGNqnxsBngaTpuT5tosM813DjJXcztVUZHGqF-X-xTK2jH9qp2oNzpuG1tOrqWFNE47HIKiuGyAse18vLeQbJ5UfL0Rs9NNg&sai=AMfl-YSRPNHq2kn5l1J9zVm4fUW5hDBSvblFZkuB6NO4jH1le8jAiMJwgb-vGzxVJN16Jj5mOd9eWfC-o9mNJc-mBpMp4J8OU9k_e5GceMqrK7DRcoEgzgMlWCGf5VMc&sig=Cg0ArKJSzGPLAYJQ7zlDEAE&cid=CAASEuRo87e5G2I2jXhfm0Q7lDC1UA&id=lidartos&mcvt=0&p=1050,155,1654,455&mtos=0,0,0,0,323&tos=0,0,0,0,323&v=20211202&bin=7&avms=nio&bs=0,0&mc=0.25&if=1&app=0&itpl=20&adk=1030947372&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=3&r=u&rst=1638915263794&rpt=562&isd=0&lsd=0&ec=0&met=mue&wmsd=0

Domain: google2waycm.netmng.com
URL: https://google2waycm.netmng.com/cm/?google_gid=CAESEEI9J_ytV1zejYX5_RO6ozs&google_cver=1&google_push=AYg5qPK08O5uzikCnoC_ofYHXbyVX0ekJ95he0VnDSQEQerYBRX5D8j2RFpKm71-fJtZXlgPqX0QJLWICjMSmOcr-fWSNDRFc-w

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GWUQgcS1QHWyYKWmMetGfg&google_push=AYg5qPK7AD-eJn-_-OJpcZWnadXhOXyeA01__3Yz28lZ3QG8g752XuiWzqQzC5n0L7R4XyhqbI2nyyjTcKPp1-ANLQXcni-BrVsz

Domain: dt.adsafeprotected.com
URL: https://dt.adsafeprotected.com/dt?advEntityId=878020&asId=d008e117-6110-ac25-fe9d-f3eb75d93a37&tv=%7Bc:w9sFud,pingTime:5,time:5143,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:116%7D,%7Bpiv:0,vs:o,r:l,t:133%7D,%7Bpiv:60,vs:pp,r:,t:137%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:137,n:133,pp:5006,pm:0%7D,slEvents:%5B%7Bsl:n,t:116,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B23~1,0~0%5D,as:%5B23~300.250%5D%7D%7D,%7Bsl:o,t:133,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B4~0%5D,as:%5B4~300.250%5D%7D%7D,%7Bsl:pp,t:137,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:60,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5006~50%5D,as:%5B5006~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:119,fm:sQWRqqy+11%7C12%7C13%7C14.890300-58784809%7C141%7C142%7C143%7C144%7C145%7C146%7C147%7C15*.878020-58502569%7C151%7C152%7C153%7C154,idMap:15*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c

Domain: px.moatads.com
URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatAdUnit1=Hellooha&zMoatAdUnit2=Homepage&wf=1&ra=3&pxm=2&sgs=3&vb=3&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=CHOUEIRIGROUPDFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-mix2djWwZ10QbMk%2BqjMratT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-5ZHC8H1EcAEJWg%3D%3D&sc=1&os=1-2Q%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&qr=0&url=https%3A%2F%2Fwww.hellooha.com%2F&pcode=choueirigroupheaderdfp445340272806&rx=439159463936&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=2&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&rm=1&fy=155&gp=1050&zGSRC=1&gu=https%3A%2F%2Fwww.hellooha.com%2F&id=1&ii=4&f=0&j=&t=1638915262033&de=184462548680&cu=1638915262033&m=8316&ar=8ab009d7785-clean&iw=41a656a&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=1050&lb=6414&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=60&vx=60%3A-%3A-&pe=1%3A676%3A676%3A1642%3A764&as=1&ag=5180&an=1158&gf=0&gg=0&ix=0&ic=0&ez=1&ck=1158&kw=1008&aj=1&pg=60&pf=60&ib=1&cc=1&bw=5180&bx=1158&ci=1158&jz=1008&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5031&cd=1008&ah=5031&am=1008&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=38317631%3A727636631%3A1304154191%3A138237668598&cm=1&bo=Hellooha&bd=Homepage&gw=choueirigroupheaderdfp445340272806&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&tc=0&fs=196017&na=1318215112&cs=0

Verdicts & Comments Add Verdict or Comment

120 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

71 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
collector.effectivemeasure.net/beacon	1970-01-20 07:53:39	Name: c3 Value: 1
collector.effectivemeasure.net/beacon	1970-01-20 07:53:39	Name: gc Value: GB
collector.effectivemeasure.net/beacon	1970-01-20 07:53:39	Name: mb Value: 0
collector.effectivemeasure.net/beacon	1970-01-20 07:53:39	Name: dmp Value: 1638915262590
www.hellooha.com/	1970-01-19 23:15:22	Name: XSRF-TOKEN Value: eyJpdiI6IkZia0s2dnkweldcLytCSWFcL2xIUVBUQT09IiwidmFsdWUiOiI3ODNkMTViNm52aTdqQnB5M0lYRlI2S1VQU2JkWms1WXBJNExnVzZ1VmRoUzZHVWk4ZzFqQm5EcWFkMGxCaGwyVUdsZXNRQTc3bTR0dG9NRWpQU3lrdz09IiwibWFjIjoiNWI2YjVmYTZlZjZhYWViOTU3NmFhODQxOGE4YjFmYWZlYjM5MjI0NzkwNmIzZjAwY2VmYjdkNTQ0ZGFkMTA3MyJ9
www.hellooha.com/	1970-01-19 23:15:22	Name: laravel_session Value: eyJpdiI6IlVxT2x0dk9WVkUxd2QycEs1OHdSXC9BPT0iLCJ2YWx1ZSI6IncyYjVpbjZRTlBwNmxrZ3BFNUpNMWR5dFwvVmZHNWVOTUpRZ1M5UW9QZmZHcWNVUWdRelwvcXRva1V2OUNKckVvdjJoWlJcL0VCOHQzUnVMYit1MGdScG1BPT0iLCJtYWMiOiIzZDE3NTJiOTlkZDgwOTRjY2RhNWYzMDhlMTM2NmYwYzQ3ZmVlMzkyMWY2ZjNiMjRmZDI2NTFkMWY0NTdhMWJhIn0%3D
www.hellooha.com/	1970-01-20 08:00:51	Name: uuid Value: eyJpdiI6ImhVRXE3Qlg2cEEwdnlUcDdUVHNZWnc9PSIsInZhbHVlIjoiZDVkbHdkV09xUklWOVwvQUtqblR5VW9NOW9tV2ZWVzFcL25jTXJGN1NcLzRBYXN2WjFZbkJibThtNWZ3M2RiNlh4aiIsIm1hYyI6Ijc2NDA2YTUzMDA1YjZhMGI0MGE1NzY5MTYyZWJkYzE2NDJhNTU4ZjMyYjNmNjA3MzFlODgzM2U0MzBjYmM5NjMifQ%3D%3D
www.hellooha.com/	1970-01-19 23:18:08	Name: country Value: eyJpdiI6InRcLzlmbDE4RkpIZW5zQ3h3VjRObHRBPT0iLCJ2YWx1ZSI6Ilp2Y0dPdFgxWkdJMW1hd3hiTGNQc2c9PSIsIm1hYyI6ImYwNzhkNzA5Njc5NjU3NWE3YjFjZDM5MjQ4ZDY2NDVkYzAyMDgxNWFiMjBlYWEyNDRjNDZjMDQyODgzMjliMmYifQ%3D%3D
.hellooha.com/	1970-01-20 16:46:27	Name: _ga Value: GA1.2.552757844.1638915262
.hellooha.com/	1970-01-19 23:16:41	Name: _gid Value: GA1.2.1739514437.1638915262
.hellooha.com/	1970-01-19 23:15:15	Name: _gat_gtag_UA_68314828_1 Value: 1
collector.effectivemeasure.net/	1970-01-20 07:53:39	Name: vt Value: ab7dea75-a0ee-4c19-8bfd-cf106cc952fc-17d96f64795-b8bdfd81
.hellooha.com/	1970-01-20 07:53:39	Name: _em_vt Value: ab7dea75-a0ee-4c19-8bfd-cf106cc952fc-17d96f64795-b8bdfd81
.hellooha.com/	1970-01-19 23:15:17	Name: _em_c3 Value: 1
.hellooha.com/	1970-01-19 23:15:17	Name: _em_vi Value: 857a082b-61b6-48fe-9a39-ec32e52ecd25-17d96f647ae-dcfaf036
.hellooha.com/	1970-01-19 23:15:17	Name: _em_lt Value: 1638915262382
.hellooha.com/	1970-01-19 23:15:17	Name: _em_ft Value: 1638915262382
.hellooha.com/	1970-01-19 23:15:17	Name: _em_pc Value: 1
.hellooha.com/	1970-01-21 01:33:29	Name: permutive-id Value: 562f6df1-a7b0-42fe-9168-ad796040ed61
.hellooha.com/	1970-01-21 01:33:29	Name: permutive-session Value: %7B%22session_id%22%3A%226a4fe3b7-3d42-497c-bfa3-cd570c199a9a%22%2C%22last_updated%22%3A%222021-12-07T22%3A14%3A22.553Z%22%7D
.hellooha.com/	1970-01-20 07:53:39	Name: _em_gc Value: GB
.hellooha.com/	1970-01-20 07:53:39	Name: _em_mb Value: 0
.hellooha.com/	1970-01-20 07:53:39	Name: _em_dmp Value: 1638915262590
.f3a06674-ebb9-4b9d-ba8f-0052018c0687.prmutv.co/	1970-01-20 01:24:51	Name: pxid Value: ead724cb-d84f-4937-8917-8a7796b7ac88
.adsrvr.org/	1970-01-20 08:00:51	Name: TDID Value: f852fa78-4ad4-408c-b09f-5539399c9f15
.krxd.net/	1970-01-20 03:34:27	Name: _kuid_ Value: Ohvnuj_j
.adform.net/	1970-01-19 23:59:53	Name: C Value: 1
.mathtag.com/	1970-01-20 08:41:10	Name: uuid Value: b0e561af-dcbe-4700-a865-553fe50c78fd
.id5-sync.com/	1970-01-19 23:15:15	Name: cf Value:
.id5-sync.com/	1970-01-19 23:15:15	Name: cip Value:
.id5-sync.com/	1970-01-19 23:15:15	Name: cnac Value:
.id5-sync.com/	1970-01-19 23:15:15	Name: car Value:
.id5-sync.com/	1970-01-19 23:15:15	Name: gdpr Value:
.id5-sync.com/	1970-01-19 23:15:15	Name: callback Value:
.adform.net/	1970-01-20 00:41:39	Name: uid Value: 7974635588630739833
.crwdcntrl.net/	1970-01-20 05:44:02	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 05:44:02	Name: _cc_id Value: b53d38afb17da9461733db0521eef12f
.crwdcntrl.net/	1970-01-20 05:44:03	Name: _cc_cc Value: "ACZ4XmNQSDI1TjG2SExLMjRPSbQ0MTM0NzZOSTIwNTJMTU0zNEpjAILE9Xf2gWgoAABmlQuy"
.crwdcntrl.net/	1970-01-20 05:44:03	Name: _cc_aud Value: "ABR4XmNgYGBIXH9nH5CCAgAgvQKr"
.doubleclick.net/	1970-01-20 08:36:51	Name: IDE Value: AHWqTUkLCDEiws8Je9dfBD1MmKh2P6m53_R3_m5JYuig-_8su-CEoKb84J7hco2sTKI
.adsrvr.org/	1970-01-20 08:00:51	Name: TDCPM Value: CAEYASABKAIyCwiCtJr3tPacOhAFOAFaB2RiZWdwcGNgAg..
.ccgateway.net/	1970-01-20 00:41:39	Name: ccuid Value: 67667aaf-590e-4c47-afb4-0c07f385fb25
.ccgateway.net/	1970-01-20 00:41:39	Name: ccsyn_narratiive-syndication_puid Value: ab7dea75-a0ee-4c19-8bfd-cf106cc952fc
.ccgateway.net/	1970-01-20 00:41:39	Name: ccsyn_narratiive-syndication_puid_b64 Value: YWI3ZGVhNzUtYTBlZS00YzE5LThiZmQtY2YxMDZjYzk1MmZj
.hellooha.com/	1970-01-19 23:15:17	Name: _em_scf Value: []
.tagger.opecloud.com/	1970-01-20 08:00:51	Name: ope_uid Value: 2-IVb2rsbM4iTqxl2HXkZs/ykfgLIXp2cG6troqIIpA2jgNVHm0KyuxS+Whw8o3ma7WPJJYQ==
.hellooha.com/	1970-01-20 08:36:51	Name: __gads Value: ID=971a67e560b2f646:T=1638915263:S=ALNI_MYJVDlJYOc-iJ-Ix6o48XYbk-0KOw
.adnxs.com/	1970-01-20 01:24:51	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Hbxv?6dI!@wnfH8K6pQK`!5=E<L5?%KF3[Qv]A3jti+6]UleipA5w-7>Ck<eJwSr#`%nugO%v4VB%nn@2)yJ?I
.casalemedia.com/	1970-01-20 01:24:51	Name: CMPS Value: 699
.adnxs.com/	1970-01-20 01:24:51	Name: uuid2 Value: 860126081104488397
.yahoo.com/	1970-01-20 08:01:12	Name: A3 Value: d=AQABBMDcr2ECEBD9oo7X_czBAcENAZg1bOgFEgEBAQEusWG5YQAAAAAA_SMAAA&S=AQAAAkk53naAXYs2r_0IOuiPoKo
.bidswitch.net/	1970-01-20 08:00:51	Name: tuuid Value: a5770a80-e63c-4c69-b134-1fb3c2ef6624
.bidswitch.net/	1970-01-20 08:00:51	Name: c Value: 1638915264
.bidswitch.net/	1970-01-20 08:00:51	Name: tuuid_lu Value: 1638915264
.casalemedia.com/	1970-01-19 23:16:41	Name: CMST Value: Ya-cwGGv3MAA
.casalemedia.com/	1970-01-20 08:00:51	Name: CMRUM3 Value: 2d61afdcc02760CAESEEYgyV6qxQensXtd9SicDX0
.casalemedia.com/	1970-01-20 08:00:51	Name: CMID Value: Ya-cwKVADXnAMHABSkHzTwAA
.casalemedia.com/	1970-01-20 01:24:51	Name: CMPRO Value: 694
.mathtag.com/	1970-01-19 23:58:27	Name: mt_mop Value: 4:1638915264
.volvelle.tech/	1970-01-20 08:00:51	Name: ouuid Value: 489d4e93-a2bf-4e6e-9e67-6fe1220cc7be
.volvelle.tech/	1970-01-20 08:00:51	Name: c Value: 1638915264
.volvelle.tech/	1970-01-20 08:00:51	Name: ouuid_lu Value: 1638915264
.w55c.net/	1970-01-20 08:45:29	Name: wfivefivec Value: rJXJKeLP1MUIJa5
.w55c.net/	1970-01-19 23:58:27	Name: matchgoogle Value: 5
.ctnsnet.com/	1970-01-20 08:00:51	Name: cid_d6de2e2097b64708accf6753c4cd4b3a Value: 1
.360yield.com/	1970-01-20 01:24:51	Name: tuuid Value: 19651081-c4b5-4075-b260-a5a631eb467e
.360yield.com/	1970-01-20 01:24:51	Name: tuuid_lu Value: 1638915265
.m6r.eu/	1970-01-19 23:15:18	Name: test Value: true
.m6r.eu/	1970-01-20 01:24:51	Name: cct Value: 1638915265577
.m6r.eu/	1970-01-20 01:24:51	Name: id Value: 0b3c212fb42506ac94ccd7759ca747cb
.tribalfusion.com/	1970-01-20 01:24:51	Name: ANON_ID Value: annseFoZdUQcR2Hp9vcgkntJGEs2HmWltih5EMHR7Y2BfBPyiZd7qqW3NNxnJ0JyxKdCRbN30GxoN0QApQwBIp

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GWUQgcS1QHWyYKWmMetGfg&google_push=AYg5qPK7AD-eJn-_-OJpcZWnadXhOXyeA01__3Yz28lZ3QG8g752XuiWzqQzC5n0L7R4XyhqbI2nyyjTcKPp1-ANLQXcni-BrVsz Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=16070400; includeSubdomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9eaac60ab1bfe44f9cec69a2906e2cfb.safeframe.googlesyndication.com
a.tribalfusion.com
a.volvelle.tech
ad.doubleclick.net
ad.turn.com
ads.celtra.com
adservice.google.co.uk
adservice.google.com
ae-gmtdmp.mookie1.com
api.permutive.com
bcp.crwdcntrl.net
beacon.krxd.net
c.evidon.com
cache-ssl.celtra.com
cdn.permutive.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
collector.effectivemeasure.net
dclk-match.dotomi.com
detect-survey.effectivemeasure.net
dmp.adform.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eus-api.ccgateway.net
f3a06674-ebb9-4b9d-ba8f-0052018c0687.prmutv.co
fw.adsafeprotected.com
gcm.ctnsnet.com
google2waycm.netmng.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
id5-sync.com
l.evidon.com
match.adsrvr.org
mb.moatads.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.adsafeprotected.com
pixel.mathtag.com
pm.w55c.net
pr-bh.ybp.yahoo.com
px.moatads.com
rtb.openx.net
s.tribalfusion.com
s0.2mdn.net
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
static.adsafeprotected.com
static.hellooha.com
stats.g.doubleclick.net
survey.effectivemeasure.net
sync.mathtag.com
sync.teads.tv
t.effectivemeasure.net
tagger.opecloud.com
tpc.googlesyndication.com
track.celtra.com
tracking.m6r.eu
us-u.openx.net
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.hellooha.com
x.bidswitch.net
z.moatads.com
ad.turn.com
api.permutive.com
cm.g.doubleclick.net
dt.adsafeprotected.com
google2waycm.netmng.com
pagead2.googlesyndication.com
pm.w55c.net
px.moatads.com
104.111.242.245
104.111.244.187
104.19.150.54
141.95.3.9
142.250.184.198
142.250.185.194
142.250.186.130
142.250.186.66
15.197.193.217
18.195.140.94
18.198.153.20
18.207.27.110
18.66.112.43
18.66.97.6
184.30.20.207
185.29.134.248
185.86.139.104
2.18.234.21
2.18.235.40
2600:9000:223f:7800:8:48e:53c0:93a1
2600:9000:2251:dc00:1f:612c:5a80:93a1
2606:4700::6810:135e
2606:4700::6812:c05
2a00:1450:4001:803::2003
2a00:1450:4001:809::2004
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:811::2006
2a00:1450:4001:812::2002
2a00:1450:4001:813::2001
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2008
2a00:1450:400c:c07::9b
2a02:fa8:8806:12::1400
2a05:d018:d29:3601:f9a2:1d20:7db2:a370
3.124.200.54
3.64.158.25
34.107.254.252
34.250.155.46
34.252.133.182
34.98.64.218
35.186.193.173
35.186.238.175
35.210.178.101
35.227.252.103
35.241.9.51
37.157.6.247
37.252.172.123
44.236.75.167
46.101.17.77
50.17.87.205
52.30.140.199
52.91.215.149
54.154.13.77
54.161.40.243
54.170.178.48
66.155.71.149
72.251.244.140
89.187.169.47
006a1eff210eb25f0f507a80b6c2606176ddf86009acadb0472464f7c4778335
0172a68e22818fc61f3acff8b00a981e21529ff5e708f5ee3482d3e1c28c2467
069d489c02fcb6c54e9846ea7bc5e4ecfb3214816740a1c52a4404e34b3a9897
09eb634aba71065813950316a4f1bcd90f6846f08c00867fac09987699fe4e11
0b227c9f991c4d79ad561ac5991e551af4eb4130cec962c6358f19831b02a111
0b3b6737f2378f74bf570546886f61683154a325750dac18e96342063909ce6b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f43d2a052e5fbbd13accee33c3f5f7e4a58012cc0d389f9ffe6d48fb390c025
102ea9c42972ee0c0a4d89fba1ed40b0908e78835246facddd9eccdf6b931a6a
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12ba8a7852f4c6bdd4877200026ca81def312fa10d993d5ad58c9391e7d1fd20
1354c5bb5d2103aacfb1e58c355cb34045f542bd79bb146d1df1829b9370d6c4
1493f5a2d0198e8f0611dbd2fac2ddbd7a036f68451f793ed4c24dbd3b6b40c9
1732be15d4d13843321771eb3d44a3d2ebf2751e4334ef000f051c58caa1dece
1c5e58dd093b3c02e864c4434006e882e914c86b4279e4de4f288b797d5aeff7
1d6242130c995f7a7f0e58c20b53771114569cd61a2d4b71b869afa4224d5867
1d6c5a324055af971d59fb264c403945dad5d1510c0994f12c429d982cca2ed7
1f8409426ca82dfe9d9671da680ca01cdda490796fad1ac4502fb7159409db47
21b9f5c85149272e89310e9bc515a4b09bc41f2190f3a6d12355f98d51d11386
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
255d7536bc23ccf8c9daaffa1e8985fad893b4a6e879989d4a743cef3a14a234
28277814cf8060f9fe40684129799beca6dc209f3b04c72ccde70b93c6c5c15b
28c3d92e95cacf860845a870498047d50fb7589d3f8bcf646d87b6b49cf31b5f
2d1fc4f6bc371a811750f097f91d1f168b5985ce5257d456522b1b2572b4bcde
2da3cec06fc8ccae40077ed49d5eb86f550a110d914ee611611ba688f0fd610c
2dba4e5bf9e449b681b2da922fa4bcb98cd480826c80be8039a962945513061c
313a203478fe480c297a51680c416cf3caa929b1de38b8a25e0a6a704ec30850
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
338c37a4c6d02f3fbb563a6915e79d1f5385e34e05bd4eb4a67c71aa47afda4b
3455287c571dc23b212528cae63899e44e2d261d864cfff21040eb46d1962f44
34d9d24af4509b05f1446f40d4d25c94d8177c12c3c9991fc69d3f84dbd823a0
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
38b5979ff6a50eb5a6f384fc44b2766ed3edd57bb146cd90bc2d4a8867d2311f
39eeaa90542f92247d65526135959d9ff07c3a1671298dfc1ad4a55c2b4b5f02
3b0390a8e6a14fe0a45056715e965cfe921c3a13f2161d76539610a211e0660a
3b933069cd1c2fb5812b4e94c0509fee884b7b51666447ea1102428029b49132
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3c2dcf18a31a3c6e2d63609579d9083eeff184559b33f1102558997283948289
3d3a43a30c22a50e8369417ee578f24105f590dc823b5757923b48336095aa1f
3eac71d92628867edca73b7a13b855bd454e13b04291e7c47717b39876b49cee
3f510f46a5ed1d420f473581bf8008d4c70f6a8f9361a3b3dca7c9e05f47699b
3fbcb9760313b13bb167692e57ff16cc9097e23a59b11129ceed6e475af5a7f5
3fc3c26e0a799d6674c02f8fbd9f97f6017e535612826ccc3466372dc1c8febb
428ed4d04e8d5fbd85d11656692c4eeed02456c536f1cf241c0c394bf168d3ff
43078449b705c074a3f41dd87e8086f4bcfe21912037c31fe80f9ff4a9607723
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44d9484c6e02e2d8f4b47c5f5afe29a8db586e4af0bb7ad13d9a3a04d713bbcd
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b7ca476bbd6754bf6111aeb860dc7d3d51c4b62291c0d068b90a1fa38553c96
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5050d9f2c0b9a52a4aa0e670d89dc2f8d9bd5ed8ed7089fbeb554f0385dcf08c
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50f83d97c52eddd1a6be35ca63b5163b19f32b2bc17e046fb60d8de3fb5547c8
514f958441b8942483ecc4f02d0f0916a0bb0eb25a81b39c8dd9820930986c65
51c4b27f52bb850ae843d8dc1f64a215a8fde17e8b1df9f2e2da64ad853e66b0
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57b564118d70fa2d621e923e0e7a8542726a3ee4073ce055ef1f809ee090becf
59c753ebd1c308c85bfe35b8480e1bd2743c23f32db6001f3895cf8ffe57dcea
5b9bb6fcdb235c80a13f761ef0dca7d8aa5ffb1e265698735b7f3b25d73def74
5d0b6c627a9041558a937fa750d04ca293cca97512a105dc920a14f23bf463e4
5f6e99e27c7f34214e180997bd5b855499bac6a10e54b0feec8c81bfe61923ae
5fcfe06b81454efc92ed422981e0449737fb0530c6270aba47c20642688d0153
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61cd8cf1888939b4ec5e6413135fe11d628891db9c8484b58e54a2c69f39d2d8
635b6ad86ecdd1177433a2194124586d1cacb118a7baaf14d16335345d5ffe4a
6610f6e5ebf811f47e5c53f5f536df0e8f431dc31af4618cd5c0e53ef5443374
6666c51526800383f1216019d51afcf30b5d58a18d9af1267f7bffa32607746b
6a3c2f9bb5a084e1185c2e3281310cc083ab0afb467db53d468b95b4a32bd357
6a8272dba4ea90364c5b576afdc8b987d4effdbc1bb57592c385aaff15b83dc6
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b07c9f6e79629bfca1b3f0d6977a8763197613c9c2b2fe52befa2cfd596bf76
6b08313f5f932e0f6b078523ba7e18180f2e38994ca09f0dfb706845a56f8e6b
6d09a77e4b577c4b009003c1c21a40d3cbe2254e432763483c1046097f3189e3
703698fdddee88c290aad95747206c6aba8ad651f68172d2d52feedca0456d09
7051f61bc57372c581e289e3a6f5ec3c785785ed1af632f3c8dc3c7afac037ce
708d3501acd852feff74783cada1cab94685283511647116980645755be175ed
799d10827528c1cf1c199537b65f470d307f04b5bd5f807155fcef877b09b109
7cd3ecefc59b25e80c72ced6538e4c62a2b7c286f6dc9eb77d708ca5ec145ff8
7f1d8fef6b4a62e4ae29802a2673ef905726c57e4ec910bd8f389f7eb5950259
82a3eec8fdbeb0cd337c747f4df28a593bacbb8e93690825d5abef75397f53b1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
863b4141689c4d33af87fccdd7d78b16cd0d6c185295619848fbb6a56e5a91af
8744f3b475abf639dfbc3cdd7ce3244aded872954a2b12ddd1241cf860d5e74c
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
8937d691335c724e00112aa7715c3d801b29df4218e674aa9935fcd1183c7f4e
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90e96b8ddeddfd57732f5a8da1654a24c24e10692703d3cbaa203ba9164b1c0f
913adb2f13139e1370f47474f3dade8eb88d7c0ced5c74f342ee41512526ad4d
938c77a89e7d38efbff80ca2324b5191f90c6d790c247e0aabaae93bd62a7763
947dd8624842a892adc7ecc70ec3270e5792bb3cc509dd1ff5720f2f8fe66419
950711f3f17b6e5cccc28117a6e8116960741883e1b06785d7d08ccc49f53b52
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c1990b37f19dbb6c09ae48b116c19839cfd9e4fd1a81ea7bf59a1f57ce2c3dd
9c509edb379d3eada4a7caf20512ab3d103e2bde38468ba2a1bba9b18c983821
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9e8eb64b088eacae47e85f5850612710c9b2dab0baef130f73c66760a74e62de
9f71f8d5bc1e5c201feedabcdecb23afc8ebe4bc8975585ef595dca0ef1c4472
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2a312366d18edca2c0b52242426d2d4bbc933707d663d93abad85e37307711f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5c4a1a198b34c336ca076ffe0dd5a6f4d03f987e9d89dc0a3ef98b6a7517f73
a6bbccc6e22f2795fcec47e583922a5286616c877fd47eb30fd9e464dc2e453c
a700d90af1780555383a5e787bdc0243b008b8612d1a1bf2d98e91cc7b7cfb47
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8b37af5843e5e9f7556508dc4a077ac38499de81a0613f3e4c7d86f9282936c
ad7b7eabbb7dd29070caadc54220c06c87e94ddb0fcfb49cb3516ea48f5bd3d4
aec41abbc53ceebe8c5bf8d3da1b6e84f90e56d78afd94629f332810bc5ba7ee
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bc9399a1d9cf60902f99fc281b1f891001e088e5da2a9eabd80b989a693f0bd2
bcc59c24f224637485430ab6f1d50211c138e28743791a3326390e5b95f6aae9
bce310764472b2e43072d99c42ba6777ecb21e465a5aac05b37765d40cf76194
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
be1c4031c965bdf06827008cc018d79cbed689468cd9be0e6810a56a5f6617d7
c1e8b47c62be8435dd301fcc7e857f2ea2a88bfb518314fc8bf37b8b979693a4
c448c85c8b2ff2ee8bf39a9427dceef66b7f1af4b640629205c5aee61b63ead7
c45a7b49c14477cd160a83d4ee1fb8c311e12314e042d0647c68bec62f16fe29
c73212e269758faca86d4ac4a386b66d0a418246825789e5ca3ee424d60ef8dc
c7c3fb4e0527ee1610bb0852749cb6d8ce64690ba77959fcd4b509758142f34a
ca7f2218d408268d0c08f681b915618f030da7f9df122c697d337e19ca0dbf4d
cbc5b9894f80ac765e8317b989cce90177626a3755694ea1974012a90be359f8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d23ae748bb370a97419498032c3ba90aecc243f740b3232d8d046ab66d1b112b
d24a88cfa081080ac8df23079b26c3d03e2e1ea2647d26918a8323fd840c48b4
d26432e661658ef9d3d538b1f71b1478193f6c141f1cd7dfed03e5b677d178c2
d3ca16c048159adcb31851ab53a2524ef8e292838603faa80579372979a239d7
d78372c3bf23738c6fe75d55a1b4f4bb81f2f3722914465ec23b717db0dae7a7
dc020ca98a332e1411c455aaa418d5dfef652a20aac8218b54180f86c671f2f0
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e05e9d751ebce3fd641e75682d5e4d3f859ced382c0a6190ae5679d2e6681756
e127dce391c5b30b9f8027fc7d0097db662ce9c6af8eef63207ffe4a1432b55d
e141b13f6023856285675982eb34b170be06bfd56b993953015ba767c508298e
e1da79f0cd28e3a3f17ff863d07deaac24ecf1ff02c39079c3d38fd3d67d204f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5f119b6c96dbd530e087dd4f9b5ad0ed3ef0ee8dec6b1e450194471db792230
e8f2518027c7b59b052a5455c4b0f636e057e2f9e2b89859477582e2e46cdbbd
e9b3026971af721ac33eaed992249c8742270e0978597284778f6cf94d1df955
eae6794dde8bff3425b5650d9f4e9da15103d1eb6beee4d4e9640be338f568fb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f344276798df9aa1d360681b2647403f0b0f78ca1c9b974d6b5e287d0739154d
f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a
f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4
fc78cc7e95dee919cbfc30192b760125632f16d780af5bd3ac71744605ddcf77

www.hellooha.com Open in urlscan Pro 46.101.17.77 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

299 Requests

87 %HTTPS

31 %IPv6

42 Domains

67 Subdomains

52 IPs

10 Countries

3425 kBTransfer

9930 kBSize

71 Cookies

6 Outgoing links

Page URL History

Redirected requests

299 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.hellooha.com Open in urlscan Pro
46.101.17.77 Public Scan

Screenshot
Live screenshot

Full Image

299
Requests

87 %
HTTPS

31 %
IPv6

42
Domains

67
Subdomains

52
IPs

10
Countries

3425 kB
Transfer

9930 kB
Size

71
Cookies

299 HTTP transactions
4 data transactions