flamingtext.com Open in urlscan Pro
198.50.158.213  Public Scan

19 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 106

• https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=131&external_user_id=18072662294449567987&cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D&cm_dsp_id=131&external_user_id=18072662294449567987&C=1 HTTP 302
• https://a.tribalfusion.com/i.match?p=b20&u=YtbDZgYSRtJXVTYd3cmwOQAA

Request Chain 107

• https://a.tribalfusion.com/i.match?p=b10&u=18072662294449567987&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180 HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662294449567987&expires=180

Request Chain 108

• https://tags.bluekai.com/site/4229?id=18072662294449567987&redir=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db3%26u%3D%24_BK_UUID HTTP 302
• https://a.tribalfusion.com/i.match?p=b3&u=$_BK_UUID

Request Chain 109

• https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662294449567987&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID HTTP 302
• https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662294449567987&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID&__user_check__=1&sync_id=5a034ea4-0771-11ed-89f3-111ef7a20303 HTTP 302
• https://a.tribalfusion.com/i.match?p=b19&u=5a034e49-0771-11ed-89f3-111ef7a20303

Request Chain 110

• https://aa.agkn.com/adscores/g.pixel?sid=9212295768&_puid=18072662294449567987 HTTP 302
• https://a.tribalfusion.com/i.match?p=b23&u=214120604217006607743

Request Chain 111

• https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662294449567987&_origin=1&redir=true HTTP 302
• https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662294449567987&_origin=1&redir=true&verify=true HTTP 302
• https://a.tribalfusion.com/i.match?p=b17&u=y-tSNUbU1E2uh_BDbC8VTRgTpolhtGUNU-~A

Request Chain 112

• https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662294449567987 HTTP 302
• https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEPZ0dl3u_6lQ1rIDLeHhMJk&google_cver=1&google_ula=2786954,0

Request Chain 113

• https://dpm.demdex.net/ibs:dpid=22054&dpuuid=18072662294449567987&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D HTTP 302
• https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22054&dpuuid=18072662294449567987&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D HTTP 302
• https://a.tribalfusion.com/i.match?p=b13&u=41499967723830184694135675742179807635

Request Chain 114

• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D18072662294449567987%2526r%253Dhttps%25253A//a.tribalfusion.com/i.match%25253Fp%25253Db11%252526u%25253D%252524%25257BPUBMATIC_UID%25257D HTTP 302
• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D18072662294449567987%2526r%253Dhttps%25253A//a.tribalfusion.com/i.match%25253Fp%25253Db11%252526u%25253D%252524%25257BPUBMATIC_UID%25257D&rdf=1 HTTP 302
• https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw&piggybackCookie=18072662294449567987&r=https%3A//a.tribalfusion.com/i.match%3Fp%3Db11%26u%3D%24%7BPUBMATIC_UID%7D HTTP 302
• https://a.tribalfusion.com/i.match?p=b11&u=7FEBC0A9-B37F-4C71-9B16-DAA689D3F215

Request Chain 162

• https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537141727%2526val%253D%2524TF_USER_ID_ENC%2524%26u%3D HTTP 302
• https://us-u.openx.net/w/1.0/cm?cc=1&id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537141727%2526val%253D%2524TF_USER_ID_ENC%2524%26u%3D HTTP 302
• https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=dd4ebdb2-ed11-45db-ab96-68e0f29bd8ca HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662294449567987

Request Chain 163

• https://a.tribalfusion.com/i.match?p=b22&u=18072662294449567987&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24 HTTP 302
• https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662294449567987

Request Chain 164

• https://a.tribalfusion.com/i.match?p=b24&u=18072662294449567987&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24 HTTP 302
• https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662294449567987

178 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response flamingtext.com/	53 KB 14 KB	67ms 18ms	Document text/html	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Full URL https://flamingtext.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash e1bd464ed1065dc604316867d6e1265b9d49d47e9df42d39538a5111067bbbdb Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers access-control-allow-origin * content-encoding gzip content-type text/html;charset=UTF-8 date Tue, 19 Jul 2022 14:44:52 GMT server nginx/1.20.2
GET H2	200	ft-nib-text-80.png cdn1.ftimg.com/images/	6 KB 6 KB	69ms 18ms	Image image/png	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.ftimg.com/images/ft-nib-text-80.png Requested by Host: flamingtext.com URL: https://flamingtext.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash dac7016b9e04b66c8d0cbb94a80d9b01cd07bf4470d675fb0cb5f01bb7cedd1b Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:52 GMT last-modified Sat, 14 Aug 2021 08:51:18 GMT server nginx/1.20.2 etag "61178406-1708" content-type image/png access-control-allow-origin * cache-control max-age=31622400 accept-ranges bytes content-length 5896 expires Thu, 20 Jul 2023 14:44:52 GMT
GET H2	200	hamburger-grey-25x20.png cdn1.ftimg.com/images/	200 B 402 B	69ms 18ms	Image image/png	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.ftimg.com/images/hamburger-grey-25x20.png Requested by Host: flamingtext.com URL: https://flamingtext.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash 8952e62b7efc6563ac4d4afe8e09b57cad8b498c34b6f838b2fe3495b7fa26f5 Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:52 GMT last-modified Sat, 14 Aug 2021 08:51:18 GMT server nginx/1.20.2 etag "61178406-c8" content-type image/png access-control-allow-origin * cache-control max-age=31622400 accept-ranges bytes content-length 200 expires Thu, 20 Jul 2023 14:44:52 GMT
GET H2	200	spinner-240x120.gif cdn1.ftimg.com/images/	5 KB 5 KB	49ms 19ms	Image image/gif	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.ftimg.com/images/spinner-240x120.gif Requested by Host: flamingtext.com URL: https://flamingtext.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash bcc8793b8528c17c0190221b2ec11f7f3469949294b33e562da16ab73b1f142e Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:52 GMT last-modified Sat, 14 Aug 2021 08:51:19 GMT server nginx/1.20.2 etag "61178407-136e" content-type image/gif access-control-allow-origin * cache-control max-age=31622400 accept-ranges bytes content-length 4974 expires Thu, 20 Jul 2023 14:44:52 GMT
GET H2	200	x.gif cdn1.ftimg.com/images/	43 B 244 B	50ms 21ms	Image image/gif	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.ftimg.com/images/x.gif Requested by Host: flamingtext.com URL: https://flamingtext.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:52 GMT last-modified Sat, 14 Aug 2021 08:51:19 GMT server nginx/1.20.2 etag "61178407-2b" content-type image/gif access-control-allow-origin * cache-control max-age=31622400 accept-ranges bytes content-length 43 expires Thu, 20 Jul 2023 14:44:52 GMT
GET H2	200	ft-878.min.css cdn1.ftimg.com/css/	33 KB 9 KB	46ms 16ms	Stylesheet text/css	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Full URL https://cdn1.ftimg.com/css/ft-878.min.css Requested by Host: flamingtext.com URL: https://flamingtext.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash 2028e7c327da843afee4ef93a9a3f850f9b353062f3681413d052f739e1934c5 Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:52 GMT content-encoding gzip last-modified Sat, 02 Jul 2022 09:15:47 GMT server nginx/1.20.2 etag W/"62c00cc3-8397" content-type text/css access-control-allow-origin * cache-control max-age=31622400 expires Thu, 20 Jul 2023 14:44:52 GMT
GET H2	200	pagination-878.min.css cdn1.ftimg.com/css/	2 KB 995 B	50ms 20ms	Stylesheet text/css	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Full URL https://cdn1.ftimg.com/css/pagination-878.min.css Requested by Host: flamingtext.com URL: https://flamingtext.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash 888943b55caa19cde025a1d30dc22b6ecb839171158a10127f631fc240150bab Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:52 GMT content-encoding gzip last-modified Sat, 02 Jul 2022 09:15:50 GMT server nginx/1.20.2 etag W/"62c00cc6-7c7" content-type text/css access-control-allow-origin * cache-control max-age=31622400 expires Thu, 20 Jul 2023 14:44:52 GMT
GET H2	200	ftnew2-en_US-878.min.js Show response cdn1.ftimg.com/js/	216 KB 77 KB	14ms 13ms	Script application/javascript	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Full URL https://cdn1.ftimg.com/js/ftnew2-en_US-878.min.js Requested by Host: flamingtext.com URL: https://flamingtext.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash 5d7d2ef87dfa1bdf426fccc9a266da8e9a155cd2e5fee68030dfcc6b29d4f00b Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:52 GMT content-encoding gzip last-modified Sat, 02 Jul 2022 09:17:27 GMT server nginx/1.20.2 etag W/"62c00d27-36081" content-type application/javascript access-control-allow-origin * cache-control max-age=31622400 expires Thu, 20 Jul 2023 14:44:52 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	66ms 19ms	Script text/javascript	2607:f8b0:4006:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: flamingtext.com URL: https://flamingtext.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80b::200e New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Apr 2022 21:02:38 GMT server Golfe2 age 6151 date Tue, 19 Jul 2022 13:02:21 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Tue, 19 Jul 2022 15:02:21 GMT
GET H2	200	analytics.js Show response www.stat-bot.com/js/	8 KB 3 KB	62ms 9ms	Script application/javascript	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Full URL https://www.stat-bot.com/js/analytics.js Requested by Host: flamingtext.com URL: https://flamingtext.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash 827682e74a2a691014970536e1b59cf775cad0d859c274c34823a41fa717b521 Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma public date Tue, 19 Jul 2022 14:44:52 GMT content-encoding gzip last-modified Sat, 02 Jul 2022 09:19:13 GMT server nginx/1.20.2 etag W/"62c00d91-1f7e" content-type application/javascript cache-control max-age=31622400, public expires Thu, 20 Jul 2023 14:44:52 GMT
GET H2	200	ftsprite-878.png flamingtext.com/images/	13 KB 13 KB	12ms 10ms	Image image/png	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://flamingtext.com/images/ftsprite-878.png Requested by Host: flamingtext.com URL: https://flamingtext.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash 7371b2cfca408cc86acc5e66d4909dc330bbed15fc3f34f6b6a53044e908e3e3 Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:52 GMT last-modified Sat, 02 Jul 2022 09:15:46 GMT server nginx/1.20.2 content-type image/png cache-control max-age=31622400, public accept-ranges bytes content-length 13268 expires Thu, 20 Jul 2023 14:44:52 GMT
GET H2	200	ft-flags-sprite.png cdn1.ftimg.com/images/	3 KB 3 KB	13ms 13ms	Image image/png	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.ftimg.com/images/ft-flags-sprite.png Requested by Host: cdn1.ftimg.com URL: https://cdn1.ftimg.com/css/ft-878.min.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash a93648a598766273e060586f1e2870fb3211c0a08aa339dfaf8eadaf08e62ea7 Request headers accept-language en-CA,en;q=0.9 Referer https://cdn1.ftimg.com/css/ft-878.min.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:52 GMT last-modified Sat, 14 Aug 2021 08:51:18 GMT server nginx/1.20.2 etag "61178406-b8f" content-type image/png access-control-allow-origin * cache-control max-age=31622400 accept-ranges bytes content-length 2959 expires Thu, 20 Jul 2023 14:44:52 GMT
GET H2	200	ftsprite-878.png cdn1.ftimg.com/images/	13 KB 13 KB	14ms 14ms	Image image/png	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.ftimg.com/images/ftsprite-878.png Requested by Host: cdn1.ftimg.com URL: https://cdn1.ftimg.com/css/ft-878.min.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash 7371b2cfca408cc86acc5e66d4909dc330bbed15fc3f34f6b6a53044e908e3e3 Request headers accept-language en-CA,en;q=0.9 Referer https://cdn1.ftimg.com/css/ft-878.min.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:52 GMT last-modified Sat, 02 Jul 2022 09:15:46 GMT server nginx/1.20.2 etag "62c00cc2-33d4" content-type image/png access-control-allow-origin * cache-control max-age=31622400 accept-ranges bytes content-length 13268 expires Thu, 20 Jul 2023 14:44:52 GMT
GET H2	200	ft-ico-font-1.ttf cdn1.ftimg.com/fonts/ft-ico-font/	2 KB 3 KB	30ms 9ms	Font application/octet-stream	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Full URL https://cdn1.ftimg.com/fonts/ft-ico-font/ft-ico-font-1.ttf?u9nwlh Requested by Host: cdn1.ftimg.com URL: https://cdn1.ftimg.com/css/ft-878.min.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash 2ed959c2ae6340b60d713acc77bfee9edcdd74ae67b2114d7258797a896fcdd0 Request headers Referer https://cdn1.ftimg.com/css/ft-878.min.css Origin https://flamingtext.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:52 GMT last-modified Sat, 14 Aug 2021 08:51:18 GMT server nginx/1.20.2 etag "61178406-9c0" content-type application/octet-stream access-control-allow-origin * cache-control max-age=31622400 accept-ranges bytes content-length 2496 expires Thu, 20 Jul 2023 14:44:52 GMT
GET H2	200	font-awesome.min.css cdn1.ftimg.com/font-awesome/4.6.2/css/	28 KB 7 KB	10ms 10ms	Stylesheet text/css	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Full URL https://cdn1.ftimg.com/font-awesome/4.6.2/css/font-awesome.min.css Requested by Host: flamingtext.com URL: https://flamingtext.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash b5675b0d1ee88db374b1e60e301fda9f0c1d3585f47173468827115fc4e529c2 Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:52 GMT content-encoding gzip last-modified Sat, 14 Aug 2021 08:51:18 GMT server nginx/1.20.2 etag W/"61178406-7103" content-type text/css access-control-allow-origin * cache-control max-age=31622400 expires Thu, 20 Jul 2023 14:44:52 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	2 B 207 B	34ms 34ms	XHR text/plain	2607:f8b0:4006:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1854273758&t=pageview&_s=1&dl=https%3A%2F%2Fflamingtext.com%2F&ul=en-us&de=UTF-8&dt=Logo%20Design%20and%20Name%20Generator&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=150175848&gjid=262952916&cid=1601568999.1658241893&tid=UA-6074958-1&_gid=1585045458.1658241893&_r=1&_slc=1&cd1=visitor&cd2=b&z=703210401 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80b::200e New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://flamingtext.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 19 Jul 2022 14:44:53 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://flamingtext.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	beach-house-logo.webp cdn1.ftimg.com/images/logos/s240x120/en_US/	2 KB 3 KB	15ms 9ms	Image image/webp	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.ftimg.com/images/logos/s240x120/en_US/beach-house-logo.webp Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash 3949380d0e8c5dbb168598a468b7f98a2564feacfad9338e2999a29a94d3e3d6 Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT last-modified Mon, 20 Jun 2022 05:32:46 GMT server nginx/1.20.2 etag "62b0067e-992" content-type image/webp access-control-allow-origin * cache-control max-age=31622400 accept-ranges bytes content-length 2450 expires Thu, 20 Jul 2023 14:44:53 GMT
GET H2	200	country-logo.webp cdn1.ftimg.com/images/logos/s240x120/en_US/	4 KB 4 KB	16ms 9ms	Image image/webp	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.ftimg.com/images/logos/s240x120/en_US/country-logo.webp Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash 0dafb83b40f07a9720f1212c26de42603278820554f00954d1f4793a1499feb9 Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT last-modified Fri, 17 Jun 2022 11:27:01 GMT server nginx/1.20.2 etag "62ac6505-e56" content-type image/webp access-control-allow-origin * cache-control max-age=31622400 accept-ranges bytes content-length 3670 expires Thu, 20 Jul 2023 14:44:53 GMT
GET H2	200	dude-logo.webp cdn1.ftimg.com/images/logos/s240x120/en_US/	1 KB 1 KB	17ms 10ms	Image image/webp	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.ftimg.com/images/logos/s240x120/en_US/dude-logo.webp Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash ee5c237d08bcc6a5a683a8430588fbaa2f355c79e2e3f4d2e5951d258ccb40ba Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT last-modified Mon, 18 Jul 2022 07:53:13 GMT server nginx/1.20.2 etag "62d51169-4ee" content-type image/webp access-control-allow-origin * cache-control max-age=31622400 accept-ranges bytes content-length 1262 expires Thu, 20 Jul 2023 14:44:53 GMT
GET H2	200	comics-logo.webp cdn1.ftimg.com/images/logos/s240x120/en_US/	4 KB 4 KB	17ms 11ms	Image image/webp	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.ftimg.com/images/logos/s240x120/en_US/comics-logo.webp Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash 13a8c01115939dfddf9d88d8d1b36a273be37eaabe97ddbfaf5b5b5ca526cb76 Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT last-modified Sat, 28 Aug 2021 10:05:49 GMT server nginx/1.20.2 etag "612a0a7d-10da" content-type image/webp access-control-allow-origin * cache-control max-age=31622400 accept-ranges bytes content-length 4314 expires Thu, 20 Jul 2023 14:44:53 GMT
GET H2	200	3d-logo.webp cdn1.ftimg.com/images/logos/s240x120/en_US/	2 KB 3 KB	18ms 12ms	Image image/webp	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.ftimg.com/images/logos/s240x120/en_US/3d-logo.webp Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash 2d25f8b4b8681685ba0b9f69e6c80129831202246307aca2da02b8c0c1550fb8 Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT last-modified Sat, 28 Aug 2021 10:05:51 GMT server nginx/1.20.2 etag "612a0a7f-9a8" content-type image/webp access-control-allow-origin * cache-control max-age=31622400 accept-ranges bytes content-length 2472 expires Thu, 20 Jul 2023 14:44:53 GMT
GET H2	200	style-logo.webp cdn1.ftimg.com/images/logos/s240x120/en_US/	3 KB 3 KB	19ms 12ms	Image image/webp	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.ftimg.com/images/logos/s240x120/en_US/style-logo.webp Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash b870e08dcc746ba5ef4e67885fa236889e4f5d55544a6c330d88da5bcf566157 Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT last-modified Sat, 28 Aug 2021 10:05:49 GMT server nginx/1.20.2 etag "612a0a7d-c92" content-type image/webp access-control-allow-origin * cache-control max-age=31622400 accept-ranges bytes content-length 3218 expires Thu, 20 Jul 2023 14:44:53 GMT
GET H2	200	water-logo.webp cdn1.ftimg.com/images/logos/s240x120/en_US/	4 KB 4 KB	19ms 13ms	Image image/webp	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.ftimg.com/images/logos/s240x120/en_US/water-logo.webp Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash 0e6b7a83ba50327229bb51d27eced3677583324277af4daf0faac5ede0f3ba38 Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT last-modified Sat, 28 Aug 2021 10:05:49 GMT server nginx/1.20.2 etag "612a0a7d-f58" content-type image/webp access-control-allow-origin * cache-control max-age=31622400 accept-ranges bytes content-length 3928 expires Thu, 20 Jul 2023 14:44:53 GMT
GET H2	200	smurfs-logo.webp cdn1.ftimg.com/images/logos/s240x120/en_US/	4 KB 4 KB	19ms 14ms	Image image/webp	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.ftimg.com/images/logos/s240x120/en_US/smurfs-logo.webp Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash 11b9eed4e07de1f1d1513721c6e059961b0f1e3632060de47b358c0dfcb8f48b Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT last-modified Sat, 28 Aug 2021 10:05:51 GMT server nginx/1.20.2 etag "612a0a7f-e7c" content-type image/webp access-control-allow-origin * cache-control max-age=31622400 accept-ranges bytes content-length 3708 expires Thu, 20 Jul 2023 14:44:53 GMT
GET H2	200	blackbird-logo.webp cdn1.ftimg.com/images/logos/s240x120/en_US/	3 KB 3 KB	20ms 14ms	Image image/webp	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.ftimg.com/images/logos/s240x120/en_US/blackbird-logo.webp Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash 290a85bbe9b93969026caebfe4362455f1886a8ff3bd4075c4c2e7269e342085 Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT last-modified Sat, 28 Aug 2021 10:05:49 GMT server nginx/1.20.2 etag "612a0a7d-d18" content-type image/webp access-control-allow-origin * cache-control max-age=31622400 accept-ranges bytes content-length 3352 expires Thu, 20 Jul 2023 14:44:53 GMT
GET H2	200	runner-logo.webp cdn1.ftimg.com/images/logos/s240x120/en_US/	4 KB 5 KB	20ms 15ms	Image image/webp	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.ftimg.com/images/logos/s240x120/en_US/runner-logo.webp Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash 19e77354794bd1f31702c10187be8847a1fd21d1c5d737978014d46a7c4d926a Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT last-modified Sat, 28 Aug 2021 10:05:05 GMT server nginx/1.20.2 etag "612a0a51-115e" content-type image/webp access-control-allow-origin * cache-control max-age=31622400 accept-ranges bytes content-length 4446 expires Thu, 20 Jul 2023 14:44:53 GMT
GET H2	200	fluffy-logo.webp cdn1.ftimg.com/images/logos/s240x120/en_US/	4 KB 4 KB	21ms 16ms	Image image/webp	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.ftimg.com/images/logos/s240x120/en_US/fluffy-logo.webp Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash 7f8aad72bf918fdb847cdbe93cba5efe73deeee65da47526dfe9fa8daa2e0529 Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT last-modified Sat, 28 Aug 2021 10:05:51 GMT server nginx/1.20.2 etag "612a0a7f-f66" content-type image/webp access-control-allow-origin * cache-control max-age=31622400 accept-ranges bytes content-length 3942 expires Thu, 20 Jul 2023 14:44:53 GMT
GET H2	200	memories-anim-logo.gif cdn1.ftimg.com/images/logos/s240x120/en_US/	90 KB 90 KB	22ms 17ms	Image image/gif	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.ftimg.com/images/logos/s240x120/en_US/memories-anim-logo.gif Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash 2dc62a8bb145acd38c6977a8f40f248f314592af3c4d665edf97e3f584e8878d Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT last-modified Sat, 28 Aug 2021 10:06:46 GMT server nginx/1.20.2 etag "612a0ab6-16691" content-type image/gif access-control-allow-origin * cache-control max-age=31622400 accept-ranges bytes content-length 91793 expires Thu, 20 Jul 2023 14:44:53 GMT
GET H2	200	graffiti-3d-logo.webp cdn1.ftimg.com/images/logos/s240x120/en_US/	3 KB 4 KB	26ms 22ms	Image image/webp	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.ftimg.com/images/logos/s240x120/en_US/graffiti-3d-logo.webp Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash 7328ee594cbea402d9a28c3e368d39dc2db9697f74269a3d7091604a05b1903b Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT last-modified Sat, 28 Aug 2021 10:05:49 GMT server nginx/1.20.2 etag "612a0a7d-d8e" content-type image/webp access-control-allow-origin * cache-control max-age=31622400 accept-ranges bytes content-length 3470 expires Thu, 20 Jul 2023 14:44:53 GMT
GET H2	200	fabulous-logo.webp cdn1.ftimg.com/images/logos/s240x120/en_US/	3 KB 3 KB	27ms 23ms	Image image/webp	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.ftimg.com/images/logos/s240x120/en_US/fabulous-logo.webp Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash 4968d866996b655accf6340f7e1bd3589a2b9d50704d85efef9ddc8c7a030dbe Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT last-modified Sat, 28 Aug 2021 10:05:49 GMT server nginx/1.20.2 etag "612a0a7d-b9a" content-type image/webp access-control-allow-origin * cache-control max-age=31622400 accept-ranges bytes content-length 2970 expires Thu, 20 Jul 2023 14:44:53 GMT
GET H2	200	graffiti-burn-logo.webp cdn1.ftimg.com/images/logos/s240x120/en_US/	3 KB 3 KB	27ms 23ms	Image image/webp	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.ftimg.com/images/logos/s240x120/en_US/graffiti-burn-logo.webp Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash 216baec686404581d713f214e2cfc6af208902aefe12c6e4392acae9d976176a Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT last-modified Sat, 28 Aug 2021 10:07:33 GMT server nginx/1.20.2 etag "612a0ae5-ccc" content-type image/webp access-control-allow-origin * cache-control max-age=31622400 accept-ranges bytes content-length 3276 expires Thu, 20 Jul 2023 14:44:53 GMT
GET H2	200	discovery-logo.webp cdn1.ftimg.com/images/logos/s240x120/en_US/	4 KB 4 KB	28ms 24ms	Image image/webp	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.ftimg.com/images/logos/s240x120/en_US/discovery-logo.webp Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash 4b84d476a36bc52126822ce3ecff0c14e62ce57eb30f489a553163dce2cbb5a3 Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT last-modified Fri, 24 Jun 2022 18:46:22 GMT server nginx/1.20.2 etag "62b6067e-e1a" content-type image/webp access-control-allow-origin * cache-control max-age=31622400 accept-ranges bytes content-length 3610 expires Thu, 20 Jul 2023 14:44:53 GMT
GET H2	200	clan-logo.webp cdn1.ftimg.com/images/logos/s240x120/en_US/	2 KB 2 KB	28ms 24ms	Image image/webp	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.ftimg.com/images/logos/s240x120/en_US/clan-logo.webp Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash bec1be2285dbcd0eb971eb84660c6456671dee45d24a3b20a096a223e5432932 Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT last-modified Sat, 28 Aug 2021 10:05:49 GMT server nginx/1.20.2 etag "612a0a7d-72a" content-type image/webp access-control-allow-origin * cache-control max-age=31622400 accept-ranges bytes content-length 1834 expires Thu, 20 Jul 2023 14:44:53 GMT
GET H2	200	alien-glow-anim-logo.gif cdn1.ftimg.com/images/logos/s240x120/en_US/	64 KB 64 KB	28ms 24ms	Image image/gif	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.ftimg.com/images/logos/s240x120/en_US/alien-glow-anim-logo.gif Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash 9adf92b8bf145ab4bea4c00771ba484acae75f989f196a1d8674503d7c3ebd60 Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT last-modified Sat, 28 Aug 2021 10:05:49 GMT server nginx/1.20.2 etag "612a0a7d-fe06" content-type image/gif access-control-allow-origin * cache-control max-age=31622400 accept-ranges bytes content-length 65030 expires Thu, 20 Jul 2023 14:44:53 GMT
GET H2	200	neon-logo.webp cdn1.ftimg.com/images/logos/s240x120/en_US/	1 KB 2 KB	28ms 25ms	Image image/webp	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.ftimg.com/images/logos/s240x120/en_US/neon-logo.webp Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash a4c3d85794c09ed63164a3382c662d6c79e3c2c5d4b94a6c6d3d1641937c96c8 Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT last-modified Sat, 28 Aug 2021 10:05:49 GMT server nginx/1.20.2 etag "612a0a7d-57e" content-type image/webp access-control-allow-origin * cache-control max-age=31622400 accept-ranges bytes content-length 1406 expires Thu, 20 Jul 2023 14:44:53 GMT
GET H2	200	chrominium-logo.webp cdn1.ftimg.com/images/logos/s240x120/en_US/	3 KB 3 KB	28ms 25ms	Image image/webp	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.ftimg.com/images/logos/s240x120/en_US/chrominium-logo.webp Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash 216b9e1b3db031b93858f5204cee8971a56d9c0aff022133057759b18abb165b Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT last-modified Sat, 28 Aug 2021 10:05:49 GMT server nginx/1.20.2 etag "612a0a7d-be4" content-type image/webp access-control-allow-origin * cache-control max-age=31622400 accept-ranges bytes content-length 3044 expires Thu, 20 Jul 2023 14:44:53 GMT
GET H2	200	crafts-logo.webp cdn1.ftimg.com/images/logos/s240x120/en_US/	3 KB 3 KB	28ms 25ms	Image image/webp	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.ftimg.com/images/logos/s240x120/en_US/crafts-logo.webp Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash 27b1f27b3824b186778cf4a0f89b45f0d13d0e25ae517593488bd77736269fbe Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT last-modified Sat, 28 Aug 2021 10:06:52 GMT server nginx/1.20.2 etag "612a0abc-a44" content-type image/webp access-control-allow-origin * cache-control max-age=31622400 accept-ranges bytes content-length 2628 expires Thu, 20 Jul 2023 14:44:53 GMT
GET H2	200	fire-logo.webp cdn1.ftimg.com/images/logos/s240x120/en_US/	3 KB 3 KB	28ms 26ms	Image image/webp	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.ftimg.com/images/logos/s240x120/en_US/fire-logo.webp Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash 995f541b7656a85ad8f033449866dd0d1b4ad3c492885f941d52b906dc6bc7bf Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT last-modified Sat, 28 Aug 2021 10:06:14 GMT server nginx/1.20.2 etag "612a0a96-bbc" content-type image/webp access-control-allow-origin * cache-control max-age=31622400 accept-ranges bytes content-length 3004 expires Thu, 20 Jul 2023 14:44:53 GMT
GET H2	200	world-cup-2014-logo.webp cdn1.ftimg.com/images/logos/s240x120/en_US/	2 KB 2 KB	29ms 26ms	Image image/webp	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.ftimg.com/images/logos/s240x120/en_US/world-cup-2014-logo.webp Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash 7cae477577017a2d3421b5f46fd37bb72b444f868415690d5b46959f55b1977e Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT last-modified Sat, 28 Aug 2021 10:05:50 GMT server nginx/1.20.2 etag "612a0a7e-66e" content-type image/webp access-control-allow-origin * cache-control max-age=31622400 accept-ranges bytes content-length 1646 expires Thu, 20 Jul 2023 14:44:53 GMT
GET H2	200	amped-logo.webp cdn1.ftimg.com/images/logos/s240x120/en_US/	5 KB 5 KB	29ms 26ms	Image image/webp	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.ftimg.com/images/logos/s240x120/en_US/amped-logo.webp Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash aabf8e8f982e15496b1c59cdc2ad6af856f08de984ead3590e6b3c9eeeef35c4 Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT last-modified Sat, 28 Aug 2021 10:05:49 GMT server nginx/1.20.2 etag "612a0a7d-1452" content-type image/webp access-control-allow-origin * cache-control max-age=31622400 accept-ranges bytes content-length 5202 expires Thu, 20 Jul 2023 14:44:53 GMT
GET H2	200	tribal.home.top.html Show response flamingtext.com/ads/tribal/ Frame 8A40	204 B 335 B	23ms 11ms	Document text/html	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Full URL https://flamingtext.com/ads/tribal/tribal.home.top.html Requested by Host: cdn1.ftimg.com URL: https://cdn1.ftimg.com/js/ftnew2-en_US-878.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash c3f0e638fd44bcebde61e502ee74ed00439d2d78a977ff36cce999513fc77973 Request headers Referer https://flamingtext.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * content-length 204 content-type text/html date Tue, 19 Jul 2022 14:44:53 GMT last-modified Sat, 14 Aug 2021 08:51:17 GMT server nginx/1.20.2
GET H2	200	tribal.home.left.html Show response flamingtext.com/ads/tribal/ Frame C516	205 B 336 B	22ms 0ms	Document text/html	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Full URL https://flamingtext.com/ads/tribal/tribal.home.left.html Requested by Host: cdn1.ftimg.com URL: https://cdn1.ftimg.com/js/ftnew2-en_US-878.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash 4f728e89f111ee7d9cd95c882b343aba2f6f999641e31245a72818e83998c383 Request headers Referer https://flamingtext.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * content-length 205 content-type text/html date Tue, 19 Jul 2022 14:44:53 GMT last-modified Sat, 14 Aug 2021 08:51:17 GMT server nginx/1.20.2
GET H2	200	tribal.home.right.html Show response flamingtext.com/ads/tribal/ Frame 24C8	205 B 336 B	14ms 0ms	Document text/html	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Full URL https://flamingtext.com/ads/tribal/tribal.home.right.html Requested by Host: cdn1.ftimg.com URL: https://cdn1.ftimg.com/js/ftnew2-en_US-878.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash 4f728e89f111ee7d9cd95c882b343aba2f6f999641e31245a72818e83998c383 Request headers Referer https://flamingtext.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * content-length 205 content-type text/html date Tue, 19 Jul 2022 14:44:53 GMT last-modified Sat, 14 Aug 2021 08:51:17 GMT server nginx/1.20.2
GET H2	200	beach-house-logo.webp cdn1.ftimg.com/images/logos/s240x120/en_US/	2 KB 3 KB	25ms 7ms	Image image/webp	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.ftimg.com/images/logos/s240x120/en_US/beach-house-logo.webp Requested by Host: cdn1.ftimg.com URL: https://cdn1.ftimg.com/js/ftnew2-en_US-878.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash 3949380d0e8c5dbb168598a468b7f98a2564feacfad9338e2999a29a94d3e3d6 Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT last-modified Mon, 20 Jun 2022 05:32:46 GMT server nginx/1.20.2 etag "62b0067e-992" content-type image/webp access-control-allow-origin * cache-control max-age=31622400 accept-ranges bytes content-length 2450 expires Thu, 20 Jul 2023 14:44:53 GMT
GET H2	200	country-logo.webp cdn1.ftimg.com/images/logos/s240x120/en_US/	4 KB 4 KB	24ms 7ms	Image image/webp	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.ftimg.com/images/logos/s240x120/en_US/country-logo.webp Requested by Host: cdn1.ftimg.com URL: https://cdn1.ftimg.com/js/ftnew2-en_US-878.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash 0dafb83b40f07a9720f1212c26de42603278820554f00954d1f4793a1499feb9 Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT last-modified Fri, 17 Jun 2022 11:27:01 GMT server nginx/1.20.2 etag "62ac6505-e56" content-type image/webp access-control-allow-origin * cache-control max-age=31622400 accept-ranges bytes content-length 3670 expires Thu, 20 Jul 2023 14:44:53 GMT
GET H2	200	dude-logo.webp cdn1.ftimg.com/images/logos/s240x120/en_US/	1 KB 1 KB	27ms 9ms	Image image/webp	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.ftimg.com/images/logos/s240x120/en_US/dude-logo.webp Requested by Host: cdn1.ftimg.com URL: https://cdn1.ftimg.com/js/ftnew2-en_US-878.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash ee5c237d08bcc6a5a683a8430588fbaa2f355c79e2e3f4d2e5951d258ccb40ba Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT last-modified Mon, 18 Jul 2022 07:53:13 GMT server nginx/1.20.2 etag "62d51169-4ee" content-type image/webp access-control-allow-origin * cache-control max-age=31622400 accept-ranges bytes content-length 1262 expires Thu, 20 Jul 2023 14:44:53 GMT
GET H2	200	comics-logo.webp cdn1.ftimg.com/images/logos/s240x120/en_US/	4 KB 4 KB	27ms 10ms	Image image/webp	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.ftimg.com/images/logos/s240x120/en_US/comics-logo.webp Requested by Host: cdn1.ftimg.com URL: https://cdn1.ftimg.com/js/ftnew2-en_US-878.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash 13a8c01115939dfddf9d88d8d1b36a273be37eaabe97ddbfaf5b5b5ca526cb76 Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT last-modified Sat, 28 Aug 2021 10:05:49 GMT server nginx/1.20.2 etag "612a0a7d-10da" content-type image/webp access-control-allow-origin * cache-control max-age=31622400 accept-ranges bytes content-length 4314 expires Thu, 20 Jul 2023 14:44:53 GMT
GET H2	200	3d-logo.webp cdn1.ftimg.com/images/logos/s240x120/en_US/	2 KB 3 KB	28ms 10ms	Image image/webp	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.ftimg.com/images/logos/s240x120/en_US/3d-logo.webp Requested by Host: cdn1.ftimg.com URL: https://cdn1.ftimg.com/js/ftnew2-en_US-878.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash 2d25f8b4b8681685ba0b9f69e6c80129831202246307aca2da02b8c0c1550fb8 Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT last-modified Sat, 28 Aug 2021 10:05:51 GMT server nginx/1.20.2 etag "612a0a7f-9a8" content-type image/webp access-control-allow-origin * cache-control max-age=31622400 accept-ranges bytes content-length 2472 expires Thu, 20 Jul 2023 14:44:53 GMT
GET H2	200	style-logo.webp cdn1.ftimg.com/images/logos/s240x120/en_US/	3 KB 3 KB	23ms 11ms	Image image/webp	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.ftimg.com/images/logos/s240x120/en_US/style-logo.webp Requested by Host: cdn1.ftimg.com URL: https://cdn1.ftimg.com/js/ftnew2-en_US-878.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash b870e08dcc746ba5ef4e67885fa236889e4f5d55544a6c330d88da5bcf566157 Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT last-modified Sat, 28 Aug 2021 10:05:49 GMT server nginx/1.20.2 etag "612a0a7d-c92" content-type image/webp access-control-allow-origin * cache-control max-age=31622400 accept-ranges bytes content-length 3218 expires Thu, 20 Jul 2023 14:44:53 GMT
GET H2	200	water-logo.webp cdn1.ftimg.com/images/logos/s240x120/en_US/	4 KB 4 KB	23ms 12ms	Image image/webp	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.ftimg.com/images/logos/s240x120/en_US/water-logo.webp Requested by Host: cdn1.ftimg.com URL: https://cdn1.ftimg.com/js/ftnew2-en_US-878.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash 0e6b7a83ba50327229bb51d27eced3677583324277af4daf0faac5ede0f3ba38 Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT last-modified Sat, 28 Aug 2021 10:05:49 GMT server nginx/1.20.2 etag "612a0a7d-f58" content-type image/webp access-control-allow-origin * cache-control max-age=31622400 accept-ranges bytes content-length 3928 expires Thu, 20 Jul 2023 14:44:53 GMT
GET H2	200	smurfs-logo.webp cdn1.ftimg.com/images/logos/s240x120/en_US/	4 KB 4 KB	24ms 12ms	Image image/webp	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.ftimg.com/images/logos/s240x120/en_US/smurfs-logo.webp Requested by Host: cdn1.ftimg.com URL: https://cdn1.ftimg.com/js/ftnew2-en_US-878.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash 11b9eed4e07de1f1d1513721c6e059961b0f1e3632060de47b358c0dfcb8f48b Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT last-modified Sat, 28 Aug 2021 10:05:51 GMT server nginx/1.20.2 etag "612a0a7f-e7c" content-type image/webp access-control-allow-origin * cache-control max-age=31622400 accept-ranges bytes content-length 3708 expires Thu, 20 Jul 2023 14:44:53 GMT
GET H2	200	blackbird-logo.webp cdn1.ftimg.com/images/logos/s240x120/en_US/	3 KB 3 KB	23ms 13ms	Image image/webp	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.ftimg.com/images/logos/s240x120/en_US/blackbird-logo.webp Requested by Host: cdn1.ftimg.com URL: https://cdn1.ftimg.com/js/ftnew2-en_US-878.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash 290a85bbe9b93969026caebfe4362455f1886a8ff3bd4075c4c2e7269e342085 Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT last-modified Sat, 28 Aug 2021 10:05:49 GMT server nginx/1.20.2 etag "612a0a7d-d18" content-type image/webp access-control-allow-origin * cache-control max-age=31622400 accept-ranges bytes content-length 3352 expires Thu, 20 Jul 2023 14:44:53 GMT
GET H2	200	runner-logo.webp cdn1.ftimg.com/images/logos/s240x120/en_US/	4 KB 5 KB	24ms 14ms	Image image/webp	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.ftimg.com/images/logos/s240x120/en_US/runner-logo.webp Requested by Host: cdn1.ftimg.com URL: https://cdn1.ftimg.com/js/ftnew2-en_US-878.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash 19e77354794bd1f31702c10187be8847a1fd21d1c5d737978014d46a7c4d926a Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT last-modified Sat, 28 Aug 2021 10:05:05 GMT server nginx/1.20.2 etag "612a0a51-115e" content-type image/webp access-control-allow-origin * cache-control max-age=31622400 accept-ranges bytes content-length 4446 expires Thu, 20 Jul 2023 14:44:53 GMT
GET H2	200	fluffy-logo.webp cdn1.ftimg.com/images/logos/s240x120/en_US/	4 KB 4 KB	24ms 14ms	Image image/webp	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.ftimg.com/images/logos/s240x120/en_US/fluffy-logo.webp Requested by Host: cdn1.ftimg.com URL: https://cdn1.ftimg.com/js/ftnew2-en_US-878.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash 7f8aad72bf918fdb847cdbe93cba5efe73deeee65da47526dfe9fa8daa2e0529 Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT last-modified Sat, 28 Aug 2021 10:05:51 GMT server nginx/1.20.2 etag "612a0a7f-f66" content-type image/webp access-control-allow-origin * cache-control max-age=31622400 accept-ranges bytes content-length 3942 expires Thu, 20 Jul 2023 14:44:53 GMT
GET H2	200	graffiti-3d-logo.webp cdn1.ftimg.com/images/logos/s240x120/en_US/	3 KB 4 KB	22ms 15ms	Image image/webp	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.ftimg.com/images/logos/s240x120/en_US/graffiti-3d-logo.webp Requested by Host: cdn1.ftimg.com URL: https://cdn1.ftimg.com/js/ftnew2-en_US-878.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash 7328ee594cbea402d9a28c3e368d39dc2db9697f74269a3d7091604a05b1903b Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT last-modified Sat, 28 Aug 2021 10:05:49 GMT server nginx/1.20.2 etag "612a0a7d-d8e" content-type image/webp access-control-allow-origin * cache-control max-age=31622400 accept-ranges bytes content-length 3470 expires Thu, 20 Jul 2023 14:44:53 GMT
GET H2	200	fabulous-logo.webp cdn1.ftimg.com/images/logos/s240x120/en_US/	3 KB 3 KB	23ms 16ms	Image image/webp	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.ftimg.com/images/logos/s240x120/en_US/fabulous-logo.webp Requested by Host: cdn1.ftimg.com URL: https://cdn1.ftimg.com/js/ftnew2-en_US-878.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash 4968d866996b655accf6340f7e1bd3589a2b9d50704d85efef9ddc8c7a030dbe Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT last-modified Sat, 28 Aug 2021 10:05:49 GMT server nginx/1.20.2 etag "612a0a7d-b9a" content-type image/webp access-control-allow-origin * cache-control max-age=31622400 accept-ranges bytes content-length 2970 expires Thu, 20 Jul 2023 14:44:53 GMT
GET H2	200	graffiti-burn-logo.webp cdn1.ftimg.com/images/logos/s240x120/en_US/	3 KB 3 KB	23ms 17ms	Image image/webp	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.ftimg.com/images/logos/s240x120/en_US/graffiti-burn-logo.webp Requested by Host: cdn1.ftimg.com URL: https://cdn1.ftimg.com/js/ftnew2-en_US-878.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash 216baec686404581d713f214e2cfc6af208902aefe12c6e4392acae9d976176a Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT last-modified Sat, 28 Aug 2021 10:07:33 GMT server nginx/1.20.2 etag "612a0ae5-ccc" content-type image/webp access-control-allow-origin * cache-control max-age=31622400 accept-ranges bytes content-length 3276 expires Thu, 20 Jul 2023 14:44:53 GMT
GET H2	200	discovery-logo.webp cdn1.ftimg.com/images/logos/s240x120/en_US/	4 KB 4 KB	11ms 9ms	Image image/webp	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.ftimg.com/images/logos/s240x120/en_US/discovery-logo.webp Requested by Host: cdn1.ftimg.com URL: https://cdn1.ftimg.com/js/ftnew2-en_US-878.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash 4b84d476a36bc52126822ce3ecff0c14e62ce57eb30f489a553163dce2cbb5a3 Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT last-modified Fri, 24 Jun 2022 18:46:22 GMT server nginx/1.20.2 etag "62b6067e-e1a" content-type image/webp access-control-allow-origin * cache-control max-age=31622400 accept-ranges bytes content-length 3610 expires Thu, 20 Jul 2023 14:44:53 GMT
GET H2	200	clan-logo.webp cdn1.ftimg.com/images/logos/s240x120/en_US/	2 KB 2 KB	9ms 9ms	Image image/webp	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.ftimg.com/images/logos/s240x120/en_US/clan-logo.webp Requested by Host: cdn1.ftimg.com URL: https://cdn1.ftimg.com/js/ftnew2-en_US-878.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash bec1be2285dbcd0eb971eb84660c6456671dee45d24a3b20a096a223e5432932 Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT last-modified Sat, 28 Aug 2021 10:05:49 GMT server nginx/1.20.2 etag "612a0a7d-72a" content-type image/webp access-control-allow-origin * cache-control max-age=31622400 accept-ranges bytes content-length 1834 expires Thu, 20 Jul 2023 14:44:53 GMT
GET H2	200	tags.js Show response tags.expo9.exponential.com/tags/FlamingTextcom/ROS/ Frame 8A40	59 KB 14 KB	171ms 131ms	Script application/x-javascript	2606:4700:4400::ac40:9812 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tags.expo9.exponential.com/tags/FlamingTextcom/ROS/tags.js Requested by Host: flamingtext.com URL: https://flamingtext.com/ads/tribal/tribal.home.top.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9812 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8f36e37f6d51085676cd3d2810511a3923d99528ab7ad53e906e79b9c08d7008 Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT content-encoding gzip cf-cache-status DYNAMIC p3p CP="NOI DEVo TAIa OUR BUS" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 14149 x-function 151 last-modified Wed, 11 Aug 2021 04:08:51 GMT server cloudflare x-reuse-index 577 etag 6153384087489610144 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript cache-control max-age=3600, private cf-ray 72d43cd83dfe4bd7-YUL expires Tue, 19 Jul 2022 15:44:53 GMT
GET H2	200	tags.js Show response tags.expo9.exponential.com/tags/FlamingTextcom/ROS/ Frame C516	59 KB 14 KB	142ms 108ms	Script application/x-javascript	2606:4700:4400::ac40:9812 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tags.expo9.exponential.com/tags/FlamingTextcom/ROS/tags.js Requested by Host: flamingtext.com URL: https://flamingtext.com/ads/tribal/tribal.home.left.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9812 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8f36e37f6d51085676cd3d2810511a3923d99528ab7ad53e906e79b9c08d7008 Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT content-encoding gzip cf-cache-status DYNAMIC p3p CP="NOI DEVo TAIa OUR BUS" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 14149 x-function 151 last-modified Wed, 11 Aug 2021 04:08:51 GMT server cloudflare x-reuse-index 301 etag 6153384087489610144 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript cache-control max-age=3600, private cf-ray 72d43cd83e044bd7-YUL expires Tue, 19 Jul 2022 15:44:53 GMT
GET H2	200	memories-anim-logo.gif cdn1.ftimg.com/images/logos/s240x120/en_US/	90 KB 90 KB	11ms 10ms	Image image/gif	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.ftimg.com/images/logos/s240x120/en_US/memories-anim-logo.gif Requested by Host: cdn1.ftimg.com URL: https://cdn1.ftimg.com/js/ftnew2-en_US-878.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash 2dc62a8bb145acd38c6977a8f40f248f314592af3c4d665edf97e3f584e8878d Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT last-modified Sat, 28 Aug 2021 10:06:46 GMT server nginx/1.20.2 etag "612a0ab6-16691" content-type image/gif access-control-allow-origin * cache-control max-age=31622400 accept-ranges bytes content-length 91793 expires Thu, 20 Jul 2023 14:44:53 GMT
GET H2	200	alien-glow-anim-logo.gif cdn1.ftimg.com/images/logos/s240x120/en_US/	64 KB 64 KB	13ms 12ms	Image image/gif	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.ftimg.com/images/logos/s240x120/en_US/alien-glow-anim-logo.gif Requested by Host: cdn1.ftimg.com URL: https://cdn1.ftimg.com/js/ftnew2-en_US-878.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash 9adf92b8bf145ab4bea4c00771ba484acae75f989f196a1d8674503d7c3ebd60 Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT last-modified Sat, 28 Aug 2021 10:05:49 GMT server nginx/1.20.2 etag "612a0a7d-fe06" content-type image/gif access-control-allow-origin * cache-control max-age=31622400 accept-ranges bytes content-length 65030 expires Thu, 20 Jul 2023 14:44:53 GMT
GET H2	200	neon-logo.webp cdn1.ftimg.com/images/logos/s240x120/en_US/	1 KB 2 KB	20ms 20ms	Image image/webp	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.ftimg.com/images/logos/s240x120/en_US/neon-logo.webp Requested by Host: cdn1.ftimg.com URL: https://cdn1.ftimg.com/js/ftnew2-en_US-878.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash a4c3d85794c09ed63164a3382c662d6c79e3c2c5d4b94a6c6d3d1641937c96c8 Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT last-modified Sat, 28 Aug 2021 10:05:49 GMT server nginx/1.20.2 etag "612a0a7d-57e" content-type image/webp access-control-allow-origin * cache-control max-age=31622400 accept-ranges bytes content-length 1406 expires Thu, 20 Jul 2023 14:44:53 GMT
GET H2	200	chrominium-logo.webp cdn1.ftimg.com/images/logos/s240x120/en_US/	3 KB 3 KB	21ms 21ms	Image image/webp	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.ftimg.com/images/logos/s240x120/en_US/chrominium-logo.webp Requested by Host: cdn1.ftimg.com URL: https://cdn1.ftimg.com/js/ftnew2-en_US-878.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash 216b9e1b3db031b93858f5204cee8971a56d9c0aff022133057759b18abb165b Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT last-modified Sat, 28 Aug 2021 10:05:49 GMT server nginx/1.20.2 etag "612a0a7d-be4" content-type image/webp access-control-allow-origin * cache-control max-age=31622400 accept-ranges bytes content-length 3044 expires Thu, 20 Jul 2023 14:44:53 GMT
GET H2	200	pixel.gif www.stat-bot.com/	43 B 179 B	10ms 10ms	Image image/gif	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://www.stat-bot.com/pixel.gif?v=1.0&domain=flamingtext.com&path=%2F&dns=26&pageLoad=214&pageTime=69&ttfb=19&id=flamingtext&version=878&server=www6&userType=visitor&ab=b&type=pageview&_=0.31902625858391276 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT server nginx/1.20.2 content-length 43 content-type image/gif;charset=UTF-8
GET H2	200	crafts-logo.webp cdn1.ftimg.com/images/logos/s240x120/en_US/	3 KB 3 KB	21ms 20ms	Image image/webp	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.ftimg.com/images/logos/s240x120/en_US/crafts-logo.webp Requested by Host: cdn1.ftimg.com URL: https://cdn1.ftimg.com/js/ftnew2-en_US-878.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash 27b1f27b3824b186778cf4a0f89b45f0d13d0e25ae517593488bd77736269fbe Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT last-modified Sat, 28 Aug 2021 10:06:52 GMT server nginx/1.20.2 etag "612a0abc-a44" content-type image/webp access-control-allow-origin * cache-control max-age=31622400 accept-ranges bytes content-length 2628 expires Thu, 20 Jul 2023 14:44:53 GMT
GET H2	200	fire-logo.webp cdn1.ftimg.com/images/logos/s240x120/en_US/	3 KB 3 KB	21ms 20ms	Image image/webp	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.ftimg.com/images/logos/s240x120/en_US/fire-logo.webp Requested by Host: cdn1.ftimg.com URL: https://cdn1.ftimg.com/js/ftnew2-en_US-878.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash 995f541b7656a85ad8f033449866dd0d1b4ad3c492885f941d52b906dc6bc7bf Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT last-modified Sat, 28 Aug 2021 10:06:14 GMT server nginx/1.20.2 etag "612a0a96-bbc" content-type image/webp access-control-allow-origin * cache-control max-age=31622400 accept-ranges bytes content-length 3004 expires Thu, 20 Jul 2023 14:44:53 GMT
GET H2	200	world-cup-2014-logo.webp cdn1.ftimg.com/images/logos/s240x120/en_US/	2 KB 2 KB	22ms 21ms	Image image/webp	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.ftimg.com/images/logos/s240x120/en_US/world-cup-2014-logo.webp Requested by Host: cdn1.ftimg.com URL: https://cdn1.ftimg.com/js/ftnew2-en_US-878.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash 7cae477577017a2d3421b5f46fd37bb72b444f868415690d5b46959f55b1977e Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT last-modified Sat, 28 Aug 2021 10:05:50 GMT server nginx/1.20.2 etag "612a0a7e-66e" content-type image/webp access-control-allow-origin * cache-control max-age=31622400 accept-ranges bytes content-length 1646 expires Thu, 20 Jul 2023 14:44:53 GMT
GET H2	200	amped-logo.webp cdn1.ftimg.com/images/logos/s240x120/en_US/	5 KB 5 KB	22ms 22ms	Image image/webp	198.50.158.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.ftimg.com/images/logos/s240x120/en_US/amped-logo.webp Requested by Host: cdn1.ftimg.com URL: https://cdn1.ftimg.com/js/ftnew2-en_US-878.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.50.158.213 , Canada, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.2 / Resource Hash aabf8e8f982e15496b1c59cdc2ad6af856f08de984ead3590e6b3c9eeeef35c4 Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT last-modified Sat, 28 Aug 2021 10:05:49 GMT server nginx/1.20.2 etag "612a0a7d-1452" content-type image/webp access-control-allow-origin * cache-control max-age=31622400 accept-ranges bytes content-length 5202 expires Thu, 20 Jul 2023 14:44:53 GMT
GET H2	200	tags.js Show response tags.expo9.exponential.com/tags/FlamingTextcom/ROS/ Frame 24C8	59 KB 14 KB	126ms 106ms	Script application/x-javascript	2606:4700:4400::ac40:9812 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tags.expo9.exponential.com/tags/FlamingTextcom/ROS/tags.js Requested by Host: flamingtext.com URL: https://flamingtext.com/ads/tribal/tribal.home.right.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9812 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8f36e37f6d51085676cd3d2810511a3923d99528ab7ad53e906e79b9c08d7008 Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT content-encoding gzip cf-cache-status DYNAMIC p3p CP="NOI DEVo TAIa OUR BUS" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 14149 x-function 151 last-modified Wed, 11 Aug 2021 04:08:51 GMT server cloudflare x-reuse-index 78 etag 6153384087489610144 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript cache-control max-age=3600, private cf-ray 72d43cd83e064bd7-YUL expires Tue, 19 Jul 2022 15:44:53 GMT
GET H2	200	displayAd.js Show response s.tribalfusion.com/ Frame 24C8	678 B 674 B	128ms 101ms	Script application/x-javascript	2606:4700:4400::ac40:98f5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/displayAd.js?dver=0.9&th=8230918794 Requested by Host: tags.expo9.exponential.com URL: https://tags.expo9.exponential.com/tags/FlamingTextcom/ROS/tags.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 113e7414dc25764efaed9bd9cda4259626640265c4fc97b389e360bd4b29c8d1 Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT content-encoding gzip cf-cache-status DYNAMIC p3p CP="NOI DEVo TAIa OUR BUS" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 332 x-function 153 last-modified Wed, 11 Aug 2021 04:08:51 GMT server cloudflare x-reuse-index 1079 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript cache-control private cf-ray 72d43cd91b3f4bcb-YUL expires Mon, 17 Oct 2022 14:44:53 GMT
GET H2	200	displayAd.js Show response s.tribalfusion.com/ Frame C516	679 B 664 B	160ms 137ms	Script application/x-javascript	2606:4700:4400::ac40:98f5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/displayAd.js?dver=0.9&th=8230918794 Requested by Host: tags.expo9.exponential.com URL: https://tags.expo9.exponential.com/tags/FlamingTextcom/ROS/tags.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1c3049303210f1e8a72bdbc021405054a60432fcc62a69a3aa47fb18922cc1f6 Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT content-encoding gzip cf-cache-status DYNAMIC p3p CP="NOI DEVo TAIa OUR BUS" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 329 x-function 153 last-modified Wed, 11 Aug 2021 04:08:51 GMT server cloudflare x-reuse-index 267 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript cache-control private cf-ray 72d43cd91b434bcb-YUL expires Mon, 17 Oct 2022 14:44:53 GMT
GET H2	200	displayAd.js Show response s.tribalfusion.com/ Frame 8A40	679 B 976 B	104ms 100ms	Script application/x-javascript	2606:4700:4400::ac40:98f5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/displayAd.js?dver=0.9&th=8230918794 Requested by Host: tags.expo9.exponential.com URL: https://tags.expo9.exponential.com/tags/FlamingTextcom/ROS/tags.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 15d49c80a22ffbd5fda4294ca49391847164078061926991cdce0337d4091b9f Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT content-encoding gzip cf-cache-status DYNAMIC p3p CP="NOI DEVo TAIa OUR BUS" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 332 x-function 153 last-modified Wed, 11 Aug 2021 04:08:51 GMT server cloudflare x-reuse-index 807 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript cache-control private cf-ray 72d43cd91b464bcb-YUL expires Mon, 17 Oct 2022 14:44:53 GMT
GET H3	200	j.ad Show response s.tribalfusion.com/ Frame 24C8	8 KB 4 KB	208ms 191ms	Script application/x-javascript	2606:4700:4400::ac40:98f5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8230918794&tagKey=538109925&site=flamingtextcom&adSpace=ros&center=1&env=display&size=160x600&busted=1&url=https%3A%2F%2Fflamingtext.com%2F&f=1&p=1820114&tKey=agmneMmE7V3bMQWUJDVPQ12tvgSMxZb0v&a=1&adContainerId=richmedia_2&rnd=1811702 Requested by Host: tags.expo9.exponential.com URL: https://tags.expo9.exponential.com/tags/FlamingTextcom/ROS/tags.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a0f1500712e97f25a90925708bf350ace4a309ee9e727ce60e57a85e3b01e7ab Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT content-encoding gzip cf-cache-status DYNAMIC p3p CP="NOI DEVo TAIa OUR BUS" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 3263 pragma no-cache x-function 101 server cloudflare x-reuse-index 226 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript; charset=utf-8 cache-control private, no-cache, no-store, proxy-revalidate cf-ray 72d43cd9cc5e7154-YUL expires 0
GET H3	200	j.ad Show response s.tribalfusion.com/ Frame 8A40	7 KB 4 KB	207ms 192ms	Script application/x-javascript	2606:4700:4400::ac40:98f5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8230918794&tagKey=538109925&site=flamingtextcom&adSpace=ros&center=1&env=display&size=728x90&busted=1&url=https%3A%2F%2Fflamingtext.com%2F&f=1&p=1820114&tKey=aSmneM3tMHQsZbB56nKptepXaZbPSMxOjW&a=3&adContainerId=richmedia_4&rnd=1813934 Requested by Host: tags.expo9.exponential.com URL: https://tags.expo9.exponential.com/tags/FlamingTextcom/ROS/tags.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c21dce18cdc8dd4e5b724911647e811fa8ef5895c09bf8d5f73618efd184315c Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT content-encoding gzip cf-cache-status DYNAMIC p3p CP="NOI DEVo TAIa OUR BUS" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 3191 pragma no-cache x-function 101 server cloudflare x-reuse-index 566 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript; charset=utf-8 cache-control private, no-cache, no-store, proxy-revalidate cf-ray 72d43cd9cc5f7154-YUL expires 0
GET H3	200	j.ad Show response s.tribalfusion.com/ Frame C516	3 KB 2 KB	198ms 198ms	Script application/x-javascript	2606:4700:4400::ac40:98f5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8230918794&tagKey=538109925&site=flamingtextcom&adSpace=ros&center=1&env=display&size=160x600&busted=1&url=https%3A%2F%2Fflamingtext.com%2F&f=1&p=1820114&tKey=apmneMnEbAYFjaTWFUnPYZcMrMBSMxZdaP&a=5&adContainerId=richmedia_6&rnd=1819378 Requested by Host: tags.expo9.exponential.com URL: https://tags.expo9.exponential.com/tags/FlamingTextcom/ROS/tags.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 857913217e5637b5d227bdb91c831985e639741e15b1179605595f9f72a6b5dc Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT content-encoding gzip cf-cache-status DYNAMIC p3p CP="NOI DEVo TAIa OUR BUS" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1370 pragma no-cache x-function 101 server cloudflare x-reuse-index 27 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript; charset=utf-8 cache-control private, no-cache, no-store, proxy-revalidate cf-ray 72d43cd9ec827154-YUL expires 0
GET H2	200	tf_adChoice11.js Show response cdnx.tribalfusion.com/media/common/adChoice/ Frame 24C8	4 KB 1 KB	37ms 25ms	Script application/x-javascript	2606:4700:4400::ac40:98f5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnx.tribalfusion.com/media/common/adChoice/tf_adChoice11.js Requested by Host: flamingtext.com URL: https://flamingtext.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d9ebddedcebd351bb4e992c15921ef1378358eb1e02a8bae03d249506f2cd11a Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT content-encoding gzip cf-cache-status HIT age 7707 p3p CP="NOI DEVo TAIa OUR BUS" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-function 301 last-modified Mon, 22 Mar 2021 08:13:56 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cache-control public cf-ray 72d43cdb1eba4bcb-YUL expires Tue, 31 Dec 2030 00:00:00 GMT
GET H2	200	dcmads.js Show response www.googletagservices.com/dcm/ Frame 24C8	23 KB 9 KB	66ms 19ms	Script text/javascript	2607:f8b0:4006:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/dcm/dcmads.js Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8230918794&tagKey=538109925&site=flamingtextcom&adSpace=ros&center=1&env=display&size=160x600&busted=1&url=https%3A%2F%2Fflamingtext.com%2F&f=1&p=1820114&tKey=agmneMmE7V3bMQWUJDVPQ12tvgSMxZb0v&a=1&adContainerId=richmedia_2&rnd=1811702 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81d::2002 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2a40641661b54c304ebe64ce944b1261fd061962a6f2b86558f3b3d98237ca0a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:14:41 GMT content-encoding gzip x-content-type-options nosniff age 1812 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8749 x-xss-protection 0 last-modified Wed, 29 Jun 2022 21:33:10 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-dcm-tag" vary Accept-Encoding report-to {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes expires Tue, 19 Jul 2022 15:14:41 GMT
GET H2	200	ipg a4.tribalfusion.com/ Frame 24C8	43 B 102 B	235ms 183ms	Image image/gif	104.18.32.107 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a4.tribalfusion.com/ipg?ip6=2607:5300:60:7867::6&kv=%7B%22ord%22%3A%201750220372%2C%20%22clientID%22%3A%20797333%7D Requested by Host: flamingtext.com URL: https://flamingtext.com/ads/tribal/tribal.home.right.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.32.107 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Tue, 19 Jul 2022 14:44:53 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 72d43cdb69eb54af-YYZ p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private content-type image/gif; charset=utf-8 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	dvbs_src.js Show response cdn.doubleverify.com/ Frame 8A40	2 KB 1 KB	60ms 21ms	Script application/javascript	2600:1400:b000:284::4469 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.doubleverify.com/dvbs_src.js?ctx=3886119&cmp=181540&plc=6478016&sid=6827&dvregion=0&unit=728x90 Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8230918794&tagKey=538109925&site=flamingtextcom&adSpace=ros&center=1&env=display&size=728x90&busted=1&url=https%3A%2F%2Fflamingtext.com%2F&f=1&p=1820114&tKey=aSmneM3tMHQsZbB56nKptepXaZbPSMxOjW&a=3&adContainerId=richmedia_4&rnd=1813934 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2600:1400:b000:284::4469 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash e4fd699d785da5ba9b6cc4de5686c4c2220fb0dcb726cd80c879aa3798b5e888 Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Tue, 19 Jul 2022 14:44:53 GMT Content-Encoding gzip Last-Modified Sun, 17 Jul 2022 08:29:57 GMT Server Microsoft-IIS/10.0 ETag "f8e0a365b799d81:0" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=86400 Connection keep-alive Accept-Ranges bytes Timing-Allow-Origin * Content-Length 1170
GET H2	200	tf_adChoice11.js Show response cdnx.tribalfusion.com/media/common/adChoice/ Frame C516	4 KB 1 KB	18ms 18ms	Script application/x-javascript	2606:4700:4400::ac40:98f5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnx.tribalfusion.com/media/common/adChoice/tf_adChoice11.js Requested by Host: flamingtext.com URL: https://flamingtext.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d9ebddedcebd351bb4e992c15921ef1378358eb1e02a8bae03d249506f2cd11a Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:53 GMT content-encoding gzip cf-cache-status HIT age 7707 p3p CP="NOI DEVo TAIa OUR BUS" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-function 301 last-modified Mon, 22 Mar 2021 08:13:56 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cache-control public cf-ray 72d43cdb2edf4bcb-YUL expires Tue, 31 Dec 2030 00:00:00 GMT
GET H2	200	dcmads.js Show response www.googletagservices.com/dcm/ Frame C516	23 KB 9 KB	45ms 22ms	Script text/javascript	2607:f8b0:4006:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/dcm/dcmads.js Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8230918794&tagKey=538109925&site=flamingtextcom&adSpace=ros&center=1&env=display&size=160x600&busted=1&url=https%3A%2F%2Fflamingtext.com%2F&f=1&p=1820114&tKey=apmneMnEbAYFjaTWFUnPYZcMrMBSMxZdaP&a=5&adContainerId=richmedia_6&rnd=1819378 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81d::2002 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2a40641661b54c304ebe64ce944b1261fd061962a6f2b86558f3b3d98237ca0a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:14:41 GMT content-encoding gzip x-content-type-options nosniff age 1812 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8749 x-xss-protection 0 last-modified Wed, 29 Jun 2022 21:33:10 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-dcm-tag" vary Accept-Encoding report-to {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes expires Tue, 19 Jul 2022 15:14:41 GMT
GET H2	200	ipg a4.tribalfusion.com/ Frame C516	43 B 383 B	207ms 181ms	Image image/gif	104.18.32.107 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a4.tribalfusion.com/ipg?ip6=2607:5300:60:7867::6&kv=%7B%22ord%22%3A%201750220428%2C%20%22clientID%22%3A%20797333%7D Requested by Host: flamingtext.com URL: https://flamingtext.com/ads/tribal/tribal.home.left.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.32.107 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Tue, 19 Jul 2022 14:44:53 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 72d43cdb69ec54af-YYZ p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private content-type image/gif; charset=utf-8 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	dvbs_src_internal107.js Show response cdn.doubleverify.com/ Frame 8A40	55 KB 18 KB	21ms 21ms	Script application/javascript	2600:1400:b000:284::4469 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.doubleverify.com/dvbs_src_internal107.js Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=3886119&cmp=181540&plc=6478016&sid=6827&dvregion=0&unit=728x90 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2600:1400:b000:284::4469 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash d3d6498e9829a788ca3d572159ca1a9f9941d4d3287cbe1cfc79186cdc90565f Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Tue, 19 Jul 2022 14:44:53 GMT Content-Encoding gzip Last-Modified Thu, 09 Jun 2022 14:27:50 GMT Server Microsoft-IIS/10.0 ETag "0f7cd18d7cd81:0" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=946080000 Connection keep-alive Accept-Ranges bytes Content-Length 18120
GET H3	200	impl_v90.js Show response www.googletagservices.com/dcm/ Frame 24C8	54 KB 21 KB	69ms 22ms	Script text/javascript	2607:f8b0:4006:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/dcm/impl_v90.js Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/dcm/dcmads.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81d::2002 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash aafbe63767b52106445fc908e63387cf0c3064c6f9b9545d70b77b123f626cc6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 15 Jul 2022 23:34:08 GMT content-encoding gzip x-content-type-options nosniff age 313845 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 21331 x-xss-protection 0 last-modified Mon, 27 Jun 2022 13:07:10 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-dcm-tag" vary Accept-Encoding report-to {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 15 Jul 2023 23:34:08 GMT
GET H3	200	impl_v90.js Show response www.googletagservices.com/dcm/ Frame C516	54 KB 21 KB	64ms 20ms	Script text/javascript	2607:f8b0:4006:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/dcm/impl_v90.js Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/dcm/dcmads.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81d::2002 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash aafbe63767b52106445fc908e63387cf0c3064c6f9b9545d70b77b123f626cc6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 15 Jul 2022 23:34:08 GMT content-encoding gzip x-content-type-options nosniff age 313845 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 21331 x-xss-protection 0 last-modified Mon, 27 Jun 2022 13:07:10 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-dcm-tag" vary Accept-Encoding report-to {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 15 Jul 2023 23:34:08 GMT
GET H/1.1	200 OK	verify.js Show response rtb0.doubleverify.com/ Frame 8A40	751 B 696 B	211ms 22ms	Script text/javascript	204.154.110.79 DOUBLE-VERIFY
General Check archive.org Show headers Download Go to Full URL https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_330961861260&jsTagObjCallback=__tagObject_callback_330961861260&num=6&ctx=3886119&cmp=181540&plc=6478016&sid=6827&advid=&adsrv=&unit=728x90&isdvvid=&uid=330961861260&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&brid=3&brver=103&bridua=3&dup=null&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=1&htmlmsging=1&m1=13&noc=4&fcifrms=3&brh=2&fwc=0&fcl=73&flt=26&fec=489&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=155&eparams=DC4FC%3Dl9EEADTbpTauTau7%3D2%3E%3A%3F8E6IE%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau7%3D2%3E%3A%3F8E6IE%5D4%40%3ETar9EEADTbpTauTau7%3D2%3E%3A%3F8E6IE%5D4%40%3E&dvp_exetime=5.70&callbackName=__verify_callback_330961861260 Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dvbs_src_internal107.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 204.154.110.79 , United States, ASN36062 (DOUBLE-VERIFY, US), Reverse DNS nycp-phlb109.doubleverify.com Software / Resource Hash 49092cd051ff20e5f829b622c670b947470b9531adabc7439e1c0ed243eedc85 Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Pragma no-cache Date Tue, 19 Jul 2022 14:44:53 GMT Content-Encoding br Vary Accept-Encoding Content-Type text/javascript Cache-Control max-age=0 Transfer-Encoding chunked X-DV-Response 1 Expires 07/18/2022 14:44:53
GET H2	200	B26994009.333682559;dc_ver=90.265;dc_eid=40004001;sz=160x600;u_sd=1;dc_adk=1633536224;ord=737khl;click=https%3A%2F%2Fs.tribalfusion.com%2Fh.click%2FaMmYSwodir0qmy2djEPVjF2mQZamtiNUtbb0bncYrbf0TqqSF... Show response ad.doubleclick.net/ddm/adi/N7861.1141592EXPONENTIAL.COM/ Frame 285F	53 KB 26 KB	124ms 61ms	Document text/html	142.251.40.166 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ad.doubleclick.net/ddm/adi/N7861.1141592EXPONENTIAL.COM/B26994009.333682559;dc_ver=90.265;dc_eid=40004001;sz=160x600;u_sd=1;dc_adk=1633536224;ord=737khl;click=https%3A%2F%2Fs.tribalfusion.com%2Fh.click%2FaMmYSwodir0qmy2djEPVjF2mQZamtiNUtbb0bncYrbf0TqqSFrGUFYSVtQYnrBoRFjNXEZbm5TFi2aQPnTjAYrU9THFSm6MKmsrvmHMB2qZbk5tar5mvZaprYJYsQPYsvV0GbumaZbR5bFPWrMHWAQTQavSScFmQWUNYt7tVP3w4sY1XbMLVAao2PUbPPMH2dQO0dBLpdEx36YR3cM6Ucr6UcbfPPMuUdYSTUF42FaqVEjvTTJlSTPZas6ZaemQFxU62VOmY44qEmodr0M6UOx9ml3rftM9SqRb%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fflamingtext.com%2F$0;xdt=0;crlt=zxb3mjlPLL;stc=1;chaa=1;sttr=91;prcl=s Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/dcm/impl_v90.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.40.166 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s81-in-f6.1e100.net Software cafe / Resource Hash 13e0bc19229fe690a7e93c167e58a4c4cc4298a118c44ce4a9644ebf04488782 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://flamingtext.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control no-cache, must-revalidate content-encoding br content-length 26341 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 19 Jul 2022 14:44:53 GMT expires Fri, 01 Jan 1990 00:00:00 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	B26994009.333682559;dc_ver=90.265;dc_eid=40004000;sz=160x600;u_sd=1;dc_adk=3756665567;ord=j4r1j6;click=https%3A%2F%2Fs.tribalfusion.com%2Fh.click%2Fa0mYSwpdEu36YV5sb7Us3aUcbfPAnmTHnSWrbX3F6oWEjmWqr... Show response ad.doubleclick.net/ddm/adi/N7861.1141592EXPONENTIAL.COM/ Frame E537	53 KB 26 KB	129ms 70ms	Document text/html	142.251.40.166 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ad.doubleclick.net/ddm/adi/N7861.1141592EXPONENTIAL.COM/B26994009.333682559;dc_ver=90.265;dc_eid=40004000;sz=160x600;u_sd=1;dc_adk=3756665567;ord=j4r1j6;click=https%3A%2F%2Fs.tribalfusion.com%2Fh.click%2Fa0mYSwpdEu36YV5sb7Us3aUcbfPAnmTHnSWrbX3F6oWEjmWqraQEYFSVJZaQremPWviVVjS4FmpodEMYqux2dbFPGZbH4P3ZaoderVWJdYUf71UZbe0TqtPbrATbvYVdrWmrZboQbBo1qFm4aYj4aQRnq7K1r3aUdMSoAnZcnsYpmHnH3qMf5Hus3A7LnFbJXsr0YVF3XG7upT7U5FUVWFZbDUAv5RE31QcQpPWjx0WBqWPbp4sBU0U2KnGnPNqmgWHAmqnnN0cbLpd3WwqyUuouKXUUVMWJG3Y%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fflamingtext.com%2F$0;xdt=0;crlt=zxb3mjlPLL;stc=1;chaa=1;sttr=108;prcl=s Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/dcm/impl_v90.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.40.166 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s81-in-f6.1e100.net Software cafe / Resource Hash 82893567f48320c8896f462403c616d12daf872900db3d4056ba93a9a71815b9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://flamingtext.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control no-cache, must-revalidate content-encoding br content-length 26323 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 19 Jul 2022 14:44:53 GMT expires Fri, 01 Jan 1990 00:00:00 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	p.media Show response s.tribalfusion.com/ Frame 7BBB	201 B 510 B	187ms 187ms	Document text/html	2606:4700:4400::ac40:98f5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/p.media?clickID=a1mTKd3A7ZaprMZb0VvW1sJ5XGJMpEZbP3FM2VU7HVmv5REn2PVQtQdUv0HBrVPrw4sUW0FUJTmip2AF8PmjK2HMn0dUJnWZaN56B14GjbVcM9Ucb8S6QwWWrQTFM15bAuVTnxTTB8QqBZcQVJZbPFAmPHv8WcUW2repodiOXaev4dvZdPcrA5PMJpWPnVWJ60bQaYUFj1EZapSFnBTbBSTtJWorZb4PbrNN7ypNQqjudMfUIb0Bs&mediaDataID=7665496&mediaName=frame.html Requested by Host: flamingtext.com URL: https://flamingtext.com/ads/tribal/tribal.home.right.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ca8ad590090cc0f33d1def7307fa0ebf08f4df54a3dc6acff7c478ac8e5a39ff Request headers Referer https://flamingtext.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control private, no-cache, no-store, proxy-revalidate cf-cache-status DYNAMIC cf-ray 72d43cdc289a7154-YUL content-encoding gzip content-type text/html; charset=utf-8 date Tue, 19 Jul 2022 14:44:53 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" expires 0 p3p CP="NOI DEVo TAIa OUR BUS" pragma no-cache server cloudflare vary Accept-Encoding x-function 102 x-reuse-index 283
GET H3	200	p.media Show response s.tribalfusion.com/ Frame 76CE	324 B 600 B	182ms 182ms	Document text/html	2606:4700:4400::ac40:98f5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/p.media?clickID=a2mTKdmdAsVWJ9XbQ9XFUgXaZamRrYETFvSVdY4nFJmRU7pXqYs5EUe5TY5majB1rBhWWbRmAfIpVfmoWvJ3TMl3Hat5mfKmFbGYsfU1cnXXG7nnTJW2r3VWrnFUAMTQavSScFmQWUNYt7tVP3w4sY1XbMLVAao2PUePmMA4WQO1tBZcmWZaO4PUT3sr7VcndWc7iSmMyTHMQTFMP5b2uUqn2VaJlsnuKoSmLssaCTG7GV4&mediaDataID=5436426&mediaName=frame.html Requested by Host: flamingtext.com URL: https://flamingtext.com/ads/tribal/tribal.home.right.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash def048d8c07a19dba6687c8f987497bfe7cbc6d52fe7693fc983e805a9ad33f9 Request headers Referer https://flamingtext.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control private, no-cache, no-store, proxy-revalidate cf-cache-status DYNAMIC cf-ray 72d43cdc389e7154-YUL content-encoding gzip content-type text/html; charset=utf-8 date Tue, 19 Jul 2022 14:44:53 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" expires 0 p3p CP="NOI DEVo TAIa OUR BUS" pragma no-cache server cloudflare vary Accept-Encoding x-function 102 x-reuse-index 567
GET H3	200	p.media Show response s.tribalfusion.com/ Frame F448	275 B 566 B	181ms 180ms	Document text/html	2606:4700:4400::ac40:98f5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/p.media?clickID=a3mTKd36YS3sr7VsQaWcjhPPnOTdnWTrFP3rZanVEroTT38Pa3ZdSGQZcQFAqRtnaUVn32Uunmdqs0a6v2trZdQVFC4A3ZcoWImUHQfYUf71UjjXaiMSUUHUrM5WHJ2orZbxQrfy1EZbn5qUl2av3maFB1rZbdUtZbPom7JpGvwoWfD5EQ72Wmp4PfZbpbrJ0GnQ1cM20GbOmqBP2rMPWrnZcUA7TREvqQVZbMsRiwwoXnm9vIX8AT8d&mediaDataID=6530936&mediaName=frame.html Requested by Host: flamingtext.com URL: https://flamingtext.com/ads/tribal/tribal.home.right.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e03c66e0b42a06817cf4e0f98b1d5fc8fd3c3d9535e78196c6d0a0aec8ec8dd0 Request headers Referer https://flamingtext.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control private, no-cache, no-store, proxy-revalidate cf-cache-status DYNAMIC cf-ray 72d43cdc38a27154-YUL content-encoding gzip content-type text/html; charset=utf-8 date Tue, 19 Jul 2022 14:44:53 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" expires 0 p3p CP="NOI DEVo TAIa OUR BUS" pragma no-cache server cloudflare vary Accept-Encoding x-function 102 x-reuse-index 1126
GET H3	200	p.media Show response s.tribalfusion.com/ Frame 014A	242 B 525 B	187ms 187ms	Document text/html	2606:4700:4400::ac40:98f5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/p.media?clickID=a4mTKdprMZc0GnQYc3UXsZbupTFV3rr4WFJZcWPn3QqM0ScYmPHJO1dvqWP3N2GQ20UYBV6qm4PZb7RmrA2H3O0HnZcnWIx5PQU4VjeUVJ8UcJiPP3oUdQSWbb32U2pUqnvWqUjSTJISsQJRr6sRtYbUVMQ4rPpoWyt0qmp2tbFSGfZa5PJIoW6nTWYc0bnb1U7f0aepSFnDTrv5WHJWorQxRUf1YqFyunihO7A1VW7pPwWQKC&mediaDataID=4056396&mediaName=frame.html Requested by Host: flamingtext.com URL: https://flamingtext.com/ads/tribal/tribal.home.right.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 99e99fc71ba6bb9e708c6665fcd3b85f1e2d692f14c583f0fab2765ab46c8191 Request headers Referer https://flamingtext.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control private, no-cache, no-store, proxy-revalidate cf-cache-status DYNAMIC cf-ray 72d43cdc38a67154-YUL content-encoding gzip content-type text/html; charset=utf-8 date Tue, 19 Jul 2022 14:44:53 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" expires 0 p3p CP="NOI DEVo TAIa OUR BUS" pragma no-cache server cloudflare vary Accept-Encoding x-function 102 x-reuse-index 634
GET H3	200	p.media Show response s.tribalfusion.com/ Frame CD92	259 B 557 B	180ms 180ms	Document text/html	2606:4700:4400::ac40:98f5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/p.media?clickID=a5mTKdVWJ70bnaYrj71EyqPbYGTbr5THnWmbBoQbjr1EQn4aJk4q74naFFYFF6WHf0oPnLnG7pmW7D3T373dAm5mjZdnFrIYGfXXVFYXGZbOpT743rUUVbfHVm75REvQPGQOSt3u1WvpT6My2Gv20UUZbTA2o26F6R6bK2HZbrXW3AmH2x46YQ4sMdVcQcUcFeRPYyTHMSTUF22U2uUqjvTTUKQaBFqpeZbnmYmqEMWUsfURM&mediaDataID=2713736&mediaName=frame.html Requested by Host: flamingtext.com URL: https://flamingtext.com/ads/tribal/tribal.home.right.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9b26295a1f9d1cec7f77bbd0853fe3a6c65a82caf04eb888e016e787be98a47c Request headers Referer https://flamingtext.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control private, no-cache, no-store, proxy-revalidate cf-cache-status DYNAMIC cf-ray 72d43cdc38aa7154-YUL content-encoding gzip content-type text/html; charset=utf-8 date Tue, 19 Jul 2022 14:44:53 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" expires 0 p3p CP="NOI DEVo TAIa OUR BUS" pragma no-cache server cloudflare vary Accept-Encoding x-function 102 x-reuse-index 1351
GET H3	200	p.media Show response s.tribalfusion.com/ Frame 6E42	213 B 517 B	184ms 184ms	Document text/html	2606:4700:4400::ac40:98f5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/p.media?clickID=a6mTKd3sr6VcQcVGrfRPQxWdnRWbFX2UauWaMmWaQaSTUIRcZbIPburStY7WcrV2FqvotirXqew4tjFQVbZa46vJoWZarTdBd0UfiXbYiXaApPbQZbUUJ5VWn4nFQmRUfNXaYN3T3f4E7YoTbHYFj6WHbVmmYJpsfomHnJ3TZbh5tiN46vLnrYIXVvW1c33XGBxnTbP2rMRWbJCVm7TREbQScQXQHUryRAttbEwwr3kRsHyLn&mediaDataID=6347136&mediaName=frame.html Requested by Host: flamingtext.com URL: https://flamingtext.com/ads/tribal/tribal.home.right.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 93610bbec1a29db79f818132d241d410dd1372ed48984d458230bd2346961a00 Request headers Referer https://flamingtext.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control private, no-cache, no-store, proxy-revalidate cf-cache-status DYNAMIC cf-ray 72d43cdc38ae7154-YUL content-encoding gzip content-type text/html; charset=utf-8 date Tue, 19 Jul 2022 14:44:53 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" expires 0 p3p CP="NOI DEVo TAIa OUR BUS" pragma no-cache server cloudflare vary Accept-Encoding x-function 102 x-reuse-index 566
GET H3	200	p.media Show response s.tribalfusion.com/ Frame 6E9E	279 B 572 B	181ms 180ms	Document text/html	2606:4700:4400::ac40:98f5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/p.media?clickID=a7mTKd0GnP1c341c7NpEjW5UZbUWrBGVAYTPTrXPVUsStBu0HboVmbO3GvXXb3KVmuu2AU8P6MD4HFr0HQAntiy5PUP5GMcVsJlVVMjPPnyWd33TFBS3FIxVEjoTTUlPq3HQVYZdPUuoPHv9Wc3V2FurmWEt0E6x4dMZdQVrG2mUHpHXNTHje0UM91UBeXaZatRbUDTrv3WWn1nFQxRUrN1EYY5aUavBX3QQ2BOsJR34o37S&mediaDataID=9148826&mediaName=frame.html Requested by Host: flamingtext.com URL: https://flamingtext.com/ads/tribal/tribal.home.right.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cefa7fdc960cd8eca656dbb7b8d536694cff77750744351f0cefb4e18936efb1 Request headers Referer https://flamingtext.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control private, no-cache, no-store, proxy-revalidate cf-cache-status DYNAMIC cf-ray 72d43cdc38b17154-YUL content-encoding gzip content-type text/html; charset=utf-8 date Tue, 19 Jul 2022 14:44:53 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" expires 0 p3p CP="NOI DEVo TAIa OUR BUS" pragma no-cache server cloudflare vary Accept-Encoding x-function 102 x-reuse-index 65
GET H3	200	p.media Show response s.tribalfusion.com/ Frame 3875	264 B 559 B	186ms 186ms	Document text/html	2606:4700:4400::ac40:98f5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/p.media?clickID=a8mVRC0bna1UBi0TusSrvEWUv5WHF2nbfxPFbtXq3t3TBf5TMXmEMEXFjaUtjQoAMDpVvmoHfA5TFh3d6N5PJInFnZbXsvYYVFT1svNpTZbP5U32VFBCVmr2QqbXSVMNPt3sYtJmV63O3sBXXbFDV6Xp2PQePmBB3HYO0HvLmdZan3mQY5cj6VcQjWVMlPPMyTdJUTFJP3rAuVarnVan8PEvIRG7ZbRruvPH7iWdBT2F74UpJpOmMSPTvqhfjvFx&mediaDataID=5578346&mediaName=frame.html Requested by Host: flamingtext.com URL: https://flamingtext.com/ads/tribal/tribal.home.right.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b52391aae3a5fc258d86301878180a86fde4559ab7110d213fb49c381037e127 Request headers Referer https://flamingtext.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control private, no-cache, no-store, proxy-revalidate cf-cache-status DYNAMIC cf-ray 72d43cdc38b37154-YUL content-encoding gzip content-type text/html; charset=utf-8 date Tue, 19 Jul 2022 14:44:53 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" expires 0 p3p CP="NOI DEVo TAIa OUR BUS" pragma no-cache server cloudflare vary Accept-Encoding x-function 102 x-reuse-index 400
GET H3	200	p.media Show response s.tribalfusion.com/ Frame 2A49	447 B 654 B	191ms 191ms	Document text/html	2606:4700:4400::ac40:98f5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/p.media?clickID=a9mTKdVcQdUcbeRAnxTHvTWrJS2FItVEUvVEYcPaYZcQVFZdQFapRW76Vc3R4rmpod6M0amv2dbGSVMG46YHoteoTdF8XUvjYFY71TqoPbMDWUYSWHUYnbfoQbrr1EYy4qJc2af5mqMD1rZbcUtFQoAnZdnsQomt7B5EU73dmq3AbGmUbJYGnXXcv1XG7wpTBT3UYRWbJAV6YXQqbQScZbMStJP1HvunF2yMp62NVQuSkmRVe&mediaDataID=6719746&mediaName=frame.html Requested by Host: flamingtext.com URL: https://flamingtext.com/ads/tribal/tribal.home.right.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8b45bd7222fdda1c51e7f3a2c269e6647cd250ee0a7003452a45732b20472c49 Request headers Referer https://flamingtext.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control private, no-cache, no-store, proxy-revalidate cf-cache-status DYNAMIC cf-ray 72d43cdc38b67154-YUL content-encoding gzip content-type text/html; charset=utf-8 date Tue, 19 Jul 2022 14:44:53 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" expires 0 p3p CP="NOI DEVo TAIa OUR BUS" pragma no-cache server cloudflare vary Accept-Encoding x-function 102 x-reuse-index 1549
GET H2	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20220718/r20110914/elements/html/ Frame 285F	8 KB 4 KB	74ms 18ms	Script text/javascript	2607:f8b0:4006:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20220718/r20110914/elements/html/omrhp.js Requested by Host: ad.doubleclick.net URL: https://ad.doubleclick.net/ddm/adi/N7861.1141592EXPONENTIAL.COM/B26994009.333682559;dc_ver=90.265;dc_eid=40004001;sz=160x600;u_sd=1;dc_adk=1633536224;ord=737khl;click=https%3A%2F%2Fs.tribalfusion.com%2Fh.click%2FaMmYSwodir0qmy2djEPVjF2mQZamtiNUtbb0bncYrbf0TqqSFrGUFYSVtQYnrBoRFjNXEZbm5TFi2aQPnTjAYrU9THFSm6MKmsrvmHMB2qZbk5tar5mvZaprYJYsQPYsvV0GbumaZbR5bFPWrMHWAQTQavSScFmQWUNYt7tVP3w4sY1XbMLVAao2PUbPPMH2dQO0dBLpdEx36YR3cM6Ucr6UcbfPPMuUdYSTUF42FaqVEjvTTJlSTPZas6ZaemQFxU62VOmY44qEmodr0M6UOx9ml3rftM9SqRb%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fflamingtext.com%2F$0;xdt=0;crlt=zxb3mjlPLL;stc=1;chaa=1;sttr=91;prcl=s Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://ad.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 13:53:26 GMT content-encoding gzip x-content-type-options nosniff age 3087 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3159 x-xss-protection 0 server cafe etag 1394524276809619753 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 02 Aug 2022 13:53:26 GMT
GET H2	200	express_html_inpage_rendering_lib_200_276.js Show response s0.2mdn.net/879366/ Frame 285F	106 KB 38 KB	65ms 18ms	Script text/javascript	2607:f8b0:4006:80d::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js Requested by Host: ad.doubleclick.net URL: https://ad.doubleclick.net/ddm/adi/N7861.1141592EXPONENTIAL.COM/B26994009.333682559;dc_ver=90.265;dc_eid=40004001;sz=160x600;u_sd=1;dc_adk=1633536224;ord=737khl;click=https%3A%2F%2Fs.tribalfusion.com%2Fh.click%2FaMmYSwodir0qmy2djEPVjF2mQZamtiNUtbb0bncYrbf0TqqSFrGUFYSVtQYnrBoRFjNXEZbm5TFi2aQPnTjAYrU9THFSm6MKmsrvmHMB2qZbk5tar5mvZaprYJYsQPYsvV0GbumaZbR5bFPWrMHWAQTQavSScFmQWUNYt7tVP3w4sY1XbMLVAao2PUbPPMH2dQO0dBLpdEx36YR3cM6Ucr6UcbfPPMuUdYSTUF42FaqVEjvTTJlSTPZas6ZaemQFxU62VOmY44qEmodr0M6UOx9ml3rftM9SqRb%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fflamingtext.com%2F$0;xdt=0;crlt=zxb3mjlPLL;stc=1;chaa=1;sttr=91;prcl=s Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80d::2006 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ad.doubleclick.net/ Origin https://ad.doubleclick.net accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 02:26:33 GMT content-encoding gzip x-content-type-options nosniff age 44300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37872 x-xss-protection 0 last-modified Wed, 02 Mar 2022 23:07:26 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 20 Jul 2022 02:26:33 GMT
GET H2	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 285F	41 KB 15 KB	73ms 21ms	Script text/javascript	2607:f8b0:4006:823::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: ad.doubleclick.net URL: https://ad.doubleclick.net/ddm/adi/N7861.1141592EXPONENTIAL.COM/B26994009.333682559;dc_ver=90.265;dc_eid=40004001;sz=160x600;u_sd=1;dc_adk=1633536224;ord=737khl;click=https%3A%2F%2Fs.tribalfusion.com%2Fh.click%2FaMmYSwodir0qmy2djEPVjF2mQZamtiNUtbb0bncYrbf0TqqSFrGUFYSVtQYnrBoRFjNXEZbm5TFi2aQPnTjAYrU9THFSm6MKmsrvmHMB2qZbk5tar5mvZaprYJYsQPYsvV0GbumaZbR5bFPWrMHWAQTQavSScFmQWUNYt7tVP3w4sY1XbMLVAao2PUbPPMH2dQO0dBLpdEx36YR3cM6Ucr6UcbfPPMuUdYSTUF42FaqVEjvTTJlSTPZas6ZaemQFxU62VOmY44qEmodr0M6UOx9ml3rftM9SqRb%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fflamingtext.com%2F$0;xdt=0;crlt=zxb3mjlPLL;stc=1;chaa=1;sttr=91;prcl=s Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://ad.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Thu, 14 Jul 2022 11:25:14 GMT content-encoding gzip x-content-type-options nosniff age 443979 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 14 Jul 2023 11:25:14 GMT
GET H2	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20220718/r20110914/elements/html/ Frame E537	8 KB 3 KB	52ms 19ms	Script text/javascript	2607:f8b0:4006:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20220718/r20110914/elements/html/omrhp.js Requested by Host: ad.doubleclick.net URL: https://ad.doubleclick.net/ddm/adi/N7861.1141592EXPONENTIAL.COM/B26994009.333682559;dc_ver=90.265;dc_eid=40004000;sz=160x600;u_sd=1;dc_adk=3756665567;ord=j4r1j6;click=https%3A%2F%2Fs.tribalfusion.com%2Fh.click%2Fa0mYSwpdEu36YV5sb7Us3aUcbfPAnmTHnSWrbX3F6oWEjmWqraQEYFSVJZaQremPWviVVjS4FmpodEMYqux2dbFPGZbH4P3ZaoderVWJdYUf71UZbe0TqtPbrATbvYVdrWmrZboQbBo1qFm4aYj4aQRnq7K1r3aUdMSoAnZcnsYpmHnH3qMf5Hus3A7LnFbJXsr0YVF3XG7upT7U5FUVWFZbDUAv5RE31QcQpPWjx0WBqWPbp4sBU0U2KnGnPNqmgWHAmqnnN0cbLpd3WwqyUuouKXUUVMWJG3Y%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fflamingtext.com%2F$0;xdt=0;crlt=zxb3mjlPLL;stc=1;chaa=1;sttr=108;prcl=s Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://ad.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 13:53:26 GMT content-encoding gzip x-content-type-options nosniff age 3087 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3159 x-xss-protection 0 server cafe etag 1394524276809619753 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 02 Aug 2022 13:53:26 GMT
POST H/1.1	204 No Content	bsevent.gif rtbc-nyc.doubleverify.com/ Frame 8A40	0 210 B	58ms 19ms	Ping text/plain	204.154.110.79 DOUBLE-VERIFY
General Check archive.org Show headers Download Go to Full URL https://rtbc-nyc.doubleverify.com/bsevent.gif?flvr=0&impid=30e3ffb0ba2348e98b298709cdc6711d&vfdur=221&cbust=1658241893938286 Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dvbs_src_internal107.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 204.154.110.79 , United States, ASN36062 (DOUBLE-VERIFY, US), Reverse DNS nycp-phlb109.doubleverify.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Access-Control-Allow-Origin * Pragma no-cache Date Tue, 19 Jul 2022 14:44:53 GMT Cache-Control max-age=0 Access-Control-Allow-Credentials true Expires 07/18/2022 14:44:53
GET H3	200	tags.js Show response tags.expo9.exponential.com/tags/ContentVerification/AdVerificationBackup_DV/ Frame 8A40	59 KB 14 KB	123ms 107ms	Script application/x-javascript	2606:4700:4400::ac40:9812 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tags.expo9.exponential.com/tags/ContentVerification/AdVerificationBackup_DV/tags.js Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dvbs_src_internal107.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:4400::ac40:9812 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 12534ddd72a6fd824b74ce1bfa837910a1269043201a3c25f60aac2275136a8b Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:54 GMT content-encoding gzip cf-cache-status DYNAMIC p3p CP="NOI DEVo TAIa OUR BUS" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 14123 x-function 151 last-modified Wed, 11 Aug 2021 04:08:51 GMT server cloudflare x-reuse-index 122 etag 5672237189420686291 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript cache-control max-age=3600, private cf-ray 72d43cdd3f5c713c-YUL expires Tue, 19 Jul 2022 15:44:54 GMT
GET H2	200	express_html_inpage_rendering_lib_200_276.js Show response s0.2mdn.net/879366/ Frame E537	106 KB 37 KB	65ms 42ms	Script text/javascript	2607:f8b0:4006:80d::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js Requested by Host: ad.doubleclick.net URL: https://ad.doubleclick.net/ddm/adi/N7861.1141592EXPONENTIAL.COM/B26994009.333682559;dc_ver=90.265;dc_eid=40004000;sz=160x600;u_sd=1;dc_adk=3756665567;ord=j4r1j6;click=https%3A%2F%2Fs.tribalfusion.com%2Fh.click%2Fa0mYSwpdEu36YV5sb7Us3aUcbfPAnmTHnSWrbX3F6oWEjmWqraQEYFSVJZaQremPWviVVjS4FmpodEMYqux2dbFPGZbH4P3ZaoderVWJdYUf71UZbe0TqtPbrATbvYVdrWmrZboQbBo1qFm4aYj4aQRnq7K1r3aUdMSoAnZcnsYpmHnH3qMf5Hus3A7LnFbJXsr0YVF3XG7upT7U5FUVWFZbDUAv5RE31QcQpPWjx0WBqWPbp4sBU0U2KnGnPNqmgWHAmqnnN0cbLpd3WwqyUuouKXUUVMWJG3Y%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fflamingtext.com%2F$0;xdt=0;crlt=zxb3mjlPLL;stc=1;chaa=1;sttr=108;prcl=s Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80d::2006 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ad.doubleclick.net/ Origin https://ad.doubleclick.net accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 02:26:33 GMT content-encoding gzip x-content-type-options nosniff age 44300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37872 x-xss-protection 0 last-modified Wed, 02 Mar 2022 23:07:26 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 20 Jul 2022 02:26:33 GMT
GET H2	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame E537	41 KB 15 KB	56ms 25ms	Script text/javascript	2607:f8b0:4006:823::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: ad.doubleclick.net URL: https://ad.doubleclick.net/ddm/adi/N7861.1141592EXPONENTIAL.COM/B26994009.333682559;dc_ver=90.265;dc_eid=40004000;sz=160x600;u_sd=1;dc_adk=3756665567;ord=j4r1j6;click=https%3A%2F%2Fs.tribalfusion.com%2Fh.click%2Fa0mYSwpdEu36YV5sb7Us3aUcbfPAnmTHnSWrbX3F6oWEjmWqraQEYFSVJZaQremPWviVVjS4FmpodEMYqux2dbFPGZbH4P3ZaoderVWJdYUf71UZbe0TqtPbrATbvYVdrWmrZboQbBo1qFm4aYj4aQRnq7K1r3aUdMSoAnZcnsYpmHnH3qMf5Hus3A7LnFbJXsr0YVF3XG7upT7U5FUVWFZbDUAv5RE31QcQpPWjx0WBqWPbp4sBU0U2KnGnPNqmgWHAmqnnN0cbLpd3WwqyUuouKXUUVMWJG3Y%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fflamingtext.com%2F$0;xdt=0;crlt=zxb3mjlPLL;stc=1;chaa=1;sttr=108;prcl=s Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://ad.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Thu, 14 Jul 2022 11:25:14 GMT content-encoding gzip x-content-type-options nosniff age 443979 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 14 Jul 2023 11:25:14 GMT
GET H2	200	i.match a.tribalfusion.com/ Frame F448 Redirect Chain https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=131&external_user_id=18072662294449567987&cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D&cm_dsp_id=131&external_user_id=18072662294449567987&C=1 https://a.tribalfusion.com/i.match?p=b20&u=YtbDZgYSRtJXVTYd3cmwOQAA	43 B 633 B	192ms 192ms	Image image/gif	2606:4700:4400::ac40:98f5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.tribalfusion.com/i.match?p=b20&u=YtbDZgYSRtJXVTYd3cmwOQAA Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/p.media?clickID=a3mTKd36YS3sr7VsQaWcjhPPnOTdnWTrFP3rZanVEroTT38Pa3ZdSGQZcQFAqRtnaUVn32Uunmdqs0a6v2trZdQVFC4A3ZcoWImUHQfYUf71UjjXaiMSUUHUrM5WHJ2orZbxQrfy1EZbn5qUl2av3maFB1rZbdUtZbPom7JpGvwoWfD5EQ72Wmp4PfZbpbrJ0GnQ1cM20GbOmqBP2rMPWrnZcUA7TREvqQVZbMsRiwwoXnm9vIX8AT8d&mediaDataID=6530936&mediaName=frame.html Protocol H2 Server 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language en-CA,en;q=0.9 Referer https://s.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Tue, 19 Jul 2022 14:44:54 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 72d43cdeed1e4bcb-YUL p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private content-type image/gif; charset=utf-8 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers pragma no-cache date Tue, 19 Jul 2022 14:44:54 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9flsRG59WrL9IaALSGhV%2Fu4dKZaqKwKpPdCzMSXfrOE8MUmKg3f5yvWgqES3MQ5gu3aTfCH3Gpsua%2FKkHRAM0hCfHxfWaHRK%2F4uYRkBUdJ3fXIrc2%2B4vY0SeQkDwwyxWA0lT3HpX06xCQw%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" location https://a.tribalfusion.com/i.match?p=b20&u=YtbDZgYSRtJXVTYd3cmwOQAA cache-control no-cache cf-ray 72d43cde68bf543d-YYZ alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0 expires 0
GET H/1.1	200 OK	tap.php pixel.rubiconproject.com/ Frame 76CE Redirect Chain https://a.tribalfusion.com/i.match?p=b10&u=18072662294449567987&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180 https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662294449567987&expires=180	42 B 767 B	108ms 26ms	Image image/gif	69.173.151.100 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662294449567987&expires=180 Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/p.media?clickID=a2mTKdmdAsVWJ9XbQ9XFUgXaZamRrYETFvSVdY4nFJmRU7pXqYs5EUe5TY5majB1rBhWWbRmAfIpVfmoWvJ3TMl3Hat5mfKmFbGYsfU1cnXXG7nnTJW2r3VWrnFUAMTQavSScFmQWUNYt7tVP3w4sY1XbMLVAao2PUePmMA4WQO1tBZcmWZaO4PUT3sr7VcndWc7iSmMyTHMQTFMP5b2uUqn2VaJlsnuKoSmLssaCTG7GV4&mediaDataID=5436426&mediaName=frame.html Protocol HTTP/1.1 Server 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language en-CA,en;q=0.9 Referer https://s.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" content-length 42 X-RPHost 29af2665c43893332e84c235bac366c1 Content-Type image/gif Redirect headers pragma no-cache date Tue, 19 Jul 2022 14:44:54 GMT cf-cache-status DYNAMIC x-function 209 server cloudflare x-reuse-index 4537 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 72d43cddcb7a4bcb-YUL p3p CP="NOI DEVo TAIa OUR BUS" location https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662294449567987&expires=180 cache-control no-cache, private content-type text/html alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	i.match a.tribalfusion.com/ Frame CD92 Redirect Chain https://tags.bluekai.com/site/4229?id=18072662294449567987&redir=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db3%26u%3D%24_BK_UUID https://a.tribalfusion.com/i.match?p=b3&u=$_BK_UUID	43 B 789 B	243ms 238ms	Image image/gif	2606:4700:4400::ac40:98f5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.tribalfusion.com/i.match?p=b3&u=$_BK_UUID Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/p.media?clickID=a5mTKdVWJ70bnaYrj71EyqPbYGTbr5THnWmbBoQbjr1EQn4aJk4q74naFFYFF6WHf0oPnLnG7pmW7D3T373dAm5mjZdnFrIYGfXXVFYXGZbOpT743rUUVbfHVm75REvQPGQOSt3u1WvpT6My2Gv20UUZbTA2o26F6R6bK2HZbrXW3AmH2x46YQ4sMdVcQcUcFeRPYyTHMSTUF22U2uUqjvTTUKQaBFqpeZbnmYmqEMWUsfURM&mediaDataID=2713736&mediaName=frame.html Protocol H2 Server 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language en-CA,en;q=0.9 Referer https://s.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Tue, 19 Jul 2022 14:44:54 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 72d43cdeed174bcb-YUL p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private content-type image/gif; charset=utf-8 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers location https://a.tribalfusion.com/i.match?p=b3&u=$_BK_UUID date Tue, 19 Jul 2022 14:44:54 GMT content-length 0 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
GET H2	200	i.match a.tribalfusion.com/ Frame 6E9E Redirect Chain https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662294449567987&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662294449567987&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID&__user_check__=1&sync_id=5a034ea4-0771-11e... https://a.tribalfusion.com/i.match?p=b19&u=5a034e49-0771-11ed-89f3-111ef7a20303	43 B 614 B	188ms 184ms	Image image/gif	2606:4700:4400::ac40:98f5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.tribalfusion.com/i.match?p=b19&u=5a034e49-0771-11ed-89f3-111ef7a20303 Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/p.media?clickID=a7mTKd0GnP1c341c7NpEjW5UZbUWrBGVAYTPTrXPVUsStBu0HboVmbO3GvXXb3KVmuu2AU8P6MD4HFr0HQAntiy5PUP5GMcVsJlVVMjPPnyWd33TFBS3FIxVEjoTTUlPq3HQVYZdPUuoPHv9Wc3V2FurmWEt0E6x4dMZdQVrG2mUHpHXNTHje0UM91UBeXaZatRbUDTrv3WWn1nFQxRUrN1EYY5aUavBX3QQ2BOsJR34o37S&mediaDataID=9148826&mediaName=frame.html Protocol H2 Server 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language en-CA,en;q=0.9 Referer https://s.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Tue, 19 Jul 2022 14:44:54 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 72d43cdeed1a4bcb-YUL p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private content-type image/gif; charset=utf-8 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Date Tue, 19 Jul 2022 14:44:54 GMT Server nginx Location https://a.tribalfusion.com/i.match?p=b19&u=5a034e49-0771-11ed-89f3-111ef7a20303 Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/gif Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 403 Connection keep-alive Content-Length 43
GET H2	200	i.match a.tribalfusion.com/ Frame 7BBB Redirect Chain https://aa.agkn.com/adscores/g.pixel?sid=9212295768&_puid=18072662294449567987 https://a.tribalfusion.com/i.match?p=b23&u=214120604217006607743	43 B 604 B	192ms 192ms	Image image/gif	2606:4700:4400::ac40:98f5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.tribalfusion.com/i.match?p=b23&u=214120604217006607743 Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/p.media?clickID=a1mTKd3A7ZaprMZb0VvW1sJ5XGJMpEZbP3FM2VU7HVmv5REn2PVQtQdUv0HBrVPrw4sUW0FUJTmip2AF8PmjK2HMn0dUJnWZaN56B14GjbVcM9Ucb8S6QwWWrQTFM15bAuVTnxTTB8QqBZcQVJZbPFAmPHv8WcUW2repodiOXaev4dvZdPcrA5PMJpWPnVWJ60bQaYUFj1EZapSFnBTbBSTtJWorZb4PbrNN7ypNQqjudMfUIb0Bs&mediaDataID=7665496&mediaName=frame.html Protocol H2 Server 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language en-CA,en;q=0.9 Referer https://s.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Tue, 19 Jul 2022 14:44:54 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 72d43cde8c894bcb-YUL p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private content-type image/gif; charset=utf-8 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers pragma no-cache date Tue, 19 Jul 2022 14:44:54 GMT via 1.1 7f9c24c13cc1a16d2c6ea3097e4958fa.cloudfront.net (CloudFront) server AAWebServer x-amz-cf-pop JFK50-P4 location https://a.tribalfusion.com/i.match?p=b23&u=214120604217006607743 access-control-allow-methods GET, POST, OPTIONS p3p policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID" access-control-allow-origin * cache-control no-cache, no-store, must-revalidate x-cache Miss from cloudfront access-control-allow-headers accept, cache-control, origin, x-requested-with, x-file-name, content-type x-amz-cf-id yIPc5_UG1wr61L5u24dzm2LtlQ-mH11z2hfBwf633Ra8vCvAkgSQAA== expires 0
GET H2	200	i.match a.tribalfusion.com/ Frame 6E42 Redirect Chain https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662294449567987&_origin=1&redir=true https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662294449567987&_origin=1&redir=true&verify=true https://a.tribalfusion.com/i.match?p=b17&u=y-tSNUbU1E2uh_BDbC8VTRgTpolhtGUNU-~A	43 B 600 B	196ms 189ms	Image image/gif	2606:4700:4400::ac40:98f5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.tribalfusion.com/i.match?p=b17&u=y-tSNUbU1E2uh_BDbC8VTRgTpolhtGUNU-~A Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/p.media?clickID=a6mTKd3sr6VcQcVGrfRPQxWdnRWbFX2UauWaMmWaQaSTUIRcZbIPburStY7WcrV2FqvotirXqew4tjFQVbZa46vJoWZarTdBd0UfiXbYiXaApPbQZbUUJ5VWn4nFQmRUfNXaYN3T3f4E7YoTbHYFj6WHbVmmYJpsfomHnJ3TZbh5tiN46vLnrYIXVvW1c33XGBxnTbP2rMRWbJCVm7TREbQScQXQHUryRAttbEwwr3kRsHyLn&mediaDataID=6347136&mediaName=frame.html Protocol H2 Server 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language en-CA,en;q=0.9 Referer https://s.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Tue, 19 Jul 2022 14:44:54 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 72d43cde9ca14bcb-YUL p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private content-type image/gif; charset=utf-8 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers location https://a.tribalfusion.com/i.match?p=b17&u=y-tSNUbU1E2uh_BDbC8VTRgTpolhtGUNU-~A date Tue, 19 Jul 2022 14:44:54 GMT server ATS/9.1.0.46 age 0 content-length 0 strict-transport-security max-age=31536000 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H2	200	i.match a.tribalfusion.com/ Frame 014A Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662294449567987 https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEPZ0dl3u_6lQ1rIDLeHhMJk&google_cver=1&google_ula=2786954,0	43 B 779 B	184ms 183ms	Image image/gif	2606:4700:4400::ac40:98f5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEPZ0dl3u_6lQ1rIDLeHhMJk&google_cver=1&google_ula=2786954,0 Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/p.media?clickID=a4mTKdprMZc0GnQYc3UXsZbupTFV3rr4WFJZcWPn3QqM0ScYmPHJO1dvqWP3N2GQ20UYBV6qm4PZb7RmrA2H3O0HnZcnWIx5PQU4VjeUVJ8UcJiPP3oUdQSWbb32U2pUqnvWqUjSTJISsQJRr6sRtYbUVMQ4rPpoWyt0qmp2tbFSGfZa5PJIoW6nTWYc0bnb1U7f0aepSFnDTrv5WHJWorQxRUf1YqFyunihO7A1VW7pPwWQKC&mediaDataID=4056396&mediaName=frame.html Protocol H2 Server 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language en-CA,en;q=0.9 Referer https://s.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Tue, 19 Jul 2022 14:44:54 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 72d43cde8c874bcb-YUL p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private content-type image/gif; charset=utf-8 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers pragma no-cache date Tue, 19 Jul 2022 14:44:54 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEPZ0dl3u_6lQ1rIDLeHhMJk&google_cver=1&google_ula=2786954,0 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 332 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	i.match a.tribalfusion.com/ Frame 3875 Redirect Chain https://dpm.demdex.net/ibs:dpid=22054&dpuuid=18072662294449567987&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22054&dpuuid=18072662294449567987&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D https://a.tribalfusion.com/i.match?p=b13&u=41499967723830184694135675742179807635	43 B 857 B	197ms 194ms	Image image/gif	2606:4700:4400::ac40:98f5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.tribalfusion.com/i.match?p=b13&u=41499967723830184694135675742179807635 Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/p.media?clickID=a8mVRC0bna1UBi0TusSrvEWUv5WHF2nbfxPFbtXq3t3TBf5TMXmEMEXFjaUtjQoAMDpVvmoHfA5TFh3d6N5PJInFnZbXsvYYVFT1svNpTZbP5U32VFBCVmr2QqbXSVMNPt3sYtJmV63O3sBXXbFDV6Xp2PQePmBB3HYO0HvLmdZan3mQY5cj6VcQjWVMlPPMyTdJUTFJP3rAuVarnVan8PEvIRG7ZbRruvPH7iWdBT2F74UpJpOmMSPTvqhfjvFx&mediaDataID=5578346&mediaName=frame.html Protocol H3 Server 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language en-CA,en;q=0.9 Referer https://s.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Tue, 19 Jul 2022 14:44:54 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 72d43ce0c9157154-YUL p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private content-type image/gif; charset=utf-8 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers DCS dcs-prod-usw2-1-v033-0db545c35.edge-usw2.demdex.com 2 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains X-TID N2W8RaULRK8= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Location https://a.tribalfusion.com/i.match?p=b13&u=41499967723830184694135675742179807635 Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 UTC
GET H3	200	i.match a.tribalfusion.com/ Frame 2A49 Redirect Chain https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D180726622944... https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D180726622944... https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw&piggybackCookie=18072662294449567987&r=https%3A//a.tribalfusion.com/i.match%3Fp%3Db11%26u%3D%24%7BPUBMATIC_U... https://a.tribalfusion.com/i.match?p=b11&u=7FEBC0A9-B37F-4C71-9B16-DAA689D3F215	43 B 861 B	192ms 191ms	Image image/gif	2606:4700:4400::ac40:98f5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.tribalfusion.com/i.match?p=b11&u=7FEBC0A9-B37F-4C71-9B16-DAA689D3F215 Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/p.media?clickID=a9mTKdVcQdUcbeRAnxTHvTWrJS2FItVEUvVEYcPaYZcQVFZdQFapRW76Vc3R4rmpod6M0amv2dbGSVMG46YHoteoTdF8XUvjYFY71TqoPbMDWUYSWHUYnbfoQbrr1EYy4qJc2af5mqMD1rZbcUtFQoAnZdnsQomt7B5EU73dmq3AbGmUbJYGnXXcv1XG7wpTBT3UYRWbJAV6YXQqbQScZbMStJP1HvunF2yMp62NVQuSkmRVe&mediaDataID=6719746&mediaName=frame.html Protocol H3 Server 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language en-CA,en;q=0.9 Referer https://s.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Tue, 19 Jul 2022 14:44:54 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 72d43ce02fb37154-YUL p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private content-type image/gif; charset=utf-8 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers location https://a.tribalfusion.com/i.match?p=b11&u=7FEBC0A9-B37F-4C71-9B16-DAA689D3F215 date Tue, 19 Jul 2022 03:17:49 GMT cache-control no-store, no-cache, private server nginx p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
GET H2	403	skeleton.js pixel.adsafeprotected.com/rjss/st/// Frame 285F	0 0	77ms 23ms	Script text/plain	3.232.159.237 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://pixel.adsafeprotected.com/rjss/st///skeleton.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.232.159.237 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-232-159-237.compute-1.amazonaws.com Software awselb/2.0 / Resource Hash Request headers accept-language en-CA,en;q=0.9 Referer https://ad.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:54 GMT server awselb/2.0 content-length 0 content-type text/plain; charset=utf-8
GET H2	200	durly.js Show response c.betrad.com/ Frame 285F	4 KB 2 KB	147ms 24ms	Script application/x-javascript	23.199.193.208 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://c.betrad.com/durly.js?;ad_wxh=160x600;coid=334;nid=64113; Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.199.193.208 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-199-193-208.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash bcf3f2f964f6355e1a381fcea5632908d1e9eaca1bd4d11be222c5c7c26f6b6d Request headers accept-language en-CA,en;q=0.9 Referer https://ad.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:54 GMT content-encoding gzip last-modified Wed, 06 Jul 2022 18:59:55 GMT server AkamaiNetStorage etag "ff1748fded797a6699547fc3e9263a23:1657133995.547474" vary Accept-Encoding, Origin access-control-allow-methods GET,OPTIONS,POST content-type application/x-javascript access-control-allow-origin access-control-max-age 108000 accept-ranges bytes access-control-allow-headers * content-length 1606
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 285F	137 KB 42 KB	70ms 69ms	Script text/javascript	2607:f8b0:4006:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81d::2002 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0de50a799ee39bde80bfb0943ba85616975f5c71e0e746b49c27c5b0d1731ef6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://ad.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:54 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 43203 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1658144321100200" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Tue, 19 Jul 2022 14:44:54 GMT
GET H3	200	index.html Show response s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/ Frame EE3A	9 KB 2 KB	64ms 23ms	Document text/html	2607:f8b0:4006:80d::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/index.html Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80d::2006 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 214f1367ed7a870c7485ad57ea14fe23012adbe2b4fa033dd9536794221ce706 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ad.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 62309 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=86400 content-encoding gzip content-length 2530 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" cross-origin-resource-policy cross-origin date Mon, 18 Jul 2022 21:26:25 GMT expires Tue, 19 Jul 2022 21:26:25 GMT last-modified Thu, 14 Jul 2022 14:13:27 GMT report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
POST H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 285F	0 566 B	95ms 37ms	Ping image/gif	142.250.65.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstSgmQXAJ2CRScmHXlzJMwMQzkiifXOGbsy8JxH8aFwQrbiWKcJvilYYo3qDFIl2z8nnLLmDIyIgXS-5vtGFWUp4YcYm-bs_c4BCx109tXQU0ZQ5c74aVildnRSlTa6L4ahxxsqWMAiOQ&sig=Cg0ArKJSzB1LGfURwlyvEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=135&cbvp=1&cstd=132&cisv=r20220718.27162&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl= Requested by Host: ad.doubleclick.net URL: https://ad.doubleclick.net/ddm/adi/N7861.1141592EXPONENTIAL.COM/B26994009.333682559;dc_ver=90.265;dc_eid=40004001;sz=160x600;u_sd=1;dc_adk=1633536224;ord=737khl;click=https%3A%2F%2Fs.tribalfusion.com%2Fh.click%2FaMmYSwodir0qmy2djEPVjF2mQZamtiNUtbb0bncYrbf0TqqSFrGUFYSVtQYnrBoRFjNXEZbm5TFi2aQPnTjAYrU9THFSm6MKmsrvmHMB2qZbk5tar5mvZaprYJYsQPYsvV0GbumaZbR5bFPWrMHWAQTQavSScFmQWUNYt7tVP3w4sY1XbMLVAao2PUbPPMH2dQO0dBLpdEx36YR3cM6Ucr6UcbfPPMuUdYSTUF42FaqVEjvTTJlSTPZas6ZaemQFxU62VOmY44qEmodr0M6UOx9ml3rftM9SqRb%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fflamingtext.com%2F$0;xdt=0;crlt=zxb3mjlPLL;stc=1;chaa=1;sttr=91;prcl=s Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.65.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s73-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://ad.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers timing-allow-origin * date Tue, 19 Jul 2022 14:44:54 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 2935	22 KB 8 KB	71ms 25ms	Document text/html	2607:f8b0:4006:823::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ad.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes age 443978 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=31536000 content-encoding gzip content-length 8395 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Thu, 14 Jul 2022 11:25:16 GMT expires Fri, 14 Jul 2023 11:25:16 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame D89F	22 KB 8 KB	64ms 20ms	Document text/html	2607:f8b0:4006:823::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ad.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes age 443978 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=31536000 content-encoding gzip content-length 8395 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Thu, 14 Jul 2022 11:25:16 GMT expires Fri, 14 Jul 2023 11:25:16 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	durly.js Show response c.betrad.com/ Frame E537	4 KB 2 KB	118ms 31ms	Script application/x-javascript	23.199.193.208 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://c.betrad.com/durly.js?;ad_wxh=160x600;coid=334;nid=64113; Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.199.193.208 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-199-193-208.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash bcf3f2f964f6355e1a381fcea5632908d1e9eaca1bd4d11be222c5c7c26f6b6d Request headers accept-language en-CA,en;q=0.9 Referer https://ad.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:54 GMT content-encoding gzip last-modified Wed, 06 Jul 2022 18:59:55 GMT server AkamaiNetStorage etag "ff1748fded797a6699547fc3e9263a23:1657133995.547474" vary Accept-Encoding, Origin access-control-allow-methods GET,OPTIONS,POST content-type application/x-javascript access-control-allow-origin access-control-max-age 108000 accept-ranges bytes access-control-allow-headers * content-length 1606
GET H2	403	skeleton.js pixel.adsafeprotected.com/rjss/st/// Frame E537	0 0	40ms 24ms	Script text/plain	3.232.159.237 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://pixel.adsafeprotected.com/rjss/st///skeleton.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.232.159.237 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-232-159-237.compute-1.amazonaws.com Software awselb/2.0 / Resource Hash Request headers accept-language en-CA,en;q=0.9 Referer https://ad.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:54 GMT server awselb/2.0 content-length 0 content-type text/plain; charset=utf-8
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame E537	137 KB 42 KB	60ms 59ms	Script text/javascript	2607:f8b0:4006:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81d::2002 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0de50a799ee39bde80bfb0943ba85616975f5c71e0e746b49c27c5b0d1731ef6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://ad.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:54 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 43203 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1658144321100200" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Tue, 19 Jul 2022 14:44:54 GMT
GET H3	200	index.html Show response s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/ Frame 4A41	9 KB 2 KB	26ms 20ms	Document text/html	2607:f8b0:4006:80d::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/index.html Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80d::2006 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 214f1367ed7a870c7485ad57ea14fe23012adbe2b4fa033dd9536794221ce706 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ad.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 62309 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=86400 content-encoding gzip content-length 2530 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" cross-origin-resource-policy cross-origin date Mon, 18 Jul 2022 21:26:25 GMT expires Tue, 19 Jul 2022 21:26:25 GMT last-modified Thu, 14 Jul 2022 14:13:27 GMT report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
POST H2	200	view googleads4.g.doubleclick.net/pcs/ Frame E537	0 54 B	62ms 37ms	Ping image/gif	142.250.65.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuYSAgSUx90QUiVLyV9Xj84CLjf-PIwD9-gdHOl-MtmKzvWr2KxFi67zsjgwhoXBK5ySOn70nZ2E1QEtIsQCDZZnKkqM_p_oXkWDCAId5DZyn5RtlPK2Y1W0WLr9Ym9FLWFwqAEvzview&sig=Cg0ArKJSzFOsvflCzSH9EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=147&cbvp=1&cstd=145&cisv=r20220718.43938&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl= Requested by Host: ad.doubleclick.net URL: https://ad.doubleclick.net/ddm/adi/N7861.1141592EXPONENTIAL.COM/B26994009.333682559;dc_ver=90.265;dc_eid=40004000;sz=160x600;u_sd=1;dc_adk=3756665567;ord=j4r1j6;click=https%3A%2F%2Fs.tribalfusion.com%2Fh.click%2Fa0mYSwpdEu36YV5sb7Us3aUcbfPAnmTHnSWrbX3F6oWEjmWqraQEYFSVJZaQremPWviVVjS4FmpodEMYqux2dbFPGZbH4P3ZaoderVWJdYUf71UZbe0TqtPbrATbvYVdrWmrZboQbBo1qFm4aYj4aQRnq7K1r3aUdMSoAnZcnsYpmHnH3qMf5Hus3A7LnFbJXsr0YVF3XG7upT7U5FUVWFZbDUAv5RE31QcQpPWjx0WBqWPbp4sBU0U2KnGnPNqmgWHAmqnnN0cbLpd3WwqyUuouKXUUVMWJG3Y%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fflamingtext.com%2F$0;xdt=0;crlt=zxb3mjlPLL;stc=1;chaa=1;sttr=108;prcl=s Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.65.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s73-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://ad.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers timing-allow-origin * date Tue, 19 Jul 2022 14:44:54 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3	200	j.ad Show response s.tribalfusion.com/ Frame 8A40	598 B 1 KB	189ms 189ms	Script application/x-javascript	2606:4700:4400::ac40:98f5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8230918794&tagKey=538109925&site=contentverification&adSpace=adverificationbackup_dv&center=1&env=display&size=728x90&busted=1&url=https%3A%2F%2Fflamingtext.com%2F&f=1&p=1820114&tKey=aSmneM3tMHQsZbB56nKptepXaZbPSMxOjW&a=7&adContainerId=richmedia_8&rnd=1818782 Requested by Host: tags.expo9.exponential.com URL: https://tags.expo9.exponential.com/tags/FlamingTextcom/ROS/tags.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8809be807d638d98c387b3db75085f4ac408123f3987a539528fb9dbc1f5fcee Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:54 GMT content-encoding gzip cf-cache-status DYNAMIC p3p CP="NOI DEVo TAIa OUR BUS" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 477 pragma no-cache x-function 101 server cloudflare x-reuse-index 227 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript; charset=utf-8 cache-control private, no-cache, no-store, proxy-revalidate cf-ray 72d43cde1bd17154-YUL expires 0
GET H3	200	style.css s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/ Frame 4A41	3 KB 947 B	21ms 20ms	Stylesheet text/css	2607:f8b0:4006:80d::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/style.css Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80d::2006 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5211c0f18176b764bfecceb441926fc3f8b94ffee011760c886d977b607fbb6a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 18 Jul 2022 21:26:25 GMT content-encoding gzip x-content-type-options nosniff age 62309 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 921 x-xss-protection 0 last-modified Thu, 14 Jul 2022 14:13:28 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/css access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 19 Jul 2022 21:26:25 GMT
GET H3	200	gsap_3.2.4_min.js Show response s0.2mdn.net/ads/studio/cached_libs/ Frame 4A41	57 KB 23 KB	34ms 33ms	Script text/javascript	2607:f8b0:4006:80d::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80d::2006 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:54 GMT content-encoding gzip x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23276 x-xss-protection 0 last-modified Thu, 05 Mar 2020 03:53:22 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 19 Jul 2022 14:44:54 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.4.1/ Frame 4A41	86 KB 31 KB	75ms 21ms	Script text/javascript	2607:f8b0:4006:817::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:817::200a New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 18 Jul 2022 16:10:03 GMT content-encoding gzip x-content-type-options nosniff age 81291 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30774 x-xss-protection 0 last-modified Mon, 13 May 2019 14:37:17 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Tue, 18 Jul 2023 16:10:03 GMT
GET H3	200	bg2.jpg s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/ Frame 4A41	58 KB 58 KB	24ms 21ms	Image image/jpeg	2607:f8b0:4006:80d::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/bg2.jpg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80d::2006 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e82014664cab3f4ecc071078069e64aead09ed2864fd59ea0aeb56dc4607dbcc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 18 Jul 2022 21:26:25 GMT x-content-type-options nosniff age 62309 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 59739 x-xss-protection 0 last-modified Thu, 14 Jul 2022 14:13:28 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 19 Jul 2022 21:26:25 GMT
GET H3	200	bg-top.png s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/ Frame 4A41	4 KB 4 KB	37ms 36ms	Image image/png	2607:f8b0:4006:80d::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/bg-top.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80d::2006 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 53ff5b65bdf3c6fd267bba630a30ac101101def5e8f5d7c920a004e01b4287ae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 18 Jul 2022 22:31:29 GMT x-content-type-options nosniff age 58405 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4222 x-xss-protection 0 last-modified Thu, 14 Jul 2022 14:13:27 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 19 Jul 2022 22:31:29 GMT
GET H3	200	bg1.png s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/ Frame 4A41	3 KB 3 KB	24ms 21ms	Image image/png	2607:f8b0:4006:80d::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/bg1.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80d::2006 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 76122ec90a3cadc80beb04cb550d84165590db4e5b92cfe86f41715fde95c3a5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 18 Jul 2022 21:26:25 GMT x-content-type-options nosniff age 62309 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3464 x-xss-protection 0 last-modified Thu, 14 Jul 2022 14:13:27 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 19 Jul 2022 21:26:25 GMT
GET H3	200	style.css s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/ Frame EE3A	3 KB 947 B	31ms 24ms	Stylesheet text/css	2607:f8b0:4006:80d::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/style.css Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80d::2006 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5211c0f18176b764bfecceb441926fc3f8b94ffee011760c886d977b607fbb6a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 18 Jul 2022 21:26:25 GMT content-encoding gzip x-content-type-options nosniff age 62309 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 921 x-xss-protection 0 last-modified Thu, 14 Jul 2022 14:13:28 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/css access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 19 Jul 2022 21:26:25 GMT
GET H3	200	gsap_3.2.4_min.js Show response s0.2mdn.net/ads/studio/cached_libs/ Frame EE3A	57 KB 23 KB	40ms 33ms	Script text/javascript	2607:f8b0:4006:80d::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80d::2006 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:54 GMT content-encoding gzip x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23276 x-xss-protection 0 last-modified Thu, 05 Mar 2020 03:53:22 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 19 Jul 2022 14:44:54 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.4.1/ Frame EE3A	86 KB 30 KB	83ms 41ms	Script text/javascript	2607:f8b0:4006:817::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:817::200a New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 18 Jul 2022 16:10:03 GMT content-encoding gzip x-content-type-options nosniff age 81291 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30774 x-xss-protection 0 last-modified Mon, 13 May 2019 14:37:17 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Tue, 18 Jul 2023 16:10:03 GMT
GET H3	200	bg2.jpg s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/ Frame EE3A	58 KB 58 KB	29ms 29ms	Image image/jpeg	2607:f8b0:4006:80d::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/bg2.jpg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80d::2006 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e82014664cab3f4ecc071078069e64aead09ed2864fd59ea0aeb56dc4607dbcc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 18 Jul 2022 21:26:25 GMT x-content-type-options nosniff age 62309 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 59739 x-xss-protection 0 last-modified Thu, 14 Jul 2022 14:13:28 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 19 Jul 2022 21:26:25 GMT
GET H3	200	bg-top.png s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/ Frame EE3A	4 KB 4 KB	37ms 26ms	Image image/png	2607:f8b0:4006:80d::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/bg-top.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80d::2006 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 53ff5b65bdf3c6fd267bba630a30ac101101def5e8f5d7c920a004e01b4287ae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 18 Jul 2022 22:31:29 GMT x-content-type-options nosniff age 58405 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4222 x-xss-protection 0 last-modified Thu, 14 Jul 2022 14:13:27 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 19 Jul 2022 22:31:29 GMT
GET H3	200	bg1.png s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/ Frame EE3A	3 KB 3 KB	31ms 25ms	Image image/png	2607:f8b0:4006:80d::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/bg1.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80d::2006 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 76122ec90a3cadc80beb04cb550d84165590db4e5b92cfe86f41715fde95c3a5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 18 Jul 2022 21:26:25 GMT x-content-type-options nosniff age 62309 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3464 x-xss-protection 0 last-modified Thu, 14 Jul 2022 14:13:27 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 19 Jul 2022 21:26:25 GMT
GET H3	200	x-7aydTzyDGf5pB5jP33n95ytuiMcqG17W4hZ3yQxPE.js Show response pagead2.googlesyndication.com/bg/ Frame D89F	35 KB 13 KB	72ms 26ms	Script text/javascript	2607:f8b0:4006:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/x-7aydTzyDGf5pB5jP33n95ytuiMcqG17W4hZ3yQxPE.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c7eedac9d4f3c8319fe690798cfdf79fde72b6e88c72a1b5ed6e21677c90c4f1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 15 Jul 2022 18:14:55 GMT content-encoding br x-content-type-options nosniff age 332999 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13770 x-xss-protection 0 last-modified Fri, 01 Jul 2022 16:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 15 Jul 2023 18:14:55 GMT
GET H2	200	ba.js Show response c.evidon.com/geo/ Frame 285F	41 KB 12 KB	174ms 20ms	Script application/x-javascript	23.199.201.34 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://c.evidon.com/geo/ba.js?r220706 Requested by Host: c.betrad.com URL: https://c.betrad.com/durly.js?;ad_wxh=160x600;coid=334;nid=64113; Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 23.199.201.34 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-199-201-34.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash ce411dbfd37c6fd070f8730b8192c997d840db3f192e6782c43abbc06563c589 Request headers accept-language en-CA,en;q=0.9 Referer https://ad.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:54 GMT content-encoding gzip last-modified Wed, 06 Jul 2022 18:59:24 GMT server AkamaiNetStorage etag "6c643850311b6a35af133824a28b5f02:1657133964.425704" vary Accept-Encoding, Origin access-control-allow-methods GET,OPTIONS,POST content-type application/x-javascript access-control-allow-origin access-control-max-age 108000 cache-control max-age=86400 accept-ranges bytes access-control-allow-headers * content-length 12424
GET H2	200	4.gif c.evidon.com/a/ Frame 285F	43 B 335 B	175ms 21ms	Image image/gif	23.199.201.34 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://c.evidon.com/a/4.gif Requested by Host: ad.doubleclick.net URL: https://ad.doubleclick.net/ddm/adi/N7861.1141592EXPONENTIAL.COM/B26994009.333682559;dc_ver=90.265;dc_eid=40004001;sz=160x600;u_sd=1;dc_adk=1633536224;ord=737khl;click=https%3A%2F%2Fs.tribalfusion.com%2Fh.click%2FaMmYSwodir0qmy2djEPVjF2mQZamtiNUtbb0bncYrbf0TqqSFrGUFYSVtQYnrBoRFjNXEZbm5TFi2aQPnTjAYrU9THFSm6MKmsrvmHMB2qZbk5tar5mvZaprYJYsQPYsvV0GbumaZbR5bFPWrMHWAQTQavSScFmQWUNYt7tVP3w4sY1XbMLVAao2PUbPPMH2dQO0dBLpdEx36YR3cM6Ucr6UcbfPPMuUdYSTUF42FaqVEjvTTJlSTPZas6ZaemQFxU62VOmY44qEmodr0M6UOx9ml3rftM9SqRb%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fflamingtext.com%2F$0;xdt=0;crlt=zxb3mjlPLL;stc=1;chaa=1;sttr=91;prcl=s Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 23.199.201.34 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-199-201-34.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash de3a7ca2f8ae592aae2652335b755b0d0b65df663dda8776387cae7339b76d64 Request headers accept-language en-CA,en;q=0.9 Referer https://ad.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:54 GMT content-encoding gzip last-modified Thu, 15 Apr 2010 17:07:29 GMT server AkamaiNetStorage etag "65786c291a4603aa5150a1884452838d:1271351254" vary Accept-Encoding, Origin access-control-allow-methods GET,OPTIONS,POST content-type image/gif access-control-allow-origin access-control-max-age 108000 cache-control max-age=432000 accept-ranges bytes access-control-allow-headers * content-length 53
GET H2	200	4.gif c.evidon.com/a/ Frame E537	43 B 335 B	175ms 22ms	Image image/gif	23.199.201.34 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://c.evidon.com/a/4.gif Requested by Host: c.betrad.com URL: https://c.betrad.com/durly.js?;ad_wxh=160x600;coid=334;nid=64113; Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 23.199.201.34 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-199-201-34.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash de3a7ca2f8ae592aae2652335b755b0d0b65df663dda8776387cae7339b76d64 Request headers accept-language en-CA,en;q=0.9 Referer https://ad.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:54 GMT content-encoding gzip last-modified Thu, 15 Apr 2010 17:07:29 GMT server AkamaiNetStorage etag "65786c291a4603aa5150a1884452838d:1271351254" vary Accept-Encoding, Origin access-control-allow-methods GET,OPTIONS,POST content-type image/gif access-control-allow-origin access-control-max-age 108000 cache-control max-age=432000 accept-ranges bytes access-control-allow-headers * content-length 53
GET H2	200	ba.js Show response c.evidon.com/geo/ Frame E537	41 KB 12 KB	185ms 33ms	Script application/x-javascript	23.199.201.34 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://c.evidon.com/geo/ba.js?r220706 Requested by Host: c.betrad.com URL: https://c.betrad.com/durly.js?;ad_wxh=160x600;coid=334;nid=64113; Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 23.199.201.34 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-199-201-34.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash ce411dbfd37c6fd070f8730b8192c997d840db3f192e6782c43abbc06563c589 Request headers accept-language en-CA,en;q=0.9 Referer https://ad.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:54 GMT content-encoding gzip last-modified Wed, 06 Jul 2022 18:59:24 GMT server AkamaiNetStorage etag "6c643850311b6a35af133824a28b5f02:1657133964.425704" vary Accept-Encoding, Origin access-control-allow-methods GET,OPTIONS,POST content-type application/x-javascript access-control-allow-origin access-control-max-age 108000 cache-control max-age=86400 accept-ranges bytes access-control-allow-headers * content-length 12424
GET H3	200	x-7aydTzyDGf5pB5jP33n95ytuiMcqG17W4hZ3yQxPE.js Show response pagead2.googlesyndication.com/bg/ Frame 2935	35 KB 13 KB	23ms 23ms	Script text/javascript	2607:f8b0:4006:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/x-7aydTzyDGf5pB5jP33n95ytuiMcqG17W4hZ3yQxPE.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c7eedac9d4f3c8319fe690798cfdf79fde72b6e88c72a1b5ed6e21677c90c4f1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 15 Jul 2022 18:14:55 GMT content-encoding br x-content-type-options nosniff age 332999 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13770 x-xss-protection 0 last-modified Fri, 01 Jul 2022 16:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 15 Jul 2023 18:14:55 GMT
GET H3	200	bg-top.png s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/ Frame 4A41	4 KB 4 KB	35ms 21ms	Image image/png	2607:f8b0:4006:80d::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/bg-top.png Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80d::2006 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 53ff5b65bdf3c6fd267bba630a30ac101101def5e8f5d7c920a004e01b4287ae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 18 Jul 2022 22:31:29 GMT x-content-type-options nosniff age 58405 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4222 x-xss-protection 0 last-modified Thu, 14 Jul 2022 14:13:27 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 19 Jul 2022 22:31:29 GMT
GET H3	200	bg1.png s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/ Frame 4A41	3 KB 3 KB	35ms 22ms	Image image/png	2607:f8b0:4006:80d::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/bg1.png Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80d::2006 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 76122ec90a3cadc80beb04cb550d84165590db4e5b92cfe86f41715fde95c3a5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 18 Jul 2022 21:26:25 GMT x-content-type-options nosniff age 62309 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3464 x-xss-protection 0 last-modified Thu, 14 Jul 2022 14:13:27 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 19 Jul 2022 21:26:25 GMT
GET H3	200	bg2.jpg s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/ Frame 4A41	58 KB 58 KB	36ms 23ms	Image image/jpeg	2607:f8b0:4006:80d::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/bg2.jpg Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80d::2006 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e82014664cab3f4ecc071078069e64aead09ed2864fd59ea0aeb56dc4607dbcc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 18 Jul 2022 21:26:25 GMT x-content-type-options nosniff age 62309 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 59739 x-xss-protection 0 last-modified Thu, 14 Jul 2022 14:13:28 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 19 Jul 2022 21:26:25 GMT
GET H3	200	sprite.png s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/ Frame 4A41	41 KB 41 KB	40ms 28ms	Image image/png	2607:f8b0:4006:80d::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/sprite.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80d::2006 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7fccae6297ca33e529556c8b65e29c754a92bfdeb14344829206bea324d4c539 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 18 Jul 2022 21:26:25 GMT x-content-type-options nosniff age 62309 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 41857 x-xss-protection 0 last-modified Thu, 14 Jul 2022 14:13:28 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 19 Jul 2022 21:26:25 GMT
GET H3	200	bg-top.png s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/ Frame EE3A	4 KB 4 KB	31ms 27ms	Image image/png	2607:f8b0:4006:80d::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/bg-top.png Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80d::2006 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 53ff5b65bdf3c6fd267bba630a30ac101101def5e8f5d7c920a004e01b4287ae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 18 Jul 2022 22:31:29 GMT x-content-type-options nosniff age 58405 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4222 x-xss-protection 0 last-modified Thu, 14 Jul 2022 14:13:27 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 19 Jul 2022 22:31:29 GMT
GET H3	200	bg1.png s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/ Frame EE3A	3 KB 3 KB	32ms 28ms	Image image/png	2607:f8b0:4006:80d::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/bg1.png Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80d::2006 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 76122ec90a3cadc80beb04cb550d84165590db4e5b92cfe86f41715fde95c3a5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 18 Jul 2022 21:26:25 GMT x-content-type-options nosniff age 62309 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3464 x-xss-protection 0 last-modified Thu, 14 Jul 2022 14:13:27 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 19 Jul 2022 21:26:25 GMT
GET H3	200	bg2.jpg s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/ Frame EE3A	58 KB 58 KB	32ms 29ms	Image image/jpeg	2607:f8b0:4006:80d::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/bg2.jpg Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80d::2006 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e82014664cab3f4ecc071078069e64aead09ed2864fd59ea0aeb56dc4607dbcc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 18 Jul 2022 21:26:25 GMT x-content-type-options nosniff age 62309 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 59739 x-xss-protection 0 last-modified Thu, 14 Jul 2022 14:13:28 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 19 Jul 2022 21:26:25 GMT
GET H3	200	sprite.png s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/ Frame EE3A	41 KB 41 KB	34ms 30ms	Image image/png	2607:f8b0:4006:80d::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/sprite.png Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80d::2006 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7fccae6297ca33e529556c8b65e29c754a92bfdeb14344829206bea324d4c539 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/8401335/1657808007904/Dentsu_BGR_ACQ_2022_Q3_QPB_160x600_EN_July13/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 18 Jul 2022 21:26:25 GMT x-content-type-options nosniff age 62309 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 41857 x-xss-protection 0 last-modified Thu, 14 Jul 2022 14:13:28 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 19 Jul 2022 21:26:25 GMT
GET H3	200	adc_ndr_nepal_728x90.gif cdnx.tribalfusion.com/media/5268406/ Frame 8A40	25 KB 25 KB	36ms 35ms	Image image/gif	2606:4700:4400::ac40:98f5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdnx.tribalfusion.com/media/5268406/adc_ndr_nepal_728x90.gif Requested by Host: flamingtext.com URL: https://flamingtext.com/ads/tribal/tribal.home.top.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 471c6845b9b92e9ade5a83127d1a693fa80a74655cdbe4e4d820fa77de860213 Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:54 GMT cf-cache-status HIT age 77302 p3p CP="NOI DEVo TAIa OUR BUS" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 25604 x-function 301 last-modified Wed, 03 Jun 2015 15:22:10 GMT server cloudflare etag 1433344930 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/gif; charset=utf-8 access-control-allow-origin * cache-control public accept-ranges bytes cf-ray 72d43cdf7e437154-YUL expires Tue, 31 Dec 2030 00:00:00 GMT
GET H3	200	p.media Show response s.tribalfusion.com/ Frame 21A9	302 B 587 B	193ms 192ms	Document text/html	2606:4700:4400::ac40:98f5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/p.media?clickID=acmTKdUcbePP3uUHnVTrFY5bewVEboVEnlQEQZaRcJJRriqStMcWGbS5rXsmWas0qyn4tMFQGrF26BZbotIyTH7bXUMdYbJ61TqOSUJCWUr3TtQWnFZbtPUBnXqFt3TJa5EMPoTrFYUU8WHbWmmQIpGvqotYB5qFf5teN5PvZaprvEYcfW1VY01sZbypT7U5UMVVFjAV6Y0Qa33PVZbMStUrYtb3VPbpxSu0vPiKopmBVTGRr3&mediaDataID=6807466&mediaName=frame.html Requested by Host: flamingtext.com URL: https://flamingtext.com/ads/tribal/tribal.home.top.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 52c90fe1021a2fbb5a264d4fdbe82c197d892017f7ba472b6516b556fb7d5a32 Request headers Referer https://flamingtext.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control private, no-cache, no-store, proxy-revalidate cf-cache-status DYNAMIC cf-ray 72d43cdf7e507154-YUL content-encoding gzip content-type text/html; charset=utf-8 date Tue, 19 Jul 2022 14:44:54 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" expires 0 p3p CP="NOI DEVo TAIa OUR BUS" pragma no-cache server cloudflare vary Accept-Encoding x-function 102 x-reuse-index 646
GET H3	200	p.media Show response s.tribalfusion.com/ Frame FFC4	381 B 623 B	187ms 185ms	Document text/html	2606:4700:4400::ac40:98f5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/p.media?clickID=admTKdXG7xpT7U5FQPTUMHUAUYRTM2PcrMQdFy0H7pT6nN3G35XFZbZdUATt4636R6fI4HUr0WBJptTu5mQY5c3aTV3aWVj7SAFmTWFRWrJ45bEuVEnpWEMjPaBZcQVZbCQUaxPHf7WsbT2FuqmWZas0qmM2WUHSsME2mQHotXsVWZbhYFf9XFbk1qymPbQGWUvYVtUYnUfrQrZboXqFy3TUa2aMtmaMINPicqC2QVDrwUc3kdG&mediaDataID=6546596&mediaName=frame.html Requested by Host: flamingtext.com URL: https://flamingtext.com/ads/tribal/tribal.home.top.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 75ae1c0c9da1ac3eea1d6bb3d9115352c12645f83715ed89f35562e4b29b7e98 Request headers Referer https://flamingtext.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control private, no-cache, no-store, proxy-revalidate cf-cache-status DYNAMIC cf-ray 72d43cdf7e567154-YUL content-encoding gzip content-type text/html; charset=utf-8 date Tue, 19 Jul 2022 14:44:54 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" expires 0 p3p CP="NOI DEVo TAIa OUR BUS" pragma no-cache server cloudflare vary Accept-Encoding x-function 102 x-reuse-index 568
GET H3	200	p.media Show response s.tribalfusion.com/ Frame AD21	309 B 592 B	193ms 192ms	Document text/html	2606:4700:4400::ac40:98f5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/p.media?clickID=aemTKdXaitPbQEWFQ5VdM4or3nQrJqXqMy5EFj5TvYoTfFXFJ9UWMTnmQZansnomHML5TUh3tmt3PnZanbrEXVYTYVQ50sfomqv22bFSTFFAUAvTQqr0PVnqPHUNYtbuWAvn4sJXXrZbIVmqr46r7R6bE2dMtXdJIpdEo5mBS3sngUGJkWVj6SAnOWd3VWrF03bAsVTUtWqn9PaBFQVQCRra2Rt7imp2POABoVaeEQm0BSR&mediaDataID=8039566&mediaName=frame.html Requested by Host: flamingtext.com URL: https://flamingtext.com/ads/tribal/tribal.home.top.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fb4a708077bcba904a150fca374b20bebd1a2c8e70fca70608e9c3fe3701feee Request headers Referer https://flamingtext.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control private, no-cache, no-store, proxy-revalidate cf-cache-status DYNAMIC cf-ray 72d43cdf8e5c7154-YUL content-encoding gzip content-type text/html; charset=utf-8 date Tue, 19 Jul 2022 14:44:54 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" expires 0 p3p CP="NOI DEVo TAIa OUR BUS" pragma no-cache server cloudflare vary Accept-Encoding x-function 102 x-reuse-index 1127
POST H3	200	view googleads4.g.doubleclick.net/pcs/ Frame E537	0 26 B	84ms 37ms	Ping image/gif	142.250.65.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuYSAgSUx90QUiVLyV9Xj84CLjf-PIwD9-gdHOl-MtmKzvWr2KxFi67zsjgwhoXBK5ySOn70nZ2E1QEtIsQCDZZnKkqM_p_oXkWDCAId5DZyn5RtlPK2Y1W0WLr9Ym9FLWFwqAEvzview&sig=Cg0ArKJSzFOsvflCzSH9EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=454&vt=11&dtpt=307&dett=3&cstd=145&cisv=r20220718.43938&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl= Requested by Host: ad.doubleclick.net URL: https://ad.doubleclick.net/ddm/adi/N7861.1141592EXPONENTIAL.COM/B26994009.333682559;dc_ver=90.265;dc_eid=40004000;sz=160x600;u_sd=1;dc_adk=3756665567;ord=j4r1j6;click=https%3A%2F%2Fs.tribalfusion.com%2Fh.click%2Fa0mYSwpdEu36YV5sb7Us3aUcbfPAnmTHnSWrbX3F6oWEjmWqraQEYFSVJZaQremPWviVVjS4FmpodEMYqux2dbFPGZbH4P3ZaoderVWJdYUf71UZbe0TqtPbrATbvYVdrWmrZboQbBo1qFm4aYj4aQRnq7K1r3aUdMSoAnZcnsYpmHnH3qMf5Hus3A7LnFbJXsr0YVF3XG7upT7U5FUVWFZbDUAv5RE31QcQpPWjx0WBqWPbp4sBU0U2KnGnPNqmgWHAmqnnN0cbLpd3WwqyUuouKXUUVMWJG3Y%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fflamingtext.com%2F$0;xdt=0;crlt=zxb3mjlPLL;stc=1;chaa=1;sttr=108;prcl=s Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.65.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s73-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://ad.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers timing-allow-origin * date Tue, 19 Jul 2022 14:44:54 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
POST H3	200	view googleads4.g.doubleclick.net/pcs/ Frame 285F	0 26 B	74ms 36ms	Ping image/gif	142.250.65.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstSgmQXAJ2CRScmHXlzJMwMQzkiifXOGbsy8JxH8aFwQrbiWKcJvilYYo3qDFIl2z8nnLLmDIyIgXS-5vtGFWUp4YcYm-bs_c4BCx109tXQU0ZQ5c74aVildnRSlTa6L4ahxxsqWMAiOQ&sig=Cg0ArKJSzB1LGfURwlyvEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=484&vt=11&dtpt=349&dett=3&cstd=132&cisv=r20220718.27162&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl= Requested by Host: ad.doubleclick.net URL: https://ad.doubleclick.net/ddm/adi/N7861.1141592EXPONENTIAL.COM/B26994009.333682559;dc_ver=90.265;dc_eid=40004001;sz=160x600;u_sd=1;dc_adk=1633536224;ord=737khl;click=https%3A%2F%2Fs.tribalfusion.com%2Fh.click%2FaMmYSwodir0qmy2djEPVjF2mQZamtiNUtbb0bncYrbf0TqqSFrGUFYSVtQYnrBoRFjNXEZbm5TFi2aQPnTjAYrU9THFSm6MKmsrvmHMB2qZbk5tar5mvZaprYJYsQPYsvV0GbumaZbR5bFPWrMHWAQTQavSScFmQWUNYt7tVP3w4sY1XbMLVAao2PUbPPMH2dQO0dBLpdEx36YR3cM6Ucr6UcbfPPMuUdYSTUF42FaqVEjvTTJlSTPZas6ZaemQFxU62VOmY44qEmodr0M6UOx9ml3rftM9SqRb%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fflamingtext.com%2F$0;xdt=0;crlt=zxb3mjlPLL;stc=1;chaa=1;sttr=91;prcl=s Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.65.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s73-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://ad.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers timing-allow-origin * date Tue, 19 Jul 2022 14:44:54 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H2	404	64113.js c.evidon.com/a/n/334/ Frame 285F	0 0	25ms 24ms	Script text/plain	23.199.201.34 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://c.evidon.com/a/n/334/64113.js Requested by Host: c.evidon.com URL: https://c.evidon.com/geo/ba.js?r220706 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 23.199.201.34 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-199-201-34.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash Request headers accept-language en-CA,en;q=0.9 Referer https://ad.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:54 GMT server AkamaiNetStorage vary Origin access-control-allow-methods GET,OPTIONS,POST access-control-allow-origin access-control-max-age 108000 cache-control max-age=600 accept-ranges bytes access-control-allow-headers * content-length 10
GET H2	404	64113.js c.evidon.com/a/n/334/ Frame E537	0 0	26ms 23ms	Script text/plain	23.199.201.34 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://c.evidon.com/a/n/334/64113.js Requested by Host: c.evidon.com URL: https://c.evidon.com/geo/ba.js?r220706 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 23.199.201.34 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-199-201-34.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash Request headers accept-language en-CA,en;q=0.9 Referer https://ad.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:54 GMT server AkamaiNetStorage vary Origin access-control-allow-methods GET,OPTIONS,POST access-control-allow-origin access-control-max-age 108000 cache-control max-age=600 accept-ranges bytes access-control-allow-headers * content-length 10
GET H3	200	sd us-u.openx.net/w/1.0/ Frame FFC4 Redirect Chain https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%2... https://us-u.openx.net/w/1.0/cm?cc=1&id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252... https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=dd4ebdb2-ed11-45db-ab96-68e0f29bd8ca https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662294449567987	43 B 61 B	54ms 53ms	Image image/gif	34.98.64.218 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662294449567987 Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/p.media?clickID=admTKdXG7xpT7U5FQPTUMHUAUYRTM2PcrMQdFy0H7pT6nN3G35XFZbZdUATt4636R6fI4HUr0WBJptTu5mQY5c3aTV3aWVj7SAFmTWFRWrJ45bEuVEnpWEMjPaBZcQVZbCQUaxPHf7WsbT2FuqmWZas0qmM2WUHSsME2mQHotXsVWZbhYFf9XFbk1qymPbQGWUvYVtUYnUfrQrZboXqFy3TUa2aMtmaMINPicqC2QVDrwUc3kdG&mediaDataID=6546596&mediaName=frame.html Protocol H3 Server 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/485d39a / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language en-CA,en;q=0.9 Referer https://s.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Tue, 19 Jul 2022 14:44:54 GMT via 1.1 google server OXGW/485d39a vary Accept p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers pragma no-cache date Tue, 19 Jul 2022 14:44:54 GMT cf-cache-status DYNAMIC x-function 209 server cloudflare x-reuse-index 4173 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 72d43ce20b927154-YUL p3p CP="NOI DEVo TAIa OUR BUS" location https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662294449567987 cache-control no-cache, private content-type text/html alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	204	usermatch.gif beacon.krxd.net/ Frame 21A9 Redirect Chain https://a.tribalfusion.com/i.match?p=b22&u=18072662294449567987&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24 https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662294449567987	0 338 B	80ms 23ms	Image text/plain	54.205.122.29 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662294449567987 Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/p.media?clickID=acmTKdUcbePP3uUHnVTrFY5bewVEboVEnlQEQZaRcJJRriqStMcWGbS5rXsmWas0qyn4tMFQGrF26BZbotIyTH7bXUMdYbJ61TqOSUJCWUr3TtQWnFZbtPUBnXqFt3TJa5EMPoTrFYUU8WHbWmmQIpGvqotYB5qFf5teN5PvZaprvEYcfW1VY01sZbypT7U5UMVVFjAV6Y0Qa33PVZbMStUrYtb3VPbpxSu0vPiKopmBVTGRr3&mediaDataID=6807466&mediaName=frame.html Protocol H2 Server 54.205.122.29 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-205-122-29.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://s.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:54 GMT cache-control private, no-cache, no-store x-request-time D=28 t=1658241894 x-served-by beacon-n006-ash-prod.krxd.net p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers pragma no-cache date Tue, 19 Jul 2022 14:44:54 GMT cf-cache-status DYNAMIC x-function 209 server cloudflare x-reuse-index 2183 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 72d43ce129b97154-YUL p3p CP="NOI DEVo TAIa OUR BUS" location https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662294449567987 cache-control no-cache, private content-type text/html alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	dspreply public-prod-dspcookiematching.dmxleo.com/ Frame AD21 Redirect Chain https://a.tribalfusion.com/i.match?p=b24&u=18072662294449567987&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24 https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662294449567987	0 94 B	67ms 37ms	Image text/plain	35.190.126.92 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662294449567987 Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/p.media?clickID=aemTKdXaitPbQEWFQ5VdM4or3nQrJqXqMy5EFj5TvYoTfFXFJ9UWMTnmQZansnomHML5TUh3tmt3PnZanbrEXVYTYVQ50sfomqv22bFSTFFAUAvTQqr0PVnqPHUNYtbuWAvn4sJXXrZbIVmqr46r7R6bE2dMtXdJIpdEo5mBS3sngUGJkWVj6SAnOWd3VWrF03bAsVTUtWqn9PaBFQVQCRra2Rt7imp2POABoVaeEQm0BSR&mediaDataID=8039566&mediaName=frame.html Protocol H2 Server 35.190.126.92 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 92.126.190.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://s.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:54 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 Redirect headers pragma no-cache date Tue, 19 Jul 2022 14:44:54 GMT cf-cache-status DYNAMIC x-function 209 server cloudflare x-reuse-index 2258 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 72d43ce129cc7154-YUL p3p CP="NOI DEVo TAIa OUR BUS" location https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662294449567987 cache-control no-cache, private content-type text/html alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame D89F	0 20 B	45ms 44ms	Image image/gif	2607:f8b0:4006:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BtgT-ZcPWYqvQNIGkowaZsruAAQAAAAA4AeAEAg&bg=!v7ylvPjNAAaYcLjmuHA7ACkAdvg8WtQ4G1cax_6ZqB2eBhMS5IvoGUQyFiRTzl-ZKRdYO8ULkIGZXgIAAAE2UgAAAAJoAQcKAHb7WaPTb0YCM7I68zgbzJyNu0k_NiAchGxrciyNhGeY0gFiFDf6Npuk1RYfv-UbklH-cMuKpHmQRmxyWpJjG8Xf8oDhXG0cd_N0QC5S3CKvywxXcYx0tInLi9OVO_7vdA9bnu3LQFHzP1-SP9-03p5ywbZgFmWXmQLHr7rLn5tlZue_p7e7VRsY8tzCbQ7OfiPYzlFuAJ5lVQXt7u1kz3LTOvDIcHTtGKhF9CydSoFzkSJ6QLXa_V4f5mZL2llw-opj71cHIJSWoCFOkPQfRkhd4CHjKIuER_j69HwQtrFKP5xgeTiAcPSLaDqb28ErnIepU8GUn_Zoz0LW47eCpDguGZuXK-Js_vBXtj2N2jEaprVH3yCdZgJrLrFTNQPx907sCEQXmT7hDeqZD_T2mC1tsQlBlMsHspYuRE7yMGjQcyDFRk0ChXd4sqhaCxFUN0Y4Is3NV8beCcr878cdPhH6atr-m2UBhi-8sN6C4clAvswBKlYhopnqCwpRKt5sUg-unsKpBECbjIl54bnjLSLhTKXfwWMHFrcW6SbR2Kjwux9wCctj2P7iB66urwcEdwzTtC2Q1qwRaAQEOV8uIt0RCQz2kxsCWI_IoWgwCjG4_f7u7tt3mlkV3ynexLZki6tfblS3G0YLYXcaJAswD7BKeIy6w7uzSbe2bWNUANLYKwtcF-1nb1UdpwrOa8chtiMo7LtpK1zzRTHnUk0MGzHwJvLYdmBsCr5mxKnRmqacwwodWoe7OAQJiu2urVr6UYwGOJFq9KtMbUfw1Z20g9VicR5PTnaG1QzRe7TbMkiE1HhutYTc-6LvdtNCCqwhBDLc1L3CiR7O5L8e1H2tR39FIQhB4dNDL9y-XP4Xhfs9jmv4Lo_MY8gTppS6QHay113cZiiyGfcbEC4yw2C4paP0SDrAKJxPm-K8SyvRHwXOQZPp10eF9tKD6gwUbRd9cNEPq2gHsg179WZ378cL2uKGFx2zyyXxE11AM-xFNZb-yryK7znWxmL8g17OGJN9sNvBYtz8A5gZGduku7Qy43aEE4T3sX6fYiAS57r8D8wy348QZDEIMzlFfPs1yBW3YA7tjctx9STwPzpzgFKtMCKK Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Tue, 19 Jul 2022 14:44:54 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 2935	0 20 B	91ms 90ms	Image image/gif	2607:f8b0:4006:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BuXkzZcPWYsfVNKaVoPMPpt2p0A8AAAAAOAHgBAI&bg=!8vGl8bXNAAaYcLjmuHA7ACkAdvg8WjCF4qifeoAWSDnbqjSeGXt5gbEbzi_iT2HQ4NWMHrBsw3jspAIAAAEqUgAAAANoAQcKAEr05_oRY4mW4uQOOMhy3dzVb5jsRiRpmKYMpJtM2sU4lOQx3TIkswnqB2C-fUOZ7jRGCvnjjCiaevXfrl-ErXdn_MyjThEgF3y2XpkCy0Pkr1baOtZZnK35gRP1AMTZCGiPYPM5CYwlwOPs_Ld3BCQJFZDeCPT_pcUUm48aHN2FSYfnqwhfw9Tds4eWKQC0Y3Vgf3vAMiz-H3h1NByT-_74t8stz-93al5OCWwScq1-OWsp8Ld6QbUDTljj3ZbAjRVeyA9ziQapHW40ftCA6ZZdY4pmwY5WZP24gRGX6prVM-iVzLsBOyL3NcU6cS-QUW9JMPYdVimwinxJqpe2mT1OhI4YjPRqXrfrp_IiQo5rAG7cOp5w5zZCVkaVFn2nWiILZ0dO6zlKeHl-_fzwGYQo0C_nxMH4J59zsgWd0YuRPRNSn82J8FZQmBtHBofqlIxJ8JHeh9dLav2ldmrMZ871UBY0GaAsaKRnpvrvmxSrZ6SbtFM9kqw0wfmceWR2TAuHFTSVskNQREmpGQDtUvlVqA_4SUq5I0UP_rOIKCLv_2vfdNdhszuotR8h-Q_wipCreTO3iAjid669SSAWVd62GlsgugVLB0VMXG-glnaOBTUk3WUzHaZVy1WyO-oegcWv5GEZaHkNaHXEwar_CnX92KYII7oPjICXCEJrGPQN70EvIlOaQriQiY4n23ZXRB5Sxr0hqK7I01Px5P2gWW7FSglQKP8ZMVIz9yMwLAduv_bTHzyFH6o4uATpPeG1iVpQULlFAC3MXIH55MlHTwkfPXzfwGFwacSeG0m1InisIW0Bv_MgjSzEqulnMp0ghGvYjl-Dry5TSPj0op44PG8E59zDW6FoBcjUUIIFk_9avX7iX4dJMQtQ-FsubCCaGGuNP8BezQlHz2mEXtdspY9AXS7Lrew7mmpcGS8RYTGMlLF0p6mja9fat2XnCBpo5iB7B1_5IzID7Tc3jqap-jNv0cjktkddLKKeL-5TYs7rwCJJac-7jV_nzaGB-rTG1Lg-0e1KsDwW00R2ojgA_3oVz3soP_6qKfw Requested by Host: flamingtext.com URL: https://flamingtext.com/ads/tribal/tribal.home.right.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Tue, 19 Jul 2022 14:44:54 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	COMMON.css c.evidon.com/a/ Frame 285F	2 KB 984 B	63ms 62ms	Stylesheet text/css	23.199.201.34 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://c.evidon.com/a/COMMON.css?r=0.05572713815245911 Requested by Host: c.evidon.com URL: https://c.evidon.com/geo/ba.js?r220706 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 23.199.201.34 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-199-201-34.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash a3c92e8d35e4e636238e577da8cd44aaf8dd699b719e4125ba0029330edf6907 Request headers accept-language en-CA,en;q=0.9 Referer https://ad.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:55 GMT content-encoding gzip last-modified Thu, 02 Feb 2017 16:26:10 GMT server AkamaiNetStorage etag "c3cc19ce8230df99c7835decc2d79ee8:1486052770" vary Accept-Encoding, Origin access-control-allow-methods GET,OPTIONS,POST content-type text/css access-control-allow-origin access-control-max-age 108000 accept-ranges bytes access-control-allow-headers * content-length 715
GET H2	204	pixel.gif l.betrad.com/ct/0_0_0_64113/ Frame 285F	0 120 B	85ms 25ms	Image text/plain	23.22.26.62 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://l.betrad.com/ct/0_0_0_64113/pixel.gif?e=12&v=2_1&d=ad.doubleclick.net&r=0.5903373175130113 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.22.26.62 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-23-22-26-62.compute-1.amazonaws.com Software / Express Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://ad.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:55 GMT content-encoding gzip x-powered-by Express etag W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI" vary Accept-Encoding
GET H2	200	COMMON.css c.evidon.com/a/ Frame E537	2 KB 984 B	86ms 85ms	Stylesheet text/css	23.199.201.34 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://c.evidon.com/a/COMMON.css?r=0.155800883797947 Requested by Host: c.evidon.com URL: https://c.evidon.com/geo/ba.js?r220706 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 23.199.201.34 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-199-201-34.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash a3c92e8d35e4e636238e577da8cd44aaf8dd699b719e4125ba0029330edf6907 Request headers accept-language en-CA,en;q=0.9 Referer https://ad.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:55 GMT content-encoding gzip last-modified Thu, 02 Feb 2017 16:26:10 GMT server AkamaiNetStorage etag "c3cc19ce8230df99c7835decc2d79ee8:1486052770" vary Accept-Encoding, Origin access-control-allow-methods GET,OPTIONS,POST content-type text/css access-control-allow-origin access-control-max-age 108000 accept-ranges bytes access-control-allow-headers * content-length 715
GET H2	204	pixel.gif l.betrad.com/ct/0_0_0_64113/ Frame E537	0 121 B	68ms 24ms	Image text/plain	23.22.26.62 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://l.betrad.com/ct/0_0_0_64113/pixel.gif?e=12&v=2_1&d=ad.doubleclick.net&r=0.2213830503189529 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.22.26.62 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-23-22-26-62.compute-1.amazonaws.com Software / Express Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://ad.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:55 GMT content-encoding gzip x-powered-by Express etag W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI" vary Accept-Encoding
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 285F	42 B 64 B	78ms 36ms	Fetch image/gif	2607:f8b0:4006:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsutaue89XPgYtIEq2Ft2VdvmYNZ19fdmaI72u0D2sqlUh5go9mW5P5kpsrVn-bs3i0YTscaXXlbiQsjiCmBk0M&sig=Cg0ArKJSzMvpz2LxcttzEAE&id=lidar2&mcvt=1018&p=0,0,600,160&mtos=1018,1018,1018,1018,1018&tos=1018,0,0,0,0&v=20220718&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=1633536224&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1658241893774&rpt=433&met=mue&wmsd=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://ad.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Tue, 19 Jul 2022 14:44:55 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame E537	42 B 64 B	35ms 34ms	Fetch image/gif	2607:f8b0:4006:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv8n-TpgrD8TpT7nx2qqcyQskmYODIaEnyjlvaR28hR6yR6B8nX628hYzhlcTli8vi9YpOkfnkatzsiCZyCIk0&sig=Cg0ArKJSzKajmoa-WxNgEAE&id=lidar2&mcvt=1026&p=0,0,600,160&mtos=1026,1026,1026,1026,1026&tos=1026,0,0,0,0&v=20220718&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=3756665567&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1658241893780&rpt=462&met=mue&wmsd=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://ad.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Tue, 19 Jul 2022 14:44:55 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ad_choices_i_UR.png cdnx.tribalfusion.com/media/common//adChoice/icon/ Frame 24C8	513 B 858 B	20ms 19ms	Image image/png	2606:4700:4400::ac40:98f5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdnx.tribalfusion.com/media/common//adChoice/icon/ad_choices_i_UR.png Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1afa262e624f1634b15d619047f0addeb94a4f964711ae7d89997559ab75e77f Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:55 GMT cf-cache-status HIT age 7702 p3p CP="NOI DEVo TAIa OUR BUS" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 513 x-function 301 last-modified Mon, 22 Mar 2021 08:13:56 GMT server cloudflare etag 1616400836 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png; charset=utf-8 access-control-allow-origin * cache-control public accept-ranges bytes cf-ray 72d43ce7ef507154-YUL expires Tue, 31 Dec 2030 00:00:00 GMT
GET H3	200	ad_choices_UR.png cdnx.tribalfusion.com/media/common//adChoice/icon/ Frame 24C8	2 KB 2 KB	26ms 25ms	Image image/png	2606:4700:4400::ac40:98f5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdnx.tribalfusion.com/media/common//adChoice/icon/ad_choices_UR.png Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 69f04517e8026c40b59c45b86cce990587bd1480ed65a966767c49f3afb9683b Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:55 GMT cf-cache-status HIT age 7709 p3p CP="NOI DEVo TAIa OUR BUS" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1608 x-function 301 last-modified Mon, 22 Mar 2021 08:13:56 GMT server cloudflare etag 1616400836 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png; charset=utf-8 access-control-allow-origin * cache-control public accept-ranges bytes cf-ray 72d43ce7ef517154-YUL expires Tue, 31 Dec 2030 00:00:00 GMT
GET H3	200	ad_choices_i_UR.png cdnx.tribalfusion.com/media/common//adChoice/icon/ Frame C516	513 B 858 B	25ms 24ms	Image image/png	2606:4700:4400::ac40:98f5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdnx.tribalfusion.com/media/common//adChoice/icon/ad_choices_i_UR.png Requested by Host: cdnx.tribalfusion.com URL: https://cdnx.tribalfusion.com/media/common/adChoice/tf_adChoice11.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1afa262e624f1634b15d619047f0addeb94a4f964711ae7d89997559ab75e77f Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:55 GMT cf-cache-status HIT age 7702 p3p CP="NOI DEVo TAIa OUR BUS" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 513 x-function 301 last-modified Mon, 22 Mar 2021 08:13:56 GMT server cloudflare etag 1616400836 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png; charset=utf-8 access-control-allow-origin * cache-control public accept-ranges bytes cf-ray 72d43ce7ff707154-YUL expires Tue, 31 Dec 2030 00:00:00 GMT
GET H3	200	ad_choices_UR.png cdnx.tribalfusion.com/media/common//adChoice/icon/ Frame C516	2 KB 2 KB	19ms 18ms	Image image/png	2606:4700:4400::ac40:98f5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdnx.tribalfusion.com/media/common//adChoice/icon/ad_choices_UR.png Requested by Host: cdnx.tribalfusion.com URL: https://cdnx.tribalfusion.com/media/common/adChoice/tf_adChoice11.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 69f04517e8026c40b59c45b86cce990587bd1480ed65a966767c49f3afb9683b Request headers accept-language en-CA,en;q=0.9 Referer https://flamingtext.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 19 Jul 2022 14:44:55 GMT cf-cache-status HIT age 7709 p3p CP="NOI DEVo TAIa OUR BUS" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1608 x-function 301 last-modified Mon, 22 Mar 2021 08:13:56 GMT server cloudflare etag 1616400836 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png; charset=utf-8 access-control-allow-origin * cache-control public accept-ranges bytes cf-ray 72d43ce7ff717154-YUL expires Tue, 31 Dec 2030 00:00:00 GMT