www.pokemonfanblog.mastertopforum.org Open in urlscan Pro
31.170.105.177 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.pokemonfanblog.mastertopforum.org/
Effective URL:
http://www.pokemonfanblog.mastertopforum.org/noforum.php
Submission: On January 02 via manual (January 2nd 2023, 1:59:44 am UTC) from US — Scanned from US

Summary HTTP 281 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 69 IPs in 5 countries across 56 domains to perform 281 HTTP transactions. The main IP is 31.170.105.177, located in Germany and belongs to BKVG-AS, DE. The main domain is www.pokemonfanblog.mastertopforum.org.

This is the only time www.pokemonfanblog.mastertopforum.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 9	31.170.105.177 31.170.105.177	29141 (BKVG-AS) (BKVG-AS)
7	34.102.136.180 34.102.136.180	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
10	2607:f8b0:400... 2607:f8b0:4006:809::2002	15169 (GOOGLE) (GOOGLE)
2	5.135.162.57 5.135.162.57	16276 (OVH) (OVH)
2 8	87.98.153.73 87.98.153.73	16276 (OVH) (OVH)
1 2	178.32.120.35 178.32.120.35	16276 (OVH) (OVH)
1	79.143.185.233 79.143.185.233	51167 (CONTABO) (CONTABO)
7	2607:f8b0:400... 2607:f8b0:4006:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81e::2002	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:80d::2002	15169 (GOOGLE) (GOOGLE)
7	2607:f8b0:400... 2607:f8b0:4006:80d::2001	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80c::2002	15169 (GOOGLE) (GOOGLE)
2	2620:100:a001::3 2620:100:a001::3	19750 (AS-CRITEO) (AS-CRITEO)
2	2620:100:a001... 2620:100:a001::24	19750 (AS-CRITEO) (AS-CRITEO)
19	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
8	2600:141b:900... 2600:141b:9000::b857:ad51	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	74.119.119.147 74.119.119.147	19750 (AS-CRITEO) (AS-CRITEO)
2 4	142.250.80.38 142.250.80.38	15169 (GOOGLE) (GOOGLE)
2	2600:9000:21d... 2600:9000:21da:3a00:19:fc2c:a140:93a1	16509 (AMAZON-02) (AMAZON-02)
3	5.135.94.16 5.135.94.16	16276 (OVH) (OVH)
1	91.194.90.102 91.194.90.102	51167 (CONTABO) (CONTABO)
8	34.117.228.201 34.117.228.201	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
24	2620:100:a001::a 2620:100:a001::a	19750 (AS-CRITEO) (AS-CRITEO)
5	2620:100:a001... 2620:100:a001::16	19750 (AS-CRITEO) (AS-CRITEO)
3	2607:f8b0:400... 2607:f8b0:4006:81c::2004	15169 (GOOGLE) (GOOGLE)
2 2	2606:ae80:145... 2606:ae80:1451:13::2330	25751 (VALUECLICK) (VALUECLICK)
1 8	142.250.80.98 142.250.80.98	15169 (GOOGLE) (GOOGLE)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	20.230.171.39 20.230.171.39	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	31.220.27.135 31.220.27.135	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2 2	8.43.72.97 8.43.72.97	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	54.166.25.255 54.166.25.255	14618 (AMAZON-AES) (AMAZON-AES)
2 2	18.214.193.123 18.214.193.123	14618 (AMAZON-AES) (AMAZON-AES)
3 3	68.67.160.26 68.67.160.26	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4006:81d::200a	15169 (GOOGLE) (GOOGLE)
28	2607:f8b0:400... 2607:f8b0:4006:821::2003	15169 (GOOGLE) (GOOGLE)
1 1	34.196.132.239 34.196.132.239	14618 (AMAZON-AES) (AMAZON-AES)
2 4	44.206.191.176 44.206.191.176	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.95.127.121 34.95.127.121	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.55.54.43 52.55.54.43	14618 (AMAZON-AES) (AMAZON-AES)
11	2600:9000:21e... 2600:9000:21ea:d000:12:9e5f:cac0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:80c::200a	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:809::2008	15169 (GOOGLE) (GOOGLE)
2	13.33.81.22 13.33.81.22	16509 (AMAZON-02) (AMAZON-02)
2	13.225.223.151 13.225.223.151	16509 (AMAZON-02) (AMAZON-02)
3	2607:f8b0:400... 2607:f8b0:4006:81f::200e	15169 (GOOGLE) (GOOGLE)
1	52.26.55.16 52.26.55.16	16509 (AMAZON-02) (AMAZON-02)
2	18.164.115.222 18.164.115.222	16509 (AMAZON-02) (AMAZON-02)
2	35.201.112.186 35.201.112.186	15169 (GOOGLE) (GOOGLE)
2	44.238.9.245 44.238.9.245	16509 (AMAZON-02) (AMAZON-02)
2	34.117.39.58 34.117.39.58	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	54.234.137.207 54.234.137.207	14618 (AMAZON-AES) (AMAZON-AES)
2	35.244.142.80 35.244.142.80	15169 (GOOGLE) (GOOGLE)
12	18.204.96.124 18.204.96.124	14618 (AMAZON-AES) (AMAZON-AES)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	35.186.249.72 35.186.249.72	15169 (GOOGLE) (GOOGLE)
1	2600:9000:210... 2600:9000:210b:7400:1:fb61:2b80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.164.124.54 18.164.124.54	16509 (AMAZON-02) (AMAZON-02)
6	104.77.150.142 104.77.150.142	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2600:9000:212... 2600:9000:2120:6600:1c:9484:cec0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	143.204.138.162 143.204.138.162	16509 (AMAZON-02) (AMAZON-02)
1 2	142.251.40.102 142.251.40.102	15169 (GOOGLE) (GOOGLE)
1	108.138.128.129 108.138.128.129	16509 (AMAZON-02) (AMAZON-02)
4	2001:4860:480... 2001:4860:4802:36::36	15169 (GOOGLE) (GOOGLE)
1	13.225.214.124 13.225.214.124	16509 (AMAZON-02) (AMAZON-02)
1	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
2	172.64.144.208 172.64.144.208	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	104.18.37.231 104.18.37.231	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:10:... 2606:4700:10::ac43:262d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:1f18:445... 2600:1f18:4457:4601:1af:62d5:3e1a:d655	14618 (AMAZON-AES) (AMAZON-AES)
1 4	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:817::200e	() ()
1	13.225.224.236 13.225.224.236	() ()
281	69

9 31.170.105.177 (Germany) 2 redirects

ASN29141 (BKVG-AS, DE)
PTR: s5.mastertopforum.eu

www.pokemonfanblog.mastertopforum.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.102.136.180 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 180.136.102.34.bc.googleusercontent.com

www.freestats.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:809::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.135.162.57 (Bonneuil-sur-Marne, France)

ASN16276 (OVH, FR)
PTR: ns3310665.ip-5-135-162.eu

www.masterworld.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 87.98.153.73 (France) 2 redirects

ASN16276 (OVH, FR)

awghk956qa.s.ad6media.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ae4p4bar4w.s.ad6media.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.32.120.35 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip35.ip-178-32-120.eu

ae4p4bar4w.s.ad6media.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
style2.ad6.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.143.185.233 (Munich, Germany)

ASN51167 (CONTABO, DE)
PTR: free.ip-233-185-143-79.dehost.org

www.mastertopforum.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:80e::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81e::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80d::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:80d::2001 (Nutley, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80c::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::3 (United States)

ASN19750 (AS-CRITEO, US)

rtb.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::24 (United States)

ASN19750 (AS-CRITEO, US)

ads.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:141b:9000::b857:ad51 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.119.119.147 (United States)

ASN19750 (AS-CRITEO, US)

cat.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.80.38 (Glen Cove, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21da:3a00:19:fc2c:a140:93a1 (United States)

ASN16509 (AMAZON-02, US)

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 5.135.94.16 (Sarlat-la-Canéda, France)

ASN16276 (OVH, FR)
PTR: ip16.ip-5-135-94.eu

c.ad6media.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
style.ad6.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.194.90.102 (Munich, Germany)

ASN51167 (CONTABO, DE)
PTR: vmi391762.contaboserver.net

www.freestats.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.117.228.201 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 201.228.117.34.bc.googleusercontent.com

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtbc-ue1.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-ue1.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2620:100:a001::a (United States)

ASN19750 (AS-CRITEO, US)

pix.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:100:a001::16 (United States)

ASN19750 (AS-CRITEO, US)

csm.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
csm.va.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81c::2004 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:ae80:1451:13::2330 (United States) 2 redirects

ASN25751 (VALUECLICK, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.80.98 (Glen Cove, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.230.171.39 (United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

beacon.walmart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.135 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.43.72.97 (United States) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.166.25.255 (United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-166-25-255.compute-1.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.214.193.123 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-193-123.compute-1.amazonaws.com

cs.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 68.67.160.26 (New York, United States) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81d::200a (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2607:f8b0:4006:821::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.196.132.239 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-132-239.compute-1.amazonaws.com

ad.admitad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 44.206.191.176 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-206-191-176.compute-1.amazonaws.com

freshly.voq9.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.127.121 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 121.127.95.34.bc.googleusercontent.com

www.ojrq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.55.54.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-54-43.compute-1.amazonaws.com

try.freshly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2600:9000:21ea:d000:12:9e5f:cac0:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets-global.website-files.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80c::200a (Nutley, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:809::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.33.81.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-81-22.ewr52.r.cloudfront.net

d3e54v103j8qbb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.223.151 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-223-151.jfk51.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81f::200e (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.26.55.16 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-26-55-16.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.164.115.222 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-115-222.jfk50.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.112.186 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.238.9.245 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-9-245.us-west-2.compute.amazonaws.com

api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.117.39.58 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 58.39.117.34.bc.googleusercontent.com

www.upsellit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.234.137.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-234-137-207.compute-1.amazonaws.com

refer.freshly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.142.80 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 80.142.244.35.bc.googleusercontent.com

cdn.pdst.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 18.204.96.124 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-204-96-124.compute-1.amazonaws.com

s.nbydec.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.249.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.249.186.35.bc.googleusercontent.com

d.impactradius-event.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:210b:7400:1:fb61:2b80:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.levelaccess.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.124.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-124-54.jfk50.r.cloudfront.net

t.a3cloud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.77.150.142 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-77-150-142.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2120:6600:1c:9484:cec0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.attn.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.138.162 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-138-162.ewr52.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f6.1e100.net

8911531.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.128.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-129.jfk50.r.cloudfront.net

cdn.datasteam.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)

us-central1-adaptive-growth.cloudfunctions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.214.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-124.ewr50.r.cloudfront.net

segment.a3cloud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.144.208 (United States)

ASN13335 (CLOUDFLARENET, US)

events.attentivemobile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.37.231 (None, )

ASN13335 (CLOUDFLARENET, US)

freshly.attn.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::ac43:262d (United States)

ASN13335 (CLOUDFLARENET, US)

www.freshly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:4457:4601:1af:62d5:3e1a:d655 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

api.levelaccess.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.33.220.150 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:817::200e (None, )

ASN- ()

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.224.236 (None, )

ASN- ()

www.datadoghq-browser-agent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	criteo.net static.criteo.net — Cisco Umbrella Rank: 743 pix.us.criteo.net — Cisco Umbrella Rank: 3747 csm.us.criteo.net — Cisco Umbrella Rank: 3695 csm.va.us.criteo.net — Cisco Umbrella Rank: 2580	478 KB
28	gstatic.com fonts.gstatic.com	470 KB
21	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 64 ad.doubleclick.net — Cisco Umbrella Rank: 214 cm.g.doubleclick.net — Cisco Umbrella Rank: 321 8911531.fls.doubleclick.net — Cisco Umbrella Rank: 956556	38 KB
17	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 145 tpc.googlesyndication.com — Cisco Umbrella Rank: 187	277 KB
16	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 666 rtb0.doubleverify.com — Cisco Umbrella Rank: 1080 rtbc-ue1.doubleverify.com — Cisco Umbrella Rank: 3812 tps.doubleverify.com — Cisco Umbrella Rank: 696 tpsc-ue1.doubleverify.com — Cisco Umbrella Rank: 2400	274 KB
12	nbydec.com s.nbydec.com	115 KB
11	website-files.com assets-global.website-files.com — Cisco Umbrella Rank: 21627	535 KB
11	ad6media.fr 3 redirects awghk956qa.s.ad6media.fr ae4p4bar4w.s.ad6media.fr c.ad6media.fr — Cisco Umbrella Rank: 887187	35 KB
9	mastertopforum.org 2 redirects www.pokemonfanblog.mastertopforum.org	58 KB
7	freshly.com try.freshly.com refer.freshly.com www.freshly.com — Cisco Umbrella Rank: 728723	89 KB
7	criteo.com rtb.va.us.criteo.com — Cisco Umbrella Rank: 7460 ads.us.criteo.com — Cisco Umbrella Rank: 3616 cat.va.us.criteo.com — Cisco Umbrella Rank: 4429 gum.criteo.com — Cisco Umbrella Rank: 446 mug.criteo.com Failed	109 KB
7	google.com adservice.google.com — Cisco Umbrella Rank: 142 www.google.com — Cisco Umbrella Rank: 16	1 KB
7	freestats.org www.freestats.org
6	adsrvr.org 1 redirects js.adsrvr.org — Cisco Umbrella Rank: 2006 insight.adsrvr.org — Cisco Umbrella Rank: 879 match.adsrvr.org — Cisco Umbrella Rank: 456	5 KB
6	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 883	102 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 123	408 KB
5	attn.tv cdn.attn.tv — Cisco Umbrella Rank: 3584 freshly.attn.tv	81 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 127 ajax.googleapis.com — Cisco Umbrella Rank: 520	15 KB
4	cloudfunctions.net us-central1-adaptive-growth.cloudfunctions.net — Cisco Umbrella Rank: 3773
4	amplitude.com cdn.amplitude.com — Cisco Umbrella Rank: 4606 api.amplitude.com — Cisco Umbrella Rank: 1724	36 KB
4	voq9.net 2 redirects freshly.voq9.net	4 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	132 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 619	12 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 103	86 KB
3	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 318	4 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	216 B
2	attentivemobile.com events.attentivemobile.com — Cisco Umbrella Rank: 3449	790 B
2	a3cloud.net t.a3cloud.net — Cisco Umbrella Rank: 5668 segment.a3cloud.net — Cisco Umbrella Rank: 43642	4 KB
2	levelaccess.net cdn.levelaccess.net — Cisco Umbrella Rank: 21194 api.levelaccess.net — Cisco Umbrella Rank: 24402	62 KB
2	pdst.fm cdn.pdst.fm — Cisco Umbrella Rank: 3721	12 KB
2	upsellit.com www.upsellit.com — Cisco Umbrella Rank: 13315	41 KB
2	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 3932	131 KB
2	segment.com cdn.segment.com — Cisco Umbrella Rank: 2324	133 KB
2	cloudfront.net d3e54v103j8qbb.cloudfront.net	60 KB
2	ojrq.net 1 redirects www.ojrq.net — Cisco Umbrella Rank: 6342	629 B
2	ad6.fr style.ad6.fr — Cisco Umbrella Rank: 145767 style2.ad6.fr	80 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 356	7 KB
2	emxdgt.com 2 redirects cs.emxdgt.com — Cisco Umbrella Rank: 1385	626 B
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 3351	795 B
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 452	1 KB
2	dotomi.com 2 redirects dclk-match.dotomi.com — Cisco Umbrella Rank: 5103	889 B
2	agkn.com d.agkn.com — Cisco Umbrella Rank: 998	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 221	94 KB
2	masterworld.org www.masterworld.org	8 KB
1	datadoghq-browser-agent.com www.datadoghq-browser-agent.com	39 KB
1	googleoptimize.com www.googleoptimize.com	47 KB
1	datasteam.io cdn.datasteam.io — Cisco Umbrella Rank: 24429	23 KB
1	impactradius-event.com d.impactradius-event.com — Cisco Umbrella Rank: 3453	14 KB
1	segment.io api.segment.io — Cisco Umbrella Rank: 1304	174 B
1	admitad.com 1 redirects ad.admitad.com — Cisco Umbrella Rank: 57350	542 B
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 8561	293 B
1	walmart.com 1 redirects beacon.walmart.com — Cisco Umbrella Rank: 5980	580 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 3008	173 B
1	freestats.net www.freestats.net
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1011	702 B
1	mastertopforum.eu www.mastertopforum.eu
281	56

	Domain	Requested by
28	fonts.gstatic.com	fonts.googleapis.com
24	pix.us.criteo.net	ads.us.criteo.com
19	static.criteo.net	ads.us.criteo.com static.criteo.net www.googletagmanager.com
12	s.nbydec.com	www.googletagmanager.com s.nbydec.com
11	assets-global.website-files.com	try.freshly.com www.freshly.com
10	pagead2.googlesyndication.com	www.pokemonfanblog.mastertopforum.org pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
9	www.pokemonfanblog.mastertopforum.org	2 redirects www.pokemonfanblog.mastertopforum.org
8	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net
8	cdn.doubleverify.com	ads.us.criteo.com cdn.doubleverify.com www.pokemonfanblog.mastertopforum.org
7	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.pokemonfanblog.mastertopforum.org www.googletagmanager.com
7	awghk956qa.s.ad6media.fr	2 redirects www.pokemonfanblog.mastertopforum.org c.ad6media.fr
7	www.freestats.org	www.pokemonfanblog.mastertopforum.org
6	analytics.tiktok.com	www.pokemonfanblog.mastertopforum.org analytics.tiktok.com
6	www.googletagmanager.com	try.freshly.com cdn.segment.com www.googletagmanager.com www.freshly.com
4	www.freshly.com	try.freshly.com www.pokemonfanblog.mastertopforum.org www.freshly.com cdn.segment.com
4	us-central1-adaptive-growth.cloudfunctions.net	cdn.segment.com
4	cdn.attn.tv	www.googletagmanager.com cdn.attn.tv
4	freshly.voq9.net	2 redirects d.impactradius-event.com
4	csm.us.criteo.net	ads.us.criteo.com
4	ad.doubleclick.net	2 redirects ads.us.criteo.com
4	adservice.google.com	pagead2.googlesyndication.com 8911531.fls.doubleclick.net
3	match.adsrvr.org	js.adsrvr.org
3	connect.facebook.net	www.pokemonfanblog.mastertopforum.org connect.facebook.net
3	bat.bing.com	www.pokemonfanblog.mastertopforum.org bat.bing.com try.freshly.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	fonts.googleapis.com	cdnjs.cloudflare.com ajax.googleapis.com
3	ib.adnxs.com	3 redirects js.adsrvr.org
3	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com try.freshly.com
2	www.facebook.com	try.freshly.com
2	events.attentivemobile.com	cdn.attn.tv
2	8911531.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	js.adsrvr.org	www.googletagmanager.com match.adsrvr.org
2	cdn.pdst.fm	www.pokemonfanblog.mastertopforum.org
2	refer.freshly.com	www.googletagmanager.com www.freshly.com
2	www.upsellit.com	www.googletagmanager.com
2	api.amplitude.com	cdn.amplitude.com
2	edge.fullstory.com	cdn.segment.com
2	cdn.amplitude.com	cdn.segment.com
2	cdn.segment.com	try.freshly.com www.freshly.com
2	tpsc-ue1.doubleverify.com	cdn.doubleverify.com
2	d3e54v103j8qbb.cloudfront.net	try.freshly.com www.freshly.com
2	ajax.googleapis.com	try.freshly.com www.freshly.com
2	www.ojrq.net	1 redirects
2	cdnjs.cloudflare.com	ads.us.criteo.com www.freshly.com
2	cs.emxdgt.com	2 redirects
2	match.360yield.com	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	dclk-match.dotomi.com	2 redirects
2	tps.doubleverify.com	cdn.doubleverify.com
2	rtbc-ue1.doubleverify.com	cdn.doubleverify.com
2	rtb0.doubleverify.com	cdn.doubleverify.com
2	c.ad6media.fr	awghk956qa.s.ad6media.fr www.pokemonfanblog.mastertopforum.org
2	d.agkn.com	ads.us.criteo.com
2	cat.va.us.criteo.com	ads.us.criteo.com
2	ads.us.criteo.com	googleads.g.doubleclick.net
2	rtb.va.us.criteo.com	googleads.g.doubleclick.net www.pokemonfanblog.mastertopforum.org
2	www.googletagservices.com	googleads.g.doubleclick.net
2	ae4p4bar4w.s.ad6media.fr	1 redirects www.pokemonfanblog.mastertopforum.org
2	www.masterworld.org	www.pokemonfanblog.mastertopforum.org
1	www.datadoghq-browser-agent.com	www.freshly.com
1	www.googleoptimize.com	www.freshly.com
1	insight.adsrvr.org	1 redirects
1	csm.va.us.criteo.net	gum.criteo.com
1	api.levelaccess.net	cdn.levelaccess.net
1	freshly.attn.tv	cdn.segment.com
1	gum.criteo.com	static.criteo.net
1	segment.a3cloud.net	try.freshly.com
1	cdn.datasteam.io	www.googletagmanager.com
1	t.a3cloud.net	www.pokemonfanblog.mastertopforum.org
1	cdn.levelaccess.net	www.googletagmanager.com
1	d.impactradius-event.com	www.pokemonfanblog.mastertopforum.org
1	api.segment.io	cdn.segment.com
1	try.freshly.com	c.ad6media.fr
1	ad.admitad.com	1 redirects
1	style2.ad6.fr
1	style.ad6.fr	www.pokemonfanblog.mastertopforum.org
1	s.uuidksinc.net	1 redirects
1	beacon.walmart.com	1 redirects
1	tr.blismedia.com	googleads.g.doubleclick.net
1	www.freestats.net	www.pokemonfanblog.mastertopforum.org
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.mastertopforum.eu	www.pokemonfanblog.mastertopforum.org
0	mug.criteo.com Failed	try.freshly.com
281	84

This site contains links to these domains. Also see Links.

Domain
demo.mastertopforum.eu
help.mastertopforum.com
www.masterworld.org
www.mastertop100.com
www.scambiositi.com
www.scambiobanner.tv
www.freestats.net
www.freestats.org
s4.mastertopforum.org

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.va.us.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-18` - `2023-03-15`	3 months	crt.sh
*.us.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-12` - `2023-03-10`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-08` - `2023-02-04`	3 months	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-07`	a year	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-09-06` - `2023-09-21`	a year	crt.sh
*.s.ad6media.fr R3	`2022-12-26` - `2023-03-26`	3 months	crt.sh
*.us.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-07` - `2023-02-07`	3 months	crt.sh
*.tps.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2022-09-28` - `2023-10-30`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2022-12-14` - `2023-03-14`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.ad6.fr R3	`2022-11-21` - `2023-02-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
try.freshly.com R3	`2022-12-27` - `2023-03-27`	3 months	crt.sh
*.website-files.com Amazon	`2022-10-12` - `2023-11-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.segment.com Amazon	`2022-12-13` - `2024-01-12`	a year	crt.sh
*.segment.io Amazon	`2022-02-10` - `2023-03-11`	a year	crt.sh
cdn.amplitude.com Amazon	`2021-12-17` - `2023-01-14`	a year	crt.sh
edge.fullstory.com GTS CA 1D4	`2022-12-03` - `2023-03-03`	3 months	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2022-01-28` - `2023-02-28`	a year	crt.sh
*.upsellit.com RapidSSL TLS RSA CA G1	`2022-10-04` - `2023-10-04`	a year	crt.sh
refer.freshly.com R3	`2022-11-06` - `2023-02-04`	3 months	crt.sh
cdn.pdst.fm GTS CA 1D4	`2022-12-01` - `2023-03-01`	3 months	crt.sh
nbydec.com R3	`2022-11-05` - `2023-02-03`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-11-25` - `2023-05-25`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-10-11` - `2023-01-09`	3 months	crt.sh
*.impactradius-event.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-07` - `2024-01-06`	a year	crt.sh
cdn.levelaccess.net Amazon	`2022-12-30` - `2024-01-28`	a year	crt.sh
*.a3cloud.net Amazon	`2022-04-19` - `2023-05-17`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2022-12-15` - `2024-01-15`	a year	crt.sh
*.attn.tv Amazon	`2022-04-04` - `2023-05-02`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
cdn.datasteam.io Amazon	`2022-09-19` - `2023-10-17`	a year	crt.sh
misc.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh
attentivemobile.com Cloudflare Inc ECC CA-3	`2022-12-03` - `2023-12-03`	a year	crt.sh
dzvg.net Amazon	`2022-02-26` - `2023-03-27`	a year	crt.sh
attn.tv Cloudflare Inc ECC CA-3	`2022-12-03` - `2023-12-03`	a year	crt.sh
api.levelaccess.net Amazon	`2022-12-31` - `2024-01-29`	a year	crt.sh
*.va.us.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-10` - `2023-03-13`	3 months	crt.sh
*.ojrq.net Sectigo RSA Domain Validation Secure Server CA	`2022-12-09` - `2024-01-07`	a year	crt.sh
*.datadoghq-browser-agent.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-17` - `2023-02-18`	a year	crt.sh

This page contains 22 frames:

Primary Page: http://www.pokemonfanblog.mastertopforum.org/noforum.php
Frame ID: 4BB01214B935614CFA16F66D326501CE
Requests: 36 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Frame ID: C500EF4981FB50726C564F79F192B254
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0619060941749983&output=html&h=280&slotname=2188020745&adk=2320542684&adf=1965096578&pi=t.ma~as.2188020745&w=1200&fwrn=4&fwrnh=100&lmt=1672624778&rafmt=1&format=1200x280&url=http%3A%2F%2Fwww.pokemonfanblog.mastertopforum.org%2Fnoforum.php&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1672624778278&bpp=6&bdt=300&idt=121&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&correlator=6329505238971&frm=20&pv=2&ga_vid=1097215867.1672624778&ga_sid=1672624778&ga_hid=1159426465&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=172&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071220%2C44777948%2C44779794%2C44780792&oid=2&pvsid=4102389520372628&tmod=847375073&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=4Sp7YTIbk9&p=http%3A//www.pokemonfanblog.mastertopforum.org&dtd=142
Frame ID: 7423E276219E31DAE1E589887B48A7A4
Requests: 8 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=Y7I6igAG018ITyMcAA3d19ufPIDVWvMuWvkRfg&u=%7C9kHa58EtIkRgEFOmDitOaJcNN5nB3s90U8Ro1q5%2BIRc%3D%7C&c1=TUPLs6ok1Ijt5o8rV9_n7MYRYrKQT66mXkvYDtvVwxeRyGoHTHxmvUVIOYZSGisAgWf2QBA45XvouVgguVFcGBbd18BZRO7QaDMITtGTr_8IPsJGrtDvPfeAVWdXTlhq980KgrmP32PWaYZsaNLxR2BZKXZF3Ur0phQspebcAxsSDJwUpIVKwOEVWTBtTqNSZN4uZ2g0e0XzE-zGj0GoSwPobEKWy-jWvXvyJmp8gYdLBI9MIswPpgyUy1XbaYRnPQVOqxEvimpYoK4aLnBAlpyWRrBgt4P64RwCmLoWTC2a_5ixu8NQtSxsMgCuFwWYe9H1t_qlgjihTT5yJeUJNMMHW1ikYpB1Q9egHH0HHf86Kr3beepDWY2H96_DzYcM4B74TbEcpKjJp7wCsxBgNxiMPYzZyX9GUl4v-GOK6AnNUqy36Ow46J-vIOaPFqTye1obRGoSwG7cwtG3gPgSiIq4NGl81sDR4clWOcw1bl5uh7o2lnhUD9B_f9ay0gNyhhbwOo0iZ_YAu82rqjfAIKli5HCVwJrsRfKL4j2W-2CqzcEA44_g8xrsgDHQGewvt935tIQ7zMKkaP7vYE4HoI_KV1yrEy_uuwLKUM1HmXG7h_14ss2YK7PTGLSAfPCxkFIAYgg7LlRLbesEiHbq_Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCn2tVijqyY9-mG5zGvPIP17u3uAucge-wXPKhqap0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItMDYxOTA2MDk0MTc0OTk4M8gBCagDAaoE8wFP0H3RMSI6SOGNZXHLkOd0F9POSxThOcpzwdgazgtmn85_ZKsS6BxzpvCiMvtCACJH3y7c713blGqpwNgT0K80WhY40WrI5aewPqsJeOgpL9pTH3TQZJiBUO5jgnGJcCocamKJdTQQ1fawaw6UPQg59_8cOwgkmf2XJCB72ciQVpydb5_FMTq804Z8Hj5nVfONG9-R_bOe8NBBs3X2_sbfZWNEOvFguf3GO6TgdeMT4s2_7ttX2hKskjem2cr2bqsv4SfLvK-nd60ZeEHlxGqyCRpek8AQm7ovd0RwslaF6gSlLTtYcmOh_6UYr0A-rLS8HbSABoih5fuWkZHYeqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_18Nl4HCNX_YKN9BpTYWJLP-GWBuw%26client%3Dca-pub-0619060941749983%26adurl%3D
Frame ID: 194A349BBC33B7B61B98D2EDDDFE13BB
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0619060941749983&output=html&adk=1812271804&adf=3025194257&lmt=1672624778&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=http%3A%2F%2Fwww.pokemonfanblog.mastertopforum.org%2Fnoforum.php&ea=0&pra=7&wgl=1&dt=1672624778820&bpp=3&bdt=841&idt=3&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1bdcd6456313f912-2224f2880ada00bd%3AT%3D1672624778%3ART%3D1672624778%3AS%3DALNI_Max5XJp00hTdhJMjopB8Pa0au7QCQ&gpic=UID%3D000008f0a03e4e24%3AT%3D1672624778%3ART%3D1672624778%3AS%3DALNI_MZOsxkpaTq_tqriaPNC2yHmL-Tb7A&prev_fmts=1200x280&nras=1&correlator=6329505238971&frm=20&pv=1&ga_vid=1097215867.1672624778&ga_sid=1672624778&ga_hid=1159426465&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071220%2C44777948%2C44779794%2C44780792&oid=2&psts=ACgb8tteBAPvKCxzTFMYK_dk0Qu91fSbtPDUR0yjH7FXGHao__HkRhHPEQSxnsjhpdrhz35Dxvn3f05DuMsOdg&pvsid=4102389520372628&tmod=847375073&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=19
Frame ID: 409C3F3332D4AB828F8F833A0224715A
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3345.js
Frame ID: 80AA9014E3C30B7130F847315EA28D7B
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: A05701CC2E989FA1D9A3C5A5AB79DE8C
Requests: 9 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=Y7I6igANPv0E0Yc0AA5F1Oni0IqGmGMuR1yroQ&u=%7C9kHa58EtIkS4X8VlUvDqM8XU%2BXzVVH48iY1Xq%2BR6SXg%3D%7C&c1=TUPLs6ok1Ijt5o8rV9_n7MYRYrKQT66mXkvYDtvVwxeRyGoHTHxmvUVIOYZSGisAgWf2QBA45XvouVgguVFcGOzHyKYVzkoVjduTNqKrE6-uJ63Cb-C6-AHKVuP1XwzL6Y_tluRRK8ndWTUz6l3Ftm9AS0wdDp8xElYLkaETp8TGms2K0wgjzSlmJlfOBn-1GDaGccnbGAORtpJjTrWDg-jDbuvF41-bAnt5S7DwL39Jvwy0q0SL6sUt1rXj_PXofvcRnyg-S5HWGpgNAb7lt7H_d5ncDi9YdEkjqjnuHAKJSrJPNgvccoPqPQxh-GoVja-IsU8wTxnlO0jBarg_bHlb2JHVxHg3hstKMTTWijjm6NwU8xIH2LA8txtAylxgvu_MopCpBOfqnwUffbsX89sk1Y5OWPidPjhVCPmN8y4bBqYE_V_Red9skY3lU-R4ZsDmNiSehWSW3Xmc44EtNV6xgrJNC4awVwiEN3FW9U7Icukxnbn1ZVckUJrGBZjDvmFtp-siErZvguA1w2EIb-AE-5OemJNxplBbR44DFZnuVS2izKT6VYMbKld4loWQh-xYuonJ0BkWgBA6JrNWfl9UcQcM_iLEMezYoUI-gQC5V17RYrlJf9MZW8wQLRKDNbqkqA5HDDINoRM524ptjGg0__zLi3YV&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXsZ4ijqyY_39NLSOxtYP1Iu5wAGcge-wXILzt52dAcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTA2MTkwNjA5NDE3NDk5ODPIAQmoAwGqBPMBT9DlpUtHmPxoNDpNiieAzsGWmvnjFTxJuFZCr4oCMx5LLH0CXP1zrlhXKNVucJNbYKoCXwes2gR43sXEEq98g-IxFw0ujli-_pFO2GPm1QW1NVbvl2iG90urS1TaarbnwO2F8lKk_l5mSQL6V5Nqj3L2nl7SdpQjBuecvc1a6ugy_r_uGGA8Xf4_M6i3cxhRbBTFat5Hn9xIjb3d0F4HkOA4LM_cVoEzr3Re73G33vNRGbval7PdaP-ykq_XV8OsbRbL6gAWd9Qjhm2L58WLv6EB1_2k_zx048H7aaLlguwjEE8lYpZLpZBSrro4Kid3qs8WgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3Iss8nklOcXpWD1MChbYg4xb3bWw%26client%3Dca-pub-0619060941749983%26adurl%3D
Frame ID: 930F9266B195234E73453C501CF665B2
Requests: 44 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EBD3573974EF36B490ED31D78C74B1DA
Requests: 9 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3345.js
Frame ID: 3E2013FED02114CF709AE85C70DD4A9C
Requests: 3 HTTP requests in this frame

Frame: https://style.ad6.fr/img/m/80992.jpeg?&subid=S2301022593932575683561327766
Frame ID: 9E17CCC79FBBA94E8FBCFB8CD765D85F
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6699339FDCA8BEA436993CA645F37CDD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6399899D30599789E6ECFC05C0A08886
Requests: 2 HTTP requests in this frame

Frame: https://www.freshly.com/
Frame ID: B17D9B7FB9D8BCF74CEB12A9E0D24B44
Requests: 122 HTTP requests in this frame

Frame: https://8911531.fls.doubleclick.net/activityi;dc_pre=CPDzjvDkp_wCFYMOaAgdloUCbA;src=8911531;type=fresh0;cat=fresh0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6548480570037.301
Frame ID: EDAADBEA29A86FC54718E84F02151A89
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.pokemonfanblog.mastertopforum.org&origin=onetag
Frame ID: CFD1155289256D93A17D20EBDCD387F5
Requests: 4 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=mtwxm8i&ref=http%3A%2F%2Fwww.pokemonfanblog.mastertopforum.org%2F&upid=gs2oq0p&upv=1.1.0
Frame ID: DEBF4FCC3418DB4BAEB458C6352CECC9
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=c9067c37-9b38-408d-8584-ab553e2e7cad&google_gid=CAESEK9PcGuDX38h8U2fnBQtXeI&google_cver=1
Frame ID: 56AA78F9F5F9A3371525240E5D65E985
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=c9067c37-9b38-408d-8584-ab553e2e7cad
Frame ID: 2C50353F780676D8376FE17840ADB264
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Frame ID: C559F0561B0ECC650FC25133DB9032F0
Requests: 1 HTTP requests in this frame

Frame: https://www.freshly.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1672617600
Frame ID: C46DE5910C9A0868938CDDD77A08151C
Requests: 2 HTTP requests in this frame

Frame: blob://https://www.freshly.com/5f99aa80-66ff-48dd-ae85-2d02f3ccdbd8
Frame ID: 5B9FEEBCECDB0C8A7D04A393F8E91C43
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Master Top Forum - Free Forum Hosting - Il tuo Forum Gratis subito pronto!

Page URL History Show full URLs

http://www.pokemonfanblog.mastertopforum.org/ HTTP 302
http://www.pokemonfanblog.mastertopforum.org/noforum.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Amplitude (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.amplitude\.com

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Impact (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

d\.impactradius-event\.com

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

281
Requests

87 %
HTTPS

42 %
IPv6

56
Domains

84
Subdomains

69
IPs

5
Countries

4112 kB
Transfer

12961 kB
Size

33
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: http://demo.mastertopforum.eu/
Title: Forum Demo

Search URL Search Domain Scan URL

URL: http://help.mastertopforum.com/
Title: Forum Help

Search URL Search Domain Scan URL

URL: http://demo.mastertopforum.eu/stylesdemo/
Title: Demo Template

Search URL Search Domain Scan URL

URL: http://www.masterworld.org/?linkid=100834
Title: Cerca nel web

Search URL Search Domain Scan URL

URL: http://www.mastertop100.com/data/master.php?id=mastertopforum
Title: Mastertop100.com

Search URL Search Domain Scan URL

URL: http://www.scambiositi.com/
Title: Scambiositi.com

Search URL Search Domain Scan URL

URL: http://www.scambiobanner.tv/
Title: Scambiobanner

Search URL Search Domain Scan URL

URL: http://www.masterworld.org/toprefer/index.cgi?mtfeusuper

Search URL Search Domain Scan URL

URL: http://www.freestats.net/stats.php?i=8

Search URL Search Domain Scan URL

URL: http://www.freestats.org/stats.php?i=174

Search URL Search Domain Scan URL

URL: http://s4.mastertopforum.org/signup.php?lang=italian
Title: Registrati ora!

Search URL Search Domain Scan URL

URL: http://www.mastertop100.com/
Title: MasterTop100.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.pokemonfanblog.mastertopforum.org/ HTTP 302
http://www.pokemonfanblog.mastertopforum.org/noforum.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

http://awghk956qa.s.ad6media.fr/?d=1672624778208&r= HTTP 301
https://awghk956qa.s.ad6media.fr/?d=1672624778208&r=

Request Chain 13

http://ae4p4bar4w.s.ad6media.fr/?d=1672624778209&r= HTTP 301
https://ae4p4bar4w.s.ad6media.fr/?d=1672624778209&r=

Request Chain 14

http://www.pokemonfanblog.mastertopforum.org/linea.gif HTTP 302
http://www.mastertopforum.eu/404.php

Request Chain 35

https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B28205461.342025052;dc_trk_aid=534250294;dc_trk_cid=175324964;ord=63b23a8922e64432ddec1d239e456700;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B28205461.342025052;dc_pre=CJftoe7kp_wCFZS3swodDvcKuw;dc_trk_aid=534250294;dc_trk_cid=175324964;ord=63b23a8922e64432ddec1d239e456700;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=

Request Chain 71

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEPBUNJoJFc4opCAfcRW0yjQ&google_cver=1&google_push=AavPq0MIl7cyJ7vXuBQi6OD4DQyZtZJ-AtGy6pwCHjzjqRI9UN0D0fcTdJMNYYw3chOE54lqNgNvVmXnqxDMp-r8ChlSR_1fxmgA-A HTTP 302
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=4c9013feba271061&is_secure=true&networkId=14000&version=1&google_gid=CAESEPBUNJoJFc4opCAfcRW0yjQ&google_cver=1&google_push=AavPq0MIl7cyJ7vXuBQi6OD4DQyZtZJ-AtGy6pwCHjzjqRI9UN0D0fcTdJMNYYw3chOE54lqNgNvVmXnqxDMp-r8ChlSR_1fxmgA-A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAF0a1cerDDygMztbMKAAAAAAA&expiration=1672711179&google_cver=1&is_secure=true&google_gid=CAESEPBUNJoJFc4opCAfcRW0yjQ&google_push=AavPq0MIl7cyJ7vXuBQi6OD4DQyZtZJ-AtGy6pwCHjzjqRI9UN0D0fcTdJMNYYw3chOE54lqNgNvVmXnqxDMp-r8ChlSR_1fxmgA-A

Request Chain 73

https://beacon.walmart.com/etap.gif?tap=gAds&google_gid=CAESEOanvtx9sLozBJbQPoavFsc&google_cver=1&google_push=AavPq0NkUzB6ZTkJXHuu0hcpYlG99umvQcighJ4R26dS-oM6OknMtf2cxbmKHoSwJwt_7pqnC_ENxRuztZYyJc3daP905Zeg52IgU6M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=Ss3d9VNoWRYDkGEawToPPw&tap=gAds&google_gid=CAESEOanvtx9sLozBJbQPoavFsc&google_cver=1&google_push=AavPq0NkUzB6ZTkJXHuu0hcpYlG99umvQcighJ4R26dS-oM6OknMtf2cxbmKHoSwJwt_7pqnC_ENxRuztZYyJc3daP905Zeg52IgU6M

Request Chain 74

https://s.uuidksinc.net/match/47/?remote_uid=CAESEHU2xSwkETo2MbLN7ctVfJE&c_param1=AavPq0MmxmLbDnQM0wnPho2SoLYRxbNp7Vwf-DSXh1vlVZ7adq937djNUW9quH-lAqfi5GMGLaMgKzfcqtP7xn4CjqQMiJwY2iNXFZY&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AavPq0MmxmLbDnQM0wnPho2SoLYRxbNp7Vwf-DSXh1vlVZ7adq937djNUW9quH-lAqfi5GMGLaMgKzfcqtP7xn4CjqQMiJwY2iNXFZY

Request Chain 75

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELqtpSIqn_ghdvbrxdLMuCw&google_cver=1&google_push=AavPq0Pu-A8PvWQ_tCuhlqstXrQcELTwNzpMWPrK9Jhyx84lXfP_IlFIs_kA1EzBSWyur6ADkD5LXWu-ydN-xB1pAfudb5u_igxfEQs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENFNUxWTFYtVy1MVzlM&google_push=AavPq0Pu-A8PvWQ_tCuhlqstXrQcELTwNzpMWPrK9Jhyx84lXfP_IlFIs_kA1EzBSWyur6ADkD5LXWu-ydN-xB1pAfudb5u_igxfEQs

Request Chain 76

https://match.360yield.com/match/ebda?google_gid=CAESEFI5z_3lZFw7zGtXMEEBxXA&google_cver=1&google_push=AavPq0Oic-AMKAfld6QznjsEBg9-WEu0x75vd0RzwNBbKQfFuRrrfl9WeUcEHu3Q3nZ_2fWIJD_yYjGFXRjEDEgQh7dNeB5EnX87bZA HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEFI5z_3lZFw7zGtXMEEBxXA&google_cver=1&google_push=AavPq0Oic-AMKAfld6QznjsEBg9-WEu0x75vd0RzwNBbKQfFuRrrfl9WeUcEHu3Q3nZ_2fWIJD_yYjGFXRjEDEgQh7dNeB5EnX87bZA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=dd0tVBUhS8eE6EKCyDPw-Q&google_push=AavPq0Oic-AMKAfld6QznjsEBg9-WEu0x75vd0RzwNBbKQfFuRrrfl9WeUcEHu3Q3nZ_2fWIJD_yYjGFXRjEDEgQh7dNeB5EnX87bZA

Request Chain 77

https://cs.emxdgt.com/um?ssp=google_ob&google_gid=CAESEE0WOfD9IS1kEbelC2wdrMo&google_cver=1&google_push=AavPq0M1cRMQ6t2AkHYpfbEmSYXbLATsCuPH03KAzWNqqzMWz7wI06S_Xs4aIZ0qU6TEey4fuoodxAOKO7m9HcvUvv1v_4FyBdwPBkXJ HTTP 302
https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Demx_eb%26google_hm%3DNTY4MTE2NzI2MjQ3NzkzNDQ0OTFiMQ%3D%3D&b64_redirect=aHR0cHM6Ly9jbS5nLmRvdWJsZWNsaWNrLm5ldC9waXhlbD9nb29nbGVfbmlkPWVteF9lYiZnb29nbGVfaG09TlRZNE1URTJOekkyTWpRM056a3pORFEwT1RGaU1RPT0=&ssp=google_ob HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcs.emxdgt.com%2Fumcheck%3Fapnxid%3D%24UID%26redirect%3Dhttps%253A%252F%252Fcm.g.doubleclick.net%252Fpixel%253Fgoogle_nid%253Demx_eb%2526google_hm%253DNTY4MTE2NzI2MjQ3NzkzNDQ0OTFiMQ%253D%253D%26b64_redirect%3DaHR0cHM6Ly9jbS5nLmRvdWJsZWNsaWNrLm5ldC9waXhlbD9nb29nbGVfbmlkPWVteF9lYiZnb29nbGVfaG09TlRZNE1URTJOekkyTWpRM056a3pORFEwT1RGaU1RPT0%3D%26ssp%3Dgoogle_ob HTTP 302
https://cs.emxdgt.com/umcheck?apnxid=6228024670653928126&redirect=https://cm.g.doubleclick.net/pixel?google_nid=emx_eb&google_hm=NTY4MTE2NzI2MjQ3NzkzNDQ0OTFiMQ==&b64_redirect=aHR0cHM6Ly9jbS5nLmRvdWJsZWNsaWNrLm5ldC9waXhlbD9nb29nbGVfbmlkPWVteF9lYiZnb29nbGVfaG09TlRZNE1URTJOekkyTWpRM056a3pORFEwT1RGaU1RPT0=&ssp=google_ob HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=emx_eb&google_hm=NTY4MTE2NzI2MjQ3NzkzNDQ0OTFiMQ==

Request Chain 88

https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B28205461.342025052;dc_trk_aid=534250294;dc_trk_cid=175324964;ord=63b23a8a40b563112193d629ad0b5efa;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B28205461.342025052;dc_pre=COnCxu7kp_wCFcqLswodmRMBfQ;dc_trk_aid=534250294;dc_trk_cid=175324964;ord=63b23a8a40b563112193d629ad0b5efa;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=

Request Chain 141

https://awghk956qa.s.ad6media.fr/p/54341/27766/13/0/0/0/0/3.0857/0/0/0/4/0/259393257568356/64668/0/fcd0f17511c987fb7e40f9d478224232?&ref=www.pokemonfanblog.mastertopforum.org&t=c HTTP 302
https://ad.admitad.com/g/d5n2rkxbc8832cbddfa7b996fda4e8/?&subid=S2301022593932575683561327766& HTTP 302
https://freshly.voq9.net/c/1310690/278160/4458?Subid1=fab6c2abefc102bac83ab4028656a87b&sharedid=957691 HTTP 302
https://www.ojrq.net/p/?return=https%3A%2F%2Ffreshly.voq9.net%2Fc%2F1310690%2F278160%2F4458%3FSubid1%3Dfab6c2abefc102bac83ab4028656a87b%26sharedid%3D957691%26level%3D1%26srcref%3Dhttp%253A%252F%252Fwww.pokemonfanblog.mastertopforum.org%252F&cid=4458&tpsync=yes HTTP 302
https://freshly.voq9.net/c/1310690/278160/4458?Subid1=fab6c2abefc102bac83ab4028656a87b&sharedid=957691&level=1&srcref=http%3A%2F%2Fwww.pokemonfanblog.mastertopforum.org%2F&brwsr=1ea01c3d-8a41-11ed-bd4e-593d29e9878a&brwsrsig=Sz6XAl3LEykHXslxJvTisRysTFI06W HTTP 301
https://try.freshly.com/freshly-lp/affiliate-get-125-off?clickid=x%3Asxc9UJxxyNTdX1o92qJUHWUkAzpyUctyuWQQ0&irgwc=1&utm_medium=affiliate&utm_source=ignite&affsrc=1&utm_term=paid-affiliate&utm_adid=278160&utm_campaign=&plan_id=&promo_code=SAVE125AFF

Request Chain 188

https://8911531.fls.doubleclick.net/activityi;src=8911531;type=fresh0;cat=fresh0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6548480570037.301 HTTP 302
https://8911531.fls.doubleclick.net/activityi;dc_pre=CPDzjvDkp_wCFYMOaAgdloUCbA;src=8911531;type=fresh0;cat=fresh0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6548480570037.301

Request Chain 198

https://ib.adnxs.com/getuid?//segment.a3cloud.net/px.png?uid=$UID&cid=AM-141602&sid=57747404&url=%28iframed%29http%3A//www.pokemonfanblog.mastertopforum.org/&vars= HTTP 302
https://segment.a3cloud.net/px.png?uid=6228024670653928126&cid=AM-141602&sid=57747404&url=(iframed)http://www.pokemonfanblog.mastertopforum.org/&vars=

Request Chain 219

https://gum.criteo.com/sid/json?origin=onetag&domain=try.freshly.com&sn=ChromeSyncframe&so=0&topUrl=www.pokemonfanblog.mastertopforum.org&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=r0qZ5Xw3QVlkSjUxSzdIMWVuOUduelk4eXN6UGxiUjR0MnRMMW9lcjF5eFJ5OENMNWJKd1VrLzlQTmYxbTk0TVRraEpJY0pLU1I2emxLY3hUY0M2UENiRjNqaFpRWjhESGQzRkY0dU16UnhOUFZ0ZHJYQ2ppMVArNlpCSWhZK0xFeXZMYUNWMDNmbDNBZGtmNVkwTkdPdVRGNCt4RUQrdzdCZ29ncjBlTkZaSmFUelBZRFFVa3RET3RYY0RNOVhKSlQxWC9JSFdENktKODRCNjVJVDM5YTM1WTlFL2xib3hHTVpSV1BBVzRoZm85RTE3T28wZzBoTVpQVG42TS96dWU4dVZSbThrS2pxcUp1VmV6NjBFN0pYZXdNa1ArZkQvSWxyM3pNTTJpZ2thL3pnWUVMWG5KNHV1MFRNaTRPNzRMKzIrUHw&cppv=2

Request Chain 227

https://insight.adsrvr.org/track/up?adv=mtwxm8i&ref=http%3A%2F%2Fwww.pokemonfanblog.mastertopforum.org%2F&upid=gs2oq0p&upv=1.1.0 HTTP 302
https://match.adsrvr.org/track/upb/?adv=mtwxm8i&ref=http%3A%2F%2Fwww.pokemonfanblog.mastertopforum.org%2F&upid=gs2oq0p&upv=1.1.0

Request Chain 229

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=YzkwNjdjMzctOWIzOC00MDhkLTg1ODQtYWI1NTNlMmU3Y2Fk&gdpr=0&gdpr_consent=&ttd_tdid=c9067c37-9b38-408d-8584-ab553e2e7cad HTTP 302
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=c9067c37-9b38-408d-8584-ab553e2e7cad&google_gid=CAESEK9PcGuDX38h8U2fnBQtXeI&google_cver=1

Request Chain 231

https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=c9067c37-9b38-408d-8584-ab553e2e7cad&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0

281 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.0

500
Internal Server Error

Primary Request noforum.php Show response
www.pokemonfanblog.mastertopforum.org/
Redirect Chain

http://www.pokemonfanblog.mastertopforum.org/
http://www.pokemonfanblog.mastertopforum.org/noforum.php

11 KB
11 KB

86ms
85ms

Document
text/html

31.170.105.177
BKVG-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php
Protocol: HTTP/1.0
Server: 31.170.105.177 , Germany, ASN29141 (BKVG-AS, DE),
Reverse DNS: s5.mastertopforum.eu
Software: Apache/2.2.15 / PHP/5.3.3
Resource Hash: acbefd3e3e650078b1d087ce4204198edda7901b41ae21d3570b6ff9851fc9cf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Date: Mon, 02 Jan 2023 02:09:59 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: Apache/2.2.15
X-Powered-By: PHP/5.3.3

Redirect headers

Connection: close
Content-Length: 0
Content-Type: text/html; charset=ISO-8859-1
Date: Mon, 02 Jan 2023 02:09:59 GMT
Location: http://www.pokemonfanblog.mastertopforum.org/noforum.php
Server: Apache/2.2.15
X-Powered-By: PHP/5.3.3

GET
H/1.1 200
OK stile.css
www.pokemonfanblog.mastertopforum.org/ 4 KB
4 KB 223ms
138ms Stylesheet
text/css 31.170.105.177
BKVG-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.pokemonfanblog.mastertopforum.org/stile.css
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php
Protocol: HTTP/1.1
Server: 31.170.105.177 , Germany, ASN29141 (BKVG-AS, DE),
Reverse DNS: s5.mastertopforum.eu
Software: Apache/2.2.15 /
Resource Hash: c93aa25a43fb8f3fc998fefc3188b4712ba1e34c6e87826141f97aa2e6f05213

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/noforum.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 02:09:59 GMT
Last-Modified: Sat, 09 Oct 2004 12:23:58 GMT
Server: Apache/2.2.15
ETag: "2aa396-ef2-3e602cd405380"
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 3826

GET
H/1.1 200
OK destra.gif
www.pokemonfanblog.mastertopforum.org/ 14 KB
15 KB 177ms
93ms Image
image/gif 31.170.105.177
BKVG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.pokemonfanblog.mastertopforum.org/destra.gif
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php
Protocol: HTTP/1.1
Server: 31.170.105.177 , Germany, ASN29141 (BKVG-AS, DE),
Reverse DNS: s5.mastertopforum.eu
Software: Apache/2.2.15 /
Resource Hash: 100a79221e013ca1fe205e594222ffc28722f4fadeaac7ee31f9abf842f2d067

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/noforum.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 02:09:59 GMT
Last-Modified: Sat, 09 Oct 2004 12:21:36 GMT
Server: Apache/2.2.15
ETag: "2aa331-39ee-3e602c4c99400"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 14830

GET
H/1.1 200
OK us.png
www.freestats.org/plugins/ip2country/flags/ 0
0 103ms
22ms Image
text/html 34.102.136.180
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.freestats.org/plugins/ip2country/flags/us.png
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php
Protocol: HTTP/1.1
Server: 34.102.136.180 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 180.136.102.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H/1.1 200
OK de.png
www.freestats.org/plugins/ip2country/flags/ 0
0 103ms
22ms Image
text/html 34.102.136.180
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.freestats.org/plugins/ip2country/flags/de.png
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php
Protocol: HTTP/1.1
Server: 34.102.136.180 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 180.136.102.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H/1.1 200
OK it.png
www.freestats.org/plugins/ip2country/flags/ 0
0 105ms
24ms Image
text/html 34.102.136.180
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.freestats.org/plugins/ip2country/flags/it.png
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php
Protocol: HTTP/1.1
Server: 34.102.136.180 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 180.136.102.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H/1.1 200
OK fr.png
www.freestats.org/plugins/ip2country/flags/ 0
0 104ms
22ms Image
text/html 34.102.136.180
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.freestats.org/plugins/ip2country/flags/fr.png
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php
Protocol: HTTP/1.1
Server: 34.102.136.180 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 180.136.102.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H/1.1 200
OK es.png
www.freestats.org/plugins/ip2country/flags/ 0
0 110ms
24ms Image
text/html 34.102.136.180
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.freestats.org/plugins/ip2country/flags/es.png
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php
Protocol: HTTP/1.1
Server: 34.102.136.180 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 180.136.102.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H/1.1 200
OK br.png
www.freestats.org/plugins/ip2country/flags/ 0
0 108ms
23ms Image
text/html 34.102.136.180
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.freestats.org/plugins/ip2country/flags/br.png
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php
Protocol: HTTP/1.1
Server: 34.102.136.180 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 180.136.102.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
51 KB 42ms
27ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php

Protocol

HTTP/1.1

Server

2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f0092853ca3ecdd45ed725d5a8a2b7985720f9683774e579d58a00ff9d0099a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 01:59:38 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 52080
X-XSS-Protection: 0
Server: cafe
ETag: 16233745303637722886
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Mon, 02 Jan 2023 01:59:38 GMT

GET
H/1.1 200
OK minimize.gif
www.pokemonfanblog.mastertopforum.org/ 69 B
313 B 215ms
120ms Image
image/gif 31.170.105.177
BKVG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.pokemonfanblog.mastertopforum.org/minimize.gif
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php
Protocol: HTTP/1.1
Server: 31.170.105.177 , Germany, ASN29141 (BKVG-AS, DE),
Reverse DNS: s5.mastertopforum.eu
Software: Apache/2.2.15 /
Resource Hash: 6cc31cc35cfa43adcc675bd940550fe24aa51b8127144b511ab2cdbda94dffb5

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/noforum.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 02:10:00 GMT
Last-Modified: Sat, 09 Oct 2004 12:22:38 GMT
Server: Apache/2.2.15
ETag: "2aa35a-45-3e602c87b9f80"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 69

GET
H/1.1 200
OK masterworld88x31.gif
www.masterworld.org/images/ 3 KB
4 KB 339ms
88ms Image
image/gif 5.135.162.57
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.masterworld.org/images/masterworld88x31.gif
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php
Protocol: HTTP/1.1
Server: 5.135.162.57 Bonneuil-sur-Marne, France, ASN16276 (OVH, FR),
Reverse DNS: ns3310665.ip-5-135-162.eu
Software: Apache/2.2.15 /
Resource Hash: 467f1fc56a98e88d57d231446f032a1e3efa853f01409654ab1d90afccfaa5e3

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 02:20:06 GMT
Last-Modified: Mon, 26 Dec 2005 20:14:01 GMT
Server: Apache/2.2.15
ETag: "fe317d-d3c-408d901fb1440"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 3388

GET
H/1.1 200
OK toprefer_88x31.gif
www.masterworld.org/images/ 4 KB
4 KB 331ms
87ms Image
image/gif 5.135.162.57
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.masterworld.org/images/toprefer_88x31.gif
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php
Protocol: HTTP/1.1
Server: 5.135.162.57 Bonneuil-sur-Marne, France, ASN16276 (OVH, FR),
Reverse DNS: ns3310665.ip-5-135-162.eu
Software: Apache/2.2.15 /
Resource Hash: 35ace17c92ca477853ce11c45e198abd3cb26a41f11a4411a9dea48ec25b478c

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 02:20:06 GMT
Last-Modified: Mon, 23 Feb 2009 11:08:56 GMT
Server: Apache/2.2.15
ETag: "fe31de-10a1-4639407528200"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 4257

GET
H2

200

/ Show response
awghk956qa.s.ad6media.fr/
Redirect Chain

http://awghk956qa.s.ad6media.fr/?d=1672624778208&r=
https://awghk956qa.s.ad6media.fr/?d=1672624778208&r=

365 B
792 B

259ms
91ms

Script
application/javascript

87.98.153.73
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://awghk956qa.s.ad6media.fr/?d=1672624778208&r=
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php
Protocol: H2
Server: 87.98.153.73 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 0416a2add9e2c1d7dcf9e9009ff3b4bf43fdfd100bafa297f11bd6f960b78b04

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: application/javascript
date: Mon, 02 Jan 2023 01:59:38 GMT
server: nginx
timing-allow-origin: *
report-to: { "url": "https://report.s.ad6media.fr/reports", "max_age": 10886400, "include_subdomains":true }
p3p: policyref="https://www.ad6media.fr/w3c/p3p.xml", CP="NOI DEVa TAIa OUR BUS UNI"

Redirect headers

location: https://awghk956qa.s.ad6media.fr/?d=1672624778208&r=
content-length: 0

GET
H2

404

/
ae4p4bar4w.s.ad6media.fr/
Redirect Chain

http://ae4p4bar4w.s.ad6media.fr/?d=1672624778209&r=
https://ae4p4bar4w.s.ad6media.fr/?d=1672624778209&r=

0
0

270ms
92ms

Script
application/javascript

87.98.153.73
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ae4p4bar4w.s.ad6media.fr/?d=1672624778209&r=
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php
Protocol: H2
Server: 87.98.153.73 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: application/javascript
date: Mon, 02 Jan 2023 01:59:38 GMT
server: nginx
timing-allow-origin: *
report-to: { "url": "https://report.s.ad6media.fr/reports", "max_age": 10886400, "include_subdomains":true }
p3p: policyref="https://www.ad6media.fr/w3c/p3p.xml", CP="NOI DEVa TAIa OUR BUS UNI"

Redirect headers

location: https://ae4p4bar4w.s.ad6media.fr/?d=1672624778209&r=
content-length: 0

GET
H/1.1

200
OK

404.php
www.mastertopforum.eu/
Redirect Chain

http://www.pokemonfanblog.mastertopforum.org/linea.gif
http://www.mastertopforum.eu/404.php

0
0

747ms
100ms

Image
text/html

79.143.185.233
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.mastertopforum.eu/404.php
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/stile.css
Protocol: HTTP/1.1
Server: 79.143.185.233 Munich, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: free.ip-233-185-143-79.dehost.org
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

Location: http://www.mastertopforum.eu/404.php
Date: Mon, 02 Jan 2023 02:10:00 GMT
Server: Apache/2.2.15
Connection: close
Content-Length: 220
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK titolo.jpg
www.pokemonfanblog.mastertopforum.org/ 24 KB
25 KB 236ms
154ms Image
image/jpeg 31.170.105.177
BKVG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.pokemonfanblog.mastertopforum.org/titolo.jpg
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/stile.css
Protocol: HTTP/1.1
Server: 31.170.105.177 , Germany, ASN29141 (BKVG-AS, DE),
Reverse DNS: s5.mastertopforum.eu
Software: Apache/2.2.15 /
Resource Hash: f1a669735fa107786f09178de699852a83d5db33483da7865e98a96edbe5f636

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/stile.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 02:10:00 GMT
Last-Modified: Thu, 06 Jan 2005 22:42:28 GMT
Server: Apache/2.2.15
ETag: "2aa39a-616d-3ed09d10e5d00"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 24941

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/ 356 KB
118 KB 70ms
47ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071220

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23b24518efe8efd233f0c97b5920c44754a3b53f6b58d217d5154ca1a0ae6feb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120001
x-xss-protection: 0
server: cafe
etag: 9369802180812733804
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 01:59:38 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame C500 10 KB
5 KB 37ms
4ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.pokemonfanblog.mastertopforum.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 19160
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 01 Jan 2023 20:40:18 GMT
etag: 10353107486223812946
expires: Sun, 15 Jan 2023 20:40:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 403 B
702 B 40ms
21ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.pokemonfanblog.mastertopforum.org&callback=_gfp_s_&client=ca-pub-0619060941749983&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071220

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b18d7ea491675cad697579c52f8b29bab5d9974f2820a5f55d4ab2394c99e00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 257
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 44ms
23ms Script
application/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.pokemonfanblog.mastertopforum.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071220

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7423 23 KB
10 KB 199ms
197ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0619060941749983&output=html&h=280&slotname=2188020745&adk=2320542684&adf=1965096578&pi=t.ma~as.2188020745&w=1200&fwrn=4&fwrnh=100&lmt=1672624778&rafmt=1&format=1200x280&url=http%3A%2F%2Fwww.pokemonfanblog.mastertopforum.org%2Fnoforum.php&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1672624778278&bpp=6&bdt=300&idt=121&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&correlator=6329505238971&frm=20&pv=2&ga_vid=1097215867.1672624778&ga_sid=1672624778&ga_hid=1159426465&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=172&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071220%2C44777948%2C44779794%2C44780792&oid=2&pvsid=4102389520372628&tmod=847375073&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=4Sp7YTIbk9&p=http%3A//www.pokemonfanblog.mastertopforum.org&dtd=142

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071220

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2a28a2ca43c28aad6727fb0c617422488f1f0315268fa53f457ef517ab3f03b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.pokemonfanblog.mastertopforum.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9927
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Jan 2023 01:59:38 GMT
expires: Mon, 02 Jan 2023 01:59:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 7423 3 KB
1 KB 24ms
5ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0619060941749983&output=html&h=280&slotname=2188020745&adk=2320542684&adf=1965096578&pi=t.ma~as.2188020745&w=1200&fwrn=4&fwrnh=100&lmt=1672624778&rafmt=1&format=1200x280&url=http%3A%2F%2Fwww.pokemonfanblog.mastertopforum.org%2Fnoforum.php&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1672624778278&bpp=6&bdt=300&idt=121&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&correlator=6329505238971&frm=20&pv=2&ga_vid=1097215867.1672624778&ga_sid=1672624778&ga_hid=1159426465&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=172&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071220%2C44777948%2C44779794%2C44780792&oid=2&pvsid=4102389520372628&tmod=847375073&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=4Sp7YTIbk9&p=http%3A//www.pokemonfanblog.mastertopforum.org&dtd=142

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 21:40:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15525
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Jan 2023 21:40:53 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 7423 18 KB
8 KB 23ms
4ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 19:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23684
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Jan 2023 19:24:54 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7423 153 KB
47 KB 51ms
22ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 02 Jan 2023 01:59:38 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7423 0
0 29ms
29ms Fetch
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CJup_ijqyY9-mG5zGvPIP17u3uAucge-wXPKhqap0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItMDYxOTA2MDk0MTc0OTk4M8gBCagDAaoE8AFP0H3RMSI6SOGNZXHLkOd0F9POSxThOcpzwdgazgtmn85_ZKsS6BxzpvCiMvtCACJH3y7c713blGqpwNgT0K80WhY40WrI5aewPqsJeOgpL9pTH3TQZJiBUO5jgnGJcCocamKJdTQQ1fawaw6UPQg59_8cOwgkmf2XJCB72ciQVpydb5_FMTq804Z8Hj5nVfONG9-R_bOe8NBBs3X2_sbfZWNEOvFguf3GO6TgdeMT4s2_7ttX2hKskjem2cr2bqsv4SfLvK-nd60ZeAPn5PgZ-5NeUEl9F1FV_ofHjn6MxBxhtsgi-6of4YkABpavrHeABoih5fuWkZHYeqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTA2MTkwNjA5NDE3NDk5ODMYAA&sigh=vedNBE9VOug&uach_m=[UACH]&cid=CAQSGwDq26N9JT_fvUl7Oz3LoZdiTX9UuV-gzVSr5RgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0619060941749983&output=html&h=280&slotname=2188020745&adk=2320542684&adf=1965096578&pi=t.ma~as.2188020745&w=1200&fwrn=4&fwrnh=100&lmt=1672624778&rafmt=1&format=1200x280&url=http%3A%2F%2Fwww.pokemonfanblog.mastertopforum.org%2Fnoforum.php&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1672624778278&bpp=6&bdt=300&idt=121&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&correlator=6329505238971&frm=20&pv=2&ga_vid=1097215867.1672624778&ga_sid=1672624778&ga_hid=1159426465&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=172&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071220%2C44777948%2C44779794%2C44780792&oid=2&pvsid=4102389520372628&tmod=847375073&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=4Sp7YTIbk9&p=http%3A//www.pokemonfanblog.mastertopforum.org&dtd=142
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 02 Jan 2023 01:59:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 02 Jan 2023 01:59:38 GMT

GET
H2 200 notify
rtb.va.us.criteo.com/google/auction/ Frame 7423 0
0 33ms
9ms Fetch 2620:100:a001::3
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kK_oEs36RLAJmALiIp0XAgAAAPUQT14D7eCdEIo6smPES_lrlFUt-a4mGgASAAA&wp=Y7I6igAG018ITyMcAA3d19ufPIDVWvMuWvkRfg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:38 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 235131
content-length: 0

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame 194A 125 KB
44 KB 83ms
63ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=Y7I6igAG018ITyMcAA3d19ufPIDVWvMuWvkRfg&u=%7C9kHa58EtIkRgEFOmDitOaJcNN5nB3s90U8Ro1q5%2BIRc%3D%7C&c1=TUPLs6ok1Ijt5o8rV9_n7MYRYrKQT66mXkvYDtvVwxeRyGoHTHxmvUVIOYZSGisAgWf2QBA45XvouVgguVFcGBbd18BZRO7QaDMITtGTr_8IPsJGrtDvPfeAVWdXTlhq980KgrmP32PWaYZsaNLxR2BZKXZF3Ur0phQspebcAxsSDJwUpIVKwOEVWTBtTqNSZN4uZ2g0e0XzE-zGj0GoSwPobEKWy-jWvXvyJmp8gYdLBI9MIswPpgyUy1XbaYRnPQVOqxEvimpYoK4aLnBAlpyWRrBgt4P64RwCmLoWTC2a_5ixu8NQtSxsMgCuFwWYe9H1t_qlgjihTT5yJeUJNMMHW1ikYpB1Q9egHH0HHf86Kr3beepDWY2H96_DzYcM4B74TbEcpKjJp7wCsxBgNxiMPYzZyX9GUl4v-GOK6AnNUqy36Ow46J-vIOaPFqTye1obRGoSwG7cwtG3gPgSiIq4NGl81sDR4clWOcw1bl5uh7o2lnhUD9B_f9ay0gNyhhbwOo0iZ_YAu82rqjfAIKli5HCVwJrsRfKL4j2W-2CqzcEA44_g8xrsgDHQGewvt935tIQ7zMKkaP7vYE4HoI_KV1yrEy_uuwLKUM1HmXG7h_14ss2YK7PTGLSAfPCxkFIAYgg7LlRLbesEiHbq_Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCn2tVijqyY9-mG5zGvPIP17u3uAucge-wXPKhqap0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItMDYxOTA2MDk0MTc0OTk4M8gBCagDAaoE8wFP0H3RMSI6SOGNZXHLkOd0F9POSxThOcpzwdgazgtmn85_ZKsS6BxzpvCiMvtCACJH3y7c713blGqpwNgT0K80WhY40WrI5aewPqsJeOgpL9pTH3TQZJiBUO5jgnGJcCocamKJdTQQ1fawaw6UPQg59_8cOwgkmf2XJCB72ciQVpydb5_FMTq804Z8Hj5nVfONG9-R_bOe8NBBs3X2_sbfZWNEOvFguf3GO6TgdeMT4s2_7ttX2hKskjem2cr2bqsv4SfLvK-nd60ZeEHlxGqyCRpek8AQm7ovd0RwslaF6gSlLTtYcmOh_6UYr0A-rLS8HbSABoih5fuWkZHYeqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_18Nl4HCNX_YKN9BpTYWJLP-GWBuw%26client%3Dca-pub-0619060941749983%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

11aedbc33c19eb65881cc998780e5ef07af271336917b51c3fc5088ea4fb27cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 02 Jan 2023 01:59:38 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=PKrYrwx3xW4p8VsuK8GsLmh5TvXwiy76c2YdHU9R9NHe9atGIOZfw9rCwcAUlr90_3D_GM9Z-d0Bn9PEAgu17yXZ4H8mSkaHE4hhMqh2OZW1yiOwgT1zvFSOB-9onwotB22v0dyEYmYJ7Nx2INBT0z2EZu_JEZiIFX74JK26rLdpBCKRpOBpH5rWQoP-HiFoHqQk6PhoEPPnsZDRC9ocYbnCcQBQTtmBDaxRUIXiKNOxexNSFcWmaf4u4kWxnPzEBe6Zvwo7dcWvr40a"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 54060864
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 7423 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a9e4c76bcf53bc604e24e6c31d18fce636862118a6266f0ea106f1269fb87017

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 194A 2 KB
1 KB 38ms
12ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y7I6igAG018ITyMcAA3d19ufPIDVWvMuWvkRfg&u=%7C9kHa58EtIkRgEFOmDitOaJcNN5nB3s90U8Ro1q5%2BIRc%3D%7C&c1=TUPLs6ok1Ijt5o8rV9_n7MYRYrKQT66mXkvYDtvVwxeRyGoHTHxmvUVIOYZSGisAgWf2QBA45XvouVgguVFcGBbd18BZRO7QaDMITtGTr_8IPsJGrtDvPfeAVWdXTlhq980KgrmP32PWaYZsaNLxR2BZKXZF3Ur0phQspebcAxsSDJwUpIVKwOEVWTBtTqNSZN4uZ2g0e0XzE-zGj0GoSwPobEKWy-jWvXvyJmp8gYdLBI9MIswPpgyUy1XbaYRnPQVOqxEvimpYoK4aLnBAlpyWRrBgt4P64RwCmLoWTC2a_5ixu8NQtSxsMgCuFwWYe9H1t_qlgjihTT5yJeUJNMMHW1ikYpB1Q9egHH0HHf86Kr3beepDWY2H96_DzYcM4B74TbEcpKjJp7wCsxBgNxiMPYzZyX9GUl4v-GOK6AnNUqy36Ow46J-vIOaPFqTye1obRGoSwG7cwtG3gPgSiIq4NGl81sDR4clWOcw1bl5uh7o2lnhUD9B_f9ay0gNyhhbwOo0iZ_YAu82rqjfAIKli5HCVwJrsRfKL4j2W-2CqzcEA44_g8xrsgDHQGewvt935tIQ7zMKkaP7vYE4HoI_KV1yrEy_uuwLKUM1HmXG7h_14ss2YK7PTGLSAfPCxkFIAYgg7LlRLbesEiHbq_Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCn2tVijqyY9-mG5zGvPIP17u3uAucge-wXPKhqap0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItMDYxOTA2MDk0MTc0OTk4M8gBCagDAaoE8wFP0H3RMSI6SOGNZXHLkOd0F9POSxThOcpzwdgazgtmn85_ZKsS6BxzpvCiMvtCACJH3y7c713blGqpwNgT0K80WhY40WrI5aewPqsJeOgpL9pTH3TQZJiBUO5jgnGJcCocamKJdTQQ1fawaw6UPQg59_8cOwgkmf2XJCB72ciQVpydb5_FMTq804Z8Hj5nVfONG9-R_bOe8NBBs3X2_sbfZWNEOvFguf3GO6TgdeMT4s2_7ttX2hKskjem2cr2bqsv4SfLvK-nd60ZeEHlxGqyCRpek8AQm7ovd0RwslaF6gSlLTtYcmOh_6UYr0A-rLS8HbSABoih5fuWkZHYeqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_18Nl4HCNX_YKN9BpTYWJLP-GWBuw%26client%3Dca-pub-0619060941749983%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Dec 2023 01:59:38 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 194A 2 KB
1 KB 35ms
10ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Dec 2023 01:59:38 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 194A 308 B
636 B 37ms
14ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:38 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 28 Dec 2023 01:59:38 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 194A 293 B
621 B 35ms
13ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:38 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 28 Dec 2023 01:59:38 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 194A 2 KB
1 KB 43ms
6ms Script
application/javascript 2600:141b:9000::b857:ad51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=13846930&cmp=28205461&plc=342025052&sid=1340728&dvregion=0&unit=1200x280
Requested by: Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y7I6igAG018ITyMcAA3d19ufPIDVWvMuWvkRfg&u=%7C9kHa58EtIkRgEFOmDitOaJcNN5nB3s90U8Ro1q5%2BIRc%3D%7C&c1=TUPLs6ok1Ijt5o8rV9_n7MYRYrKQT66mXkvYDtvVwxeRyGoHTHxmvUVIOYZSGisAgWf2QBA45XvouVgguVFcGBbd18BZRO7QaDMITtGTr_8IPsJGrtDvPfeAVWdXTlhq980KgrmP32PWaYZsaNLxR2BZKXZF3Ur0phQspebcAxsSDJwUpIVKwOEVWTBtTqNSZN4uZ2g0e0XzE-zGj0GoSwPobEKWy-jWvXvyJmp8gYdLBI9MIswPpgyUy1XbaYRnPQVOqxEvimpYoK4aLnBAlpyWRrBgt4P64RwCmLoWTC2a_5ixu8NQtSxsMgCuFwWYe9H1t_qlgjihTT5yJeUJNMMHW1ikYpB1Q9egHH0HHf86Kr3beepDWY2H96_DzYcM4B74TbEcpKjJp7wCsxBgNxiMPYzZyX9GUl4v-GOK6AnNUqy36Ow46J-vIOaPFqTye1obRGoSwG7cwtG3gPgSiIq4NGl81sDR4clWOcw1bl5uh7o2lnhUD9B_f9ay0gNyhhbwOo0iZ_YAu82rqjfAIKli5HCVwJrsRfKL4j2W-2CqzcEA44_g8xrsgDHQGewvt935tIQ7zMKkaP7vYE4HoI_KV1yrEy_uuwLKUM1HmXG7h_14ss2YK7PTGLSAfPCxkFIAYgg7LlRLbesEiHbq_Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCn2tVijqyY9-mG5zGvPIP17u3uAucge-wXPKhqap0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItMDYxOTA2MDk0MTc0OTk4M8gBCagDAaoE8wFP0H3RMSI6SOGNZXHLkOd0F9POSxThOcpzwdgazgtmn85_ZKsS6BxzpvCiMvtCACJH3y7c713blGqpwNgT0K80WhY40WrI5aewPqsJeOgpL9pTH3TQZJiBUO5jgnGJcCocamKJdTQQ1fawaw6UPQg59_8cOwgkmf2XJCB72ciQVpydb5_FMTq804Z8Hj5nVfONG9-R_bOe8NBBs3X2_sbfZWNEOvFguf3GO6TgdeMT4s2_7ttX2hKskjem2cr2bqsv4SfLvK-nd60ZeEHlxGqyCRpek8AQm7ovd0RwslaF6gSlLTtYcmOh_6UYr0A-rLS8HbSABoih5fuWkZHYeqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_18Nl4HCNX_YKN9BpTYWJLP-GWBuw%26client%3Dca-pub-0619060941749983%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:9000::b857:ad51 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: d8b1280df015b12fd4ea4138faad855238e57f1819a6d2b854d0fd9879532805

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 01:59:38 GMT
Content-Encoding: gzip
Last-Modified: Tue, 20 Dec 2022 11:37:28 GMT
Server: Microsoft-IIS/10.0
ETag: "f3ae98706714d91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1170

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 194A 8 KB
4 KB 42ms
5ms Script
application/javascript 2600:141b:9000::b857:ad51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=13846930&cmp=28205461&plc=342025052&sid=1340728&adsrv=169&btreg=banner_content&btadsrv=banner_content&tagtype=&dvtagver=6.1.src
Requested by: Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y7I6igAG018ITyMcAA3d19ufPIDVWvMuWvkRfg&u=%7C9kHa58EtIkRgEFOmDitOaJcNN5nB3s90U8Ro1q5%2BIRc%3D%7C&c1=TUPLs6ok1Ijt5o8rV9_n7MYRYrKQT66mXkvYDtvVwxeRyGoHTHxmvUVIOYZSGisAgWf2QBA45XvouVgguVFcGBbd18BZRO7QaDMITtGTr_8IPsJGrtDvPfeAVWdXTlhq980KgrmP32PWaYZsaNLxR2BZKXZF3Ur0phQspebcAxsSDJwUpIVKwOEVWTBtTqNSZN4uZ2g0e0XzE-zGj0GoSwPobEKWy-jWvXvyJmp8gYdLBI9MIswPpgyUy1XbaYRnPQVOqxEvimpYoK4aLnBAlpyWRrBgt4P64RwCmLoWTC2a_5ixu8NQtSxsMgCuFwWYe9H1t_qlgjihTT5yJeUJNMMHW1ikYpB1Q9egHH0HHf86Kr3beepDWY2H96_DzYcM4B74TbEcpKjJp7wCsxBgNxiMPYzZyX9GUl4v-GOK6AnNUqy36Ow46J-vIOaPFqTye1obRGoSwG7cwtG3gPgSiIq4NGl81sDR4clWOcw1bl5uh7o2lnhUD9B_f9ay0gNyhhbwOo0iZ_YAu82rqjfAIKli5HCVwJrsRfKL4j2W-2CqzcEA44_g8xrsgDHQGewvt935tIQ7zMKkaP7vYE4HoI_KV1yrEy_uuwLKUM1HmXG7h_14ss2YK7PTGLSAfPCxkFIAYgg7LlRLbesEiHbq_Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCn2tVijqyY9-mG5zGvPIP17u3uAucge-wXPKhqap0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItMDYxOTA2MDk0MTc0OTk4M8gBCagDAaoE8wFP0H3RMSI6SOGNZXHLkOd0F9POSxThOcpzwdgazgtmn85_ZKsS6BxzpvCiMvtCACJH3y7c713blGqpwNgT0K80WhY40WrI5aewPqsJeOgpL9pTH3TQZJiBUO5jgnGJcCocamKJdTQQ1fawaw6UPQg59_8cOwgkmf2XJCB72ciQVpydb5_FMTq804Z8Hj5nVfONG9-R_bOe8NBBs3X2_sbfZWNEOvFguf3GO6TgdeMT4s2_7ttX2hKskjem2cr2bqsv4SfLvK-nd60ZeEHlxGqyCRpek8AQm7ovd0RwslaF6gSlLTtYcmOh_6UYr0A-rLS8HbSABoih5fuWkZHYeqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_18Nl4HCNX_YKN9BpTYWJLP-GWBuw%26client%3Dca-pub-0619060941749983%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:9000::b857:ad51 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: d1769c5d53beb7c5a6df513e24b14d261093722e9f1f34e383a4a2ef653d342f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 01:59:38 GMT
Content-Encoding: gzip
Last-Modified: Sun, 25 Dec 2022 11:57:36 GMT
Server: Microsoft-IIS/10.0
ETag: "0f83e145818d91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3313

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame 194A 43 B
348 B 75ms
12ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=zv5Nbsal2szQIPBKfCmByVFNlJrkZPDpWe0shpc7DsIqJkIglPc3AalnNY9AKT8FHWU4hH7bZnNeogxZ5w1URcttZszPo8gBtm-WbgC-J7bsoDVlsLTRpl6Y9OiJ94u5EHOvs2oyvIIKUHUa0ip0jEqe63_1XGNZ9gUbdVQDSJCSNVv0d7XLRPiYc63tGs_VIY3mn57w18Ldwy6lXGSnLS4QGJUAWAUbgC08LY2OyVyF1u0tee1THeZ1owG7u0YzxWP2T8KOTnWOYdB4e8xV8_2BVb3whdQlp5L-CABLu0Ho4qOoqDHcUqnh9K7JaWo9K57QPCRTUNBLVP6wFImtT2EyOsDGc-G1R108DxBr8EsN_qWVFPIK-twwHVxkekF25cizrdkTPrOfwrP9-r_3VChtYDZESOkbYDsSo4lBjI5LNO7y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 01:59:38 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3574012
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3

200

B28205461.342025052;dc_pre=CJftoe7kp_wCFZS3swodDvcKuw;dc_trk_aid=534250294;dc_trk_cid=175324964;ord=63b23a8922e64432ddec1d239e456700;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;...
ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/ Frame 194A
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B28205461.342025052;dc_trk_aid=534250294;dc_trk_cid=175324964;ord=63b23a8922e64432ddec1d239e456700;dc_lat=;dc_rdid=;tag_for_child_directe...
https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B28205461.342025052;dc_pre=CJftoe7kp_wCFZS3swodDvcKuw;dc_trk_aid=534250294;dc_trk_cid=175324964;ord=63b23a8922e64432ddec1d239e456700;dc_l...

42 B
63 B

46ms
35ms

Image
image/gif

142.250.80.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B28205461.342025052;dc_pre=CJftoe7kp_wCFZS3swodDvcKuw;dc_trk_aid=534250294;dc_trk_cid=175324964;ord=63b23a8922e64432ddec1d239e456700;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?

Requested by

Protocol

Server

142.250.80.38 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 01:59:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 Jan 2023 01:59:38 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B28205461.342025052;dc_pre=CJftoe7kp_wCFZS3swodDvcKuw;dc_trk_aid=534250294;dc_trk_cid=175324964;ord=63b23a8922e64432ddec1d239e456700;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
d.agkn.com/pixel/8538/ Frame 194A 43 B
580 B 56ms
11ms Image
image/gif 2600:9000:21da:3a00:19:fc2c:a140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.agkn.com/pixel/8538/?che=63b23a8922e64432ddec1d239e456700&col=308271,0,0,0,11120203,63b23a8922e64432ddec1d239e456700
Requested by: Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y7I6igAG018ITyMcAA3d19ufPIDVWvMuWvkRfg&u=%7C9kHa58EtIkRgEFOmDitOaJcNN5nB3s90U8Ro1q5%2BIRc%3D%7C&c1=TUPLs6ok1Ijt5o8rV9_n7MYRYrKQT66mXkvYDtvVwxeRyGoHTHxmvUVIOYZSGisAgWf2QBA45XvouVgguVFcGBbd18BZRO7QaDMITtGTr_8IPsJGrtDvPfeAVWdXTlhq980KgrmP32PWaYZsaNLxR2BZKXZF3Ur0phQspebcAxsSDJwUpIVKwOEVWTBtTqNSZN4uZ2g0e0XzE-zGj0GoSwPobEKWy-jWvXvyJmp8gYdLBI9MIswPpgyUy1XbaYRnPQVOqxEvimpYoK4aLnBAlpyWRrBgt4P64RwCmLoWTC2a_5ixu8NQtSxsMgCuFwWYe9H1t_qlgjihTT5yJeUJNMMHW1ikYpB1Q9egHH0HHf86Kr3beepDWY2H96_DzYcM4B74TbEcpKjJp7wCsxBgNxiMPYzZyX9GUl4v-GOK6AnNUqy36Ow46J-vIOaPFqTye1obRGoSwG7cwtG3gPgSiIq4NGl81sDR4clWOcw1bl5uh7o2lnhUD9B_f9ay0gNyhhbwOo0iZ_YAu82rqjfAIKli5HCVwJrsRfKL4j2W-2CqzcEA44_g8xrsgDHQGewvt935tIQ7zMKkaP7vYE4HoI_KV1yrEy_uuwLKUM1HmXG7h_14ss2YK7PTGLSAfPCxkFIAYgg7LlRLbesEiHbq_Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCn2tVijqyY9-mG5zGvPIP17u3uAucge-wXPKhqap0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItMDYxOTA2MDk0MTc0OTk4M8gBCagDAaoE8wFP0H3RMSI6SOGNZXHLkOd0F9POSxThOcpzwdgazgtmn85_ZKsS6BxzpvCiMvtCACJH3y7c713blGqpwNgT0K80WhY40WrI5aewPqsJeOgpL9pTH3TQZJiBUO5jgnGJcCocamKJdTQQ1fawaw6UPQg59_8cOwgkmf2XJCB72ciQVpydb5_FMTq804Z8Hj5nVfONG9-R_bOe8NBBs3X2_sbfZWNEOvFguf3GO6TgdeMT4s2_7ttX2hKskjem2cr2bqsv4SfLvK-nd60ZeEHlxGqyCRpek8AQm7ovd0RwslaF6gSlLTtYcmOh_6UYr0A-rLS8HbSABoih5fuWkZHYeqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_18Nl4HCNX_YKN9BpTYWJLP-GWBuw%26client%3Dca-pub-0619060941749983%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21da:3a00:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 01:59:37 GMT
via: 1.1 7e35b683005d768b7c720f84f8a9e476.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
x-amz-cf-pop: EWR53-C1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: image/gif
cache-control: no-cache, must-revalidate
content-length: 43
x-amz-cf-id: Il-o9CG63wdFBRrQ74Ag8OPaxrSfBxcdQgTzMtQZTwbPM46aL8gaYg==
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sl.js Show response
c.ad6media.fr/ 6 KB
2 KB 422ms
85ms Script
application/javascript 5.135.94.16
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.ad6media.fr/sl.js?21
Requested by: Host: awghk956qa.s.ad6media.fr
URL: http://awghk956qa.s.ad6media.fr/?d=1672624778208&r=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.135.94.16 Sarlat-la-Canéda, France, ASN16276 (OVH, FR),
Reverse DNS: ip16.ip-5-135-94.eu
Software: nginx /
Resource Hash: 4e710e01936f0a44c245a12bc7832748f7305f935376a3b2429ff095233fc1cd

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:39 GMT
content-encoding: gzip
last-modified: Tue, 30 Mar 2021 08:55:58 GMT
server: nginx
etag: W/"6062e79e-161d"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=864000
expires: Thu, 12 Jan 2023 01:59:39 GMT

GET
H/1.1 200
OK dvbs_src_internal115.js Show response
cdn.doubleverify.com/ Frame 194A 59 KB
24 KB 5ms
5ms Script
application/javascript 2600:141b:9000::b857:ad51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal115.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=13846930&cmp=28205461&plc=342025052&sid=1340728&dvregion=0&unit=1200x280
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:9000::b857:ad51 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 4804c2aedacd4aeaa883f9ee68a46db16fca0019e321d2991ccc16531d57f7aa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 01:59:38 GMT
Content-Encoding: gzip
Last-Modified: Tue, 20 Dec 2022 11:38:02 GMT
Server: Microsoft-IIS/10.0
ETag: "d24981846714d91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24248

GET
H/1.1 403
Forbidden counter.php
www.freestats.net/ 0
0 425ms
100ms Image
text/html 91.194.90.102
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.freestats.net/counter.php?i=8&r=&e=http%3A//www.pokemonfanblog.mastertopforum.org/noforum.php&n=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.124%20Safari/537.36&p=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.124%20Safari/537.36&g=http%3A//www.pokemonfanblog.mastertopforum.org/noforum.php&l=undefined&sd=24&sw=1600x1200
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php
Protocol: HTTP/1.1
Server: 91.194.90.102 Munich, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi391762.contaboserver.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H/1.1 200
OK counter.php
www.freestats.org/ 0
0 27ms
22ms Image
text/html 34.102.136.180
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.freestats.org/counter.php?i=174&r=&e=http%3A//www.pokemonfanblog.mastertopforum.org/noforum.php&n=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.124%20Safari/537.36&p=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.124%20Safari/537.36&g=http%3A//www.pokemonfanblog.mastertopforum.org/noforum.php&l=undefined&sd=24&sw=1600x1200
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php
Protocol: HTTP/1.1
Server: 34.102.136.180 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 180.136.102.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H/1.1 200
OK menu-bg.jpg
www.pokemonfanblog.mastertopforum.org/ 953 B
1 KB 168ms
85ms Image
image/jpeg 31.170.105.177
BKVG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.pokemonfanblog.mastertopforum.org/menu-bg.jpg
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/stile.css
Protocol: HTTP/1.1
Server: 31.170.105.177 , Germany, ASN29141 (BKVG-AS, DE),
Reverse DNS: s5.mastertopforum.eu
Software: Apache/2.2.15 /
Resource Hash: 64c9c3dc28715f6c6f758a51c2d8bc1815b33f86af8cebaf8993ac84a6433e4c

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/stile.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 02:10:00 GMT
Last-Modified: Sat, 09 Oct 2004 12:22:36 GMT
Server: Apache/2.2.15
ETag: "2aa359-3b9-3e602c85d1b00"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 953

GET
H/1.1 200
OK note.jpg
www.pokemonfanblog.mastertopforum.org/ 2 KB
2 KB 184ms
99ms Image
image/jpeg 31.170.105.177
BKVG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.pokemonfanblog.mastertopforum.org/note.jpg
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/stile.css
Protocol: HTTP/1.1
Server: 31.170.105.177 , Germany, ASN29141 (BKVG-AS, DE),
Reverse DNS: s5.mastertopforum.eu
Software: Apache/2.2.15 /
Resource Hash: 39733976b1c0177f00c66e25fe4ecd2a9fa9515a2d873193094a857f671162d4

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/stile.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 02:10:00 GMT
Last-Modified: Sat, 09 Oct 2004 12:22:50 GMT
Server: Apache/2.2.15
ETag: "2aa363-70b-3e602c932ba80"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 1803

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 35ms
23ms Script
application/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.pokemonfanblog.mastertopforum.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071220

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 409C 39 KB
15 KB 198ms
197ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0619060941749983&output=html&adk=1812271804&adf=3025194257&lmt=1672624778&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=http%3A%2F%2Fwww.pokemonfanblog.mastertopforum.org%2Fnoforum.php&ea=0&pra=7&wgl=1&dt=1672624778820&bpp=3&bdt=841&idt=3&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1bdcd6456313f912-2224f2880ada00bd%3AT%3D1672624778%3ART%3D1672624778%3AS%3DALNI_Max5XJp00hTdhJMjopB8Pa0au7QCQ&gpic=UID%3D000008f0a03e4e24%3AT%3D1672624778%3ART%3D1672624778%3AS%3DALNI_MZOsxkpaTq_tqriaPNC2yHmL-Tb7A&prev_fmts=1200x280&nras=1&correlator=6329505238971&frm=20&pv=1&ga_vid=1097215867.1672624778&ga_sid=1672624778&ga_hid=1159426465&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071220%2C44777948%2C44779794%2C44780792&oid=2&psts=ACgb8tteBAPvKCxzTFMYK_dk0Qu91fSbtPDUR0yjH7FXGHao__HkRhHPEQSxnsjhpdrhz35Dxvn3f05DuMsOdg&pvsid=4102389520372628&tmod=847375073&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=19

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071220

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9208f340038ab6161525ffa0d8f73206c0ad0e2bc5f1acce5016836ad6cbcdaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.pokemonfanblog.mastertopforum.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 15222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Jan 2023 01:59:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 194A 444 B
554 B 82ms
29ms Script
text/javascript 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_394485081189&jsTagObjCallback=__tagObject_callback_394485081189&num=6&ctx=13846930&cmp=28205461&plc=342025052&sid=1340728&advid=&adsrv=&unit=1200x280&isdvvid=&uid=394485081189&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.30&dvpx_strhd=0.30&brid=3&brver=108&bridua=3&dup=null&srcurlD=1&ssl=1&refD=2&tagpb=1&htmlmsging=1&tstype=128&m1=13&noc=4&fcifrms=3&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=163&eparams=DC4FC%3Dl9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETauU2%3F4r92%3A%3Fl9EEATbpTauTauHHH%5DA%40%3C6%3E%40%3F72%3F3%3D%408%5D%3E2DE6CE%40A7%40CF%3E%5D%40C8Tar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau25D%5DFD%5D4C%3AE6%40%5D4%40%3E&dvp_exetime=9.60&callbackName=__verify_callback_394485081189
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal115.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: b5818f48e56e1c1f64d6639c9dd772158d5ade9452a196ea46055578b516b58e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Jan 2023 01:59:38 GMT
Content-Encoding: br
X-DV-Response: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Expires: 01/01/2023 01:59:38

POST
H/1.1 204
No Content bsevent.gif
rtbc-ue1.doubleverify.com/ Frame 194A 0
234 B 34ms
23ms Ping
text/plain 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-ue1.doubleverify.com/bsevent.gif?flvr=0&impid=dfc4475e60af43b88426abc75178737e&vfdur=83&cbust=1672624778938271
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal115.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Mon, 02 Jan 2023 01:59:38 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 01/01/2023 01:59:38

GET
H/1.1 200
OK dv-measurements3345.js Show response
cdn.doubleverify.com/ Frame 80AA 554 KB
106 KB 6ms
5ms Script
application/javascript 2600:141b:9000::b857:ad51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements3345.js
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:9000::b857:ad51 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 11c78dc36211caf34bb9b0ed56d457d37de3ef911971808c82a1548e2adcb3cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 01:59:38 GMT
Content-Encoding: gzip
Last-Modified: Sun, 25 Dec 2022 09:47:14 GMT
Server: Microsoft-IIS/10.0
ETag: "07df8dd4518d91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 108422

GET
H2 200 roboto-400.css
static.criteo.net/design/googlefont/roboto/ Frame 194A 2 KB
842 B 17ms
16ms Stylesheet
text/css 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/roboto/roboto-400.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

f3bd93baf2d7ea7fe404497a78897e9300a56e1ef8e452cdd29c0156b2ff3aa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:14:19 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f13b-807"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Dec 2023 01:59:38 GMT

GET
H2 200 roboto-700.css
static.criteo.net/design/googlefont/roboto/ Frame 194A 2 KB
841 B 10ms
10ms Stylesheet
text/css 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/roboto/roboto-700.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

49330dbdf50dc3440d871a2408c7ec4fec185d62e419fd9960000cd8eed78950

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:14:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f13d-807"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Dec 2023 01:59:38 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 194A 12 KB
6 KB 13ms
13ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Dec 2023 01:59:38 GMT

GET
H2 200 roboto-700-latin.woff2
static.criteo.net/design/googlefont/roboto/ Frame 194A 15 KB
16 KB 30ms
10ms Font
application/octet-stream 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/roboto/roboto-700-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/roboto/roboto-700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

ba9f43fbd9c0782c72ff6eddd221abdcfd9642cd4625227ad693347e4d6989db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/roboto/roboto-700.css
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:14:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f13d-3df4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Dec 2023 01:59:39 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 194A 5 KB
6 KB 30ms
9ms Image
image/png 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?h=556&m=0&partner=5535&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F5535%2F190813%2Fd5bb21879100431680b4588fceb6cd1e_logo_lightbg_horizontal.png&v=3&w=196&s=bfATsxTzblTqU08XAHK-yc-u

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

8d28cbde77423f882bf0826656dc20e8508ad3b3ec6c9e32ae0b2edb1c5c8f0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:38 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=27915069
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 5569
expires: Tue, 21 Nov 2023 04:10:48 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 194A 109 KB
109 KB 30ms
9ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F4%2Foptimized%2F17692184_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=800&s=McbpJ57lOnd0PNUe5lFW2GTh&b=1200

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

f4914dd6ef72e844285023bc6679ca84af4ff0a8579a116b3c17d3cf2dce04f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:38 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1084190
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 111388
expires: Sat, 14 Jan 2023 15:09:29 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 194A 0
128 B 28ms
9ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=PKrYrwx3xW4p8VsuK8GsLmh5TvXwiy76c2YdHU9R9NHe9atGIOZfw9rCwcAUlr90_3D_GM9Z-d0Bn9PEAgu17yXZ4H8mSkaHE4hhMqh2OZW1yiOwgT1zvFSOB-9onwotB22v0dyEYmYJ7Nx2INBT0z2EZu_JEZiIFX74JK26rLdpBCKRpOBpH5rWQoP-HiFoHqQk6PhoEPPnsZDRC9ocYbnCcQBQTtmBDaxRUIXiKNOxexNSFcWmaf4u4kWxnPzEBe6Zvwo7dcWvr40a&sds=2&rev=83933&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 02 Jan 2023 01:59:38 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 194A 2 KB
1 KB 12ms
11ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Dec 2023 01:59:39 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 194A 2 KB
1 KB 9ms
8ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Dec 2023 01:59:39 GMT

GET
H2 200 roboto-400-latin.woff2
static.criteo.net/design/googlefont/roboto/ Frame 194A 15 KB
16 KB 25ms
25ms Font
application/octet-stream 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/roboto/roboto-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/roboto/roboto-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

c6bdd002d23dcb0adbd87e3518bdd994de73818a0f0f502707986301b9fbc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/roboto/roboto-400.css
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:14:19 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f13b-3d80"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Dec 2023 01:59:39 GMT

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 80AA 694 B
706 B 82ms
31ms Script
text/javascript 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=86&ttfrms=44&brid=3&brver=108.0.5359.124&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETauU2%3F4r92%3A%3Fl9EEATbpTauTauHHH%5DA%40%3C6%3E%40%3F72%3F3%3D%408%5D%3E2DE6CE%40A7%40CF%3E%5D%40C8Tar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau25D%5DFD%5D4C%3AE6%40%5D4%40%3E&srcurlD=1&aUrlD=0&ssl=https:&dfs=112&ddur=46&uid=1672624779067878&jsCallback=dvCallback_1672624779067912&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=280&winw=1200&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3345&tgjsver=3345&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fads.us.criteo.com%2Fdelivery%2Fr%2Fafr.php%3Fz%3DY7I6igAG018ITyMcAA3d19ufPIDVWvMuWvkRfg%26u%3D%257C9kHa58EtIkRgEFOmDitOaJcNN5nB3s90U8Ro1q5%252BIRc%253D%257C%26c1%3DTUPLs6ok1Ijt5o8rV9_n7MYRYrKQT66mXkvYDtvVwxeRyGoHTHxmvUVIOYZSGisAgWf2QBA45XvouVgguVFcGBbd18BZRO7QaDMITtGTr_8IPsJGrtDvPfeAVWdXTlhq980KgrmP32PWaYZsaNLxR2BZKXZF3Ur0phQspebcAxsSDJwUpIVKwOEVWTBtTqNSZN4uZ2g0e0XzE-zGj0GoSwPobEKWy-jWvXvyJmp8gYdLBI9MIswPpgyUy1XbaYRnPQVOqxEvimpYoK4aLnBAlpyWRrBgt4P64RwCmLoWTC2a_5ixu8NQtSxsMgCuFwWYe9H1t_qlgjihTT5yJeUJNMMHW1ikYpB1Q9egHH0HHf86Kr3beepDWY2H96_DzYcM4B74TbEcpKjJp7wCsxBgNxiMPYzZyX9GUl4v-GOK6AnNUqy36Ow46J-vIOaPFqTye1obRGoSwG7cwtG3gPgSiIq4NGl81sDR4clWOcw1bl5uh7o2lnhUD9B_f9ay0gNyhhbwOo0iZ_YAu82rqjfAIKli5HCVwJrsRfKL4j2W-2CqzcEA44_g8xrsgDHQGewvt935tIQ7zMKkaP7vYE4HoI_KV1yrEy_uuwLKUM1HmXG7h_14ss2YK7PTGLSAfPCxkFIAYgg7LlRLbesEiHbq_Q%26ct0%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCn2tVijqyY9-mG5zGvPIP17u3uAucge-wXPKhqap0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItMDYxOTA2MDk0MTc0OTk4M8gBCagDAaoE8wFP0H3RMSI6SOGNZXHLkOd0F9POSxThOcpzwdgazgtmn85_ZKsS6BxzpvCiMvtCACJH3y7c713blGqpwNgT0K80WhY40WrI5aewPqsJeOgpL9pTH3TQZJiBUO5jgnGJcCocamKJdTQQ1fawaw6UPQg59_8cOwgkmf2XJCB72ciQVpydb5_FMTq804Z8Hj5nVfONG9-R_bOe8NBBs3X2_sbfZWNEOvFguf3GO6TgdeMT4s2_7ttX2hKskjem2cr2bqsv4SfLvK-nd60ZeEHlxGqyCRpek8AQm7ovd0RwslaF6gSlLTtYcmOh_6UYr0A-rLS8HbSABoih5fuWkZHYeqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_18Nl4HCNX_YKN9BpTYWJLP-GWBuw%2526client%253Dca-pub-0619060941749983%2526adurl%253D&fcifrms=3&brh=2&sdf=2&dvp_epl=291&noc=4&nav_pltfrm=Win32&ctx=13846930&cmp=28205461&sid=1340728&plc=342025052&btreg=banner_content&btadsrv=banner_content&adsrv=169&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=41856711.116591066&dvp_tukv=6506309833.038395&dvp_uuid=1335512129668.9175&dvp_strhd=0.6000003814697266&dvpx_strhd=0.6000003814697266&dvp_tuid=715355447642&jurtd=3082774406
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3345.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: bc5d534d349cc4198b2815ab0a6e4500e7dc5413bbff5f71dc91ff1fb517fcde

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Jan 2023 01:59:39 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Expires: 01/01/2023 01:59:39

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/ 151 KB
51 KB 42ms
31ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/reactive_library_fy2021.js?bust=31071220

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071220

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

299d4ac79b5d726a3034e607d11f03b3a25fe1775d65d826112b9eb57699622e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52373
x-xss-protection: 0
server: cafe
etag: 12595701242255677383
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 01:59:39 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 23ms
22ms Script
application/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.pokemonfanblog.mastertopforum.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071220

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame A057 10 KB
4 KB 5ms
4ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071220

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.pokemonfanblog.mastertopforum.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 15061
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 01 Jan 2023 21:48:38 GMT
etag: 10353107486223812946
expires: Sun, 15 Jan 2023 21:48:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A057 0
0 27ms
27ms Fetch
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cb1Q1ijqyY_39NLSOxtYP1Iu5wAGcge-wXILzt52dAcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTA2MTkwNjA5NDE3NDk5ODPIAQmoAwGqBPABT9DlpUtHmPxoNDpNiieAzsGWmvnjFTxJuFZCr4oCMx5LLH0CXP1zrlhXKNVucJNbYKoCXwes2gR43sXEEq98g-IxFw0ujli-_pFO2GPm1QW1NVbvl2iG90urS1TaarbnwO2F8lKk_l5mSQL6V5Nqj3L2nl7SdpQjBuecvc1a6ugy_r_uGGA8Xf4_M6i3cxhRbBTFat5Hn9xIjb3d0F4HkOA4LM_cVoEzr3Re73G33vNRGbval7PdaP-ykq_XV8OsbRbL6gAWd9Qjhm3J5eUZFFOI1z4tkrCfmUg43p7Ni8I71NTWGB-CG45-thPuuye0gAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0wNjE5MDYwOTQxNzQ5OTgzGAA&sigh=dAwEs33c0kU&uach_m=[UACH]&cid=CAQSOwDq26N9NjfOTtt2H7KrAASc0JEztIZ8JSeK3X21evj2_WfEuXNsyTGLks2mFeZ5KCPRXg75j2wsTi4kGAEgEw

Requested by

Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 02 Jan 2023 01:59:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.va.us.criteo.com/google/auction/ Frame A057 0
0 10ms
10ms Fetch 2620:100:a001::3
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kK_oEs36RO0HfOIinRcCAAAAHOgwwF8x1GUQijqyY-J5Nwmx4YFL5ecMABIAAA&wp=Y7I6igANPv0E0Yc0AA5F1Oni0IqGmGMuR1yroQ

Requested by

Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:38 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 201147
content-length: 0

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame 930F 213 KB
58 KB 129ms
128ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=Y7I6igANPv0E0Yc0AA5F1Oni0IqGmGMuR1yroQ&u=%7C9kHa58EtIkS4X8VlUvDqM8XU%2BXzVVH48iY1Xq%2BR6SXg%3D%7C&c1=TUPLs6ok1Ijt5o8rV9_n7MYRYrKQT66mXkvYDtvVwxeRyGoHTHxmvUVIOYZSGisAgWf2QBA45XvouVgguVFcGOzHyKYVzkoVjduTNqKrE6-uJ63Cb-C6-AHKVuP1XwzL6Y_tluRRK8ndWTUz6l3Ftm9AS0wdDp8xElYLkaETp8TGms2K0wgjzSlmJlfOBn-1GDaGccnbGAORtpJjTrWDg-jDbuvF41-bAnt5S7DwL39Jvwy0q0SL6sUt1rXj_PXofvcRnyg-S5HWGpgNAb7lt7H_d5ncDi9YdEkjqjnuHAKJSrJPNgvccoPqPQxh-GoVja-IsU8wTxnlO0jBarg_bHlb2JHVxHg3hstKMTTWijjm6NwU8xIH2LA8txtAylxgvu_MopCpBOfqnwUffbsX89sk1Y5OWPidPjhVCPmN8y4bBqYE_V_Red9skY3lU-R4ZsDmNiSehWSW3Xmc44EtNV6xgrJNC4awVwiEN3FW9U7Icukxnbn1ZVckUJrGBZjDvmFtp-siErZvguA1w2EIb-AE-5OemJNxplBbR44DFZnuVS2izKT6VYMbKld4loWQh-xYuonJ0BkWgBA6JrNWfl9UcQcM_iLEMezYoUI-gQC5V17RYrlJf9MZW8wQLRKDNbqkqA5HDDINoRM524ptjGg0__zLi3YV&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXsZ4ijqyY_39NLSOxtYP1Iu5wAGcge-wXILzt52dAcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTA2MTkwNjA5NDE3NDk5ODPIAQmoAwGqBPMBT9DlpUtHmPxoNDpNiieAzsGWmvnjFTxJuFZCr4oCMx5LLH0CXP1zrlhXKNVucJNbYKoCXwes2gR43sXEEq98g-IxFw0ujli-_pFO2GPm1QW1NVbvl2iG90urS1TaarbnwO2F8lKk_l5mSQL6V5Nqj3L2nl7SdpQjBuecvc1a6ugy_r_uGGA8Xf4_M6i3cxhRbBTFat5Hn9xIjb3d0F4HkOA4LM_cVoEzr3Re73G33vNRGbval7PdaP-ykq_XV8OsbRbL6gAWd9Qjhm2L58WLv6EB1_2k_zx048H7aaLlguwjEE8lYpZLpZBSrro4Kid3qs8WgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3Iss8nklOcXpWD1MChbYg4xb3bWw%26client%3Dca-pub-0619060941749983%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

c83653fc9f931f42fafe451555d5778d8f638f02927cf527c60ea24f8ff73d78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 02 Jan 2023 01:59:38 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=AUq3pQx3xW4p8Vsupy-rQjfuux0D4Cf7FnRCqy6vep6Vwm4VZRZTMz8QqTRXjEvNVINxypphhINZsl9N7LmVtkq6End0jJmTLWWpuP1tU07uV4G2VxOm0pkFfflGVJRLI6OfpwGUzao9ojptDHqKfgt99GRbSatvxmNjYn1WhhA8fHmHKmhvu3T8lIXJvs1ORu7oash8kNQGTxqfnuy7GjkriSc8FU2z9Fn0IRhoMeOeCnfYognLlnQ9gNnkEmROUU-Vfg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 119271458
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame A057 3 KB
1 KB 18ms
4ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 21:40:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15526
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Jan 2023 21:40:53 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame EBD3 1 KB
643 B 4ms
3ms Document
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 45396
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 01 Jan 2023 13:23:03 GMT
etag: 48472445140208031
expires: Mon, 02 Jan 2023 13:23:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame A057 18 KB
7 KB 19ms
6ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 19:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23685
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Jan 2023 19:24:54 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame A057 0
0 45ms
25ms Image
text/html 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTIQZ2Cq_Ousop6kjkkVSQtp1LhdpZ0E96pqxBnbDn7kzivv9xGoMyXexZxGvNYYXyyHvkhZuEMawaPfEHhSRFRSHmhxA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81c::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A057 153 KB
47 KB 44ms
32ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 02 Jan 2023 01:59:39 GMT

GET
H2 200 / Show response
awghk956qa.s.ad6media.fr/ 2 KB
2 KB 125ms
125ms Script
application/javascript 87.98.153.73
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://awghk956qa.s.ad6media.fr/?d=1672624779246&if=0&r=&wl=http%3A%2F%2Fwww.pokemonfanblog.mastertopforum.org%2Fnoforum.php&c=1&bd=1&ke=fcd0f17511c987fb7e40f9d478224232&ket=2220&bdi=1600x1200|1600|1200|1600|1200|1600|1271|0|0|17|0|en-US&bdt=1&bdifs=0
Requested by: Host: c.ad6media.fr
URL: https://c.ad6media.fr/sl.js?21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 87.98.153.73 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: aaaeff9bb984200b0f41243b58c634e50ff3a818ecb7e57d5e1085c5b8ed9a5d

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: application/javascript
date: Mon, 02 Jan 2023 01:59:39 GMT
server: nginx
timing-allow-origin: *
report-to: { "url": "https://report.s.ad6media.fr/reports", "max_age": 10886400, "include_subdomains":true }
p3p: policyref="https://www.ad6media.fr/w3c/p3p.xml", CP="NOI DEVa TAIa OUR BUS UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EBD3
Redirect Chain

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEPBUNJoJFc4opCAfcRW0yjQ&google_cver=1&google_push=AavPq0MIl7cyJ7vXuBQi6OD4DQyZtZJ-AtGy6pwCHjzjqRI9UN0D0fc...
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=4c9013feba271061&is_secure=true&networkId=14000&version=1&google_gid=CAESEPBUNJoJFc4opCAfcRW0yjQ&google_cver=1&google_push=AavPq0MIl7cy...
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAF0a1cerDDygMztbMKAAAAAAA&expiration=1672711179&google_cver=1&is_secure=true&google_gid=CAESEPBUNJoJFc4opCAfcRW0y...

170 B
188 B

21ms
21ms

Image
image/png

142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAF0a1cerDDygMztbMKAAAAAAA&expiration=1672711179&google_cver=1&is_secure=true&google_gid=CAESEPBUNJoJFc4opCAfcRW0yjQ&google_push=AavPq0MIl7cyJ7vXuBQi6OD4DQyZtZJ-AtGy6pwCHjzjqRI9UN0D0fcTdJMNYYw3chOE54lqNgNvVmXnqxDMp-r8ChlSR_1fxmgA-A

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.80.98 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 01:59:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 Jan 2023 01:59:39 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAF0a1cerDDygMztbMKAAAAAAA&expiration=1672711179&google_cver=1&is_secure=true&google_gid=CAESEPBUNJoJFc4opCAfcRW0yjQ&google_push=AavPq0MIl7cyJ7vXuBQi6OD4DQyZtZJ-AtGy6pwCHjzjqRI9UN0D0fcTdJMNYYw3chOE54lqNgNvVmXnqxDMp-r8ChlSR_1fxmgA-A
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame EBD3 0
173 B 26ms
11ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEMp7XrhG83DjOBbNfelApII&google_cver=1&google_push=AavPq0NaU8qz7mVGUjF4ErbJH-GCayPDjo4QxVbx3sxkIACdM0G4nKMVJDh-SUZ8p1W7ekNAPnOlOTBjMJbtyTPovh3txP7ODXNmfYw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:39 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EBD3
Redirect Chain

https://beacon.walmart.com/etap.gif?tap=gAds&google_gid=CAESEOanvtx9sLozBJbQPoavFsc&google_cver=1&google_push=AavPq0NkUzB6ZTkJXHuu0hcpYlG99umvQcighJ4R26dS-oM6OknMtf2cxbmKHoSwJwt_7pqnC_ENxRuztZYyJc3...
https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=Ss3d9VNoWRYDkGEawToPPw&tap=gAds&google_gid=CAESEOanvtx9sLozBJbQPoavFsc&google_cver=1&google_push=AavPq0NkUzB6ZTkJXHuu0hcpYlG99umvQcig...

170 B
188 B

41ms
34ms

Image
image/png

142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=Ss3d9VNoWRYDkGEawToPPw&tap=gAds&google_gid=CAESEOanvtx9sLozBJbQPoavFsc&google_cver=1&google_push=AavPq0NkUzB6ZTkJXHuu0hcpYlG99umvQcighJ4R26dS-oM6OknMtf2cxbmKHoSwJwt_7pqnC_ENxRuztZYyJc3daP905Zeg52IgU6M

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.80.98 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 01:59:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

strict-transport-security: max-age=7884000; includeSubDomains
via: HTTP/2.0 odnd
date: Mon, 02 Jan 2023 01:59:38 GMT
last-modified: Tue, 11 Oct 2022 18:05:06 GMT
content-type: text/plain; charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=Ss3d9VNoWRYDkGEawToPPw&tap=gAds&google_gid=CAESEOanvtx9sLozBJbQPoavFsc&google_cver=1&google_push=AavPq0NkUzB6ZTkJXHuu0hcpYlG99umvQcighJ4R26dS-oM6OknMtf2cxbmKHoSwJwt_7pqnC_ENxRuztZYyJc3daP905Zeg52IgU6M
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
content-length: 0
x-tb: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EBD3
Redirect Chain

https://s.uuidksinc.net/match/47/?remote_uid=CAESEHU2xSwkETo2MbLN7ctVfJE&c_param1=AavPq0MmxmLbDnQM0wnPho2SoLYRxbNp7Vwf-DSXh1vlVZ7adq937djNUW9quH-lAqfi5GMGLaMgKzfcqtP7xn4CjqQMiJwY2iNXFZY&gdpr=%%GDPR...
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AavPq0MmxmLbDnQM0wnPho2SoLYRxbNp7Vwf-DSXh1vlVZ7adq937djNUW9quH-lAqfi5GMGLaMgKzfcqtP7xn4CjqQMiJwY2iNXFZY

170 B
188 B

22ms
21ms

Image
image/png

142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AavPq0MmxmLbDnQM0wnPho2SoLYRxbNp7Vwf-DSXh1vlVZ7adq937djNUW9quH-lAqfi5GMGLaMgKzfcqtP7xn4CjqQMiJwY2iNXFZY

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.80.98 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 01:59:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AavPq0MmxmLbDnQM0wnPho2SoLYRxbNp7Vwf-DSXh1vlVZ7adq937djNUW9quH-lAqfi5GMGLaMgKzfcqtP7xn4CjqQMiJwY2iNXFZY
date: Mon, 02 Jan 2023 01:59:39 GMT
server: nginx/1.19.0
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EBD3
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELqtpSIqn_ghdvbrxdLMuCw&google_cver=1&google_push=AavPq0Pu-A8PvWQ_tCuhlqstXrQcELTwNzpMWPrK9Jhyx84lXfP_IlFIs_kA1EzBSWyur6ADkD5...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENFNUxWTFYtVy1MVzlM&google_push=AavPq0Pu-A8PvWQ_tCuhlqstXrQcELTwNzpMWPrK9Jhyx84lXfP_IlFIs_kA1EzBSWyur6ADkD5LXWu-ydN-xB1pAfudb5u_igxfEQs

170 B
188 B

32ms
21ms

Image
image/png

142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENFNUxWTFYtVy1MVzlM&google_push=AavPq0Pu-A8PvWQ_tCuhlqstXrQcELTwNzpMWPrK9Jhyx84lXfP_IlFIs_kA1EzBSWyur6ADkD5LXWu-ydN-xB1pAfudb5u_igxfEQs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.80.98 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 01:59:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENFNUxWTFYtVy1MVzlM&google_push=AavPq0Pu-A8PvWQ_tCuhlqstXrQcELTwNzpMWPrK9Jhyx84lXfP_IlFIs_kA1EzBSWyur6ADkD5LXWu-ydN-xB1pAfudb5u_igxfEQs
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 03d4828e33e22cf7b4098c5a68746480
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EBD3
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEFI5z_3lZFw7zGtXMEEBxXA&google_cver=1&google_push=AavPq0Oic-AMKAfld6QznjsEBg9-WEu0x75vd0RzwNBbKQfFuRrrfl9WeUcEHu3Q3nZ_2fWIJD_yYjGFXRjEDEgQh7dNeB...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEFI5z_3lZFw7zGtXMEEBxXA&google_cver=1&google_push=AavPq0Oic-AMKAfld6QznjsEBg9-WEu0x75vd0RzwNBbKQfFuRrrfl9WeUcEHu3Q3nZ_2fWIJD_yYjGFXRjEDEgQ...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=dd0tVBUhS8eE6EKCyDPw-Q&google_push=AavPq0Oic-AMKAfld6QznjsEBg9-WEu0x75vd0RzwNBbKQfFuRrrfl9WeUcEHu3Q3nZ_2fWIJD_yYjGFXRjEDEg...

170 B
188 B

21ms
20ms

Image
image/png

142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=dd0tVBUhS8eE6EKCyDPw-Q&google_push=AavPq0Oic-AMKAfld6QznjsEBg9-WEu0x75vd0RzwNBbKQfFuRrrfl9WeUcEHu3Q3nZ_2fWIJD_yYjGFXRjEDEgQh7dNeB5EnX87bZA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.80.98 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 01:59:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=dd0tVBUhS8eE6EKCyDPw-Q&google_push=AavPq0Oic-AMKAfld6QznjsEBg9-WEu0x75vd0RzwNBbKQfFuRrrfl9WeUcEHu3Q3nZ_2fWIJD_yYjGFXRjEDEgQh7dNeB5EnX87bZA
access-control-allow-origin: *
date: Mon, 02 Jan 2023 01:59:39 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EBD3
Redirect Chain

https://cs.emxdgt.com/um?ssp=google_ob&google_gid=CAESEE0WOfD9IS1kEbelC2wdrMo&google_cver=1&google_push=AavPq0M1cRMQ6t2AkHYpfbEmSYXbLATsCuPH03KAzWNqqzMWz7wI06S_Xs4aIZ0qU6TEey4fuoodxAOKO7m9HcvUvv1v_...
https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Demx_eb%26google_hm%3DNTY4MTE2NzI2MjQ3NzkzNDQ0OTFiMQ%3D%3D&b6...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcs.emxdgt.com%2Fumcheck%3Fapnxid%3D%24UID%26redirect%3Dhttps%253A%252F%252Fcm.g.doubleclick.net%252Fpixel%253Fgoogle_nid%253Demx_eb%2526google_...
https://cs.emxdgt.com/umcheck?apnxid=6228024670653928126&redirect=https://cm.g.doubleclick.net/pixel?google_nid=emx_eb&google_hm=NTY4MTE2NzI2MjQ3NzkzNDQ0OTFiMQ==&b64_redirect=aHR0cHM6Ly9jbS5nLmRvdW...
https://cm.g.doubleclick.net/pixel?google_nid=emx_eb&google_hm=NTY4MTE2NzI2MjQ3NzkzNDQ0OTFiMQ==

170 B
188 B

22ms
22ms

Image
image/png

142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=emx_eb&google_hm=NTY4MTE2NzI2MjQ3NzkzNDQ0OTFiMQ==

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.80.98 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 01:59:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=emx_eb&google_hm=NTY4MTE2NzI2MjQ3NzkzNDQ0OTFiMQ==
date: Mon, 02 Jan 2023 01:59:39 GMT
content-length: 0
content-type: text/html

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame EBD3 0
223 B 48ms
18ms Image
text/html 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jvs7uqz5E7IDpJznAXTkcCXHFZdGWdQboNDj2Kuvkjr4IeBAuRPvvzxJIVdk5oUXtn7NxWsw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.98 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:39 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame A057 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 61589c55948801fbb4e2d6845653763c516749f4a3124acd355618fca2a3e6b5

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 fo4.js Show response
c.ad6media.fr/ 154 KB
29 KB 179ms
178ms Script
application/javascript 5.135.94.16
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.ad6media.fr/fo4.js?125
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.135.94.16 Sarlat-la-Canéda, France, ASN16276 (OVH, FR),
Reverse DNS: ip16.ip-5-135-94.eu
Software: nginx /
Resource Hash: c8f44882b903653ad64d8a946d3c5d3ed878848b6fe1936141568cccf1ed8445

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:39 GMT
content-encoding: gzip
last-modified: Tue, 30 Mar 2021 08:55:58 GMT
server: nginx
etag: W/"6062e79e-268ce"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=864000
expires: Thu, 12 Jan 2023 01:59:39 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 930F 2 KB
1 KB 21ms
20ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y7I6igANPv0E0Yc0AA5F1Oni0IqGmGMuR1yroQ&u=%7C9kHa58EtIkS4X8VlUvDqM8XU%2BXzVVH48iY1Xq%2BR6SXg%3D%7C&c1=TUPLs6ok1Ijt5o8rV9_n7MYRYrKQT66mXkvYDtvVwxeRyGoHTHxmvUVIOYZSGisAgWf2QBA45XvouVgguVFcGOzHyKYVzkoVjduTNqKrE6-uJ63Cb-C6-AHKVuP1XwzL6Y_tluRRK8ndWTUz6l3Ftm9AS0wdDp8xElYLkaETp8TGms2K0wgjzSlmJlfOBn-1GDaGccnbGAORtpJjTrWDg-jDbuvF41-bAnt5S7DwL39Jvwy0q0SL6sUt1rXj_PXofvcRnyg-S5HWGpgNAb7lt7H_d5ncDi9YdEkjqjnuHAKJSrJPNgvccoPqPQxh-GoVja-IsU8wTxnlO0jBarg_bHlb2JHVxHg3hstKMTTWijjm6NwU8xIH2LA8txtAylxgvu_MopCpBOfqnwUffbsX89sk1Y5OWPidPjhVCPmN8y4bBqYE_V_Red9skY3lU-R4ZsDmNiSehWSW3Xmc44EtNV6xgrJNC4awVwiEN3FW9U7Icukxnbn1ZVckUJrGBZjDvmFtp-siErZvguA1w2EIb-AE-5OemJNxplBbR44DFZnuVS2izKT6VYMbKld4loWQh-xYuonJ0BkWgBA6JrNWfl9UcQcM_iLEMezYoUI-gQC5V17RYrlJf9MZW8wQLRKDNbqkqA5HDDINoRM524ptjGg0__zLi3YV&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXsZ4ijqyY_39NLSOxtYP1Iu5wAGcge-wXILzt52dAcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTA2MTkwNjA5NDE3NDk5ODPIAQmoAwGqBPMBT9DlpUtHmPxoNDpNiieAzsGWmvnjFTxJuFZCr4oCMx5LLH0CXP1zrlhXKNVucJNbYKoCXwes2gR43sXEEq98g-IxFw0ujli-_pFO2GPm1QW1NVbvl2iG90urS1TaarbnwO2F8lKk_l5mSQL6V5Nqj3L2nl7SdpQjBuecvc1a6ugy_r_uGGA8Xf4_M6i3cxhRbBTFat5Hn9xIjb3d0F4HkOA4LM_cVoEzr3Re73G33vNRGbval7PdaP-ykq_XV8OsbRbL6gAWd9Qjhm2L58WLv6EB1_2k_zx048H7aaLlguwjEE8lYpZLpZBSrro4Kid3qs8WgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3Iss8nklOcXpWD1MChbYg4xb3bWw%26client%3Dca-pub-0619060941749983%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Dec 2023 01:59:39 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 930F 2 KB
1 KB 10ms
10ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Dec 2023 01:59:39 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 930F 308 B
636 B 12ms
9ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:39 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 28 Dec 2023 01:59:39 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 930F 293 B
621 B 10ms
8ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:39 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 28 Dec 2023 01:59:39 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 930F 2 KB
1 KB 7ms
5ms Script
application/javascript 2600:141b:9000::b857:ad51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=13846930&cmp=28205461&plc=342025052&sid=1340728&dvregion=0&unit=1005x124
Requested by: Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y7I6igANPv0E0Yc0AA5F1Oni0IqGmGMuR1yroQ&u=%7C9kHa58EtIkS4X8VlUvDqM8XU%2BXzVVH48iY1Xq%2BR6SXg%3D%7C&c1=TUPLs6ok1Ijt5o8rV9_n7MYRYrKQT66mXkvYDtvVwxeRyGoHTHxmvUVIOYZSGisAgWf2QBA45XvouVgguVFcGOzHyKYVzkoVjduTNqKrE6-uJ63Cb-C6-AHKVuP1XwzL6Y_tluRRK8ndWTUz6l3Ftm9AS0wdDp8xElYLkaETp8TGms2K0wgjzSlmJlfOBn-1GDaGccnbGAORtpJjTrWDg-jDbuvF41-bAnt5S7DwL39Jvwy0q0SL6sUt1rXj_PXofvcRnyg-S5HWGpgNAb7lt7H_d5ncDi9YdEkjqjnuHAKJSrJPNgvccoPqPQxh-GoVja-IsU8wTxnlO0jBarg_bHlb2JHVxHg3hstKMTTWijjm6NwU8xIH2LA8txtAylxgvu_MopCpBOfqnwUffbsX89sk1Y5OWPidPjhVCPmN8y4bBqYE_V_Red9skY3lU-R4ZsDmNiSehWSW3Xmc44EtNV6xgrJNC4awVwiEN3FW9U7Icukxnbn1ZVckUJrGBZjDvmFtp-siErZvguA1w2EIb-AE-5OemJNxplBbR44DFZnuVS2izKT6VYMbKld4loWQh-xYuonJ0BkWgBA6JrNWfl9UcQcM_iLEMezYoUI-gQC5V17RYrlJf9MZW8wQLRKDNbqkqA5HDDINoRM524ptjGg0__zLi3YV&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXsZ4ijqyY_39NLSOxtYP1Iu5wAGcge-wXILzt52dAcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTA2MTkwNjA5NDE3NDk5ODPIAQmoAwGqBPMBT9DlpUtHmPxoNDpNiieAzsGWmvnjFTxJuFZCr4oCMx5LLH0CXP1zrlhXKNVucJNbYKoCXwes2gR43sXEEq98g-IxFw0ujli-_pFO2GPm1QW1NVbvl2iG90urS1TaarbnwO2F8lKk_l5mSQL6V5Nqj3L2nl7SdpQjBuecvc1a6ugy_r_uGGA8Xf4_M6i3cxhRbBTFat5Hn9xIjb3d0F4HkOA4LM_cVoEzr3Re73G33vNRGbval7PdaP-ykq_XV8OsbRbL6gAWd9Qjhm2L58WLv6EB1_2k_zx048H7aaLlguwjEE8lYpZLpZBSrro4Kid3qs8WgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3Iss8nklOcXpWD1MChbYg4xb3bWw%26client%3Dca-pub-0619060941749983%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:9000::b857:ad51 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: d8b1280df015b12fd4ea4138faad855238e57f1819a6d2b854d0fd9879532805

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 01:59:39 GMT
Content-Encoding: gzip
Last-Modified: Tue, 20 Dec 2022 11:37:28 GMT
Server: Microsoft-IIS/10.0
ETag: "f3ae98706714d91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1170

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 930F 8 KB
4 KB 6ms
4ms Script
application/javascript 2600:141b:9000::b857:ad51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=13846930&cmp=28205461&plc=342025052&sid=1340728&adsrv=169&btreg=banner_content&btadsrv=banner_content&tagtype=&dvtagver=6.1.src
Requested by: Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y7I6igANPv0E0Yc0AA5F1Oni0IqGmGMuR1yroQ&u=%7C9kHa58EtIkS4X8VlUvDqM8XU%2BXzVVH48iY1Xq%2BR6SXg%3D%7C&c1=TUPLs6ok1Ijt5o8rV9_n7MYRYrKQT66mXkvYDtvVwxeRyGoHTHxmvUVIOYZSGisAgWf2QBA45XvouVgguVFcGOzHyKYVzkoVjduTNqKrE6-uJ63Cb-C6-AHKVuP1XwzL6Y_tluRRK8ndWTUz6l3Ftm9AS0wdDp8xElYLkaETp8TGms2K0wgjzSlmJlfOBn-1GDaGccnbGAORtpJjTrWDg-jDbuvF41-bAnt5S7DwL39Jvwy0q0SL6sUt1rXj_PXofvcRnyg-S5HWGpgNAb7lt7H_d5ncDi9YdEkjqjnuHAKJSrJPNgvccoPqPQxh-GoVja-IsU8wTxnlO0jBarg_bHlb2JHVxHg3hstKMTTWijjm6NwU8xIH2LA8txtAylxgvu_MopCpBOfqnwUffbsX89sk1Y5OWPidPjhVCPmN8y4bBqYE_V_Red9skY3lU-R4ZsDmNiSehWSW3Xmc44EtNV6xgrJNC4awVwiEN3FW9U7Icukxnbn1ZVckUJrGBZjDvmFtp-siErZvguA1w2EIb-AE-5OemJNxplBbR44DFZnuVS2izKT6VYMbKld4loWQh-xYuonJ0BkWgBA6JrNWfl9UcQcM_iLEMezYoUI-gQC5V17RYrlJf9MZW8wQLRKDNbqkqA5HDDINoRM524ptjGg0__zLi3YV&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXsZ4ijqyY_39NLSOxtYP1Iu5wAGcge-wXILzt52dAcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTA2MTkwNjA5NDE3NDk5ODPIAQmoAwGqBPMBT9DlpUtHmPxoNDpNiieAzsGWmvnjFTxJuFZCr4oCMx5LLH0CXP1zrlhXKNVucJNbYKoCXwes2gR43sXEEq98g-IxFw0ujli-_pFO2GPm1QW1NVbvl2iG90urS1TaarbnwO2F8lKk_l5mSQL6V5Nqj3L2nl7SdpQjBuecvc1a6ugy_r_uGGA8Xf4_M6i3cxhRbBTFat5Hn9xIjb3d0F4HkOA4LM_cVoEzr3Re73G33vNRGbval7PdaP-ykq_XV8OsbRbL6gAWd9Qjhm2L58WLv6EB1_2k_zx048H7aaLlguwjEE8lYpZLpZBSrro4Kid3qs8WgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3Iss8nklOcXpWD1MChbYg4xb3bWw%26client%3Dca-pub-0619060941749983%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:9000::b857:ad51 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: d1769c5d53beb7c5a6df513e24b14d261093722e9f1f34e383a4a2ef653d342f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 01:59:39 GMT
Content-Encoding: gzip
Last-Modified: Sun, 25 Dec 2022 11:57:36 GMT
Server: Microsoft-IIS/10.0
ETag: "0f83e145818d91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3313

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame 930F 43 B
347 B 16ms
14ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=I2usJ6DYy-4JylYqccUUHqEYD0sJttqjNMiXOoMntLjBJ2Q9Kd5RnaSl3i9O9TGNHPGESXGd_bx1vneZq6nGghyRA23mgwZPAfebkrbNC7uCVdsKGFaEkSZ5pxc9jdtoUuNjSu4BH6dZTrjfAQdUThQ45ALJirrUnnuSu63U-AafzwCLXunIdmQzk1xf_jVIPO_06LUIC3nX4GrznENz2MANAeU_b_baCpbDKKKmsD5zpVTQaVxed8k3uQ7vRqfvna768L8Z3G8BSJZgVKz-jtNwvsaffL9c4aSAwKwQjXMJcnyyS2JJUFVhQY31M-Byvu-cBloQQePZBGnYr2-YFIUUSaHUu-cgyNjPyhkwv08inMSbxQ2ixHdSDQyUS-1AvJuCn1N3EatysAQCfj3dxsX-oKA5_y-m0jFjjfQ4QUmUsiuJ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 01:59:39 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3478314
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3

200

B28205461.342025052;dc_pre=COnCxu7kp_wCFcqLswodmRMBfQ;dc_trk_aid=534250294;dc_trk_cid=175324964;ord=63b23a8a40b563112193d629ad0b5efa;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;...
ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/ Frame 930F
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B28205461.342025052;dc_trk_aid=534250294;dc_trk_cid=175324964;ord=63b23a8a40b563112193d629ad0b5efa;dc_lat=;dc_rdid=;tag_for_child_directe...
https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B28205461.342025052;dc_pre=COnCxu7kp_wCFcqLswodmRMBfQ;dc_trk_aid=534250294;dc_trk_cid=175324964;ord=63b23a8a40b563112193d629ad0b5efa;dc_l...

42 B
63 B

35ms
34ms

Image
image/gif

142.250.80.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B28205461.342025052;dc_pre=COnCxu7kp_wCFcqLswodmRMBfQ;dc_trk_aid=534250294;dc_trk_cid=175324964;ord=63b23a8a40b563112193d629ad0b5efa;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?

Requested by

Protocol

Server

142.250.80.38 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 01:59:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 Jan 2023 01:59:39 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B28205461.342025052;dc_pre=COnCxu7kp_wCFcqLswodmRMBfQ;dc_trk_aid=534250294;dc_trk_cid=175324964;ord=63b23a8a40b563112193d629ad0b5efa;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
d.agkn.com/pixel/8538/ Frame 930F 43 B
580 B 13ms
11ms Image
image/gif 2600:9000:21da:3a00:19:fc2c:a140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.agkn.com/pixel/8538/?che=63b23a8a40b563112193d629ad0b5efa&col=308271,0,0,0,11120203,63b23a8a40b563112193d629ad0b5efa
Requested by: Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y7I6igANPv0E0Yc0AA5F1Oni0IqGmGMuR1yroQ&u=%7C9kHa58EtIkS4X8VlUvDqM8XU%2BXzVVH48iY1Xq%2BR6SXg%3D%7C&c1=TUPLs6ok1Ijt5o8rV9_n7MYRYrKQT66mXkvYDtvVwxeRyGoHTHxmvUVIOYZSGisAgWf2QBA45XvouVgguVFcGOzHyKYVzkoVjduTNqKrE6-uJ63Cb-C6-AHKVuP1XwzL6Y_tluRRK8ndWTUz6l3Ftm9AS0wdDp8xElYLkaETp8TGms2K0wgjzSlmJlfOBn-1GDaGccnbGAORtpJjTrWDg-jDbuvF41-bAnt5S7DwL39Jvwy0q0SL6sUt1rXj_PXofvcRnyg-S5HWGpgNAb7lt7H_d5ncDi9YdEkjqjnuHAKJSrJPNgvccoPqPQxh-GoVja-IsU8wTxnlO0jBarg_bHlb2JHVxHg3hstKMTTWijjm6NwU8xIH2LA8txtAylxgvu_MopCpBOfqnwUffbsX89sk1Y5OWPidPjhVCPmN8y4bBqYE_V_Red9skY3lU-R4ZsDmNiSehWSW3Xmc44EtNV6xgrJNC4awVwiEN3FW9U7Icukxnbn1ZVckUJrGBZjDvmFtp-siErZvguA1w2EIb-AE-5OemJNxplBbR44DFZnuVS2izKT6VYMbKld4loWQh-xYuonJ0BkWgBA6JrNWfl9UcQcM_iLEMezYoUI-gQC5V17RYrlJf9MZW8wQLRKDNbqkqA5HDDINoRM524ptjGg0__zLi3YV&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXsZ4ijqyY_39NLSOxtYP1Iu5wAGcge-wXILzt52dAcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTA2MTkwNjA5NDE3NDk5ODPIAQmoAwGqBPMBT9DlpUtHmPxoNDpNiieAzsGWmvnjFTxJuFZCr4oCMx5LLH0CXP1zrlhXKNVucJNbYKoCXwes2gR43sXEEq98g-IxFw0ujli-_pFO2GPm1QW1NVbvl2iG90urS1TaarbnwO2F8lKk_l5mSQL6V5Nqj3L2nl7SdpQjBuecvc1a6ugy_r_uGGA8Xf4_M6i3cxhRbBTFat5Hn9xIjb3d0F4HkOA4LM_cVoEzr3Re73G33vNRGbval7PdaP-ykq_XV8OsbRbL6gAWd9Qjhm2L58WLv6EB1_2k_zx048H7aaLlguwjEE8lYpZLpZBSrro4Kid3qs8WgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3Iss8nklOcXpWD1MChbYg4xb3bWw%26client%3Dca-pub-0619060941749983%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21da:3a00:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 01:59:38 GMT
via: 1.1 7e35b683005d768b7c720f84f8a9e476.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
x-amz-cf-pop: EWR53-C1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: image/gif
cache-control: no-cache, must-revalidate
content-length: 43
x-amz-cf-id: I_sPqrz5QQpld4_0SK1RMClyvj2RxF3V94R_7mK0plEOLho0FPCcJQ==
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src_internal115.js Show response
cdn.doubleverify.com/ Frame 930F 59 KB
24 KB 5ms
5ms Script
application/javascript 2600:141b:9000::b857:ad51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal115.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=13846930&cmp=28205461&plc=342025052&sid=1340728&dvregion=0&unit=1005x124
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:9000::b857:ad51 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 4804c2aedacd4aeaa883f9ee68a46db16fca0019e321d2991ccc16531d57f7aa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 01:59:39 GMT
Content-Encoding: gzip
Last-Modified: Tue, 20 Dec 2022 11:38:02 GMT
Server: Microsoft-IIS/10.0
ETag: "d24981846714d91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24248

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 930F 444 B
554 B 29ms
29ms Script
text/javascript 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_349080301464&jsTagObjCallback=__tagObject_callback_349080301464&num=6&ctx=13846930&cmp=28205461&plc=342025052&sid=1340728&advid=&adsrv=&unit=1005x124&isdvvid=&uid=349080301464&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.20&dvpx_strhd=0.20&brid=3&brver=108&bridua=3&dup=null&srcurlD=1&ssl=1&refD=2&tagpb=1&htmlmsging=1&tstype=128&aUrlD=1&m1=13&noc=4&fcifrms=4&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=163&eparams=DC4FC%3Dl9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETauU2%3F4r92%3A%3Fl9EEATbpTauTauHHH%5DA%40%3C6%3E%40%3F72%3F3%3D%408%5D%3E2DE6CE%40A7%40CF%3E%5D%40C8Tar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau25D%5DFD%5D4C%3AE6%40%5D4%40%3EU2%26C%3Dl9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETau&dvp_exetime=5.00&callbackName=__verify_callback_349080301464
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal115.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: f8419b65565256be06f25af03fd101a621eb1c735ba433d6da6fcf7465d5fc5e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Jan 2023 01:59:39 GMT
Content-Encoding: br
X-DV-Response: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Expires: 01/01/2023 01:59:39

POST
H/1.1 204
No Content bsevent.gif
rtbc-ue1.doubleverify.com/ Frame 930F 0
234 B 22ms
22ms Ping
text/plain 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-ue1.doubleverify.com/bsevent.gif?flvr=0&impid=fae94aa28d784d1c8fab2f76eb7cc8cc&vfdur=31&cbust=1672624779451650
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal115.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Mon, 02 Jan 2023 01:59:39 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 01/01/2023 01:59:39

GET
H/1.1 200
OK dv-measurements3345.js Show response
cdn.doubleverify.com/ Frame 3E20 554 KB
106 KB 6ms
6ms Script
application/javascript 2600:141b:9000::b857:ad51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements3345.js
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:9000::b857:ad51 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 11c78dc36211caf34bb9b0ed56d457d37de3ef911971808c82a1548e2adcb3cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 01:59:39 GMT
Content-Encoding: gzip
Last-Modified: Sun, 25 Dec 2022 09:47:14 GMT
Server: Microsoft-IIS/10.0
ETag: "07df8dd4518d91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 108422

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 930F 12 KB
5 KB 28ms
12ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2189065
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0HOp%2FsA0%2BAfaSUvx2pzRVh973XUUoptLjxZAIQB7leQrn4z05HIWAqai%2BTNNasnWWVZ4b4Dqa5UxxLl%2BRQE%2BoVw6xqyA7GSYW%2BuMk1UDaZL%2FAeWqrUyFSO5EZSeh09epGiIweBA6HnPK5kP2bqy%2FIM6x"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 782fe5881ab719f7-EWR
expires: Sat, 23 Dec 2023 01:59:39 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 930F 12 KB
6 KB 17ms
17ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Dec 2023 01:59:39 GMT

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 3E20 694 B
706 B 31ms
31ms Script
text/javascript 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=79&ttfrms=9&brid=3&brver=108.0.5359.124&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETauU2%3F4r92%3A%3Fl9EEATbpTauTauHHH%5DA%40%3C6%3E%40%3F72%3F3%3D%408%5D%3E2DE6CE%40A7%40CF%3E%5D%40C8Tar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau25D%5DFD%5D4C%3AE6%40%5D4%40%3E&srcurlD=1&aUrlD=0&ssl=https:&dfs=145&ddur=12&uid=1672624779538665&jsCallback=dvCallback_1672624779538858&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=124&winw=1005&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3345&tgjsver=3345&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fads.us.criteo.com%2Fdelivery%2Fr%2Fafr.php%3Fz%3DY7I6igANPv0E0Yc0AA5F1Oni0IqGmGMuR1yroQ%26u%3D%257C9kHa58EtIkS4X8VlUvDqM8XU%252BXzVVH48iY1Xq%252BR6SXg%253D%257C%26c1%3DTUPLs6ok1Ijt5o8rV9_n7MYRYrKQT66mXkvYDtvVwxeRyGoHTHxmvUVIOYZSGisAgWf2QBA45XvouVgguVFcGOzHyKYVzkoVjduTNqKrE6-uJ63Cb-C6-AHKVuP1XwzL6Y_tluRRK8ndWTUz6l3Ftm9AS0wdDp8xElYLkaETp8TGms2K0wgjzSlmJlfOBn-1GDaGccnbGAORtpJjTrWDg-jDbuvF41-bAnt5S7DwL39Jvwy0q0SL6sUt1rXj_PXofvcRnyg-S5HWGpgNAb7lt7H_d5ncDi9YdEkjqjnuHAKJSrJPNgvccoPqPQxh-GoVja-IsU8wTxnlO0jBarg_bHlb2JHVxHg3hstKMTTWijjm6NwU8xIH2LA8txtAylxgvu_MopCpBOfqnwUffbsX89sk1Y5OWPidPjhVCPmN8y4bBqYE_V_Red9skY3lU-R4ZsDmNiSehWSW3Xmc44EtNV6xgrJNC4awVwiEN3FW9U7Icukxnbn1ZVckUJrGBZjDvmFtp-siErZvguA1w2EIb-AE-5OemJNxplBbR44DFZnuVS2izKT6VYMbKld4loWQh-xYuonJ0BkWgBA6JrNWfl9UcQcM_iLEMezYoUI-gQC5V17RYrlJf9MZW8wQLRKDNbqkqA5HDDINoRM524ptjGg0__zLi3YV%26ct0%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCXsZ4ijqyY_39NLSOxtYP1Iu5wAGcge-wXILzt52dAcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTA2MTkwNjA5NDE3NDk5ODPIAQmoAwGqBPMBT9DlpUtHmPxoNDpNiieAzsGWmvnjFTxJuFZCr4oCMx5LLH0CXP1zrlhXKNVucJNbYKoCXwes2gR43sXEEq98g-IxFw0ujli-_pFO2GPm1QW1NVbvl2iG90urS1TaarbnwO2F8lKk_l5mSQL6V5Nqj3L2nl7SdpQjBuecvc1a6ugy_r_uGGA8Xf4_M6i3cxhRbBTFat5Hn9xIjb3d0F4HkOA4LM_cVoEzr3Re73G33vNRGbval7PdaP-ykq_XV8OsbRbL6gAWd9Qjhm2L58WLv6EB1_2k_zx048H7aaLlguwjEE8lYpZLpZBSrro4Kid3qs8WgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3Iss8nklOcXpWD1MChbYg4xb3bWw%2526client%253Dca-pub-0619060941749983%2526adurl%253D&fcifrms=4&brh=2&sdf=2&dvp_epl=291&noc=4&nav_pltfrm=Win32&ctx=13846930&cmp=28205461&sid=1340728&plc=342025052&btreg=banner_content&btadsrv=banner_content&adsrv=169&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=397572740426.4279&dvp_tukv=240467584973.19205&dvp_uuid=460169683.2044352&dvp_strhd=0.2999992370605469&dvpx_strhd=0.2999992370605469&dvp_tuid=604700592276&jurtd=964849573
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3345.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 584922167fc6ed3574c49f7b1f1f49022b0e40125dd7812ed6c12f504eb550bf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Jan 2023 01:59:39 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Expires: 01/01/2023 01:59:39

GET
H2 200 img
pix.us.criteo.net/img/ Frame 930F 5 KB
5 KB 15ms
9ms Image
image/png 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?h=244&m=0&partner=5535&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F5535%2F190813%2F2bae0630a27c46a094683d10c9b6171a_logo_dark_horizontal.png&v=3&w=196&s=tA-S1h9m4M-A-Nj3Bawq7faK

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

89ab70a5aa94a7fc9b531da399ce047377f44a4ef2e2296c07a317e6a7efdba5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:38 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=28084592
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 5095
expires: Thu, 23 Nov 2023 03:16:12 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 930F 12 KB
13 KB 17ms
9ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F4%2Foptimized%2F17692184_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=LGG6-LKdiGqlQ1vT87gBuanT&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

c256dec07e2b18df987ca53345eaacd13a7261be18fcd7c87e61623ec649576f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:39 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1084189
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 12726
expires: Sat, 14 Jan 2023 15:09:29 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 930F 13 KB
13 KB 18ms
10ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F8%2Foptimized%2F22140718_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=s4KtZGEgusitlEAvLUMEzS3i&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

b704e9eebe55fa1309a3cb15cc59b878efba1f40b592bd79a1f1186c33398786

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:39 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=827903
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 12848
expires: Wed, 11 Jan 2023 15:58:02 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 930F 6 KB
6 KB 20ms
12ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F3%2Foptimized%2F22330883_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=PzJwxuaM4aJoB7IO8Kl5ZFDN&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

0b2e8f4e60be39c32903492890d00fdb001f697752f3be62ec82d138e7988a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:38 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 5748
expires: Mon, 02 Jan 2023 01:59:39 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 930F 12 KB
12 KB 19ms
11ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F5%2Foptimized%2F22371722_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=Ttr6YKs1CE_BBdhA_EDNNxYA&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

a146c5ff0951324299ef0ba28416c1169e99285c83eb2f829c6399172834bba4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:38 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2381277
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 11982
expires: Sun, 29 Jan 2023 15:27:36 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 930F 6 KB
6 KB 22ms
15ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F7%2Foptimized%2F22305587_fpx.tif&v=3&w=400&s=IlGINNlbofQREWD036XlzNPI&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

4967ecf071530781f8ca0d2bec85930639444a42f9fcd72e9132f625a66d18fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:39 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=307143
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 5874
expires: Thu, 05 Jan 2023 15:18:43 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 930F 8 KB
8 KB 25ms
18ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F2%2Foptimized%2F19275704_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=qrQiDpZV0eUGFE5XJNtUJg5B&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

ac3713e12aaa91be7a1653a005ef5548dd34df32721e5ed7b1d765cc7c540953

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:39 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2552707
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7800
expires: Tue, 31 Jan 2023 15:04:47 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 930F 18 KB
18 KB 23ms
16ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F2%2Foptimized%2F22478882_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=eNJpiBMKBsvVR4y_yq-b7fbc&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

ad1860c9c0327d393bb3b966ad12507d20f703a4684b12d27b947de73d93528d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:38 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1691967
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 18262
expires: Sat, 21 Jan 2023 15:59:07 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 930F 9 KB
10 KB 26ms
19ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F4%2Foptimized%2F21888026_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=8CHn4LwBlpkhfb_YfeDlw512&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

2fe326f85f18bb8f2b15cfde6928febb374cbb1865deace1b300cf84d0d6458f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:39 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2121631
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 9548
expires: Thu, 26 Jan 2023 15:20:11 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 930F 7 KB
7 KB 24ms
17ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F0%2Foptimized%2F8716474_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=C1v-oVRYpX0TrAHmwX37b__v&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

58173a84c21aa149ef5c2f55eb26a70e219ebd07b851c9dba43fb5a63c923961

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:38 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2414988
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6986
expires: Mon, 30 Jan 2023 00:49:28 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 930F 7 KB
7 KB 37ms
31ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F2%2Foptimized%2F22854466_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=kqWdGdYoviKUZw7vSGM_be5t&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

35f16445cffab9db26b4c2d587237d8d9292bd1044513d84e3d06f90466bb1fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:39 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=221936
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6974
expires: Wed, 04 Jan 2023 15:38:36 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 930F 10 KB
10 KB 30ms
24ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F6%2Foptimized%2F21959746_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=LeEr6INvChXVyr2qSdZp6dbr&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

a9221770db81241e541bccd51aa14d0a80f0393776907c370c37f2005034caeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:39 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 9966
expires: Mon, 02 Jan 2023 01:59:39 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 930F 6 KB
6 KB 27ms
22ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F2%2Foptimized%2F22854504_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=aIn42qLruhVqgxAL4yOZnYzk&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

382553d0b81e9af0e9ea4e34c926ceebab79be5fb7ca5ede274f349f27d67c03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:39 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1713231
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6080
expires: Sat, 21 Jan 2023 21:53:31 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 930F 11 KB
11 KB 28ms
22ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F3%2Foptimized%2F21912190_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=HL3tYdSIfwIkAswUVmTVB47W&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

921c401abf160b422a186d525f3ffe086414b34a7528e8fbb6efa0b6aacb1995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:38 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2575636
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 11112
expires: Tue, 31 Jan 2023 21:26:56 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 930F 19 KB
19 KB 26ms
21ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F5%2Foptimized%2F22419398_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=knHL8lGC2Fa6aad9LZQWgEap&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

0e67d9f5470c2fa8b133b7b2431b78c50a86fdfca48579038e60d56cec1fd638

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:39 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1194831
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19378
expires: Sun, 15 Jan 2023 21:53:31 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 930F 6 KB
6 KB 30ms
25ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F3%2Foptimized%2F21887936_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=PxZyvRRe5jIefTxC4TJsO9Ko&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

a8a1d621f1f74266fe1e0050438d3f5df45b3d1de85c66e63b5c817c0da09ed5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:39 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1300443
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 5762
expires: Tue, 17 Jan 2023 03:13:42 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 930F 24 KB
24 KB 31ms
26ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F3%2Foptimized%2F22996453_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=BGpkIDONqkSC0q3PKp0RGE3r&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

2cd12c7ce0b7820ed9278d4ab38ba0d500c2ec60c79d7c7dc19fad61ef0449f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:38 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 24352
expires: Mon, 02 Jan 2023 01:59:39 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 930F 28 KB
28 KB 32ms
27ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F7%2Foptimized%2F21487387_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=Ltw-xnMxPjPJeXv4-qwbvuiu&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

a55dddb0a168e6860a93a24c8260284bf7279b84cdf668aecb72e2e0f94f14b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:39 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=133741
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 28684
expires: Tue, 03 Jan 2023 15:08:41 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 930F 16 KB
16 KB 29ms
24ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F2%2Foptimized%2F21487352_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=hopCVnWvSCNqwMLhCojgd4Lm&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

014b2dec37e7612982784d2d0cd7fd93cca4f95139a552e294a260f4ddad54bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:39 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2381300
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16368
expires: Sun, 29 Jan 2023 15:27:59 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 930F 30 KB
31 KB 34ms
30ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F5%2Foptimized%2F11734815_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=XF9tg850GQvV8-Oa5rb47Rj2&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

b86a91da12e1464f776b968c970af47a509d1e7336303ed51ed3512f70eef673

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:38 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1161182
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 31206
expires: Sun, 15 Jan 2023 12:32:41 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 930F 19 KB
19 KB 32ms
27ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F9%2Foptimized%2F11942499_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=0zuMoPGRuU1oYBgycGYKk6pK&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

19a97f7979039e0169a317503a26b7a702e534d732eb95bb8146956b5d8ce763

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:39 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=676551
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19258
expires: Mon, 09 Jan 2023 21:55:31 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 930F 15 KB
15 KB 33ms
29ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F7%2Foptimized%2F12281509_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=Afnq7PZaDnKe4M2UBL7Qxf3N&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

733b72e1f33be2da55a3b0816d41e93d094cda8329340577da5357311cc9b062

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:38 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=681068
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 15296
expires: Mon, 09 Jan 2023 23:10:47 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 930F 0
127 B 16ms
12ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=AUq3pQx3xW4p8Vsupy-rQjfuux0D4Cf7FnRCqy6vep6Vwm4VZRZTMz8QqTRXjEvNVINxypphhINZsl9N7LmVtkq6End0jJmTLWWpuP1tU07uV4G2VxOm0pkFfflGVJRLI6OfpwGUzao9ojptDHqKfgt99GRbSatvxmNjYn1WhhA8fHmHKmhvu3T8lIXJvs1ORu7oash8kNQGTxqfnuy7GjkriSc8FU2z9Fn0IRhoMeOeCnfYognLlnQ9gNnkEmROUU-Vfg&sds=2&rev=83933&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 02 Jan 2023 01:59:38 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 930F 2 KB
1 KB 15ms
13ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Dec 2023 01:59:39 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 930F 2 KB
1 KB 14ms
13ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Dec 2023 01:59:39 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 930F 4 KB
1 KB 42ms
19ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 02 Jan 2023 01:59:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 00:02:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 02 Jan 2023 01:59:39 GMT

GET
H2 200 80992.jpeg
style.ad6.fr/img/m/ Frame 9E17 78 KB
78 KB 329ms
81ms Image
image/jpeg 5.135.94.16
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://style.ad6.fr/img/m/80992.jpeg?&subid=S2301022593932575683561327766
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.135.94.16 Sarlat-la-Canéda, France, ASN16276 (OVH, FR),
Reverse DNS: ip16.ip-5-135-94.eu
Software: nginx /
Resource Hash: 35896f69e63174d490b4d17af9acdbb8b17c1c8e4f69f3c1e86d9ff383e69e58

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:40 GMT
last-modified: Wed, 23 Nov 2022 09:06:18 GMT
server: nginx
etag: "637de28a-13790"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 79760
expires: Wed, 01 Feb 2023 01:59:40 GMT

GET
H2 200 fcd0f17511c987fb7e40f9d478224232
awghk956qa.s.ad6media.fr/p/54341/27766/13/0/0/0/0/3.0857/0/0/0/4/0/259393257568356/64668/0/ Frame 9E17 43 B
314 B 93ms
93ms Image
image/gif 87.98.153.73
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://awghk956qa.s.ad6media.fr/p/54341/27766/13/0/0/0/0/3.0857/0/0/0/4/0/259393257568356/64668/0/fcd0f17511c987fb7e40f9d478224232?&ref=www.pokemonfanblog.mastertopforum.org&t=v
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 87.98.153.73 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
date: Mon, 02 Jan 2023 01:59:39 GMT
server: nginx
report-to: { "url": "https://report.s.ad6media.fr/reports", "max_age": 10886400, "include_subdomains":true }
p3p: policyref="https://www.ad6media.fr/w3c/p3p.xml", CP="NOI DEVa TAIa OUR BUS UNI"

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7423 42 B
64 B 31ms
19ms Fetch
image/gif 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvtY1sewWgo6g-2PYhdKvNTmLuqryTX_HHQl8wEsCjga2CplY8tQHFXueDWmejMqemDB1uF1bc6Ymt-nlH294jy5ps&sig=Cg0ArKJSzN3mCLJUaj6YEAE&id=lidar2&mcvt=1025&p=0,0,280,1200&mtos=1025,1025,1025,1025,1025&tos=1025,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2320542684&rs=2&la=1&cr=0&vs=4&r=v&rst=1672624778422&rpt=312&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 01:59:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 930F 15 KB
16 KB 37ms
4ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 10:24:38 GMT
x-content-type-options: nosniff
age: 228901
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Dec 2023 10:24:38 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 930F 15 KB
16 KB 37ms
5ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 19:32:04 GMT
x-content-type-options: nosniff
age: 368855
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Dec 2023 19:32:04 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 27ms
27ms XHR
application/json 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071220

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3dafefe42f5340dad10072bd7756ca87795d1b7c7d075cb847864ddc76cee81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11203
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 27ms
26ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071220

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 02 Jan 2023 01:59:39 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6699 13 KB
5 KB 6ms
4ms Document
text/html 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.pokemonfanblog.mastertopforum.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 218196
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Dec 2022 13:23:03 GMT
expires: Sat, 30 Dec 2023 13:23:03 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6399 783 B
536 B 38ms
23ms Document
text/html 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0cc22088336434b94c3608d913f950aa0182eda950319ea3422f9e9dfc2b3f59

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RGnqsMK4G7QKuxO8aw1uPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.pokemonfanblog.mastertopforum.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-RGnqsMK4G7QKuxO8aw1uPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 02 Jan 2023 01:59:39 GMT
expires: Mon, 02 Jan 2023 01:59:39 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js Show response
pagead2.googlesyndication.com/bg/ Frame 6699 36 KB
16 KB 4ms
4ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 21:11:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 535718
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15923
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 26 Dec 2023 21:11:01 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6399 0
0 19ms
18ms Image
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=4102389520372628&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

POST
H2 200 all
csm.us.criteo.net/ Frame 194A 0
127 B 10ms
9ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 02 Jan 2023 01:59:39 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6699 0
10 B 4ms
3ms Image
text/plain 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?f0ZZ5Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80d::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:40 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1 200
OK fes.png
style2.ad6.fr/img/fe/ 2 KB
2 KB 418ms
83ms Image
image/png 178.32.120.35
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://style2.ad6.fr/img/fe/fes.png
Protocol: HTTP/1.1
Server: 178.32.120.35 , France, ASN16276 (OVH, FR),
Reverse DNS: ip35.ip-178-32-120.eu
Software: nginx /
Resource Hash: 67a24a05747c9eecc7baa5f9e806b4aa6c7dec809b11e079b778fd6e69b80cee

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:40 GMT
last-modified: Tue, 26 Apr 2016 16:26:36 GMT
server: nginx
etag: "571f96bc-6ba"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1722
expires: Wed, 01 Feb 2023 01:59:40 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 21ms
21ms Image
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=4102389520372628&bg=!MjGlMXXNAAYgquz3AKo7ACkAdvg8WqknyJy58q2Huhhpaxah9sdzvjNNjSKr8RaJzKM7Dzr5ywS-9gIAAACDUgAAAARoAQcKAGOUihcf-6btmEv2BiQCxjL7O5mxubPrjDQQctljk5zlNqLWlvaTUjS_lMZlMXvzz2t78rtdfpJYafAfUvYyfxK7ifaDz3ckXfWvfur0uVGSw8P4xFB5-AFLKH1gx_Jv6Ufh9ZWZAv_qKYHezSKWtm2ur1quMSVhDMPuJipMVCSegfiDQ2BPX5OSe4TBRP18yJ1iyBkChhnCYGGYssZVc617Tc20F5XUCano2tRuu4cDvsO1HZgA3jWvmNqdPTkG1RY_OUXE1FACyt9muEpRH4y6-rdBRnVDESdigtvpwZkoPzy13PgHIVp64w-5XBiXSU6ebqCVZu2VHz-vGVuJWzn-6UpVTzuU-KzjRj_0AD4bZv9624fbHNkRPUMNPqa7zHdy7wKMYNdVlE3vfiJdTwTmBSzCSlWiqJIFT_l3Ns7SFazBnxIoXEsIkZT5BSC01Cnl3RwAtxMcLkLYfNXMpjA6jaJwnaUGr3cG8QZzjytYCNN4Lf72BygvxVjm3VtZCOHr3yDUJEVzPw_C2Wvf_pTCjDZnFfHaQzqaz0yzbc2pafiU_uMAiOUk4Fn0r8rPumypAsLPbDevJje-rWz9DShR5UUAwkD6M-YMfWZs3HJgP4copBn2DEfxuRy_wcWZcoS_i6Zkn7yR4c66YMEU4D_BD0dv03qHMMukZk6QVFh7sZwgwWFHZN56as0VK7YogP6LSfZBZktNzMmLehIhSIa-rC7VbUPTbfA_tWzEjY9ApfdxvbLSIf1N9SO-5vODSI3OIr0ER8gvJft12wvP20Z2qkyBNXwdV7ZlAi6IdshKm7u06eyWqmivVBxaYruCZ5mfee9k8URmFSHiNvA5v8cTkKhhCj-7De1d0Yc2qjceFAAbrugXlk5YVIH4LqJ2WpnJKU_0lzwOMMXMmMe01lERyzA60ItSn7HN0IY3Jq7Z-b1bWo7tsGZ7GLLDqy97TctFFYChdkfy9FOcQQvsO23tj1ACe34UK9PNJfkTZBH3kKAap77Xx5S4Q-A1bGjZNuURTAYnVdxGJK6w-k50tf9JvTtmVWqI4Y9CSpClgJ6Qh2cwamH5pWgNyNlQ2uvLzdWYQJm0DrXQBL7foZPEBMLakkDRD9c75IoBUht5-U9MVx9mpgKI6ljcH8Sy7VF4L893Tp2org
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A057 42 B
64 B 19ms
18ms Fetch
image/gif 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstib4Y1GAqxF15DCrmm8FY4-NDDbWOzI46inIESKCud1mlW0KOuEMVK_GQsoH5-b4u0rltjkAsqlYcGSiLj0_bXTivk&sig=Cg0ArKJSzMiol5o3-MYfEAE&cid=CAASFeRo6FbvcwKNWRi_4aDsPndC5zB43w&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=156,799,1000,1163,1332&tos=156,643,201,163,169&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1672624779208&rpt=125&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 01:59:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 930F 0
127 B 8ms
8ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 02 Jan 2023 01:59:39 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 1
awghk956qa.s.ad6media.fr/tv/55532/fcd0f17511c987fb7e40f9d478224232/ 43 B
120 B 86ms
85ms Image
image/gif 87.98.153.73
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://awghk956qa.s.ad6media.fr/tv/55532/fcd0f17511c987fb7e40f9d478224232/1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 87.98.153.73 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

server: nginx
date: Mon, 02 Jan 2023 01:59:40 GMT
content-type: image/gif

GET
H2

200

affiliate-get-125-off Show response
try.freshly.com/freshly-lp/ Frame B17D
Redirect Chain

https://awghk956qa.s.ad6media.fr/p/54341/27766/13/0/0/0/0/3.0857/0/0/0/4/0/259393257568356/64668/0/fcd0f17511c987fb7e40f9d478224232?&ref=www.pokemonfanblog.mastertopforum.org&t=c
https://ad.admitad.com/g/d5n2rkxbc8832cbddfa7b996fda4e8/?&subid=S2301022593932575683561327766&
https://freshly.voq9.net/c/1310690/278160/4458?Subid1=fab6c2abefc102bac83ab4028656a87b&sharedid=957691
https://www.ojrq.net/p/?return=https%3A%2F%2Ffreshly.voq9.net%2Fc%2F1310690%2F278160%2F4458%3FSubid1%3Dfab6c2abefc102bac83ab4028656a87b%26sharedid%3D957691%26level%3D1%26srcref%3Dhttp%253A%252F%252...
https://freshly.voq9.net/c/1310690/278160/4458?Subid1=fab6c2abefc102bac83ab4028656a87b&sharedid=957691&level=1&srcref=http%3A%2F%2Fwww.pokemonfanblog.mastertopforum.org%2F&brwsr=1ea01c3d-8a41-11ed-...
https://try.freshly.com/freshly-lp/affiliate-get-125-off?clickid=x%3Asxc9UJxxyNTdX1o92qJUHWUkAzpyUctyuWQQ0&irgwc=1&utm_medium=affiliate&utm_source=ignite&affsrc=1&utm_term=paid-affiliate&utm_adid=2...

19 KB
6 KB

1113ms
997ms

Document
text/html

52.55.54.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://try.freshly.com/freshly-lp/affiliate-get-125-off?clickid=x%3Asxc9UJxxyNTdX1o92qJUHWUkAzpyUctyuWQQ0&irgwc=1&utm_medium=affiliate&utm_source=ignite&affsrc=1&utm_term=paid-affiliate&utm_adid=278160&utm_campaign=&plan_id=&promo_code=SAVE125AFF
Requested by: Host: c.ad6media.fr
URL: https://c.ad6media.fr/fo4.js?125
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.55.54.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-54-43.compute-1.amazonaws.com
Software: /
Resource Hash: 5a6fd2f0ef52a5f90ef46b194f98c5078f014f566733e1f53ceef93b6758d1b7

Request headers

Referer: http://www.pokemonfanblog.mastertopforum.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
content-encoding: gzip
content-length: 6214
content-type: text/html
date: Mon, 02 Jan 2023 01:59:42 GMT
vary: x-wf-forwarded-proto, Accept-Encoding
x-cache: MISS
x-cache-hits: 0
x-cluster-name: us-east-1-prod-edge-blue
x-lambda-id: 9d969e97-b0e5-47d9-b917-937ae61b1355
x-served-by: cache-iad-kcgs7200059-IAD
x-timer: S1672624781.111978,VS0,VE982

Redirect headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
date: Mon, 02 Jan 2023 01:59:40 GMT
expires: Mon, 02 Jan 2023 01:59:40 GMT
location: https://try.freshly.com/freshly-lp/affiliate-get-125-off?clickid=x%3Asxc9UJxxyNTdX1o92qJUHWUkAzpyUctyuWQQ0&irgwc=1&utm_medium=affiliate&utm_source=ignite&affsrc=1&utm_term=paid-affiliate&utm_adid=278160&utm_campaign=&plan_id=&promo_code=SAVE125AFF
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
pragma: no-cache

GET
H2 200 ea
awghk956qa.s.ad6media.fr/fot/259393257568356/ 43 B
120 B 85ms
85ms Image
image/gif 87.98.153.73
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://awghk956qa.s.ad6media.fr/fot/259393257568356/ea
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 87.98.153.73 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.pokemonfanblog.mastertopforum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

server: nginx
date: Mon, 02 Jan 2023 01:59:40 GMT
content-type: image/gif

GET
H2 200 try-freshly.ddfcd4b4a.min.css
assets-global.website-files.com/5f33fd38999c0c170afad3d5/css/ Frame B17D 443 KB
70 KB 64ms
8ms Stylesheet
text/css 2600:9000:21ea:d000:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-global.website-files.com/5f33fd38999c0c170afad3d5/css/try-freshly.ddfcd4b4a.min.css
Requested by: Host: try.freshly.com
URL: https://try.freshly.com/freshly-lp/affiliate-get-125-off?clickid=x%3Asxc9UJxxyNTdX1o92qJUHWUkAzpyUctyuWQQ0&irgwc=1&utm_medium=affiliate&utm_source=ignite&affsrc=1&utm_term=paid-affiliate&utm_adid=278160&utm_campaign=&plan_id=&promo_code=SAVE125AFF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:d000:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 525b03a9db3363086b93ccbc1eada66e1b42f24d8d781beeae9fb48c5da3803b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://try.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 08:36:43 GMT
content-encoding: gzip
via: 1.1 7a1287aac11cb484d13c7a9cbd2585b0.cloudfront.net (CloudFront)
x-amz-version-id: kln2m8.kCbpsjB.zIrzvPQHgZolRlT8R
age: 62580
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 71278
last-modified: Fri, 23 Dec 2022 19:04:41 GMT
server: AmazonS3
etag: "4f05523da24808964d8d06973bcb0a79"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: ZXP7Yahyd9i_95W-bes2UFQWPw9Mf5ey9HsFArsKpssw-SgH9HJizA==

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ Frame B17D 13 KB
6 KB 30ms
4ms Script
text/javascript 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: try.freshly.com
URL: https://try.freshly.com/freshly-lp/affiliate-get-125-off?clickid=x%3Asxc9UJxxyNTdX1o92qJUHWUkAzpyUctyuWQQ0&irgwc=1&utm_medium=affiliate&utm_source=ignite&affsrc=1&utm_term=paid-affiliate&utm_adid=278160&utm_campaign=&plan_id=&promo_code=SAVE125AFF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://try.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 06:16:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70982
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 01 Jan 2024 06:16:40 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame B17D 109 KB
43 KB 45ms
19ms Script
application/javascript 2607:f8b0:4006:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-57540929-1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

050f879661376521b9bf15821fcb9f2e8fb63db28fbf4fb36aea5fcbad08ffdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://try.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43581
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 02 Jan 2023 01:59:42 GMT

GET
H2 200 6009b4b9bb882d1ed2ff8b33_5fc4feea074f5b86a6c62285_freshly-logo-R.svg
assets-global.website-files.com/5f33fd38999c0c170afad3d5/ Frame B17D 3 KB
2 KB 5ms
5ms Image
image/svg+xml 2600:9000:21ea:d000:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/5f33fd38999c0c170afad3d5/6009b4b9bb882d1ed2ff8b33_5fc4feea074f5b86a6c62285_freshly-logo-R.svg
Requested by: Host: try.freshly.com
URL: https://try.freshly.com/freshly-lp/affiliate-get-125-off?clickid=x%3Asxc9UJxxyNTdX1o92qJUHWUkAzpyUctyuWQQ0&irgwc=1&utm_medium=affiliate&utm_source=ignite&affsrc=1&utm_term=paid-affiliate&utm_adid=278160&utm_campaign=&plan_id=&promo_code=SAVE125AFF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:d000:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2b5de815d77fe31098ba6c53840472704bf6208acb91164d49858664c430d85f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://try.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 10:11:29 GMT
x-amz-version-id: juf.G0JY2n22XLL3ADOAf39wC1SWQgHq
content-encoding: br
via: 1.1 7a1287aac11cb484d13c7a9cbd2585b0.cloudfront.net (CloudFront)
age: 56894
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 21 Jan 2021 17:07:07 GMT
server: AmazonS3
etag: W/"b6faeda5044007d2827822531e1d8a12"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: hHSKkhZB_uF9dC9WkIwcDedzIuVJPv9QM3tcqw-ml4Jjwu5ybIJKlw==

GET
H2 200 5f33fd38999c0c77e2fad690_e23a9441-5-star-review-dark-green_05k00y000000000000001%20(2).png
assets-global.website-files.com/5f33fd38999c0c170afad3d5/ Frame B17D 2 KB
2 KB 6ms
6ms Image
image/png 2600:9000:21ea:d000:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/5f33fd38999c0c170afad3d5/5f33fd38999c0c77e2fad690_e23a9441-5-star-review-dark-green_05k00y000000000000001%20(2).png
Requested by: Host: try.freshly.com
URL: https://try.freshly.com/freshly-lp/affiliate-get-125-off?clickid=x%3Asxc9UJxxyNTdX1o92qJUHWUkAzpyUctyuWQQ0&irgwc=1&utm_medium=affiliate&utm_source=ignite&affsrc=1&utm_term=paid-affiliate&utm_adid=278160&utm_campaign=&plan_id=&promo_code=SAVE125AFF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:d000:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d0097336690d3fc572245290d0c2f014a9f9495b83da0f6b8f5bdd00e359f069

Request headers

accept-language: en-US,en;q=0.9
Referer: https://try.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 10:11:29 GMT
x-amz-version-id: S.3BolmoZ9cgYYsGsghXwg6jHwR1l1rR
via: 1.1 7a1287aac11cb484d13c7a9cbd2585b0.cloudfront.net (CloudFront)
last-modified: Wed, 12 Aug 2020 14:31:35 GMT
server: AmazonS3
age: 56894
x-amz-cf-pop: EWR50-C1
etag: "4c0e405bf8f605109981b55b40b74030"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-length: 1674
x-amz-cf-id: MW4JlbMFbln7vz27Rd5UZXNnidK1k7hTuJQDo6FFCbWj_bg1xVeiAg==

GET
H2 200 jquery-3.5.1.min.dc5e7f18c8.js Show response
d3e54v103j8qbb.cloudfront.net/js/ Frame B17D 87 KB
30 KB 34ms
6ms Script
application/javascript 13.33.81.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=5f33fd38999c0c170afad3d5
Requested by: Host: try.freshly.com
URL: https://try.freshly.com/freshly-lp/affiliate-get-125-off?clickid=x%3Asxc9UJxxyNTdX1o92qJUHWUkAzpyUctyuWQQ0&irgwc=1&utm_medium=affiliate&utm_source=ignite&affsrc=1&utm_term=paid-affiliate&utm_adid=278160&utm_campaign=&plan_id=&promo_code=SAVE125AFF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.81.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-81-22.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://try.freshly.com/
Origin: https://try.freshly.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 19:49:48 GMT
content-encoding: br
via: 1.1 b78bfeca7339074512b7289497872df2.cloudfront.net (CloudFront)
age: 61446
x-amz-cf-pop: EWR52-C1
x-cache: Hit from cloudfront
last-modified: Mon, 20 Jul 2020 17:53:02 GMT
server: AmazonS3
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
vary: Accept-Encoding
x-amz-cf-id: cgKVgkz_wXvIE-BwFGnWz0lPdwC5DF9fIZxdg1HNTRVg5Oh1k6Rk8Q==

GET
H2 200 try-freshly.bf4fdfd8d.js Show response
assets-global.website-files.com/5f33fd38999c0c170afad3d5/js/ Frame B17D 857 KB
162 KB 6ms
6ms Script
text/javascript 2600:9000:21ea:d000:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-global.website-files.com/5f33fd38999c0c170afad3d5/js/try-freshly.bf4fdfd8d.js
Requested by: Host: try.freshly.com
URL: https://try.freshly.com/freshly-lp/affiliate-get-125-off?clickid=x%3Asxc9UJxxyNTdX1o92qJUHWUkAzpyUctyuWQQ0&irgwc=1&utm_medium=affiliate&utm_source=ignite&affsrc=1&utm_term=paid-affiliate&utm_adid=278160&utm_campaign=&plan_id=&promo_code=SAVE125AFF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:d000:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dcc549f017f06bef9f74c2193c5c00803b56670762688aaf1f57530baa945df2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://try.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 10:11:19 GMT
content-encoding: gzip
via: 1.1 7a1287aac11cb484d13c7a9cbd2585b0.cloudfront.net (CloudFront)
x-amz-version-id: BkP2uTrzIOTZMVngjY.9YJXe_eYygKjB
age: 56904
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 165388
last-modified: Fri, 23 Dec 2022 19:04:41 GMT
server: AmazonS3
etag: "46012f8f6d65a89937ddbe49c7bd2457"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: XW67CeYOSe44citdsqtC-iprSJz6IIIjVYVOl5TGDPpN6aMl0y909Q==

POST
H/1.1 204
No Content event.png
tpsc-ue1.doubleverify.com/ Frame 80AA 0
234 B 48ms
23ms Ping
text/plain 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-ue1.doubleverify.com/event.png?impid=42daf813a6fc413ab1b8d94e27cc46cf&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=83&eoid=15&msrjs=3345&sdf=67108870&vit=2&isvelg=1&rmi=16&tltms=46&tetms=10&msltms=11&vltms=83&sei=289&vetms=6&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=328&msrcannum=3&ismms=56&isumms=55&nvr=6&isgmmims=56&isgmv4mims=56&elmtp=3&isbxdms=2156&b0=100&b11=2187&adhgt=280&adwdth=1200&vsos=18&dvp_vsosnmr=16&lftb=2287&sftb=2287&msrdp=1&naral=64&vct=512&vphgt=1200&vpwdth=1600&chgt=280&cwdth=1200&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1060&isuiabvms=1060&isgmpims=55&isgmv4dpims=1060&ispmxpms=1060&engalms=54&dvp_dpr=1&ee_dp_cvcmeeid=1&ee_dp_cvcmetp=1&metp=1&meeid=1&ttfurm=3133&cbust=1672624782159659
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3345.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Mon, 02 Jan 2023 01:59:42 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 01/01/2023 01:59:42

GET
H3 200 css
fonts.googleapis.com/ Frame B17D 33 KB
1 KB 34ms
21ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:200,300,400,500,600,700%7CRoboto:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,900,900italic

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1238dfafc83c2e83d1d59b02168d3a30a97ba31ee2c6868933e4b6177ec8fb86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://try.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 02 Jan 2023 01:59:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 01:59:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 02 Jan 2023 01:59:42 GMT

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/if7UPLzFcFzhWkPsQqMdIWM3MV9Y2PKU/ Frame B17D 417 KB
67 KB 77ms
16ms Script
text/javascript 13.225.223.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/if7UPLzFcFzhWkPsQqMdIWM3MV9Y2PKU/analytics.min.js
Requested by: Host: try.freshly.com
URL: https://try.freshly.com/freshly-lp/affiliate-get-125-off?clickid=x%3Asxc9UJxxyNTdX1o92qJUHWUkAzpyUctyuWQQ0&irgwc=1&utm_medium=affiliate&utm_source=ignite&affsrc=1&utm_term=paid-affiliate&utm_adid=278160&utm_campaign=&plan_id=&promo_code=SAVE125AFF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.223.151 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-223-151.jfk51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fdda5ac296308ccd1e9464bc1362c1bd0b671e7003e458ccc8477068e24d74cb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://try.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: qy01ump_unEzmVYXSye0rBmCK1vo.xmA
content-encoding: br
via: 1.1 d77f2f1d7dfcddde244aedf1c9ed7a8e.cloudfront.net (CloudFront)
date: Mon, 02 Jan 2023 01:58:34 GMT
x-amz-cf-pop: JFK51-C1
age: 69
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 04 Aug 2022 11:58:41 GMT
server: AmazonS3
etag: W/"9b06642c58a3c901b6d63a5760e38268"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120
vary: Accept-Encoding
x-amz-cf-id: oP4DYQMBvLh6kVv3Rct3bhCQjKlSlolZFEIgYfB5_Wj5rF4E7fdt0g==

GET
H3 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v49/ Frame B17D 25 KB
25 KB 29ms
17ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:200,300,400,500,600,700%7CRoboto:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,900,900italic

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://try.freshly.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 22:15:34 GMT
x-content-type-options: nosniff
age: 445448
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25372
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:24:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Dec 2023 22:15:34 GMT

GET
H3 200 KFOkCnqEu92Fr1MmgVxIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B17D 15 KB
15 KB 19ms
8ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxIIzI.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://try.freshly.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 07:41:51 GMT
x-content-type-options: nosniff
age: 497871
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15764
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Dec 2023 07:41:51 GMT

GET
H3 200 KFOiCnqEu92Fr1Mu51QrEzAdLw.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B17D 17 KB
17 KB 28ms
17ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOiCnqEu92Fr1Mu51QrEzAdLw.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b19ac4e57f2a56639eebd1c35319e5a7124be70d3fa155b63d878886520154fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://try.freshly.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 01:28:52 GMT
x-content-type-options: nosniff
age: 433850
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17060
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Dec 2023 01:28:52 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B17D 15 KB
15 KB 20ms
8ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://try.freshly.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 15:49:44 GMT
x-content-type-options: nosniff
age: 468598
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Dec 2023 15:49:44 GMT

GET
H3 200 KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B17D 17 KB
17 KB 30ms
19ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb8007225d94a099cddbade7ea904667c0dd0b68d5e30778e5c6257589ab94d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://try.freshly.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 19:54:17 GMT
x-content-type-options: nosniff
age: 367525
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17508
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Dec 2023 19:54:17 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B17D 15 KB
15 KB 20ms
9ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://try.freshly.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 10:24:38 GMT
x-content-type-options: nosniff
age: 228904
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Dec 2023 10:24:38 GMT

GET
H3 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B17D 17 KB
17 KB 32ms
20ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://try.freshly.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 05:31:10 GMT
x-content-type-options: nosniff
age: 332912
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17368
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Dec 2023 05:31:10 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B17D 16 KB
16 KB 22ms
11ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://try.freshly.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 02:49:38 GMT
x-content-type-options: nosniff
age: 429004
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Dec 2023 02:49:38 GMT

GET
H3 200 KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B17D 17 KB
17 KB 29ms
18ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

661d4b208656c006e7aab58acf7784857963123675de2302279fbe6c05313547

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://try.freshly.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 10:24:46 GMT
x-content-type-options: nosniff
age: 228896
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17336
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Dec 2023 10:24:46 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B17D 15 KB
16 KB 25ms
15ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://try.freshly.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 19:32:04 GMT
x-content-type-options: nosniff
age: 368858
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Dec 2023 19:32:04 GMT

GET
H3 200 KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B17D 17 KB
17 KB 34ms
24ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://try.freshly.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 10:24:55 GMT
x-content-type-options: nosniff
age: 228887
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17032
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Dec 2023 10:24:55 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B17D 15 KB
15 KB 33ms
24ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://try.freshly.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 09:44:38 GMT
x-content-type-options: nosniff
age: 490504
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Dec 2023 09:44:38 GMT

GET
H3 200 KFOjCnqEu92Fr1Mu51TLBCc6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B17D 17 KB
17 KB 31ms
22ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TLBCc6CsQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3cf78ad3bcd1324e10a4acdc34bfc4a159f9a045b30edbe3738a9d1b9f807a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://try.freshly.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 17:51:11 GMT
x-content-type-options: nosniff
age: 374911
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17552
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Dec 2023 17:51:11 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame B17D 49 KB
20 KB 21ms
4ms Script
text/javascript 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-57540929-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://try.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 02 Jan 2023 00:44:06 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 4536
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 02 Jan 2023 02:44:06 GMT

GET
H3 200 js Show response
www.google-analytics.com/gtm/ Frame B17D 129 KB
46 KB 38ms
27ms Script
application/javascript 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-5MF24H6&t=gtag_UA_57540929_1&cid=1742539907.1672624782

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

429bb7b91c3f11d46b7c696566e6bbcfd82c2282cf2d037d88a739da93b4537c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://try.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 47243
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 02 Jan 2023 01:59:42 GMT

POST
H2 200 t Show response
api.segment.io/v1/ Frame B17D 21 B
174 B 294ms
92ms XHR
application/json 52.26.55.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/t

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/if7UPLzFcFzhWkPsQqMdIWM3MV9Y2PKU/analytics.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.26.55.16 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-26-55-16.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://try.freshly.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://try.freshly.com
date: Mon, 02 Jan 2023 01:59:42 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame B17D 266 KB
86 KB 30ms
18ms Script
application/javascript 2607:f8b0:4006:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TPV8VQ&l=dataLayer

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/if7UPLzFcFzhWkPsQqMdIWM3MV9Y2PKU/analytics.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eb1cef241fcd6b7b0be9bcbe18e4f79c19785c1b252aa36468e362a9afe2d381

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://try.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88252
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 02 Jan 2023 01:59:42 GMT

GET
H2 200 amplitude-5.2.2-min.gz.js Show response
cdn.amplitude.com/libs/ Frame B17D 54 KB
18 KB 42ms
5ms Script
application/javascript 18.164.115.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/amplitude-5.2.2-min.gz.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/if7UPLzFcFzhWkPsQqMdIWM3MV9Y2PKU/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.115.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-115-222.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2173f130ca59dc5554498343432f02f92ecce45c4f9381ea12b203a2978f33d4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://try.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 14:52:54 GMT
content-encoding: gzip
via: 1.1 a0be26685e47d6d6220ccd40bc5f0a4e.cloudfront.net (CloudFront)
x-amz-version-id: aZB1RIRJqET7nosqRtOBVideRuh0jIV6
x-amz-cf-pop: JFK50-P6
age: 4360009
x-cache: Hit from cloudfront
content-length: 17889
last-modified: Mon, 21 Oct 2019 15:45:34 GMT
server: AmazonS3
etag: "b568e7b3c9d94da6a1d4845b18400f7a"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: stsVjqqaJlGa045XW-Ww-JUJ0mYpvRvJFZ12owZDiZFm-j1wGm8zAw==

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ Frame B17D 262 KB
66 KB 60ms
12ms Script
application/javascript 35.201.112.186
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/if7UPLzFcFzhWkPsQqMdIWM3MV9Y2PKU/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b5eb9279b0f8b5ccf07f061ea704ebed14fe1a1378b856cb728ffb2a7b73fe74

Request headers

Referer: https://try.freshly.com/
Origin: https://try.freshly.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:43:11 GMT
content-encoding: br
age: 991
x-guploader-uploadid: ADPycdt3AWaJ58dEhCQfoeVvRgJiUvtIkv5dKNVd9cLnvrqEo94fOG9DmcawKZElKMS9M_7mZYd6H0ylEz6B0BzwC73j1t1IQWIb
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66813
last-modified: Thu, 22 Dec 2022 14:18:33 GMT
server: UploadServer
etag: "a85b05b7b02159679d34f8031631519f"
vary: Accept-Encoding
x-goog-generation: 1671718712917608
x-goog-hash: crc32c=55ruUA==, md5=qFsFt7AhWWedNPgDFjFRnw==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 66813
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 02 Jan 2023 02:43:11 GMT

POST
H2 200 / Show response
api.amplitude.com/ Frame B17D 7 B
206 B 304ms
97ms XHR
text/html 44.238.9.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/amplitude-5.2.2-min.gz.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.238.9.245 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-238-9-245.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://try.freshly.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 02 Jan 2023 01:59:42 GMT
strict-transport-security: max-age=15768000
trace-id: Root=1-63b23a8e-6d7a2e7b524d7c8e238f6205
content-length: 7
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

GET
H2 200 freshly.jsp Show response
www.upsellit.com/active/ Frame B17D 77 KB
20 KB 26ms
4ms Script
application/x-javascript 34.117.39.58
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upsellit.com/active/freshly.jsp

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPV8VQ&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.39.58 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

58.39.117.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

0bd83c20c022704ffdb28ab5f3b74b00dbba20ff1d38799c7d77e57d5cd6fee8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://try.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 google
date: Sun, 01 Jan 2023 18:01:23 GMT
server: nginx
age: 28699
vary: Accept-Encoding
content-type: application/x-javascript;charset=ISO-8859-1
cache-control: max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20740
expires: Mon, 02 Jan 2023 18:01:23 GMT

GET
H2 200 core.js Show response
refer.freshly.com/ Frame B17D 67 KB
22 KB 103ms
18ms Script
application/javascript 54.234.137.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://refer.freshly.com/core.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPV8VQ&l=dataLayer

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.234.137.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-234-137-207.compute-1.amazonaws.com

Software

Extole /

Resource Hash

b23419cadee3a6cb1540c4c5f9ccb4b1fa8c43dafaa2c5e5dec994d47cfa3425

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://try.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: Extole
access-control-max-age: 3600
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/javascript
p3p: CP="Please see our privacy policy"
access-control-expose-headers: X-Extole-Token
cache-control: no-transform, max-age=3600
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authentication,Authorization,X-CSRF-TOKEN,X-NONCE
content-length: 21774

GET
H2 200 ping.min.js Show response
cdn.pdst.fm/ Frame B17D 26 KB
6 KB 44ms
4ms Script
application/javascript 35.244.142.80
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pdst.fm/ping.min.js
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.142.80 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 80.142.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342

Request headers

accept-language: en-US,en;q=0.9
Referer: https://try.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:20:01 GMT
content-encoding: gzip
age: 2381
x-guploader-uploadid: ADPycdvPvQqBk8NcNjtewPVk3Ou9tM-J1arOULTuj7Jxyi24unfLHcu0TwYZJsdfhJf8Ldr8yMwEZkZrtd8z022MuteglaTCK1ha
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5774
last-modified: Fri, 28 May 2021 20:34:03 GMT
server: UploadServer
etag: "d001d1c9f5a942fa5524eeacb047e819"
vary: Accept-Encoding
x-goog-generation: 1622234043862937
x-goog-hash: crc32c=oKoi/w==, md5=0AHRyfWpQvpVJO6ssEfoGQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 5774
accept-ranges: bytes
content-type: application/javascript;
expires: Mon, 02 Jan 2023 02:20:01 GMT

GET
H/1.1 200
OK minimal.js Show response
s.nbydec.com/2/247514/ Frame B17D 6 KB
3 KB 58ms
10ms Script
text/javascript 18.204.96.124
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://s.nbydec.com/2/247514/minimal.js?dt=2475141632149316380000&pd=mkt

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPV8VQ&l=dataLayer

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

18.204.96.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-204-96-124.compute-1.amazonaws.com

Software

Resource Hash

44658a8d1b4fdcc9bb9c1ff97d1b969e0130046106defbc5f8e8412c670345aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://try.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Jan 2023 01:59:41 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: *
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Timing-Allow-Origin: *
Content-Length: 2619
Expires: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame B17D 216 KB
75 KB 28ms
27ms Script
application/javascript 2607:f8b0:4006:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JFBT4859KV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPV8VQ&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1534afd3b1b3015a844189fdbed4337299fe4c4ef83309564015b840e292c21d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://try.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76836
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 02 Jan 2023 01:59:42 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1005650266/ Frame B17D 2 KB
1 KB 80ms
80ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1005650266/?random=1672624782584&cv=11&fst=1672624782584&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=2&url=https%3A%2F%2Ftry.freshly.com%2Ffreshly-lp%2Faffiliate-get-125-off%3Fclickid%3Dx%253Asxc9UJxxyNTdX1o92qJUHWUkAzpyUctyuWQQ0%26irgwc%3D1%26utm_medium%3Daffiliate%26utm_source%3Dignite%26affsrc%3D1%26utm_term%3Dpaid-affiliate%26utm_adid%3D278160%26utm_campaign%3D%26plan_id%3D%26promo_code%3DSAVE125AFF&ref=http%3A%2F%2Fwww.pokemonfanblog.mastertopforum.org%2F&tiba=Freshly%20%7C%20Get%20%24125%20Off&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPV8VQ&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f5f07b69a85a6c104c6251033b58709c1f5cdd915fd41147f4bee1dcfe85764

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://try.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 01:59:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1052
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ Frame B17D 38 KB
12 KB 45ms
17ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://try.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 02 Jan 2023 01:59:42 GMT
last-modified: Mon, 05 Dec 2022 17:15:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 64355D35325E431082F32092EA92A797 Ref B: EWR30EDGE1609 Ref C: 2023-01-02T01:59:42Z
etag: "027e538cd8d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11460

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame B17D 103 KB
27 KB 32ms
6ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://try.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 02 Jan 2023 01:59:42 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27298
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: jmkXhKHSpiV3biVUqHu2QV6G/e5PDC1q+Go4bsKhRDrneRjFO+gZyCbuqD1Bd6ysHoCpXglGYmdjOGw1gDreGQ==
x-fb-trip-id: 1512268381
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ Frame B17D 42 KB
14 KB 14ms
14ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPV8VQ&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

d6c1aa198589b0a87b22f515905607c1c11839948491cea44a74b88116b40561

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://try.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 08 Nov 2022 15:05:46 GMT
server: nginx
etag: W/"636a704a-a8d9"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 03 Jan 2023 01:59:42 GMT

GET
H2 200 A253141-0390-4ece-a52a-673833af9ee91.js Show response
d.impactradius-event.com/ Frame B17D 42 KB
14 KB 258ms
77ms Script
text/javascript 35.186.249.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.impactradius-event.com/A253141-0390-4ece-a52a-673833af9ee91.js
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.249.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 72.249.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 99b650898fe88bb72b7af4b8aed0a80212a433313b107df9158e8843c9dc888a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://try.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:55:14 GMT
content-encoding: gzip
age: 268
x-guploader-uploadid: ADPycdv83JtEX41_8DIlKU4rRrRsPBG4ABuoS7NTxY74_ken-hNuliGLAK8cthLyOdIt5FTHmSl3NnSlR5RxByamOp9e
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13314
last-modified: Tue, 29 Nov 2022 23:13:42 GMT
server: UploadServer
etag: "7611487eac35edcf07288f61ea102120"
vary: Accept-Encoding
x-goog-generation: 1669763622773861
x-goog-hash: crc32c=haMOBg==, md5=dhFIfqw17c8HKI9h6hAhIA==
content-type: text/javascript; charset=utf-8
cache-control: public,max-age=900,s-maxage=300
x-goog-stored-content-length: 13314
accept-ranges: bytes
expires: Mon, 02 Jan 2023 02:00:14 GMT

GET
H/1.1 200
OK access.js Show response
cdn.levelaccess.net/accessjs/YW1wMTI0Mjg/ Frame B17D 461 KB
62 KB 63ms
5ms Script
application/javascript 2600:9000:210b:7400:1:fb61:2b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.levelaccess.net/accessjs/YW1wMTI0Mjg/access.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPV8VQ&l=dataLayer
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:210b:7400:1:fb61:2b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e7c99112172cb41f490e8bc5668bff7ab186c4ce370e1d91b10defb71d2545e4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://try.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: L9BejJTnXUx0IdKPMEVm5bSjMiFJlwCV
Content-Encoding: gzip
Via: 1.1 1fe2d6bd2a09e1a135873d28f9feccb0.cloudfront.net (CloudFront)
Date: Mon, 02 Jan 2023 01:56:57 GMT
X-Amz-Cf-Pop: EWR53-C3
Age: 166
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 62473
Last-Modified: Tue, 28 Jun 2022 06:02:43 GMT
Server: AmazonS3
ETag: "852612473836792d309e0c8a78c8ec5b"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Accept-Ranges: bytes
X-Amz-Cf-Id: V9PS7e9sBs4Z-qlW954gaql4sLh2wktx2-z32-M8SbUzatwGy4Mlog==

GET
H/1.1 200
OK tag.js Show response
t.a3cloud.net/AM-141602/ Frame B17D 8 KB
3 KB 61ms
5ms Script
application/javascript 18.164.124.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.a3cloud.net/AM-141602/tag.js?ns=am
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-54.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fd49d68dc087211e40a7bc3237ddead653a54968b1366be98ad183fe1a42d5dc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://try.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 8GN6s3E0iSKgm3Z_o9DIOSrzsQhdKyNe
Content-Encoding: gzip
Via: 1.1 8f060aa38a518e1d4516e68318e81658.cloudfront.net (CloudFront)
Date: Mon, 02 Jan 2023 01:57:12 GMT
Last-Modified: Wed, 12 Feb 2020 16:36:13 GMT
Server: AmazonS3
X-Amz-Cf-Pop: JFK50-P7
Age: 151
ETag: W/"7cd9c68829bedce711d25f8b07318be5"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: istKQBZO12kHKXidCzs_4mTaS9rb8n1809-i-2uzC-Ggd47E-YRDww==

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ Frame B17D 3 KB
2 KB 84ms
43ms Script
application/javascript 104.77.150.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C0MNJ0L2BAPH375FL05G&lib=ttq
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.77.150.142 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-77-150-142.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 78507c448502c9e2b5461f83277162ed016258905ddcc0c7a57b10863dc65b94

Request headers

accept-language: en-US,en;q=0.9
Referer: https://try.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-akamai-request-id: 781232c.6e457c7c
date: Mon, 02 Jan 2023 01:59:42 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-77-103-142.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-parent-response-time: 31,104.77.103.142
server-timing: cdn-cache; desc=MISS, edge; dur=11, origin; dur=20, inner; dur=3
content-length: 1146
pragma: no-cache
server: nginx
x-tt-logid: 2023010201594231C239BA1EDFD44E89A4
x-cache-remote: TCP_MISS from a23-220-104-137.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 20,23.220.104.137
x-tt-trace-host: 01c518b1baca314f00bc4c4b8aeadb557fa6aed184269dbfb59efbc434726ed961be21122c65322ddf747bc77cccb42ecb52fb2eeffb1c363eb8e5fa5d63eab8cd68df0fbaf6bbc11a32051e84e1627e4f0ff5d5f85b9f10442e66544b60a9db03e331835b39eeb82a97b49a8a4daa861c
expires: Mon, 02 Jan 2023 01:59:42 GMT

GET
H2 200 dtag.js Show response
cdn.attn.tv/freshly/ Frame B17D 7 KB
3 KB 80ms
6ms Script
text/javascript 2600:9000:2120:6600:1c:9484:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/freshly/dtag.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPV8VQ&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:6600:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12312bcdfc929c982aa8d917bdbd7f0a0761d1672671884a2b8fc2018c631caa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://try.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: pX711fciFrvdRBLrM4pGq9u3RWorTur9
content-encoding: gzip
via: 1.1 502d715ad2f775c7dae1f1c4bfbfc168.cloudfront.net (CloudFront)
date: Mon, 02 Jan 2023 01:59:08 GMT
last-modified: Fri, 25 Feb 2022 16:05:30 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C4
age: 35
etag: W/"8a223bd62dd44ea5484fefde8d0e3873"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=120
x-amz-replication-status: COMPLETED
x-amz-cf-id: tMwaTvrCb5O7IqyxIrcR0csQjNBRsRNxzNSvf9KasNvdpDuFLQhqWA==

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ Frame B17D 4 KB
2 KB 33ms
4ms Script
application/x-javascript 143.204.138.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPV8VQ&l=dataLayer
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.138.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-138-162.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://try.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 01 Jan 2023 11:08:02 GMT
Content-Encoding: gzip
Via: 1.1 81dc2840587b5003ff52334e3af886a4.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
X-Amz-Cf-Pop: EWR52-C2
Age: 53501
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: FzajSeEAvOjRLFbw4KvRFnnMnLliYMFBNMPvwI7k7Ysmh8sqtf4B_w==

GET
H3

200

activityi;dc_pre=CPDzjvDkp_wCFYMOaAgdloUCbA;src=8911531;type=fresh0;cat=fresh0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;or... Show response
8911531.fls.doubleclick.net/ Frame EDAA
Redirect Chain

https://8911531.fls.doubleclick.net/activityi;src=8911531;type=fresh0;cat=fresh0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;...
https://8911531.fls.doubleclick.net/activityi;dc_pre=CPDzjvDkp_wCFYMOaAgdloUCbA;src=8911531;type=fresh0;cat=fresh0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdp...

452 B
277 B

53ms
41ms

Document
text/html

142.251.40.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8911531.fls.doubleclick.net/activityi;dc_pre=CPDzjvDkp_wCFYMOaAgdloUCbA;src=8911531;type=fresh0;cat=fresh0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6548480570037.301?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPV8VQ&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f6.1e100.net

Software

cafe /

Resource Hash

07beb41487a2890845013988194ca02dd9a90cd68fe4cfbd789195ec9f4d185c

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://try.freshly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 254
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Jan 2023 01:59:42 GMT
expires: Mon, 02 Jan 2023 01:59:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Jan 2023 01:59:42 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8911531.fls.doubleclick.net/activityi;dc_pre=CPDzjvDkp_wCFYMOaAgdloUCbA;src=8911531;type=fresh0;cat=fresh0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6548480570037.301?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 D29D0B68DD7221.js Show response
cdn.datasteam.io/js/ Frame B17D 71 KB
23 KB 40ms
11ms Script
application/x-javascript 108.138.128.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.datasteam.io/js/D29D0B68DD7221.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPV8VQ&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-129.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6b4ffba6b71b523f9efeba374108264bbc1b4b2ce2f6b67b469fef5a56e4a5d9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://try.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 07:20:50 GMT
content-encoding: gzip
via: 1.1 177517a7a813d3db43efccb1bf2be96a.cloudfront.net (CloudFront)
last-modified: Mon, 18 Jul 2022 20:17:48 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 67133
etag: W/"c7d53be0b288d96b661cda6491bd193c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=600,s-maxage=86400
x-amz-cf-id: xnjJnvujV4ST_CX1tyuPgpxYnAximzSyIFgMMxpZbI4XpCcD3h3T0w==

GET
H2 204 4064026.js Show response
bat.bing.com/p/action/ Frame B17D 0
119 B 39ms
39ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/4064026.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://try.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Mon, 02 Jan 2023 01:59:42 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5248897A4FE44E08BA01D587C8095996 Ref B: EWR30EDGE1609 Ref C: 2023-01-02T01:59:42Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ Frame B17D 0
177 B 17ms
16ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=4064026&Ver=2&mid=e0835a15-f6d2-4786-9146-675afbb6851a&sid=1faa45908a4111edbd124762861ba6f6&vid=1faa70008a4111eda752777f9bad9b90&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Freshly%20%7C%20Get%20%24125%20Off&p=http%3A%2F%2Fwww.pokemonfanblog.mastertopforum.org%2F&r=&lt=1599&evt=pageLoad&ifm=1&sv=1&rn=210433

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://try.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 02 Jan 2023 01:59:42 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BFFCC38D7D594C3C86EA968BEFF13A42 Ref B: EWR30EDGE1609 Ref C: 2023-01-02T01:59:42Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ Frame B17D 64 KB
20 KB 20ms
12ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.90

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://try.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 02 Jan 2023 01:59:42 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20722
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 4M4KnqA5oem1CAdbU7qukUL8vPpkWQ5E5u+J7SBBWNW0OjqT5G2HEfa4FDRSedlplhcfYGywzb8AysaqqBSdCw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 906793956022082 Show response
connect.facebook.net/signals/config/ Frame B17D 293 KB
84 KB 23ms
15ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/906793956022082?v=2.9.90&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

03422f929ec3e8a2e1002abf892a06789acb167e13546091f5487d2aa19cd706

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://try.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 02 Jan 2023 01:59:42 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86062
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: iN5ZQ/5s+Mb5xEPUsHi2iBH/6mFgKPavZJlvtZHJpCYpzGhJ6DJ2Sx9C1LAPLaVk6tspDvtboBO4l3pci6OhSg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1005650266/ Frame B17D 42 B
64 B 28ms
28ms Image
image/gif 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1005650266/?random=1672624782584&cv=11&fst=1672621200000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=2&url=https%3A%2F%2Ftry.freshly.com%2Ffreshly-lp%2Faffiliate-get-125-off%3Fclickid%3Dx%253Asxc9UJxxyNTdX1o92qJUHWUkAzpyUctyuWQQ0%26irgwc%3D1%26utm_medium%3Daffiliate%26utm_source%3Dignite%26affsrc%3D1%26utm_term%3Dpaid-affiliate%26utm_adid%3D278160%26utm_campaign%3D%26plan_id%3D%26promo_code%3DSAVE125AFF&ref=http%3A%2F%2Fwww.pokemonfanblog.mastertopforum.org%2F&tiba=Freshly%20%7C%20Get%20%24125%20Off&fmt=3&is_vtc=1&random=4207229482&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://try.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 01:59:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content event.png
tpsc-ue1.doubleverify.com/ Frame 3E20 0
234 B 22ms
22ms Ping
text/plain 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-ue1.doubleverify.com/event.png?impid=d02963b5911e4d00a2cf9ac166b1d0ac&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=32&eoid=15&msrjs=3345&sdf=67108870&vit=2&isvelg=1&rmi=16&tltms=12&tetms=9&msltms=10&vltms=32&sei=289&vetms=128&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=328&msrcannum=3&ismms=25&isumms=24&nvr=6&isgmmims=25&isgmv4mims=25&elmtp=3&isbxdms=2224&b0=100&b6=236&b8=100&b9=200&b10=401&b11=1303&adhgt=124&adwdth=1005&norwdth=1000&norhgt=125&vsos=6&dvp_vsosnmr=16&lftb=2340&sftb=2340&msrdp=1&naral=64&vct=512&vphgt=1200&vpwdth=1600&chgt=124&cwdth=1005&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1024&isuiabvms=1024&isgmpims=1024&isgmv4dpims=1925&ispmxpms=1925&engalms=23&engscrlms=148&dvp_pageEng=true&dvp_dpr=1&dvp_valpct=2&ee_dp_cvcmeeid=1&ee_dp_cvcmetp=1&metp=1&meeid=1&ttfurm=3235&cbust=1672624782766744
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3345.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Mon, 02 Jan 2023 01:59:42 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 01/01/2023 01:59:42

POST
H3 204 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ Frame B17D 0
0 131ms
111ms Fetch
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/if7UPLzFcFzhWkPsQqMdIWM3MV9Y2PKU/analytics.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: application/json
Referer: https://try.freshly.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 02 Jan 2023 01:59:42 GMT
server: Google Frontend
x-powered-by: Express
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-methods: GET, POST
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: 6e865bc57d2081108f386febf8913396
function-execution-id: t91nal6kt9qo
access-control-allow-headers: Content-Type, Accept
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H2 200 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ Frame 0
0 76ms
42ms Preflight
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://try.freshly.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 22
content-type: text/html; charset=utf-8
date: Mon, 02 Jan 2023 01:59:42 GMT
etag: W/"2-ROqGvmcGDXooyAXFZHZ+i4au1yQ"
function-execution-id: aaydufn55tqe
server: Google Frontend
x-cloud-trace-context: e9a57cba527473b97d4beb89e971e5d9
x-powered-by: Express

GET
H2

200

px.png
segment.a3cloud.net/ Frame B17D
Redirect Chain

https://ib.adnxs.com/getuid?//segment.a3cloud.net/px.png?uid=$UID&cid=AM-141602&sid=57747404&url=%28iframed%29http%3A//www.pokemonfanblog.mastertopforum.org/&vars=
https://segment.a3cloud.net/px.png?uid=6228024670653928126&cid=AM-141602&sid=57747404&url=(iframed)http://www.pokemonfanblog.mastertopforum.org/&vars=

169 B
489 B

111ms
46ms

Image
image/png

13.225.214.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://segment.a3cloud.net/px.png?uid=6228024670653928126&cid=AM-141602&sid=57747404&url=(iframed)http://www.pokemonfanblog.mastertopforum.org/&vars=
Requested by: Host: try.freshly.com
URL: https://try.freshly.com/freshly-lp/affiliate-get-125-off?clickid=x%3Asxc9UJxxyNTdX1o92qJUHWUkAzpyUctyuWQQ0&irgwc=1&utm_medium=affiliate&utm_source=ignite&affsrc=1&utm_term=paid-affiliate&utm_adid=278160&utm_campaign=&plan_id=&promo_code=SAVE125AFF
Protocol: H2
Server: 13.225.214.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-214-124.ewr50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 26a19cd78ee23849a890de25aab00fcd463a35e76605cbb311e76802e3770ea0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://try.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:43 GMT
via: 1.1 5dccc983b54773fbbd262d2029a805d6.cloudfront.net (CloudFront)
last-modified: Tue, 23 Sep 2014 18:35:19 GMT
server: AmazonS3
x-amz-cf-pop: EWR50-C1
etag: "6710654eca7b7742b7b9238e23caef52"
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 169
x-amz-cf-id: vPuRCc-uWzir3xI-Yj4MU7KRZLXdnXxFHLOHxRwzMbwErcMjujuIjw==

Redirect headers

Date: Mon, 02 Jan 2023 01:59:42 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.120.138.195; 37.120.138.195; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: caf6a281-3077-47ce-903e-3ab42aa10255
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: //segment.a3cloud.net/px.png?uid=6228024670653928126&cid=AM-141602&sid=57747404&url=(iframed)http://www.pokemonfanblog.mastertopforum.org/&vars=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 main.MWI1MTgwZGZmMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ Frame B17D 248 KB
68 KB 9ms
8ms Script
application/javascript 104.77.150.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI1MTgwZGZmMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C0MNJ0L2BAPH375FL05G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.77.150.142 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-77-150-142.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 31a833fe17d971c72b398404d6c4b340214ff2e88ef7c45e414797e844683057

Request headers

accept-language: en-US,en;q=0.9
Referer: https://try.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-akamai-request-id: 6e457cd4
date: Mon, 02 Jan 2023 01:59:42 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2022122016573471824696ECE746DC866C
vary: Accept-Encoding
x-cache: TCP_HIT from a104-77-103-142.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0137862b23000a71cfba68dbee20431a02bfb511a42682f25295266c761a87f60a93cc4a316b16e98994802f2d75898329dcf7d1baac3173cc359a58617a719911cd273a50c380fc7b2e67b8851d60ca2e0419c6eb6156090d00d99bc9d64c11a4
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=4
content-length: 68626

POST
H/1.1 200
OK postback Show response
s.nbydec.com/2/2.87.1/247514/Abtxs7cEBZm8BrOb/ Frame B17D 0
145 B 35ms
9ms XHR
text/plain 18.204.96.124
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s.nbydec.com/2/2.87.1/247514/Abtxs7cEBZm8BrOb/postback?oz_pl=1&dt=2475141632149316380000&pd=mkt&ci=247514&_x=1
Requested by: Host: s.nbydec.com
URL: https://s.nbydec.com/2/247514/minimal.js?dt=2475141632149316380000&pd=mkt
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.204.96.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-204-96-124.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://try.freshly.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 02 Jan 2023 01:59:42 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK main.js Show response
s.nbydec.com/2/2.87.1/ Frame B17D 171 KB
54 KB 9ms
9ms Script
text/javascript 18.204.96.124
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://s.nbydec.com/2/2.87.1/main.js

Requested by

Host: s.nbydec.com
URL: https://s.nbydec.com/2/247514/minimal.js?dt=2475141632149316380000&pd=mkt

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

18.204.96.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-204-96-124.compute-1.amazonaws.com

Software

Resource Hash

c80196cf0e91f54b3344d2552774499268d7ecb47d352097198da0401d6db93e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://try.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 01:59:42 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: br
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: Origin, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, no-transform, immutable, max-age=999999999
Timing-Allow-Origin: *
Content-Length: 54838
Expires: Wed, 09 Sep 2054 13:51:40 GMT

GET
H2 200 attn.js Show response
cdn.attn.tv/ Frame B17D 177 KB
59 KB 8ms
7ms Script
application/javascript 2600:9000:2120:6600:1c:9484:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/attn.js?v=4-latest_804861295
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/freshly/dtag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:6600:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1989305a87e09cd6f204eb765f68c79918099efcf511f40b2745c4b48ecc4f41

Request headers

accept-language: en-US,en;q=0.9
Referer: https://try.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: MIooE2OxEK1zKEIRH6C8JQ6sCfXxTWq_
content-encoding: gzip
via: 1.1 502d715ad2f775c7dae1f1c4bfbfc168.cloudfront.net (CloudFront)
date: Mon, 02 Jan 2023 01:55:13 GMT
x-amz-cf-pop: EWR52-C4
age: 269
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 59709
last-modified: Fri, 16 Dec 2022 22:01:15 GMT
server: AmazonS3
etag: "e70b7f34a6ae3d018823047b335d5e96"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300
accept-ranges: bytes
x-amz-cf-id: P8Bl114dpWBqsdS-rdvSf1d-EqxXDh5B6a80bCC_bxk4TtANLblQjQ==

GET
H2 200 tag.js Show response
cdn.attn.tv/tag/4-latest/ Frame B17D 53 KB
18 KB 50ms
49ms Script
application/javascript 2600:9000:2120:6600:1c:9484:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/tag/4-latest/tag.js?v=4-latest_804861295
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/freshly/dtag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:6600:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5deee2e8c0d8801dcb3ea2c7bf077da917c60a7087aa28d2ee6d169c283f0a8d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://try.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: qi_Lrsuu1N1mNEMyEQJzJUlYyFo2769M
content-encoding: gzip
via: 1.1 502d715ad2f775c7dae1f1c4bfbfc168.cloudfront.net (CloudFront)
date: Mon, 02 Jan 2023 01:59:43 GMT
last-modified: Mon, 19 Dec 2022 18:02:42 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C4
etag: W/"63264d4c6fb06b7eb99bafb4e70b5497"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: public, max-age=300
x-amz-replication-status: COMPLETED
x-amz-cf-id: M9FkVrCUSzEDEt0htKBD2Ay9FwnmlVjN_yNkA1WIUjl4ACmCYHqNoA==

GET
H3 200 dc_pre=CPDzjvDkp_wCFYMOaAgdloUCbA;src=8911531;type=fresh0;cat=fresh0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=65484805...
adservice.google.com/ddm/fls/z/ Frame EDAA 42 B
63 B 22ms
21ms Image
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPDzjvDkp_wCFYMOaAgdloUCbA;src=8911531;type=fresh0;cat=fresh0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6548480570037.301

Requested by

Host: 8911531.fls.doubleclick.net
URL: https://8911531.fls.doubleclick.net/activityi;dc_pre=CPDzjvDkp_wCFYMOaAgdloUCbA;src=8911531;type=fresh0;cat=fresh0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=6548480570037.301?

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://8911531.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 01:59:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame CFD1 15 KB
6 KB 42ms
13ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.pokemonfanblog.mastertopforum.org&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

d495b605d874fff6c44230b7a0fcea83f8939d7b8c852a68e1673d9569ef9100

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://try.freshly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 02 Jan 2023 01:59:42 GMT
server: Kestrel
server-processing-duration-in-ticks: 341181
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 200 / Show response
api.amplitude.com/ Frame B17D 7 B
205 B 96ms
96ms XHR
text/html 44.238.9.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/amplitude-5.2.2-min.gz.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.238.9.245 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-238-9-245.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://try.freshly.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 02 Jan 2023 01:59:42 GMT
strict-transport-security: max-age=15768000
trace-id: Root=1-63b23a8e-169a2d3548f4c2d850bc17c5
content-length: 7
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

POST
H2 200 tpc
events.attentivemobile.com/ Frame B17D 0
522 B 68ms
41ms Ping
image/png 172.64.144.208
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://events.attentivemobile.com/tpc

Requested by

Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/tag.js?v=4-latest_804861295

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.144.208 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://try.freshly.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 02 Jan 2023 01:59:42 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 6
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: DENY
content-type: image/png
access-control-expose-headers: Set-Cookie, X-Count, X-Token
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 782fe59d48bd9e04-EWR

POST
H2 200 e
events.attentivemobile.com/ Frame B17D 0
268 B 54ms
31ms Ping
image/png 172.64.144.208
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://events.attentivemobile.com/e?v=4.16.25_0f44fc934e&pd=https%3A%2F%2Ftry.freshly.com%2Ffreshly-lp%2Faffiliate-get-125-off%3Fclickid%3Dx%253Asxc9UJxxyNTdX1o92qJUHWUkAzpyUctyuWQQ0%26irgwc%3D1%26utm_medium%3Daffiliate%26utm_source%3Dignite%26affsrc%3D1%26utm_term%3Dpaid-affiliate%26utm_adid%3D278160%26utm_campaign%3D%26plan_id%3D%26promo_code%3DSAVE125AFF&u=c15328d04f1449aa8be1e208166bf280&c=freshly&ceid=cly&lt=1672624782897&tag=modern&cs=868395063&t=v&r=http%3A%2F%2Fwww.pokemonfanblog.mastertopforum.org%2F&m=%7B%22source%22%3A%22a%22%7D&cb=1672624782902
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/tag.js?v=4-latest_804861295
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://try.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:42 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/png
access-control-expose-headers: Set-Cookie, X-Count, X-Token
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
cf-ray: 782fe59d48c09e04-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

POST
H2 200 4458 Show response
freshly.voq9.net/xur/ Frame B17D 113 B
988 B 11ms
10ms XHR
application/json 44.206.191.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://freshly.voq9.net/xur/4458
Requested by: Host: d.impactradius-event.com
URL: https://d.impactradius-event.com/A253141-0390-4ece-a52a-673833af9ee91.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.206.191.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-206-191-176.compute-1.amazonaws.com
Software: /
Resource Hash: 0876575ebe81141a7c6ed1f323a4ee99d43707748a03b37a0163e985513d2718

Request headers

Referer: https://try.freshly.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 01:59:42 GMT
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
access-control-allow-origin: https://try.freshly.com
content-type: application/json; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
expires: Mon, 02 Jan 2023 01:59:42 GMT

POST
H2 200 4458 Show response
freshly.voq9.net/xur/ Frame B17D 113 B
981 B 10ms
10ms XHR
application/json 44.206.191.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://freshly.voq9.net/xur/4458
Requested by: Host: d.impactradius-event.com
URL: https://d.impactradius-event.com/A253141-0390-4ece-a52a-673833af9ee91.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.206.191.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-206-191-176.compute-1.amazonaws.com
Software: /
Resource Hash: 0876575ebe81141a7c6ed1f323a4ee99d43707748a03b37a0163e985513d2718

Request headers

Referer: https://try.freshly.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 01:59:42 GMT
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
access-control-allow-origin: https://try.freshly.com
content-type: application/json; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
expires: Mon, 02 Jan 2023 01:59:42 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame B17D 0
185 B 34ms
5ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=906793956022082&ev=PageView&dl=https%3A%2F%2Ftry.freshly.com%2Ffreshly-lp%2Faffiliate-get-125-off%3Fclickid%3Dx%253Asxc9UJxxyNTdX1o92qJUHWUkAzpyUctyuWQQ0%26irgwc%3D1%26utm_medium%3Daffiliate%26utm_source%3Dignite%26affsrc%3D1%26utm_term%3Dpaid-affiliate%26utm_adid%3D278160%26utm_campaign%3D%26plan_id%3D%26promo_code%3DSAVE125AFF&rl=http%3A%2F%2Fwww.pokemonfanblog.mastertopforum.org%2F&if=true&ts=1672624782928&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&it=1672624782722&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://try.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 02 Jan 2023 01:59:42 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ Frame B17D 0
31 B 34ms
6ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=906793956022082&ev=ViewContent&dl=https%3A%2F%2Ftry.freshly.com%2Ffreshly-lp%2Faffiliate-get-125-off%3Fclickid%3Dx%253Asxc9UJxxyNTdX1o92qJUHWUkAzpyUctyuWQQ0%26irgwc%3D1%26utm_medium%3Daffiliate%26utm_source%3Dignite%26affsrc%3D1%26utm_term%3Dpaid-affiliate%26utm_adid%3D278160%26utm_campaign%3D%26plan_id%3D%26promo_code%3DSAVE125AFF&rl=http%3A%2F%2Fwww.pokemonfanblog.mastertopforum.org%2F&if=true&ts=1672624782930&cd[content_name]=join%20now%20view%20landing%20page&sw=1600&sh=1200&v=2.9.90&r=stable&ec=1&o=30&it=1672624782722&coo=false&tm=1&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://try.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 02 Jan 2023 01:59:42 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 identify_13839.js Show response
analytics.tiktok.com/i18n/pixel/static/ Frame B17D 114 KB
31 KB 10ms
10ms Script
application/javascript 104.77.150.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_13839.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI1MTgwZGZmMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.77.150.142 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-77-150-142.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6efa775a864aba5b3b1bc9ce6335a617693c712d3a65633cbe6751fa1d291a9c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://try.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-akamai-request-id: 6e457d5d
date: Mon, 02 Jan 2023 01:59:42 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20221220165720ACC4EBF9016A1EDCEC77
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a104-77-103-142.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 016489a1d68a9d5bd27a841e47aaf0586dac45a71079adce9965cc7e342134f01443b7fe1eaf1dc3cfa18561efa95e88558973d2d12d02eefbfa2bcd19994ac2b29c7718bc1a68d15b4eaa4f2b1e182381a9a24817924ada6160ce7169a83c2f5f
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=13
content-length: 30901

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ Frame B17D 0
697 B 52ms
51ms Ping
text/plain 104.77.150.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI1MTgwZGZmMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.77.150.142 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-77-150-142.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://try.freshly.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 14d388e0.6e457d96
date: Mon, 02 Jan 2023 01:59:43 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-77-103-142.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-parent-response-time: 41,104.77.103.142
server-timing: cdn-cache; desc=MISS, edge; dur=14, origin; dur=31, inner; dur=12
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230102015943B5F244D02FF5F14AA49F
x-cache-remote: TCP_MISS from a23-48-249-185.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 31,23.48.249.185
x-tt-trace-host: 01c518b1baca314f00bc4c4b8aeadb557fa6aed184269dbfb59efbc434726ed961ae52502753a9016bdb517b34fddd049d8b18c4f9638016272b8961d696770b7f8758739d81340a6b6a6dea32ba2fcc9ec061768027a53233736711c4043327ea1f42e7a34439fce7ceaedef46326d007
expires: Mon, 02 Jan 2023 01:59:43 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ Frame B17D 0
698 B 50ms
50ms Ping
text/plain 104.77.150.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI1MTgwZGZmMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.77.150.142 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-77-150-142.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://try.freshly.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 14d388b6.6e457d97
date: Mon, 02 Jan 2023 01:59:43 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-77-103-142.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-parent-response-time: 35,104.77.103.142
server-timing: cdn-cache; desc=MISS, edge; dur=12, origin; dur=27, inner; dur=15
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202301020159436AC161CD4BAE5523876B
x-cache-remote: TCP_MISS from a23-48-249-185.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 27,23.48.249.185
x-tt-trace-host: 01c518b1baca314f00bc4c4b8aeadb557fa6aed184269dbfb59efbc434726ed961ae52502753a9016bdb517b34fddd049dd9087c1bbf3b8f16eda2ada73edce98ec21f51f2c3ad7f8b0237ceccddbb869fb44b8fb5991595fa2a6219c300a1ef794fd857b333101d36fcbf608b1443534a
expires: Mon, 02 Jan 2023 01:59:43 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ Frame B17D 0
699 B 56ms
56ms Ping
text/plain 104.77.150.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI1MTgwZGZmMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.77.150.142 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-77-150-142.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://try.freshly.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 1535b310.6e457d98
date: Mon, 02 Jan 2023 01:59:43 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-77-103-142.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-parent-response-time: 35,104.77.103.142
server-timing: cdn-cache; desc=MISS, edge; dur=16, origin; dur=24, inner; dur=15
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202301020159436BD7749FC0FC1AFC66FD
x-cache-remote: TCP_MISS from a23-48-249-134.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 25,23.48.249.134
x-tt-trace-host: 01c518b1baca314f00bc4c4b8aeadb557fa6aed184269dbfb59efbc434726ed961c6364934448960075830c8d4ed3374469f5ac3085636c5b1e342362da7d076f2cb5658632c4273b7295173adbd2c2cd0dae57c82bcdf74850cf817a8411c81c1803c90d31e18ea450130959649c5e84f
expires: Mon, 02 Jan 2023 01:59:43 GMT

POST
H/1.1 200
OK postback Show response
s.nbydec.com/2/2.87.1/247514/Abtxs7cEBZm8BrOb/ Frame B17D 0
145 B 9ms
9ms XHR
text/plain 18.204.96.124
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s.nbydec.com/2/2.87.1/247514/Abtxs7cEBZm8BrOb/postback?oz_pl=1&dt=2475141632149316380000&pd=mkt&ci=247514&_x=1
Requested by: Host: s.nbydec.com
URL: https://s.nbydec.com/2/247514/minimal.js?dt=2475141632149316380000&pd=mkt
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.204.96.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-204-96-124.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://try.freshly.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 02 Jan 2023 01:59:42 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 / Show response
freshly.attn.tv/d/ Frame B17D 5 B
276 B 71ms
34ms Fetch
application/json 104.18.37.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freshly.attn.tv/d/?attn_vid=5a02822759d74900bc42f055f0a4adf7
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/if7UPLzFcFzhWkPsQqMdIWM3MV9Y2PKU/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.37.231 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://try.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:43 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type: application/json
access-control-allow-origin: *
x-envoy-upstream-service-time: 4
cf-ray: 782fe59ebcec8c15-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET

sid
mug.criteo.com/ Frame CFD1
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=try.freshly.com&sn=ChromeSyncframe&so=0&topUrl=www.pokemonfanblog.mastertopforum.org&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=r0qZ5Xw3QVlkSjUxSzdIMWVuOUduelk4eXN6UGxiUjR0MnRMMW9lcjF5eFJ5OENMNWJKd1VrLzlQTmYxbTk0TVRraEpJY0pLU1I2emxLY3hUY0M2UENiRjNqaFpRWjhESGQzRkY0dU16UnhOUFZ0ZHJYQ2ppMVArNlpCSW...

0
0

GET
H2 200 freshly.attn.tv.js Show response
cdn.attn.tv/growth-tag-assets/client-configs/ Frame B17D 0
364 B 23ms
23ms Script
text/javascript 2600:9000:2120:6600:1c:9484:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/growth-tag-assets/client-configs/freshly.attn.tv.js
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/attn.js?v=4-latest_804861295
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:6600:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://try.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 03:17:27 GMT
content-encoding
via: 1.1 502d715ad2f775c7dae1f1c4bfbfc168.cloudfront.net (CloudFront)
x-amz-version-id: kGJjc2HxNgGNuk_7UqP1h9o.liqWLb8I
last-modified: Mon, 17 Dec 2018 20:59:49 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C4
age: 81737
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Error from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 0
x-amz-cf-id: eRXtpjpaeo12mQyI7X4C3s05_riH0ftSd_9d2ddJnG0CTd6Lqe196w==

POST
H/1.1 200
OK postback Show response
s.nbydec.com/2/2.87.1/247514/Abtxs7cEBZm8BrOb/ Frame B17D 0
145 B 10ms
10ms XHR
text/plain 18.204.96.124
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s.nbydec.com/2/2.87.1/247514/Abtxs7cEBZm8BrOb/postback?dt=2475141632149316380000&pd=mkt&ci=247514&sid=Abtxs7cEBZm8BrOb&oz_sc=c621878fe3dff9c902325c26&oz_df=1672624783085&oz_l=397&cv=3
Requested by: Host: s.nbydec.com
URL: https://s.nbydec.com/2/2.87.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.204.96.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-204-96-124.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://try.freshly.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 02 Jan 2023 01:59:42 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 / Show response
www.freshly.com/ Frame B17D 57 KB
9 KB 136ms
102ms Document
text/html 2606:4700:10::ac43:262d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freshly.com/
Requested by: Host: try.freshly.com
URL: https://try.freshly.com/freshly-lp/affiliate-get-125-off?clickid=x%3Asxc9UJxxyNTdX1o92qJUHWUkAzpyUctyuWQQ0&irgwc=1&utm_medium=affiliate&utm_source=ignite&affsrc=1&utm_term=paid-affiliate&utm_adid=278160&utm_campaign=&plan_id=&promo_code=SAVE125AFF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:262d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea0289a75597de9b61809e238f4a5d220dc7325e6328e81bfb69615200bbc46d

Request headers

Referer: https://try.freshly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2705
cf-cache-status: DYNAMIC
cf-ray: 782fe59f5ec2c32e-EWR
content-encoding: gzip
content-type: text/html
date: Mon, 02 Jan 2023 01:59:43 GMT
server: cloudflare
vary: x-wf-forwarded-proto, Accept-Encoding
x-cache: HIT
x-cache-hits: 4
x-cluster-name: us-east-1-prod-edge-blue
x-envoy-upstream-service-time: 34
x-served-by: cache-iad-kjyo7100072-IAD
x-timer: S1672624783.307232,VS0,VE0

POST
H2 200 results
api.levelaccess.net/analytics/3.0/ Frame B17D 0
321 B 122ms
10ms Ping
text/plain 2600:1f18:4457:4601:1af:62d5:3e1a:d655
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.levelaccess.net/analytics/3.0/results

Requested by

Host: cdn.levelaccess.net
URL: https://cdn.levelaccess.net/accessjs/YW1wMTI0Mjg/access.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:4457:4601:1af:62d5:3e1a:d655 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://try.freshly.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 02 Jan 2023 01:59:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

POST
H/1.1 200
OK postback
s.nbydec.com/2/2.87.1/247514/Abtxs7cEBZm8BrOb/ Frame B17D 0
145 B 9ms
9ms Ping
text/plain 18.204.96.124
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s.nbydec.com/2/2.87.1/247514/Abtxs7cEBZm8BrOb/postback?dt=2475141632149316380000&pd=mkt&ci=247514&sid=Abtxs7cEBZm8BrOb&oz_sc=c621878fe3dff9c902325c26&oz_df=1672624783211&oz_l=4212&cv=3
Requested by: Host: s.nbydec.com
URL: https://s.nbydec.com/2/2.87.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.204.96.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-204-96-124.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://try.freshly.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 02 Jan 2023 01:59:42 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H2 200 iev
csm.va.us.criteo.net/ Frame CFD1 43 B
246 B 44ms
14ms Ping
image/gif 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.va.us.criteo.net/iev?entry=c~Gum.ChromeSyncframe.CookieRead.uid~1

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?topUrl=www.pokemonfanblog.mastertopforum.org&origin=onetag

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 01:59:42 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H3 200 /
www.ojrq.net/p/ Frame B17D 50 B
67 B 22ms
12ms Image
image/gif 34.95.127.121
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ojrq.net/p/?return=&cid=4458&tpsync=no
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.95.127.121 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 121.127.95.34.bc.googleusercontent.com
Software: /
Resource Hash: ec34cd386427fe6deacf99f4fdbeea4b1d1ed25f505411650d7ceaa843a7fc63

Request headers

accept-language: en-US,en;q=0.9
Referer: https://try.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jan 2023 01:59:43 GMT
via: 1.1 google
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50
expires: Mon, 02 Jan 2023 01:59:43 GMT

GET
H2

200

/ Show response
match.adsrvr.org/track/upb/ Frame DEBF
Redirect Chain

https://insight.adsrvr.org/track/up?adv=mtwxm8i&ref=http%3A%2F%2Fwww.pokemonfanblog.mastertopforum.org%2F&upid=gs2oq0p&upv=1.1.0
https://match.adsrvr.org/track/upb/?adv=mtwxm8i&ref=http%3A%2F%2Fwww.pokemonfanblog.mastertopforum.org%2F&upid=gs2oq0p&upv=1.1.0

953 B
1 KB

14ms
12ms

Document
text/html

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/upb/?adv=mtwxm8i&ref=http%3A%2F%2Fwww.pokemonfanblog.mastertopforum.org%2F&upid=gs2oq0p&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 5af9c7e76b264071ee5a0a386955cdcb1bc9923680756b26502233191013e87f

Request headers

Referer: https://try.freshly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html; charset=utf-8
date: Mon, 02 Jan 2023 01:59:43 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

cache-control: private,no-cache, must-revalidate
content-type: text/html; charset=utf-8
date: Mon, 02 Jan 2023 01:59:43 GMT
location: https://match.adsrvr.org/track/upb/?adv=mtwxm8i&ref=http%3A%2F%2Fwww.pokemonfanblog.mastertopforum.org%2F&upid=gs2oq0p&upv=1.1.0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H/1.1 200
OK universal_pixel.1.1.0.js Show response
js.adsrvr.org/ Frame DEBF 487 B
964 B 4ms
4ms Script
application/x-javascript 143.204.138.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by: Host: match.adsrvr.org
URL: https://match.adsrvr.org/track/upb/?adv=mtwxm8i&ref=http%3A%2F%2Fwww.pokemonfanblog.mastertopforum.org%2F&upid=gs2oq0p&upv=1.1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.138.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-138-162.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://match.adsrvr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 01 Jan 2023 02:12:27 GMT
Via: 1.1 81dc2840587b5003ff52334e3af886a4.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:32 GMT
Server: AmazonS3
X-Amz-Cf-Pop: EWR52-C2
Age: 85637
ETag: "f0a7a3296da7382ce6bc1a3b6769e927"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 487
X-Amz-Cf-Id: X_fNMQCO34acrhZpZf9rpUpKnh1mRV0pa2rmiIk_7DtmdHBIpdS0Jw==

GET
H2

200

google
match.adsrvr.org/track/cmf/ Frame 56AA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=YzkwNjdjMzctOWIzOC00MDhkLTg1ODQtYWI1NTNlMmU3Y2Fk&gdpr=0&gdpr_consent=&ttd_tdid=c9067c37-9b38-408d-8584-ab553...
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=c9067c37-9b38-408d-8584-ab553e2e7cad&google_gid=CAESEK9PcGuDX38h8U2fnBQtXeI&google_cver=1

0
0

11ms
10ms

Document
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=c9067c37-9b38-408d-8584-ab553e2e7cad&google_gid=CAESEK9PcGuDX38h8U2fnBQtXeI&google_cver=1
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Referer: https://match.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Mon, 02 Jan 2023 01:59:43 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 386
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Jan 2023 01:59:43 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=c9067c37-9b38-408d-8584-ab553e2e7cad&google_gid=CAESEK9PcGuDX38h8U2fnBQtXeI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET getuid
ib.adnxs.com/ Frame 2C50 0
0

GET
H2

200

rubicon
match.adsrvr.org/track/cmf/ Frame C559
Redirect Chain

https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=c9067c37-9b38-408d-8584-ab553e2e7cad&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0

70 B
0

11ms
11ms

Document
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Referer: https://match.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Mon, 02 Jan 2023 01:59:43 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
Expires: 0
Location: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
X-RPHost: 03d4828e33e22cf7b4098c5a68746480
content-length: 0

POST 0
bat.bing.com/actionp/ Frame B17D 0
0

POST iex
csm.va.us.criteo.net/ Frame CFD1 0
0

GET
H2 200 about-freshly.6761f3bd6.min.css
assets-global.website-files.com/5d03b4e130118314af624b20/css/ Frame B17D 522 KB
84 KB 10ms
6ms Stylesheet
text/css 2600:9000:21ea:d000:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-global.website-files.com/5d03b4e130118314af624b20/css/about-freshly.6761f3bd6.min.css
Requested by: Host: www.freshly.com
URL: https://www.freshly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:d000:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b28ee279c8c3d1708980611eae1f51b5eb0e0fcff9875c4c1114900d3cddaca6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: g1k3rxvKR6zM2VnvWX5qOS0qz1HoGiPF
content-encoding: gzip
via: 1.1 7a1287aac11cb484d13c7a9cbd2585b0.cloudfront.net (CloudFront)
date: Sun, 01 Jan 2023 06:49:02 GMT
age: 69042
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 85507
last-modified: Fri, 23 Dec 2022 19:10:03 GMT
server: AmazonS3
etag: "1dd0a32375e22491044846d2ac51f470"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: gAYwGT20TB7BYadFv-IooMo8wGY2yW1SuuoYr8iW9ZcREM_5QEQDBw==

GET
H3 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ Frame B17D 13 KB
5 KB 16ms
4ms Script
text/javascript 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: www.freshly.com
URL: https://www.freshly.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 06:16:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70983
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 01 Jan 2024 06:16:40 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame B17D 109 KB
43 KB 40ms
37ms Script
application/javascript 2607:f8b0:4006:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-57540929-1

Requested by

Host: www.freshly.com
URL: https://www.freshly.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

050f879661376521b9bf15821fcb9f2e8fb63db28fbf4fb36aea5fcbad08ffdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43581
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 02 Jan 2023 01:59:43 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ Frame B17D 129 KB
47 KB 70ms
25ms Script
application/javascript 2607:f8b0:4006:817::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=GTM-5MF24H6

Requested by

Host: www.freshly.com
URL: https://www.freshly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200e -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a2dd0b3163d783e73ee1645bf4ab7bf645356eef63d8278434d25f6790b16ead

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 47265
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 02 Jan 2023 01:59:43 GMT

GET
H2 200 core.js Show response
refer.freshly.com/ Frame B17D 67 KB
22 KB 23ms
19ms Script
application/javascript 54.234.137.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://refer.freshly.com/core.js

Requested by

Host: www.freshly.com
URL: https://www.freshly.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.234.137.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-234-137-207.compute-1.amazonaws.com

Software

Extole /

Resource Hash

b23419cadee3a6cb1540c4c5f9ccb4b1fa8c43dafaa2c5e5dec994d47cfa3425

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: Extole
access-control-max-age: 3600
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/javascript
p3p: CP="Please see our privacy policy"
access-control-expose-headers: X-Extole-Token
cache-control: no-transform, max-age=3600
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authentication,Authorization,X-CSRF-TOKEN,X-NONCE

GET
H2 200 5fad58fb52000327e0121a43_fr_logo_fit_final_blue-02-White.svg
assets-global.website-files.com/5d03b4e130118314af624b20/ Frame B17D 5 KB
3 KB 17ms
14ms Image
image/svg+xml 2600:9000:21ea:d000:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/5d03b4e130118314af624b20/5fad58fb52000327e0121a43_fr_logo_fit_final_blue-02-White.svg
Requested by: Host: www.freshly.com
URL: https://www.freshly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:d000:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d1d4c04c91beced0ab2f52ad7d47755b49d1054232f37ec933ba586052992985

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 24 May 2022 02:34:01 GMT
x-amz-version-id: r3Eq.jkaFpC_xZbmErO_gmVvnN66DLkD
content-encoding: gzip
via: 1.1 7a1287aac11cb484d13c7a9cbd2585b0.cloudfront.net (CloudFront)
age: 19265143
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 12 Nov 2020 15:47:09 GMT
server: AmazonS3
etag: W/"4f1d5234552cb5f82a3bb7bf7bf4e7f7"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: 1ZkZk7Rg9ZZKPFi-AwDp8H0GI4Tvo3gKz5nywjx9E0yHK6WCH7vlEQ==

GET
H2 200 5e8b699de5e03bec652d7dc2_account.svg
assets-global.website-files.com/5d03b4e130118314af624b20/ Frame B17D 297 B
728 B 15ms
12ms Image
image/svg+xml 2600:9000:21ea:d000:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/5d03b4e130118314af624b20/5e8b699de5e03bec652d7dc2_account.svg
Requested by: Host: www.freshly.com
URL: https://www.freshly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:d000:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 503a3d181c4091b17d8496ccfcd697001ff9317de55433a06a3dc6d58e5ac89b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 04:46:53 GMT
x-amz-version-id: bQAz9WgHkqdFVEtoYvl47ixDBgxItX89
via: 1.1 7a1287aac11cb484d13c7a9cbd2585b0.cloudfront.net (CloudFront)
last-modified: Mon, 06 Apr 2020 17:40:47 GMT
server: AmazonS3
age: 15541971
x-amz-cf-pop: EWR50-C1
etag: "25626c78d476ff1736b70df90edcb32e"
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-length: 297
x-amz-cf-id: yDCwn2AFojngEkO2Y2uQKinBTGVfoPxkzGd32lkRiLH2n6_OfIiLtw==

GET
H2 200 5fc4feea074f5b86a6c62285_freshly-logo-R.svg
assets-global.website-files.com/5d03b4e130118314af624b20/ Frame B17D 3 KB
2 KB 16ms
13ms Image
image/svg+xml 2600:9000:21ea:d000:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/5d03b4e130118314af624b20/5fc4feea074f5b86a6c62285_freshly-logo-R.svg
Requested by: Host: www.freshly.com
URL: https://www.freshly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:d000:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2b5de815d77fe31098ba6c53840472704bf6208acb91164d49858664c430d85f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:56:01 GMT
x-amz-version-id: leBaFCyXAle7Q1acsJU9vr2t0J8Ls39k
content-encoding: br
via: 1.1 7a1287aac11cb484d13c7a9cbd2585b0.cloudfront.net (CloudFront)
age: 9536623
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 30 Nov 2020 14:17:16 GMT
server: AmazonS3
etag: W/"b6faeda5044007d2827822531e1d8a12"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: O2slWWEEZcbM1eQrgm0oyZ_0RTWW58jEtrkq8Btt6exiIaBfwtaTBw==

GET
H2 200 5f195470866be89645b33cd9_logo_dark_green_t.svg
assets-global.website-files.com/5d03b4e130118314af624b20/ Frame B17D 8 KB
3 KB 17ms
14ms Image
image/svg+xml 2600:9000:21ea:d000:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/5d03b4e130118314af624b20/5f195470866be89645b33cd9_logo_dark_green_t.svg
Requested by: Host: www.freshly.com
URL: https://www.freshly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:d000:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c3cb4a6dec4d1780b5ba7b7a07abfc924873ef7f42d602eb53d2f1348557a0b2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 07:28:25 GMT
content-encoding: br
via: 1.1 7a1287aac11cb484d13c7a9cbd2585b0.cloudfront.net (CloudFront)
x-amz-version-id: t3dAl8nQabBa_0lejy9cmdFKMBjtWeJh
last-modified: Thu, 23 Jul 2020 09:12:19 GMT
server: AmazonS3
age: 325879
x-amz-cf-pop: EWR50-C1
etag: W/"8badcf9413d746a338d81f335c462f02"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: OCIasEL1Mn8rHb_orJT2flg6NlrEopoXSKsUZrXGyvkVVENlNddBQQ==

GET
H2 200 5f7b2e54b470232808e23b80_corelogo_main-01.svg
assets-global.website-files.com/5d03b4e130118314af624b20/ Frame B17D 45 KB
31 KB 21ms
19ms Image
image/svg+xml 2600:9000:21ea:d000:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/5d03b4e130118314af624b20/5f7b2e54b470232808e23b80_corelogo_main-01.svg
Requested by: Host: www.freshly.com
URL: https://www.freshly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:d000:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1e7b3bb58d6ae8f004f00afa46d4b5eec1dfb65634c6083e07e1b2d808908624

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:56:01 GMT
content-encoding: br
via: 1.1 7a1287aac11cb484d13c7a9cbd2585b0.cloudfront.net (CloudFront)
x-amz-version-id: q5ZKrrUydWDtr49KCEpElf1KNCGAO1kj
last-modified: Mon, 05 Oct 2020 14:31:50 GMT
server: AmazonS3
age: 9536623
x-amz-cf-pop: EWR50-C1
etag: W/"403a1cfd91d80ef519c44ddfd2a93748"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: WMIxvxqd11X7oQCib6h7cerY7uwN3wrn9f0CArUMBTRrncUOapMUWA==

GET
H2 200 jquery-3.5.1.min.dc5e7f18c8.js Show response
d3e54v103j8qbb.cloudfront.net/js/ Frame B17D 87 KB
30 KB 7ms
7ms Script
application/javascript 13.33.81.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=5d03b4e130118314af624b20
Requested by: Host: www.freshly.com
URL: https://www.freshly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.81.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-81-22.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://www.freshly.com/
Origin: https://www.freshly.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 19:49:48 GMT
content-encoding: br
via: 1.1 b78bfeca7339074512b7289497872df2.cloudfront.net (CloudFront)
age: 61447
x-amz-cf-pop: EWR52-C1
x-cache: Hit from cloudfront
last-modified: Mon, 20 Jul 2020 17:53:02 GMT
server: AmazonS3
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
vary: Accept-Encoding
x-amz-cf-id: g21tKG61EwoPOpc__TWuRDPIUkII37wF1IHN_1tSu3VBZhCL-qp0iw==

GET
H2 200 about-freshly.d7455f484.js Show response
assets-global.website-files.com/5d03b4e130118314af624b20/js/ Frame B17D 1 MB
174 KB 7ms
6ms Script
text/javascript 2600:9000:21ea:d000:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-global.website-files.com/5d03b4e130118314af624b20/js/about-freshly.d7455f484.js
Requested by: Host: www.freshly.com
URL: https://www.freshly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:d000:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 59e0b75224ce76c109d509a2ae947180346bb69f27c7a24b34506d0e55897730

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: T33qzgQqlh3GuhBMoJcK7Rzaz2L915MZ
content-encoding: gzip
via: 1.1 7a1287aac11cb484d13c7a9cbd2585b0.cloudfront.net (CloudFront)
date: Sun, 01 Jan 2023 06:26:41 GMT
age: 70383
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 177838
last-modified: Fri, 23 Dec 2022 19:10:03 GMT
server: AmazonS3
etag: "bdbb12f34307705a5279e42407f61bd8"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: G1mtV2hGpOK2eaOXxfW2lp1wgShgJn6nT2zC19dyfkv22KABAt8B-A==

GET
H3 200 jquery.cookie.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/ Frame B17D 3 KB
2 KB 42ms
29ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.js

Requested by

Host: www.freshly.com
URL: https://www.freshly.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3473175
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1119
last-modified: Mon, 04 May 2020 16:11:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec1-c31"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EgU54cdy1T0lT1G0hjKWjLkj5FLP0M5TxghkMHHMt4bsD7qnQCsA9BlXc7AC3VaIKjrnQgw7ClQVNYPFck8ogDVQpFILn24HeJk%2FOnlBB%2BBXApdsEFAoGhY%2F%2BvV2rwHdSL5u307gtrXmwziUlQYbqhHT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 782fe5a0783ec404-EWR
expires: Sat, 23 Dec 2023 01:59:43 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame B17D 33 KB
1 KB 41ms
40ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:200,300,400,500,600,700%7CRoboto:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,900,900italic

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1238dfafc83c2e83d1d59b02168d3a30a97ba31ee2c6868933e4b6177ec8fb86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 02 Jan 2023 01:59:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 01:59:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 02 Jan 2023 01:59:43 GMT

GET
H2 200 datadog-rum-v3.js Show response
www.datadoghq-browser-agent.com/ Frame B17D 115 KB
39 KB 56ms
4ms Script
application/javascript 13.225.224.236

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Requested by: Host: www.freshly.com
URL: https://www.freshly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.224.236 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4375ebb4771e6dbb66555214b78781f96a3f6fc43f26b6e9acc4a4751551706b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:58:59 GMT
content-encoding: gzip
via: 1.1 d77f2f1d7dfcddde244aedf1c9ed7a8e.cloudfront.net (CloudFront)
last-modified: Mon, 03 Jan 2022 16:36:14 GMT
server: AmazonS3
x-amz-cf-pop: JFK51-C1
age: 45
etag: W/"647fda9a4d3d74344732d76cf1fff47c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=14400, s-maxage=60
timing-allow-origin: *
x-amz-cf-id: axZhOugUEewaHFcezWu3F-QNBJEc0HbobWqgwN6DfabuEPAI5FMj4Q==

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/if7UPLzFcFzhWkPsQqMdIWM3MV9Y2PKU/ Frame B17D 417 KB
67 KB 9ms
7ms Script
text/javascript 13.225.223.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/if7UPLzFcFzhWkPsQqMdIWM3MV9Y2PKU/analytics.min.js
Requested by: Host: www.freshly.com
URL: https://www.freshly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.223.151 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-223-151.jfk51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fdda5ac296308ccd1e9464bc1362c1bd0b671e7003e458ccc8477068e24d74cb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: qy01ump_unEzmVYXSye0rBmCK1vo.xmA
content-encoding: br
via: 1.1 d77f2f1d7dfcddde244aedf1c9ed7a8e.cloudfront.net (CloudFront)
date: Mon, 02 Jan 2023 01:58:34 GMT
x-amz-cf-pop: JFK51-C1
age: 70
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 04 Aug 2022 11:58:41 GMT
server: AmazonS3
etag: W/"9b06642c58a3c901b6d63a5760e38268"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120
vary: Accept-Encoding
x-amz-cf-id: ZOp47br4wzpmHOLYrgAVi4x6zS_I4tdmGgh29TJ6G45oIbu3WhamsA==

GET
H3 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v49/ Frame B17D 25 KB
25 KB 7ms
4ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.freshly.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 22:15:34 GMT
x-content-type-options: nosniff
age: 445449
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25372
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:24:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Dec 2023 22:15:34 GMT

GET
H3 200 KFOkCnqEu92Fr1MmgVxIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B17D 15 KB
15 KB 8ms
5ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxIIzI.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.freshly.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 07:41:51 GMT
x-content-type-options: nosniff
age: 497872
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15764
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Dec 2023 07:41:51 GMT

GET
H3 200 KFOiCnqEu92Fr1Mu51QrEzAdLw.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B17D 17 KB
17 KB 11ms
8ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOiCnqEu92Fr1Mu51QrEzAdLw.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b19ac4e57f2a56639eebd1c35319e5a7124be70d3fa155b63d878886520154fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.freshly.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 01:28:52 GMT
x-content-type-options: nosniff
age: 433851
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17060
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Dec 2023 01:28:52 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B17D 15 KB
15 KB 12ms
8ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.freshly.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 15:49:44 GMT
x-content-type-options: nosniff
age: 468599
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Dec 2023 15:49:44 GMT

GET
H3 200 KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B17D 17 KB
17 KB 13ms
10ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb8007225d94a099cddbade7ea904667c0dd0b68d5e30778e5c6257589ab94d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.freshly.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 19:54:17 GMT
x-content-type-options: nosniff
age: 367526
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17508
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Dec 2023 19:54:17 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B17D 15 KB
15 KB 13ms
10ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.freshly.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 10:24:38 GMT
x-content-type-options: nosniff
age: 228905
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Dec 2023 10:24:38 GMT

GET
H3 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B17D 17 KB
17 KB 16ms
13ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.freshly.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 05:31:10 GMT
x-content-type-options: nosniff
age: 332913
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17368
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Dec 2023 05:31:10 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B17D 16 KB
16 KB 17ms
14ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.freshly.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 02:49:38 GMT
x-content-type-options: nosniff
age: 429005
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Dec 2023 02:49:38 GMT

GET
H3 200 KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B17D 17 KB
17 KB 18ms
16ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

661d4b208656c006e7aab58acf7784857963123675de2302279fbe6c05313547

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.freshly.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 10:24:46 GMT
x-content-type-options: nosniff
age: 228897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17336
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Dec 2023 10:24:46 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B17D 15 KB
16 KB 19ms
16ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.freshly.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 19:32:04 GMT
x-content-type-options: nosniff
age: 368859
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Dec 2023 19:32:04 GMT

GET
H3 200 KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B17D 17 KB
17 KB 19ms
17ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.freshly.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 10:24:55 GMT
x-content-type-options: nosniff
age: 228888
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17032
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Dec 2023 10:24:55 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B17D 15 KB
15 KB 21ms
19ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.freshly.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 09:44:38 GMT
x-content-type-options: nosniff
age: 490505
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Dec 2023 09:44:38 GMT

GET
H3 200 KFOjCnqEu92Fr1Mu51TLBCc6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B17D 17 KB
17 KB 22ms
20ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TLBCc6CsQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3cf78ad3bcd1324e10a4acdc34bfc4a159f9a045b30edbe3738a9d1b9f807a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.freshly.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 17:51:11 GMT
x-content-type-options: nosniff
age: 374912
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17552
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Dec 2023 17:51:11 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame B17D 49 KB
20 KB 10ms
5ms Script
text/javascript 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-57540929-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 02 Jan 2023 00:44:06 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 4537
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 02 Jan 2023 02:44:06 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame B17D 266 KB
86 KB 28ms
28ms Script
application/javascript 2607:f8b0:4006:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TPV8VQ&l=dataLayer

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/if7UPLzFcFzhWkPsQqMdIWM3MV9Y2PKU/analytics.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3668097d45039a5f44ede2a5f42ba021515e3dfed463239d20312794b87c7740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88253
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 02 Jan 2023 01:59:43 GMT

GET
H2 200 amplitude-5.2.2-min.gz.js Show response
cdn.amplitude.com/libs/ Frame B17D 54 KB
18 KB 6ms
5ms Script
application/javascript 18.164.115.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/amplitude-5.2.2-min.gz.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/if7UPLzFcFzhWkPsQqMdIWM3MV9Y2PKU/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.115.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-115-222.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2173f130ca59dc5554498343432f02f92ecce45c4f9381ea12b203a2978f33d4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 14:52:54 GMT
content-encoding: gzip
via: 1.1 a0be26685e47d6d6220ccd40bc5f0a4e.cloudfront.net (CloudFront)
x-amz-version-id: aZB1RIRJqET7nosqRtOBVideRuh0jIV6
x-amz-cf-pop: JFK50-P6
age: 4360010
x-cache: Hit from cloudfront
content-length: 17889
last-modified: Mon, 21 Oct 2019 15:45:34 GMT
server: AmazonS3
etag: "b568e7b3c9d94da6a1d4845b18400f7a"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: plu8I_dnLw6w17bGpv5AdnHae08XAO_fSYyePP0W6aw_FNbn-bqtBw==

GET
H3 200 fs.js Show response
edge.fullstory.com/s/ Frame B17D 262 KB
65 KB 17ms
6ms Script
application/javascript 35.201.112.186
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/if7UPLzFcFzhWkPsQqMdIWM3MV9Y2PKU/analytics.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b5eb9279b0f8b5ccf07f061ea704ebed14fe1a1378b856cb728ffb2a7b73fe74

Request headers

Referer: https://www.freshly.com/
Origin: https://www.freshly.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:31:16 GMT
content-encoding: br
age: 1707
x-guploader-uploadid: ADPycdu28Qfz0EVLluRCe_HqYiNlfvdHs3yVi6YcpcKoiaaPExDLbLqqu8Fvco4QNdm7AodnAlpnZVuQ5-Ri0d073XPi-ZIVf5NQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66813
last-modified: Thu, 22 Dec 2022 14:18:33 GMT
server: UploadServer
etag: "a85b05b7b02159679d34f8031631519f"
vary: Accept-Encoding
x-goog-generation: 1671718712917608
x-goog-hash: crc32c=55ruUA==, md5=qFsFt7AhWWedNPgDFjFRnw==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 66813
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 02 Jan 2023 02:31:16 GMT

GET
H2 200 invisible.js Show response
www.freshly.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame C46D 36 KB
17 KB 14ms
14ms Script
application/javascript 2606:4700:10::ac43:262d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freshly.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1672617600
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:262d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 443f0e64b27287065a6f2734f42a73e0f9e73c60f6578586d9248b84ddc9236c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:43 GMT
content-encoding: gzip
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 782fe5a24b17c32e-EWR

GET
H3 200 freshly.jsp Show response
www.upsellit.com/active/ Frame B17D 77 KB
20 KB 24ms
11ms Script
application/x-javascript 34.117.39.58
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upsellit.com/active/freshly.jsp

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPV8VQ&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

34.117.39.58 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

58.39.117.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

0bd83c20c022704ffdb28ab5f3b74b00dbba20ff1d38799c7d77e57d5cd6fee8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 google
date: Sun, 01 Jan 2023 18:44:40 GMT
server: nginx
age: 26103
vary: Accept-Encoding
content-type: application/x-javascript;charset=ISO-8859-1
cache-control: max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20740
expires: Mon, 02 Jan 2023 18:44:40 GMT

GET
H3 200 ping.min.js Show response
cdn.pdst.fm/ Frame B17D 26 KB
6 KB 42ms
10ms Script
application/javascript 35.244.142.80
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pdst.fm/ping.min.js
Requested by: Host: www.pokemonfanblog.mastertopforum.org
URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.142.80 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 80.142.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:50:55 GMT
content-encoding: gzip
age: 528
x-guploader-uploadid: ADPycdvoVKDidsV_uu3Tgi-UHhhgqVyiDfciVYThNulYphTwLR4luSZAxb8f05zlwUIWk_ntlWHTaOSPJ6G-1J7hNGY25tP_Pb59
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5774
last-modified: Fri, 28 May 2021 20:34:03 GMT
server: UploadServer
etag: "d001d1c9f5a942fa5524eeacb047e819"
vary: Accept-Encoding
x-goog-generation: 1622234043862937
x-goog-hash: crc32c=oKoi/w==, md5=0AHRyfWpQvpVJO6ssEfoGQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 5774
accept-ranges: bytes
content-type: application/javascript;
expires: Mon, 02 Jan 2023 02:50:55 GMT

GET
H/1.1 200
OK minimal.js Show response
s.nbydec.com/2/247514/ Frame B17D 6 KB
3 KB 10ms
10ms Script
text/javascript 18.204.96.124
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://s.nbydec.com/2/247514/minimal.js?dt=2475141632149316380000&pd=mkt

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPV8VQ&l=dataLayer

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

18.204.96.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-204-96-124.compute-1.amazonaws.com

Software

Resource Hash

f355b7c72890237c35f516cb5a7ab76227c26563d8b2ff49977496d558858dbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Jan 2023 01:59:43 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: *
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Timing-Allow-Origin: *
Content-Length: 2621
Expires: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame B17D 216 KB
75 KB 28ms
27ms Script
application/javascript 2607:f8b0:4006:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JFBT4859KV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPV8VQ&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

202d608359eeb02f81a6139fa623291471f6d15cbe00a4e862831b93e8bf33cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76840
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 02 Jan 2023 01:59:43 GMT

POST
H/1.1 200
OK postback
s.nbydec.com/2/2.87.1/247514/AbtxtCwKBZlUgd0i/ Frame B17D 0
145 B 10ms
9ms XHR
text/plain 18.204.96.124
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s.nbydec.com/2/2.87.1/247514/AbtxtCwKBZlUgd0i/postback?oz_pl=1&dt=2475141632149316380000&pd=mkt&ci=247514&_x=1
Requested by: Host: s.nbydec.com
URL: https://s.nbydec.com/2/247514/minimal.js?dt=2475141632149316380000&pd=mkt
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.204.96.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-204-96-124.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.freshly.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 02 Jan 2023 01:59:43 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK main.js
s.nbydec.com/2/2.87.1/ Frame B17D 171 KB
54 KB 11ms
10ms Script
text/javascript 18.204.96.124
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://s.nbydec.com/2/2.87.1/main.js

Requested by

Host: s.nbydec.com
URL: https://s.nbydec.com/2/247514/minimal.js?dt=2475141632149316380000&pd=mkt

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

18.204.96.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-204-96-124.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 01:59:43 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: br
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: Origin, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, no-transform, immutable, max-age=999999999
Timing-Allow-Origin: *
Content-Length: 54838
Expires: Wed, 09 Sep 2054 13:51:40 GMT

POST
H3 204 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ Frame B17D 0
0 104ms
103ms Fetch
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/if7UPLzFcFzhWkPsQqMdIWM3MV9Y2PKU/analytics.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: application/json
Referer: https://www.freshly.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 02 Jan 2023 01:59:43 GMT
server: Google Frontend
x-powered-by: Express
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-methods: GET, POST
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: 8d044e1eeb9cedd77fb32967a21e6168
function-execution-id: y8qu1pk3cl29
access-control-allow-headers: Content-Type, Accept
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H3 200 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ Frame 0
0 55ms
54ms Preflight
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.freshly.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 22
content-type: text/html; charset=utf-8
date: Mon, 02 Jan 2023 01:59:43 GMT
etag: W/"2-ROqGvmcGDXooyAXFZHZ+i4au1yQ"
function-execution-id: k3skw1murcww
server: Google Frontend
x-cloud-trace-context: b5a62bd0a2e66d775c4938eb49d460be
x-powered-by: Express

GET
H2 200 pica.js
www.freshly.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame C46D 25 KB
11 KB 13ms
13ms Other
application/javascript 2606:4700:10::ac43:262d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freshly.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by: Host: www.freshly.com
URL: https://www.freshly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:262d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:44 GMT
content-encoding: gzip
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 782fe5a45e91c32e-EWR

POST
H/1.1 200
OK postback
s.nbydec.com/2/2.87.1/247514/AbtxtCwKBZlUgd0i/ Frame B17D 0
145 B 9ms
9ms XHR
text/plain 18.204.96.124
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s.nbydec.com/2/2.87.1/247514/AbtxtCwKBZlUgd0i/postback?oz_pl=1&dt=2475141632149316380000&pd=mkt&ci=247514&_x=1
Requested by: Host: s.nbydec.com
URL: https://s.nbydec.com/2/247514/minimal.js?dt=2475141632149316380000&pd=mkt
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.204.96.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-204-96-124.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.freshly.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 02 Jan 2023 01:59:43 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 webflow
www.freshly.com/api/v1/flippers/ Frame B17D 54 B
518 B 94ms
93ms Fetch
application/json 2606:4700:10::ac43:262d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.freshly.com/api/v1/flippers/webflow

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/if7UPLzFcFzhWkPsQqMdIWM3MV9Y2PKU/analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:262d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.freshly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 01:59:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-permitted-cross-domain-policies: none
status: 200 OK
x-envoy-upstream-service-time: 21
release-name: 9581dfeb3165ee038b83cad25465b0360bcb9cc5
x-xss-protection: 1; mode=block
x-request-id: 8f53b832-cc98-952a-830b-5df4467e115e
x-runtime: 0.018142
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
host: freshly.com
etag: W/"b41bc524c2856cba5d1fc4ccf66d448b"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
cf-ray: 782fe5a4aef8c32e-EWR

POST
H/1.1 200
OK postback
s.nbydec.com/2/2.87.1/247514/AbtxtCwKBZlUgd0i/ Frame B17D 0
145 B 9ms
9ms XHR
text/plain 18.204.96.124
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s.nbydec.com/2/2.87.1/247514/AbtxtCwKBZlUgd0i/postback?dt=2475141632149316380000&pd=mkt&ci=247514&sid=AbtxtCwKBZlUgd0i&oz_sc=9ad40661c05dbd4c95910c6d&oz_df=1672624784103&oz_l=153&cv=3
Requested by: Host: s.nbydec.com
URL: https://s.nbydec.com/2/2.87.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.204.96.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-204-96-124.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.freshly.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 02 Jan 2023 01:59:43 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
BLOB 200
OK 5f99aa80-66ff-48dd-ae85-2d02f3ccdbd8
https://www.freshly.com/ Frame 5B9F 185 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.freshly.com/5f99aa80-66ff-48dd-ae85-2d02f3ccdbd8
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 185
Content-Type: application/javascript

POST
H/1.1 200
OK postback
s.nbydec.com/2/2.87.1/247514/AbtxtCwKBZlUgd0i/ Frame B17D 0
145 B 9ms
9ms XHR
text/plain 18.204.96.124
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s.nbydec.com/2/2.87.1/247514/AbtxtCwKBZlUgd0i/postback?dt=2475141632149316380000&pd=mkt&ci=247514&sid=AbtxtCwKBZlUgd0i&oz_sc=9ad40661c05dbd4c95910c6d&oz_df=1672624784270&oz_l=4419&cv=3
Requested by: Host: s.nbydec.com
URL: https://s.nbydec.com/2/2.87.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.204.96.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-204-96-124.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.freshly.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 02 Jan 2023 01:59:43 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mug.criteo.com
URL: https://mug.criteo.com/sid?cpp=r0qZ5Xw3QVlkSjUxSzdIMWVuOUduelk4eXN6UGxiUjR0MnRMMW9lcjF5eFJ5OENMNWJKd1VrLzlQTmYxbTk0TVRraEpJY0pLU1I2emxLY3hUY0M2UENiRjNqaFpRWjhESGQzRkY0dU16UnhOUFZ0ZHJYQ2ppMVArNlpCSWhZK0xFeXZMYUNWMDNmbDNBZGtmNVkwTkdPdVRGNCt4RUQrdzdCZ29ncjBlTkZaSmFUelBZRFFVa3RET3RYY0RNOVhKSlQxWC9JSFdENktKODRCNjVJVDM5YTM1WTlFL2xib3hHTVpSV1BBVzRoZm85RTE3T28wZzBoTVpQVG42TS96dWU4dVZSbThrS2pxcUp1VmV6NjBFN0pYZXdNa1ArZkQvSWxyM3pNTTJpZ2thL3pnWUVMWG5KNHV1MFRNaTRPNzRMKzIrUHw&cppv=2

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=c9067c37-9b38-408d-8584-ab553e2e7cad

Domain: bat.bing.com
URL: https://bat.bing.com/actionp/0?ti=4064026&Ver=2&mid=e0835a15-f6d2-4786-9146-675afbb6851a&sid=1faa45908a4111edbd124762861ba6f6&vid=1faa70008a4111eda752777f9bad9b90&vids=1&msclkid=N&evt=pageHide

Domain: csm.va.us.criteo.net
URL: https://csm.va.us.criteo.net/iex?gPath=Gum.ChromeSyncframe.SidReadError&msg=Failed%20to%20fetch&tag=Gum&tag=ChromeSyncframe&tag=SidReadError

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.pokemonfanblog.mastertopforum.org/	1969-12-31 23:59:59	Name: PHPSESSID Value: 2onvhae65ftqtta6v2dfb5noo1
.mastertopforum.org/	1970-01-20 17:58:40	Name: __gads Value: ID=1bdcd6456313f912-2224f2880ada00bd:T=1672624778:RT=1672624778:S=ALNI_Max5XJp00hTdhJMjopB8Pa0au7QCQ
.mastertopforum.org/	1970-01-20 17:58:40	Name: __gpi Value: UID=000008f0a03e4e24:T=1672624778:RT=1672624778:S=ALNI_MZOsxkpaTq_tqriaPNC2yHmL-Tb7A
.doubleclick.net/	1970-01-20 18:13:04	Name: IDE Value: AHWqTUkrA-zMDxHiEaqUcwvGMtJ2_pL_y81lV3V7ji7iPNh4oZmzO5cQ-2jLbT4VdfM
.ad6media.fr/	1970-01-20 18:05:52	Name: ui Value: 163b23a8ab3d37588262189
.agkn.com/	1970-01-20 17:22:40	Name: ab Value: 0001%3AYlgo0Ey7wNhFMsAPnt9BsllGcK5opiUB
.blismedia.com/	1970-01-20 17:22:44	Name: b Value: 63B23A8BEBA87778AC3783A6BLIS
.emxdgt.com/	1970-01-20 10:46:40	Name: uid Value: 56811672624779344491b1
.360yield.com/	1970-01-20 10:46:40	Name: tuuid Value: 75dd2d54-1521-4bc7-84e8-4282c833f0f9
.360yield.com/	1970-01-20 10:46:40	Name: tuuid_lu Value: 1672624779
.adnxs.com/	1970-01-20 10:46:40	Name: uuid2 Value: 6228024670653928126
.emxdgt.com/	1970-01-20 10:46:40	Name: apn_id Value: 6228024670653928126
.agkn.com/	1970-01-20 17:22:40	Name: u Value: C\|0AAArRPcKK0T3CwAAAAAB
.dotomi.com/	1970-01-20 08:37:04	Name: DotomiTest Value: 4c9013feba271061
.uuidksinc.net/	1970-01-20 17:22:40	Name: jcsuuid Value: l9m73XXueVpwKkjjem2n
.mastertopforum.org/	1970-01-20 08:37:06	Name: ad6_pc Value: 1
.ad.admitad.com/	1970-01-20 18:13:04	Name: UID Value: v=3\|id=6bfdae59bd47edd465ca8ba9648b9a0c\|expr=1735696780\|type=0\|business_expr=1675216780
.ad.admitad.com/	1969-12-31 23:59:59	Name: UID2 Value: v=3\|id=6bfdae59bd47edd465ca8ba9648b9a0c\|expr=1735696780\|type=0\|business_expr=1675216780
.ojrq.net/	1970-01-20 18:13:04	Name: brwsr Value: 1ea01c3d-8a41-11ed-bd4e-593d29e9878a
.voq9.net/	1970-01-20 18:13:04	Name: brwsr Value: 1ea01c3d-8a41-11ed-bd4e-593d29e9878a
freshly.voq9.net/	1970-01-20 12:56:16	Name: irld Value: LVTLXx-SMc2eNwC4TKn22uQjiRqbVvc1RdTytQGkxgo0I82Hi
.bing.com/	1970-01-20 17:58:40	Name: MUID Value: 0923A2701648666D1A83B0FD17E06706
.bat.bing.com/	1970-01-20 08:47:09	Name: MR Value: 0
.tiktok.com/	1970-01-20 17:58:40	Name: _ttp Value: 2Jkaxfmn4hN8wSRjALykmAzV9dZ
.criteo.com/	1970-01-20 17:58:40	Name: uid Value: d671bda9-39d7-4f24-b44e-773f4fd2e06d
.voq9.net/	1970-01-20 08:38:31	Name: irtps Value: 1
freshly.voq9.net/	1970-01-20 08:47:09	Name: AWSALBCORS Value: AZiIBqJws/bluWmaMT3Xwl6g5l7in62GPq6m26wzbd9JSi1J1sc8zNngf/GDnhe2yhSKwN7Fdz++o/fQSpZDHQkWo3HDVE5utqxMKDqkchpC7vv6GYX8GEc4ZAoh
.attentivemobile.com/	1970-01-20 18:13:04	Name: tpc_c_cly Value: c37f79cc-55cf-49c6-b54e-be8a6620bb91.1672624782.cly.1672624782
.attentivemobile.com/	1970-01-20 18:13:04	Name: tpc_b_cly Value: b9518613-4782-4939-8168-69ac1d27f41e.1672624782.cly.1672624782
.adsrvr.org/	1970-01-20 17:22:40	Name: TDID Value: c9067c37-9b38-408d-8584-ab553e2e7cad
.rubiconproject.com/	1970-01-20 17:22:40	Name: khaos Value: LCE5LYOV-X-BM11
.rubiconproject.com/	1970-01-20 17:22:40	Name: audit Value: 1\|Z0nnFz/6zzKciGpzdkyE+0p+6+XmtmcgkSP63Ljm5Vl3VTvB6ouZN/fjYLyF/KsbSEqQLNf+yuFw0S94mtzOH0pB9H8pjytykCdHvyxZSdZ5wR+xyAAzmVgv0OphcBbddID0cWRk1ZT7P6m5GbQO3TRTKLjh4R1Mi8N7BAmaQgdJt49mPrPRUFyo1mMSXCQ85kHVXO4iITS/uI9Aj+Yjkr7KKI+4mJy3oGirqm5gUhh8KMm0j6uXBGY3KwFBcKEE94+z9/eToJrLtHkR71fkUv/JTzblBZm7jOq1oSpaE+yma+WVcS1g3g==
.adsrvr.org/	1970-01-20 17:22:40	Name: TDCPM Value: CAESFQoGZ29vZ2xlEgsI7P3LyOGbtjsQBRIXCghhcHBuZXh1cxILCP7P_cfhm7Y7EAUSFgoHcnViaWNvbhILCP7P_cfhm7Y7EAUYBSACKAMyCwj-x4D195u2OxAFQg8iDQgBEgkKBXRpZXIxEAFaB210d3htOGlgAQ..

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php Message: Failed to load resource: the server responded with a status of 500 (Internal Server Error)
javascript	warning	URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php(Line 64) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://ae4p4bar4w.s.ad6media.fr/?d=1672624778209&r=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://www.pokemonfanblog.mastertopforum.org/noforum.php(Line 64) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://ae4p4bar4w.s.ad6media.fr/?d=1672624778209&r=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0619060941749983&output=html&h=280&slotname=2188020745&adk=2320542684&adf=1965096578&pi=t.ma~as.2188020745&w=1200&fwrn=4&fwrnh=100&lmt=1672624778&rafmt=1&format=1200x280&url=http%3A%2F%2Fwww.pokemonfanblog.mastertopforum.org%2Fnoforum.php&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1672624778278&bpp=6&bdt=300&idt=121&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&correlator=6329505238971&frm=20&pv=2&ga_vid=1097215867.1672624778&ga_sid=1672624778&ga_hid=1159426465&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=172&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071220%2C44777948%2C44779794%2C44780792&oid=2&pvsid=4102389520372628&tmod=847375073&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=4Sp7YTIbk9&p=http%3A//www.pokemonfanblog.mastertopforum.org&dtd=142 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: https://ae4p4bar4w.s.ad6media.fr/?d=1672624778209&r= Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: http://www.freestats.net/counter.php?i=8&r=&e=http%3A//www.pokemonfanblog.mastertopforum.org/noforum.php&n=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.124%20Safari/537.36&p=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.124%20Safari/537.36&g=http%3A//www.pokemonfanblog.mastertopforum.org/noforum.php&l=undefined&sd=24&sw=1600x1200 Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
worker	error	URL: blob:https://www.freshly.com/5f99aa80-66ff-48dd-ae85-2d02f3ccdbd8 Message: Mixed Content: The page at 'blob:https://www.freshly.com/5f99aa80-66ff-48dd-ae85-2d02f3ccdbd8' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker	error	URL: blob:https://www.freshly.com/5f99aa80-66ff-48dd-ae85-2d02f3ccdbd8 Message: Mixed Content: The page at 'blob:https://www.freshly.com/5f99aa80-66ff-48dd-ae85-2d02f3ccdbd8' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8911531.fls.doubleclick.net
ad.admitad.com
ad.doubleclick.net
ads.us.criteo.com
adservice.google.com
ae4p4bar4w.s.ad6media.fr
ajax.googleapis.com
analytics.tiktok.com
api.amplitude.com
api.levelaccess.net
api.segment.io
assets-global.website-files.com
awghk956qa.s.ad6media.fr
bat.bing.com
beacon.walmart.com
c.ad6media.fr
cat.va.us.criteo.com
cdn.amplitude.com
cdn.attn.tv
cdn.datasteam.io
cdn.doubleverify.com
cdn.levelaccess.net
cdn.pdst.fm
cdn.segment.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
cs.emxdgt.com
csm.us.criteo.net
csm.va.us.criteo.net
d.agkn.com
d.impactradius-event.com
d3e54v103j8qbb.cloudfront.net
dclk-match.dotomi.com
edge.fullstory.com
events.attentivemobile.com
fonts.googleapis.com
fonts.gstatic.com
freshly.attn.tv
freshly.voq9.net
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
insight.adsrvr.org
js.adsrvr.org
match.360yield.com
match.adsrvr.org
mug.criteo.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.us.criteo.net
pixel.rubiconproject.com
refer.freshly.com
rtb.va.us.criteo.com
rtb0.doubleverify.com
rtbc-ue1.doubleverify.com
s.nbydec.com
s.uuidksinc.net
segment.a3cloud.net
static.criteo.net
style.ad6.fr
style2.ad6.fr
t.a3cloud.net
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-ue1.doubleverify.com
tr.blismedia.com
try.freshly.com
us-central1-adaptive-growth.cloudfunctions.net
www.datadoghq-browser-agent.com
www.facebook.com
www.freestats.net
www.freestats.org
www.freshly.com
www.google-analytics.com
www.google.com
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
www.mastertopforum.eu
www.masterworld.org
www.ojrq.net
www.pokemonfanblog.mastertopforum.org
www.upsellit.com
bat.bing.com
csm.va.us.criteo.net
ib.adnxs.com
mug.criteo.com
104.18.37.231
104.77.150.142
108.138.128.129
13.225.214.124
13.225.223.151
13.225.224.236
13.33.81.22
142.250.80.38
142.250.80.98
142.251.40.102
143.204.138.162
172.64.144.208
178.32.120.35
18.164.115.222
18.164.124.54
18.204.96.124
18.214.193.123
20.230.171.39
2001:4860:4802:36::36
2600:141b:9000::b857:ad51
2600:1f18:4457:4601:1af:62d5:3e1a:d655
2600:9000:210b:7400:1:fb61:2b80:93a1
2600:9000:2120:6600:1c:9484:cec0:93a1
2600:9000:21da:3a00:19:fc2c:a140:93a1
2600:9000:21ea:d000:12:9e5f:cac0:93a1
2606:4700:10::ac43:262d
2606:4700::6811:190e
2606:ae80:1451:13::2330
2607:f8b0:4006:809::2002
2607:f8b0:4006:809::2008
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80c::200a
2607:f8b0:4006:80d::2001
2607:f8b0:4006:80d::2002
2607:f8b0:4006:80e::2002
2607:f8b0:4006:817::200e
2607:f8b0:4006:81c::2004
2607:f8b0:4006:81d::200a
2607:f8b0:4006:81e::2002
2607:f8b0:4006:81f::200e
2607:f8b0:4006:821::2003
2620:100:a001::16
2620:100:a001::24
2620:100:a001::3
2620:100:a001::4
2620:100:a001::a
2620:100:a001::c
2620:1ec:c11::200
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
3.33.220.150
31.170.105.177
31.220.27.135
34.102.136.180
34.117.228.201
34.117.39.58
34.196.132.239
34.95.127.121
34.96.105.8
35.186.249.72
35.201.112.186
35.244.142.80
44.206.191.176
44.238.9.245
5.135.162.57
5.135.94.16
52.26.55.16
52.55.54.43
54.166.25.255
54.234.137.207
68.67.160.26
74.119.119.147
79.143.185.233
8.43.72.97
87.98.153.73
91.194.90.102
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
014b2dec37e7612982784d2d0cd7fd93cca4f95139a552e294a260f4ddad54bd
03422f929ec3e8a2e1002abf892a06789acb167e13546091f5487d2aa19cd706
0416a2add9e2c1d7dcf9e9009ff3b4bf43fdfd100bafa297f11bd6f960b78b04
050f879661376521b9bf15821fcb9f2e8fb63db28fbf4fb36aea5fcbad08ffdc
07beb41487a2890845013988194ca02dd9a90cd68fe4cfbd789195ec9f4d185c
0876575ebe81141a7c6ed1f323a4ee99d43707748a03b37a0163e985513d2718
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
0b2e8f4e60be39c32903492890d00fdb001f697752f3be62ec82d138e7988a38
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bd83c20c022704ffdb28ab5f3b74b00dbba20ff1d38799c7d77e57d5cd6fee8
0cc22088336434b94c3608d913f950aa0182eda950319ea3422f9e9dfc2b3f59
0e67d9f5470c2fa8b133b7b2431b78c50a86fdfca48579038e60d56cec1fd638
0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18
100a79221e013ca1fe205e594222ffc28722f4fadeaac7ee31f9abf842f2d067
11aedbc33c19eb65881cc998780e5ef07af271336917b51c3fc5088ea4fb27cd
11c78dc36211caf34bb9b0ed56d457d37de3ef911971808c82a1548e2adcb3cf
12312bcdfc929c982aa8d917bdbd7f0a0761d1672671884a2b8fc2018c631caa
1238dfafc83c2e83d1d59b02168d3a30a97ba31ee2c6868933e4b6177ec8fb86
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
1534afd3b1b3015a844189fdbed4337299fe4c4ef83309564015b840e292c21d
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1989305a87e09cd6f204eb765f68c79918099efcf511f40b2745c4b48ecc4f41
19a97f7979039e0169a317503a26b7a702e534d732eb95bb8146956b5d8ce763
1e7b3bb58d6ae8f004f00afa46d4b5eec1dfb65634c6083e07e1b2d808908624
1f0092853ca3ecdd45ed725d5a8a2b7985720f9683774e579d58a00ff9d0099a
202d608359eeb02f81a6139fa623291471f6d15cbe00a4e862831b93e8bf33cd
2173f130ca59dc5554498343432f02f92ecce45c4f9381ea12b203a2978f33d4
23b24518efe8efd233f0c97b5920c44754a3b53f6b58d217d5154ca1a0ae6feb
264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa
26a19cd78ee23849a890de25aab00fcd463a35e76605cbb311e76802e3770ea0
299d4ac79b5d726a3034e607d11f03b3a25fe1775d65d826112b9eb57699622e
2b5de815d77fe31098ba6c53840472704bf6208acb91164d49858664c430d85f
2cd12c7ce0b7820ed9278d4ab38ba0d500c2ec60c79d7c7dc19fad61ef0449f7
2fe326f85f18bb8f2b15cfde6928febb374cbb1865deace1b300cf84d0d6458f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31a833fe17d971c72b398404d6c4b340214ff2e88ef7c45e414797e844683057
35896f69e63174d490b4d17af9acdbb8b17c1c8e4f69f3c1e86d9ff383e69e58
35ace17c92ca477853ce11c45e198abd3cb26a41f11a4411a9dea48ec25b478c
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
35f16445cffab9db26b4c2d587237d8d9292bd1044513d84e3d06f90466bb1fd
3668097d45039a5f44ede2a5f42ba021515e3dfed463239d20312794b87c7740
382553d0b81e9af0e9ea4e34c926ceebab79be5fb7ca5ede274f349f27d67c03
39733976b1c0177f00c66e25fe4ecd2a9fa9515a2d873193094a857f671162d4
3cf78ad3bcd1324e10a4acdc34bfc4a159f9a045b30edbe3738a9d1b9f807a39
429bb7b91c3f11d46b7c696566e6bbcfd82c2282cf2d037d88a739da93b4537c
4375ebb4771e6dbb66555214b78781f96a3f6fc43f26b6e9acc4a4751551706b
443f0e64b27287065a6f2734f42a73e0f9e73c60f6578586d9248b84ddc9236c
44658a8d1b4fdcc9bb9c1ff97d1b969e0130046106defbc5f8e8412c670345aa
467f1fc56a98e88d57d231446f032a1e3efa853f01409654ab1d90afccfaa5e3
4804c2aedacd4aeaa883f9ee68a46db16fca0019e321d2991ccc16531d57f7aa
49330dbdf50dc3440d871a2408c7ec4fec185d62e419fd9960000cd8eed78950
4967ecf071530781f8ca0d2bec85930639444a42f9fcd72e9132f625a66d18fe
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e710e01936f0a44c245a12bc7832748f7305f935376a3b2429ff095233fc1cd
503a3d181c4091b17d8496ccfcd697001ff9317de55433a06a3dc6d58e5ac89b
525b03a9db3363086b93ccbc1eada66e1b42f24d8d781beeae9fb48c5da3803b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
58173a84c21aa149ef5c2f55eb26a70e219ebd07b851c9dba43fb5a63c923961
584922167fc6ed3574c49f7b1f1f49022b0e40125dd7812ed6c12f504eb550bf
59e0b75224ce76c109d509a2ae947180346bb69f27c7a24b34506d0e55897730
5a6fd2f0ef52a5f90ef46b194f98c5078f014f566733e1f53ceef93b6758d1b7
5af9c7e76b264071ee5a0a386955cdcb1bc9923680756b26502233191013e87f
5deee2e8c0d8801dcb3ea2c7bf077da917c60a7087aa28d2ee6d169c283f0a8d
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61589c55948801fbb4e2d6845653763c516749f4a3124acd355618fca2a3e6b5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64c9c3dc28715f6c6f758a51c2d8bc1815b33f86af8cebaf8993ac84a6433e4c
661d4b208656c006e7aab58acf7784857963123675de2302279fbe6c05313547
67a24a05747c9eecc7baa5f9e806b4aa6c7dec809b11e079b778fd6e69b80cee
6b4ffba6b71b523f9efeba374108264bbc1b4b2ce2f6b67b469fef5a56e4a5d9
6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38
6cc31cc35cfa43adcc675bd940550fe24aa51b8127144b511ab2cdbda94dffb5
6efa775a864aba5b3b1bc9ce6335a617693c712d3a65633cbe6751fa1d291a9c
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
733b72e1f33be2da55a3b0816d41e93d094cda8329340577da5357311cc9b062
78507c448502c9e2b5461f83277162ed016258905ddcc0c7a57b10863dc65b94
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
89ab70a5aa94a7fc9b531da399ce047377f44a4ef2e2296c07a317e6a7efdba5
8d28cbde77423f882bf0826656dc20e8508ad3b3ec6c9e32ae0b2edb1c5c8f0c
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f5f07b69a85a6c104c6251033b58709c1f5cdd915fd41147f4bee1dcfe85764
9208f340038ab6161525ffa0d8f73206c0ad0e2bc5f1acce5016836ad6cbcdaa
921c401abf160b422a186d525f3ffe086414b34a7528e8fbb6efa0b6aacb1995
99b650898fe88bb72b7af4b8aed0a80212a433313b107df9158e8843c9dc888a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b18d7ea491675cad697579c52f8b29bab5d9974f2820a5f55d4ab2394c99e00
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a146c5ff0951324299ef0ba28416c1169e99285c83eb2f829c6399172834bba4
a2a28a2ca43c28aad6727fb0c617422488f1f0315268fa53f457ef517ab3f03b
a2dd0b3163d783e73ee1645bf4ab7bf645356eef63d8278434d25f6790b16ead
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a55dddb0a168e6860a93a24c8260284bf7279b84cdf668aecb72e2e0f94f14b7
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a8a1d621f1f74266fe1e0050438d3f5df45b3d1de85c66e63b5c817c0da09ed5
a9221770db81241e541bccd51aa14d0a80f0393776907c370c37f2005034caeb
a9e4c76bcf53bc604e24e6c31d18fce636862118a6266f0ea106f1269fb87017
aaaeff9bb984200b0f41243b58c634e50ff3a818ecb7e57d5e1085c5b8ed9a5d
ac3713e12aaa91be7a1653a005ef5548dd34df32721e5ed7b1d765cc7c540953
acbefd3e3e650078b1d087ce4204198edda7901b41ae21d3570b6ff9851fc9cf
ad1860c9c0327d393bb3b966ad12507d20f703a4684b12d27b947de73d93528d
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b19ac4e57f2a56639eebd1c35319e5a7124be70d3fa155b63d878886520154fa
b23419cadee3a6cb1540c4c5f9ccb4b1fa8c43dafaa2c5e5dec994d47cfa3425
b28ee279c8c3d1708980611eae1f51b5eb0e0fcff9875c4c1114900d3cddaca6
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b5818f48e56e1c1f64d6639c9dd772158d5ade9452a196ea46055578b516b58e
b5eb9279b0f8b5ccf07f061ea704ebed14fe1a1378b856cb728ffb2a7b73fe74
b704e9eebe55fa1309a3cb15cc59b878efba1f40b592bd79a1f1186c33398786
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
b86a91da12e1464f776b968c970af47a509d1e7336303ed51ed3512f70eef673
ba9f43fbd9c0782c72ff6eddd221abdcfd9642cd4625227ad693347e4d6989db
bb8007225d94a099cddbade7ea904667c0dd0b68d5e30778e5c6257589ab94d1
bc5d534d349cc4198b2815ab0a6e4500e7dc5413bbff5f71dc91ff1fb517fcde
c256dec07e2b18df987ca53345eaacd13a7261be18fcd7c87e61623ec649576f
c3cb4a6dec4d1780b5ba7b7a07abfc924873ef7f42d602eb53d2f1348557a0b2
c6bdd002d23dcb0adbd87e3518bdd994de73818a0f0f502707986301b9fbc404
c80196cf0e91f54b3344d2552774499268d7ecb47d352097198da0401d6db93e
c83653fc9f931f42fafe451555d5778d8f638f02927cf527c60ea24f8ff73d78
c8f44882b903653ad64d8a946d3c5d3ed878848b6fe1936141568cccf1ed8445
c93aa25a43fb8f3fc998fefc3188b4712ba1e34c6e87826141f97aa2e6f05213
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0097336690d3fc572245290d0c2f014a9f9495b83da0f6b8f5bdd00e359f069
d1769c5d53beb7c5a6df513e24b14d261093722e9f1f34e383a4a2ef653d342f
d1d4c04c91beced0ab2f52ad7d47755b49d1054232f37ec933ba586052992985
d495b605d874fff6c44230b7a0fcea83f8939d7b8c852a68e1673d9569ef9100
d6c1aa198589b0a87b22f515905607c1c11839948491cea44a74b88116b40561
d8b1280df015b12fd4ea4138faad855238e57f1819a6d2b854d0fd9879532805
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
dcc549f017f06bef9f74c2193c5c00803b56670762688aaf1f57530baa945df2
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3dafefe42f5340dad10072bd7756ca87795d1b7c7d075cb847864ddc76cee81
e7c99112172cb41f490e8bc5668bff7ab186c4ce370e1d91b10defb71d2545e4
ea0289a75597de9b61809e238f4a5d220dc7325e6328e81bfb69615200bbc46d
eb1cef241fcd6b7b0be9bcbe18e4f79c19785c1b252aa36468e362a9afe2d381
ec34cd386427fe6deacf99f4fdbeea4b1d1ed25f505411650d7ceaa843a7fc63
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1a669735fa107786f09178de699852a83d5db33483da7865e98a96edbe5f636
f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244
f355b7c72890237c35f516cb5a7ab76227c26563d8b2ff49977496d558858dbd
f3bd93baf2d7ea7fe404497a78897e9300a56e1ef8e452cdd29c0156b2ff3aa5
f4914dd6ef72e844285023bc6679ca84af4ff0a8579a116b3c17d3cf2dce04f4
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8419b65565256be06f25af03fd101a621eb1c735ba433d6da6fcf7465d5fc5e
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
fd49d68dc087211e40a7bc3237ddead653a54968b1366be98ad183fe1a42d5dc
fdda5ac296308ccd1e9464bc1362c1bd0b671e7003e458ccc8477068e24d74cb

www.pokemonfanblog.mastertopforum.org Open in urlscan Pro 31.170.105.177 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

281 Requests

87 %HTTPS

42 %IPv6

56 Domains

84 Subdomains

69 IPs

5 Countries

4112 kBTransfer

12961 kBSize

33 Cookies

12 Outgoing links

Page URL History

Redirected requests

281 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.pokemonfanblog.mastertopforum.org Open in urlscan Pro
31.170.105.177 Public Scan

Screenshot
Live screenshot

Full Image

281
Requests

87 %
HTTPS

42 %
IPv6

56
Domains

84
Subdomains

69
IPs

5
Countries

4112 kB
Transfer

12961 kB
Size

33
Cookies

281 HTTP transactions
2 data transactions