urlscan.io logo urlscan.io
SecurityTrails logo

holiday.presslogic.com Open in urlscan Pro
2606:4700::6812:1749  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bit.ly/3BLEvtJ
Effective URL: https://holiday.presslogic.com/
Submission: On August 16 via api from HK
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 86 IPs in 9 countries across 71 domains to perform 526 HTTP transactions. The main IP is 2606:4700::6812:1749, located in United States and belongs to CLOUDFLARENET, US. The main domain is holiday.presslogic.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 9th 2021. Valid for: a year.
This is the only time holiday.presslogic.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.11 ()
1 1 2606:4700:10:... ()
86 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 2a03:2880:f21... ()
1 2 2a03:2880:f24... 32934 (FACEBOOK)
8 2a00:1450:400... ()
1 2a00:1450:400... 15169 (GOOGLE)
14 36 142.250.185.98 ()
3 2a00:1450:400... ()
5 2a00:1450:400... 15169 (GOOGLE)
1 65.9.73.17 16509 (AMAZON-02)
4 2a03:2880:f01... ()
4 8 65.9.73.74 16509 (AMAZON-02)
1 2606:4700::68... ()
32 2a00:1450:400... 15169 (GOOGLE)
1 65.9.96.11 16509 (AMAZON-02)
1 52.15.171.234 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 35.188.42.15 ()
1 2a00:1450:400... ()
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... ()
5 2a00:1450:400... ()
2 2a00:1450:400... ()
1 5 2a03:2880:f14... ()
26 2a00:1450:400... 15169 (GOOGLE)
2 3.129.250.65 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
23 2a00:1450:400... 15169 (GOOGLE)
25 2a00:1450:400... ()
4 8 2.18.234.21 ()
8 10 185.33.220.242 ()
5 142.250.186.66 ()
6 151.139.128.11 ()
2 2 66.155.71.150 ()
4 18.158.86.56 16509 (AMAZON-02)
9 9 35.157.197.70 16509 (AMAZON-02)
4 4 185.29.132.241 ()
6 6 213.19.147.44 ()
9 9 76.223.111.131 ()
4 184.30.21.112 ()
2 94.130.102.164 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
4 146.20.132.108 27357 (RACKSPACE)
1 4 176.9.26.250 ()
15 146.20.132.161 27357 (RACKSPACE)
4 4 2001:678:cb4:... ()
6 10 35.244.159.8 ()
2 184.31.88.106 ()
1 195.201.152.90 24940 (HETZNER-AS)
25 146.20.132.173 27357 (RACKSPACE)
3 6 108.128.25.216 16509 (AMAZON-02)
1 2a00:1450:400... ()
4 2a00:1450:400... ()
3 2a00:1450:400... ()
1 2a00:1450:400... ()
3 2600:9000:21f... 16509 (AMAZON-02)
7 18.193.42.157 16509 (AMAZON-02)
2 2600:1f18:612... 14618 (AMAZON-AES)
3 185.94.180.123 35220 (SPOTX-AMS)
1 192.96.200.41 30633 (LEASEWEB-...)
8 2.18.233.180 ()
1 2600:9000:20e... 16509 (AMAZON-02)
2 185.64.189.115 ()
5 6 37.157.4.24 198622 (ADFORM)
4 4 213.155.156.181 1299 (TELIANET ...)
7 30 185.64.190.80 ()
2 178.250.0.163 ()
1 1 85.114.159.93 24961 (MYLOC-AS ...)
2 3 52.215.68.151 16509 (AMAZON-02)
1 1 162.55.6.212 ()
1 1 188.165.4.142 16276 (OVH)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2 2606:4700::68... ()
1 1 198.148.27.139 ()
1 72.251.241.204 29791 (VOXEL-DOT...)
1 1 2a04:4e42:3::300 54113 (FASTLY)
1 151.101.13.44 ()
5 185.64.189.114 ()
2 3 51.210.112.63 ()
2 2 18.198.69.109 16509 (AMAZON-02)
2 169.50.137.190 36351 (SOFTLAYER)
2 2a00:1288:110... ()
4 4 18.156.0.31 ()
2 2 2620:116:800d... 16509 (AMAZON-02)
1 1 51.255.68.171 16276 (OVH)
4 4 151.101.14.49 ()
1 2a02:fa8:8806... ()
1 1 159.65.197.210 14061 (DIGITALOC...)
1 1 34.98.107.212 15169 (GOOGLE)
1 1 37.252.172.38 29990 (ASN-APPNEX)
1 1 54.77.47.243 16509 (AMAZON-02)
1 185.64.190.75 ()
1 173.194.76.156 ()
4 2a00:1450:400... ()
5 52.16.99.241 16509 (AMAZON-02)
1 2a00:1450:401... 15169 (GOOGLE)
4 2600:9000:212... 16509 (AMAZON-02)
2 5 54.229.132.88 16509 (AMAZON-02)
8 3.141.243.179 16509 (AMAZON-02)
1 1 2a00:1450:400... ()
1 1 2a00:1450:401... 15169 (GOOGLE)
1 2a00:1450:401... 15169 (GOOGLE)
9 104.244.36.20 ()
15 142.250.184.194 ()
14 18.203.131.238 16509 (AMAZON-02)
7 184.30.20.198 16625 (AKAMAI-AS)
6 8 185.64.189.216 ()
1 2a03:2880:f04... 32934 (FACEBOOK)
1 18.217.131.61 16509 (AMAZON-02)
2 2 35.210.53.219 ()
526 86
1    67.199.248.11 (United States)

ASN- ()
PTR: bit.ly
bit.ly
1    2606:4700:10::6814:8b41 (United States)

ASN- ()
tinyurl.com
86    2606:4700::6812:1749 (United States)

ASN13335 (CLOUDFLARENET, US)
holiday.presslogic.com
assets.presslogic.com
image.presslogic.com
1    2a03:2880:f21c:81c4:face:b00c:0:43fe (Frankfurt am Main, Germany)

ASN- ()
platform.instagram.com
2    2a03:2880:f245:e0:face:b00c:0:4420 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
www.instagram.com
8    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN- ()
www.googletagservices.com
1    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
36    142.250.185.98 (United States)

ASN- ()
PTR: fra16s49-in-f2.1e100.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
3    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN- ()
fonts.googleapis.com
5    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
encrypted-tbn0.gstatic.com
1    65.9.73.17 (United States)

ASN16509 (AMAZON-02, US)
certify-js.alexametrics.com
4    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN- ()
connect.facebook.net
8    65.9.73.74 (United States)

ASN16509 (AMAZON-02, US)
sb.scorecardresearch.com
1    2606:4700::6810:5e41 (United States)

ASN- ()
static.cloudflareinsights.com
32    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    65.9.96.11 (United States)

ASN16509 (AMAZON-02, US)
certify.alexametrics.com
1    52.15.171.234 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-15-171-234.us-east-2.compute.amazonaws.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
2    2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    35.188.42.15 (Council Bluffs, United States)

ASN- ()
PTR: 15.42.188.35.bc.googleusercontent.com
sentry.io
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN- ()
adservice.google.de
2    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
5    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN- ()
08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
5    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN- ()
www.google.com
2    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN- ()
www.google.de
5    2a03:2880:f145:82:face:b00c:0:25de (Amsterdam, Netherlands)

ASN- ()
www.facebook.com
26    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    3.129.250.65 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-129-250-65.us-east-2.compute.amazonaws.com
ads.vidoomy.com
px.vidoomy.com
7    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
23    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
25    2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN- ()
s0.2mdn.net
8    2.18.234.21 (Frankfurt am Main, Germany)

ASN- ()
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
10    185.33.220.242 (Amsterdam, Netherlands)

ASN- ()
PTR: 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
5    142.250.186.66 (United States)

ASN- ()
PTR: fra24s05-in-f2.1e100.net
googleads4.g.doubleclick.net
6    151.139.128.11 (United States)

ASN- ()
ad.lkqd.net
2    66.155.71.150 (Portsmouth, United Kingdom)

ASN- ()
pixel-sync.sitescout.com
4    18.158.86.56 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-86-56.eu-central-1.compute.amazonaws.com
a.vidoomy.com
9    35.157.197.70 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-197-70.eu-central-1.compute.amazonaws.com
x.bidswitch.net
4    185.29.132.241 (United Kingdom)

ASN- ()
sync.mathtag.com
6    213.19.147.44 (United Kingdom)

ASN- ()
sync.1rx.io
sync.targeting.unrulymedia.com
9    76.223.111.131 (United States)

ASN- ()
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
4    184.30.21.112 (Frankfurt am Main, Germany)

ASN- ()
PTR: a184-30-21-112.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
2    94.130.102.164 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.102.130.94.clients.your-server.de
hal9000.redintelligence.net
1    2a00:1450:4001:801::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
4    146.20.132.108 (United States)

ASN27357 (RACKSPACE, US)
v.lkqd.net
4    176.9.26.250 (Germany)

ASN- ()
PTR: static.250.26.9.176.clients.your-server.de
hal900014.redintelligence.net
15    146.20.132.161 (United States)

ASN27357 (RACKSPACE, US)
cs.lkqd.net
4    2001:678:cb4:bbbb::11 (United Kingdom)

ASN- ()
ad.turn.com
10    35.244.159.8 (Kansas City, United States)

ASN- ()
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
vidoomy-d.openx.net
2    184.31.88.106 (Frankfurt am Main, Germany)

ASN- ()
PTR: a184-31-88-106.deploy.static.akamaitechnologies.com
sync.teads.tv
1    195.201.152.90 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.90.152.201.195.clients.your-server.de
opt.objectiveportal.com
25    146.20.132.173 (United States)

ASN27357 (RACKSPACE, US)
t.lkqd.net
6    108.128.25.216 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-25-216.eu-west-1.compute.amazonaws.com
ti.tradetracker.net
1    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN- ()
www.gstatic.com
4    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN- ()
encrypted-tbn3.gstatic.com
3    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN- ()
encrypted-tbn1.gstatic.com
1    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN- ()
encrypted-tbn2.gstatic.com
3    2600:9000:21f3:4e00:1a:7c92:efc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.tradetracker.net
7    18.193.42.157 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-42-157.eu-central-1.compute.amazonaws.com
ads.adaptv.advertising.com
2    2600:1f18:612b:4216:72b:4784:49c3:fec8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
4cywq-eqnre.ads.tremorhub.com
3    185.94.180.123 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
1    192.96.200.41 (Greenbelt, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ads.aralego.com
8    2.18.233.180 (Frankfurt am Main, Germany)

ASN- ()
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
vpaid.pubmatic.com
ads.pubmatic.com
1    2600:9000:20eb:c600:15:6f6c:b180:93a1 (United States)

ASN16509 (AMAZON-02, US)
vpaid.springserve.com
2    185.64.189.115 (United Kingdom)

ASN- ()
image6.pubmatic.com
6    37.157.4.24 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
4    213.155.156.181 (Uppsala, Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-181.teliacarrier-cust.com
d5p.de17a.com
30    185.64.190.80 (United Kingdom)

ASN- ()
image2.pubmatic.com
simage2.pubmatic.com
2    178.250.0.163 (France)

ASN- ()
dis.criteo.com
1    85.114.159.93 (Schopfheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
3    52.215.68.151 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-68-151.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    162.55.6.212 (Germany)

ASN- ()
PTR: static.212.6.55.162.clients.your-server.de
csync.loopme.me
1    188.165.4.142 (France)

ASN16276 (OVH, FR)
PTR: ip142.ip-188-165-4.eu
green.erne.co
1    2606:4700:3039::6815:c03b (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
2    2606:4700::6812:d05 (United States)

ASN- ()
a.tribalfusion.com
s.tribalfusion.com
1    198.148.27.139 (New York, United States)

ASN- ()
bh.contextweb.com
1    72.251.241.204 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
1    2a04:4e42:3::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    151.101.13.44 (Frankfurt am Main, Germany)

ASN- ()
match.taboola.com
5    185.64.189.114 (United Kingdom)

ASN- ()
image4.pubmatic.com
3    51.210.112.63 (France)

ASN- ()
PTR: ns3174889.ip-51-210-112.eu
pixel.onaudience.com
2    18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
loada.exelator.com
2    169.50.137.190 (United States)

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
2    2a00:1288:110:c305::8000 (Dublin, Ireland)

ASN- ()
pr-bh.ybp.yahoo.com
4    18.156.0.31 (Frankfurt am Main, Germany)

ASN- ()
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
1    51.255.68.171 (France)

ASN16276 (OVH, FR)
PTR: ns3028611.ip-51-255-68.eu
dsp.nrich.ai
4    151.101.14.49 (Frankfurt am Main, Germany)

ASN- ()
sync-tm.everesttech.net
1    2a02:fa8:8806:16::1370 (United States)

ASN- ()
pubmatic-match.dotomi.com
1    159.65.197.210 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    34.98.107.212 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 212.107.98.34.bc.googleusercontent.com
ads.playground.xyz
1    37.252.172.38 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
1    54.77.47.243 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
rtb.gumgum.com
1    185.64.190.75 (United Kingdom)

ASN- ()
vid.pubmatic.com
1    173.194.76.156 (United States)

ASN- ()
PTR: ws-in-f156.1e100.net
bid.g.doubleclick.net
4    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN- ()
imasdk.googleapis.com
5    52.16.99.241 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-99-241.eu-west-1.compute.amazonaws.com
unified.adsafeprotected.com
1    2a00:1450:4017:800::2003 (Ireland)

ASN15169 (GOOGLE, US)
csi.gstatic.com
4    2600:9000:2127:c00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
5    54.229.132.88 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-132-88.eu-west-1.compute.amazonaws.com
pixel.adsafeprotected.com
8    3.141.243.179 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-141-243-179.us-east-2.compute.amazonaws.com
vid-io-cle.springserve.com
1    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN- ()
gcdn.2mdn.net
1    2a00:1450:401e:28::6 (Ireland)

ASN15169 (GOOGLE, US)
r1---sn-4g5ednsr.c.2mdn.net
1    2a00:1450:401e:28::8 (Ireland)

ASN15169 (GOOGLE, US)
r3---sn-4g5ednsr.c.2mdn.net
9    104.244.36.20 (United States)

ASN- ()
PTR: nyidt.adsafeprotected.com
dt.adsafeprotected.com
15    142.250.184.194 (United States)

ASN- ()
PTR: fra24s11-in-f2.1e100.net
ade.googlesyndication.com
14    18.203.131.238 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
s.update.rose.pubmatic.com
7    184.30.20.198 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-198.deploy.static.akamaitechnologies.com
aktrack.pubmatic.com
8    185.64.189.216 (United Kingdom)

ASN- ()
image8.pubmatic.com
1    2a03:2880:f045:f:face:b00c:0:8c (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
ad.atdmt.com
1    18.217.131.61 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-217-131-61.us-east-2.compute.amazonaws.com
events.mmi360.net
2    35.210.53.219 (Brussels, Belgium)

ASN- ()
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
Apex Domain
Subdomains		 Transfer
86 presslogic.com
holiday.presslogic.com
assets.presslogic.com
image.presslogic.com
1 MB
75 pubmatic.com
vpaid.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
vid.pubmatic.com
s.update.rose.pubmatic.com
aktrack.pubmatic.com
image8.pubmatic.com
169 KB
69 googlesyndication.com
08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
ade.googlesyndication.com
314 KB
51 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
googleads4.g.doubleclick.net
bid.g.doubleclick.net
268 KB
50 lkqd.net
ad.lkqd.net
v.lkqd.net
cs.lkqd.net
t.lkqd.net Failed
154 KB
43 gstatic.com
fonts.gstatic.com
www.gstatic.com
encrypted-tbn3.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn0.gstatic.com
encrypted-tbn2.gstatic.com
csi.gstatic.com
1 MB
28 2mdn.net
s0.2mdn.net
r3---sn-4g5ednsr.c.2mdn.net Failed
gcdn.2mdn.net
r1---sn-4g5ednsr.c.2mdn.net
918 KB
23 adsafeprotected.com
unified.adsafeprotected.com
static.adsafeprotected.com
pixel.adsafeprotected.com
dt.adsafeprotected.com
147 KB
11 adnxs.com
ib.adnxs.com
secure.adnxs.com
10 KB
10 openx.net
us-u.openx.net
vidoomy-d.openx.net
3 KB
9 springserve.com
vpaid.springserve.com
vid-io-cle.springserve.com
88 KB
9 tradetracker.net
ti.tradetracker.net
static.tradetracker.net
36 KB
9 adsrvr.org
match.adsrvr.org
4 KB
9 bidswitch.net
x.bidswitch.net
4 KB
8 casalemedia.com
dsum-sec.casalemedia.com
7 KB
8 scorecardresearch.com
sb.scorecardresearch.com
3 KB
8 googleapis.com
fonts.googleapis.com
storage.googleapis.com
imasdk.googleapis.com
495 KB
8 googletagservices.com
www.googletagservices.com
276 KB
7 advertising.com
ads.adaptv.advertising.com
3 KB
7 google.com
adservice.google.com
www.google.com
2 KB
6 yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
5 KB
6 adform.net
c1.adform.net
3 KB
6 redintelligence.net
hal9000.redintelligence.net
hal900014.redintelligence.net
22 KB
6 vidoomy.com
ads.vidoomy.com
a.vidoomy.com
px.vidoomy.com
8 KB
5 facebook.com
www.facebook.com
2 KB
4 everesttech.net
sync-tm.everesttech.net
1 KB
4 de17a.com
d5p.de17a.com
1 KB
4 turn.com
ad.turn.com
2 KB
4 stickyadstv.com
ads.stickyadstv.com
2 KB
4 1rx.io
sync.1rx.io
2 KB
4 mathtag.com
sync.mathtag.com
3 KB
4 facebook.net
connect.facebook.net
168 KB
4 google-analytics.com
www.google-analytics.com
20 KB
3 onaudience.com
pixel.onaudience.com
1 KB
3 bidr.io
match.prod.bidr.io
2 KB
3 spotxchange.com
search.spotxchange.com
3 KB
3 google.de
adservice.google.de
www.google.de
1 KB
3 instagram.com
platform.instagram.com
www.instagram.com
5 KB
2 admedo.com
pool.admedo.com
719 B
2 quantserve.com
pixel.quantserve.com
1 KB
2 simpli.fi
um.simpli.fi
1 KB
2 exelator.com
loada.exelator.com
2 KB
2 taboola.com
trc.taboola.com
match.taboola.com
651 B
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 criteo.com
dis.criteo.com
676 B
2 tremorhub.com
4cywq-eqnre.ads.tremorhub.com
930 B
2 teads.tv
sync.teads.tv
344 B
2 unrulymedia.com
sync.targeting.unrulymedia.com
1016 B
2 sitescout.com
pixel-sync.sitescout.com
600 B
2 alexametrics.com
certify-js.alexametrics.com
certify.alexametrics.com
3 KB
1 mmi360.net
events.mmi360.net
135 B
1 atdmt.com
ad.atdmt.com
1 KB
1 gumgum.com
rtb.gumgum.com
337 B
1 playground.xyz
ads.playground.xyz
486 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 nrich.ai
dsp.nrich.ai
489 B
1 adgrx.com
cm.adgrx.com
408 B
1 contextweb.com
bh.contextweb.com
453 B
1 ad4m.at
ad4m.at
974 B
1 erne.co
green.erne.co
327 B
1 loopme.me
csync.loopme.me
212 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 aralego.com
ads.aralego.com
530 B
1 objectiveportal.com
opt.objectiveportal.com
529 B
1 sentry.io
sentry.io
479 B
1 a2z.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
48 B
1 cloudflareinsights.com
static.cloudflareinsights.com
5 KB
1 googletagmanager.com
www.googletagmanager.com
62 KB
1 tinyurl.com
tinyurl.com
407 B
1 bit.ly
bit.ly
255 B
526 71
Domain Requested by
64 holiday.presslogic.com holiday.presslogic.com
32 fonts.gstatic.com fonts.googleapis.com
26 pagead2.googlesyndication.com holiday.presslogic.com
08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
s0.2mdn.net
www.googletagservices.com
imasdk.googleapis.com
srcdoc
25 t.lkqd.net ad.lkqd.net
25 s0.2mdn.net holiday.presslogic.com
s0.2mdn.net
imasdk.googleapis.com
23 tpc.googlesyndication.com 08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
googleads.g.doubleclick.net
s0.2mdn.net
imasdk.googleapis.com
19 securepubads.g.doubleclick.net www.googletagservices.com
holiday.presslogic.com
18 simage2.pubmatic.com 3 redirects ads.pubmatic.com
17 cm.g.doubleclick.net 14 redirects googleads.g.doubleclick.net
15 ade.googlesyndication.com
15 cs.lkqd.net ad.lkqd.net
14 s.update.rose.pubmatic.com vpaid.pubmatic.com
s.update.rose.pubmatic.com
12 image2.pubmatic.com 4 redirects ads.pubmatic.com
11 image.presslogic.com holiday.presslogic.com
11 assets.presslogic.com holiday.presslogic.com
10 ib.adnxs.com 8 redirects googleads.g.doubleclick.net
9 dt.adsafeprotected.com
9 match.adsrvr.org 9 redirects
9 x.bidswitch.net 9 redirects
8 image8.pubmatic.com 6 redirects
8 vid-io-cle.springserve.com vpaid.springserve.com
8 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
8 sb.scorecardresearch.com 4 redirects holiday.presslogic.com
8 www.googletagservices.com holiday.presslogic.com
securepubads.g.doubleclick.net
08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
7 aktrack.pubmatic.com
7 ads.adaptv.advertising.com ad.lkqd.net
vpaid.springserve.com
7 googleads.g.doubleclick.net 08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
holiday.presslogic.com
6 c1.adform.net 5 redirects ads.pubmatic.com
6 vidoomy-d.openx.net 3 redirects
6 ti.tradetracker.net 3 redirects holiday.presslogic.com
hal900014.redintelligence.net
6 ad.lkqd.net holiday.presslogic.com
ad.lkqd.net
5 pixel.adsafeprotected.com 2 redirects holiday.presslogic.com
static.adsafeprotected.com
pixel.adsafeprotected.com
5 unified.adsafeprotected.com imasdk.googleapis.com
5 image4.pubmatic.com ads.pubmatic.com
5 googleads4.g.doubleclick.net holiday.presslogic.com
5 www.facebook.com 1 redirects holiday.presslogic.com
connect.facebook.net
5 www.google.com holiday.presslogic.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
5 08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 static.adsafeprotected.com imasdk.googleapis.com
holiday.presslogic.com
4 imasdk.googleapis.com vpaid.pubmatic.com
imasdk.googleapis.com
4 sync-tm.everesttech.net 4 redirects
4 ups.analytics.yahoo.com 4 redirects
4 d5p.de17a.com 4 redirects
4 ads.pubmatic.com vpaid.pubmatic.com
ads.pubmatic.com
4 vpaid.pubmatic.com ad.lkqd.net
vpaid.springserve.com
blank
4 encrypted-tbn3.gstatic.com 08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
4 us-u.openx.net 3 redirects googleads.g.doubleclick.net
4 ad.turn.com 4 redirects
4 hal900014.redintelligence.net 1 redirects 08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
hal900014.redintelligence.net
4 v.lkqd.net ad.lkqd.net
4 ads.stickyadstv.com ad.lkqd.net
4 sync.1rx.io 4 redirects
4 sync.mathtag.com 4 redirects
4 a.vidoomy.com holiday.presslogic.com
ad.lkqd.net
4 connect.facebook.net holiday.presslogic.com
connect.facebook.net
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
holiday.presslogic.com
3 pixel.onaudience.com 2 redirects ads.pubmatic.com
3 match.prod.bidr.io 2 redirects ads.pubmatic.com
3 search.spotxchange.com ad.lkqd.net
3 static.tradetracker.net 08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
hal900014.redintelligence.net
3 encrypted-tbn1.gstatic.com 08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
3 fonts.googleapis.com holiday.presslogic.com
08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
hal900014.redintelligence.net
2 pool.admedo.com 2 redirects
2 pixel.quantserve.com 2 redirects
2 pr-bh.ybp.yahoo.com ads.pubmatic.com
2 um.simpli.fi ads.pubmatic.com
2 loada.exelator.com 2 redirects
2 dis.criteo.com ads.pubmatic.com
2 image6.pubmatic.com ads.pubmatic.com
2 4cywq-eqnre.ads.tremorhub.com ad.lkqd.net
2 sync.teads.tv googleads.g.doubleclick.net
2 hal9000.redintelligence.net 08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
hal900014.redintelligence.net
2 sync.targeting.unrulymedia.com 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 www.google.de holiday.presslogic.com
2 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
2 stats.g.doubleclick.net holiday.presslogic.com
2 www.instagram.com 1 redirects holiday.presslogic.com
1 events.mmi360.net
1 ad.atdmt.com
1 r1---sn-4g5ednsr.c.2mdn.net 1 redirects
1 gcdn.2mdn.net 1 redirects
1 r3---sn-4g5ednsr.c.2mdn.net
1 csi.gstatic.com imasdk.googleapis.com
1 bid.g.doubleclick.net vpaid.pubmatic.com
1 vid.pubmatic.com vpaid.pubmatic.com
1 rtb.gumgum.com 1 redirects
1 secure.adnxs.com 1 redirects
1 ads.playground.xyz 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 dsp.nrich.ai 1 redirects
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 bh.contextweb.com 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 ad4m.at ads.pubmatic.com
1 green.erne.co 1 redirects
1 csync.loopme.me 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 vpaid.springserve.com ad.lkqd.net
1 px.vidoomy.com ad.lkqd.net
1 ads.aralego.com ad.lkqd.net
1 encrypted-tbn2.gstatic.com 08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
1 encrypted-tbn0.gstatic.com 08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
1 www.gstatic.com 08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
1 opt.objectiveportal.com 08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
1 storage.googleapis.com securepubads.g.doubleclick.net
1 ads.vidoomy.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 sentry.io holiday.presslogic.com
1 redirect.prod.experiment.routing.cloudfront.aws.a2z.com holiday.presslogic.com
1 certify.alexametrics.com holiday.presslogic.com
1 static.cloudflareinsights.com holiday.presslogic.com
1 certify-js.alexametrics.com holiday.presslogic.com
1 www.googletagmanager.com holiday.presslogic.com
1 platform.instagram.com 1 redirects
1 tinyurl.com 1 redirects
1 bit.ly 1 redirects
526 121

This site contains links to these domains. Also see Links.

Domain
www.presslogic.com
www.facebook.com
www.instagram.com
www.youtube.com
Subject Issuer Validity Valid
presslogic.com
Cloudflare Inc ECC CA-3		 2021-06-09 -
2022-06-08		 a year crt.sh
*.www.instagram.com
DigiCert SHA2 High Assurance Server CA		 2021-06-19 -
2021-09-17		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
certify-js.alexametrics.com
Amazon		 2021-06-14 -
2022-07-13		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-07-20 -
2021-10-18		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-11 -
2022-06-10		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
certify.alexametrics.com
Amazon		 2021-06-14 -
2022-07-13		 a year crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com
Amazon		 2020-09-10 -
2021-10-10		 a year crt.sh
sentry.io
DigiCert SHA2 Secure Server CA		 2020-06-02 -
2022-06-07		 2 years crt.sh
*.google.de
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2021-08-06 -
2022-09-05		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
ad.lkqd.net
R3		 2021-07-25 -
2021-10-23		 3 months crt.sh
ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-13 -
2021-11-17		 a year crt.sh
redintelligence.net
R3		 2021-06-21 -
2021-09-19		 3 months crt.sh
*.storage.googleapis.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.lkqd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-09 -
2022-07-14		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
teads.tv
R3		 2021-06-14 -
2021-09-12		 3 months crt.sh
www.objectiveplatform.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-04 -
2021-08-27		 6 months crt.sh
*.tradetracker.net
Amazon		 2020-12-20 -
2022-01-18		 a year crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-05-24 -
2021-11-17		 6 months crt.sh
*.tremorhub.com
Amazon		 2021-06-27 -
2022-07-26		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2021-03-10 -
2022-03-29		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-23 -
2021-11-21		 2 years crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.springserve.com
Amazon		 2021-04-30 -
2022-05-29		 a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-06-27 -
2021-09-24		 3 months crt.sh
*.match.prod.bidr.io
Amazon		 2021-02-26 -
2022-03-27		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.onaudience.com
Certyfikat SSL		 2021-05-28 -
2022-05-28		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-29 -
2021-09-22		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
wrapper-vast.adsafeprotected.com
Amazon		 2020-12-18 -
2022-01-16		 a year crt.sh
static.adsafeprotected.com
Amazon		 2020-10-03 -
2021-11-03		 a year crt.sh
fw.adsafeprotected.com
Amazon		 2021-08-11 -
2022-09-09		 a year crt.sh
*.c.docs.google.com
GTS CA 1C3		 2021-08-03 -
2021-10-12		 2 months crt.sh
*.adsafeprotected.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-26 -
2022-06-17		 a year crt.sh
update.rose.pubmatic.com
R3		 2021-08-05 -
2021-11-03		 3 months crt.sh
*.atlassolutions.com
DigiCert SHA2 High Assurance Server CA		 2021-07-06 -
2021-10-04		 3 months crt.sh
events.mmi360.net
Amazon		 2021-05-04 -
2022-06-02		 a year crt.sh

This page contains 57 frames:

Primary Page: https://holiday.presslogic.com/
Frame ID: 343517DB1B29F5A5296EE0197D45A5D8
Requests: 184 HTTP requests in this frame

Frame: https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 804F16A8D8CA43E4629EE8281F754A55
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%3D1686107568269712%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df141000b21ecec%2526domain%253Dholiday.presslogic.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fholiday.presslogic.com%25252Ff1acb6afde47c4c%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttp%253A%252F%252Fwww.facebook.com%252F1177918368921987%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D300
Frame ID: 23725A3A35AA893AE2D9B1F0850B2226
Requests: 1 HTTP requests in this frame

Frame: https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EC05AEBB5D55FDDA938AAD749560C3AD
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstRwmEpNJcYQ0KkaZxer_7YYd22bExxfAKdDRXd8te4cdwZ2JFKWwdYPC1ZaxNcwz72MK8twendubKQdClixQtNeBW4M7Un4kHskX9Ru9D67pnUoNZ--d7AnhYaKkNG8R4qbMmlTxzM4dUbQET5AMP5ElES5joMQeI6fVcz6jmz6mUYkd54A0BiYf-kOcysx21yqtLLvJhrzswUHYnUwHOGE8mTjul0jvSJsoeMNbfQdRHuaWFlWPG8rFRvMkedm2a4Dik1PsjWEOOZZMECU9kpcXpGK_rNdaCb60Rd9ZAlS0QRWcFhu5-LTu52_1_8sa74Vas67TLIBOOYvqgKjR7ILbZccA&sai=AMfl-YSo-yOD9Cx9C1s9b5udAvT7yGnK-isH66t8aUY4eBRf_RwuTar-vo0N008V6XylXYGNohrX94Yasl0qQ3eNALXwXa1OMPeHpSkv0qr_C4HNkfH1eNHYnBZVyGuxojce&sig=Cg0ArKJSzKahYrFKBSJOEAE&urlfix=1&adurl=
Frame ID: CA8E95E189DBD76D3D40993A622C5294
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCNZxCDtmkY1vncrwEwAQ&v=APEucNWk_PYJoYW4JcqOsB54tWIuGx5ew8ehKkX_X1fszMMs9GsUTAVQUNQzv9nujD9_vSHkapWIWu36e5fC_Z_9dA6GCzvpgaZf7tSW93NXDyc68le0ir79t7FHbJ-TnKAkZcD8Q2y5DREVYynDEA45KPXbgqiG9coMrtJjZXDERi9buWRbvYQ
Frame ID: 46579C159AD41CB4FCAADC76B4AD2774
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 15E6F7AB19165F6FE0A742771388BBF6
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6D9BC28622602BC0331E0EEA653E4A1C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CE8F37DE676B2A74609249B7DB8633E9
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/5762573/1626254229071/index.html
Frame ID: AEDDA339D42E9E6C5DC01469521B3916
Requests: 11 HTTP requests in this frame

Frame: https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F1123FDE9D42AF6076F906558877D690
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYpsvZlQEwAQ&v=APEucNWM3ROScElVa-NfY7evYaeAagEdFoDtLlJlprOejxJuF_fHZTWR_DymVN8VtB1SwH9OoXCN7KLo7uFQp41XBiLB-leQCv_8PYydXThTn75vWGpn95wcy9JJpDhnjZOpAcqWiitMFGNdmnA9_VM_NiJ75jRSrpDVSk7-hEyv3hrxLA9Z7OY
Frame ID: F5AFC9F0AC57AF66FD593282DE00AF7B
Requests: 5 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: 77A32222DD010E991E83D13E1186FFF3
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: 6D0A5B1F848F00E026D14DC053D97B85
Requests: 2 HTTP requests in this frame

Frame: https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
Frame ID: 3D926EDD36E77D93C6DD039F78A22215
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E418F6B2A4AF9F9AD6805BED4CE08F95
Requests: 3 HTTP requests in this frame

Frame: https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8AEF85217E801945E528F8B08309886F
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvM1ufRFzQWy_mwx8TNzyoCh7BhSbMLaXlDaKr_XFs42AeJRR9AzGuAagB0fimjPAIFFK5na0-qmh8ZE4m26qf3o7npTlVaJqpb0MgVruLWeRTs-FttxWzX_pj5hD_2oQZi6vP7v2Wv4pyUCoBi8Uj1uQom4gPC2HCSfksZoYH9DfW2EsJWRwMWdxhMVL5BBEgOeJhs-xI6O8WNr7c5qmfLcJioIkPM5dLZbUn9Q1DJIbXFEKxXspTFEC1f6a_yWk74UbQM0N9r-fcF-1U5qihn6hwGODIbUdl-4ruir-zHX7b-ZSyae2G3PkJdXIPCAQpI-FbDTSl2yKZoA45iAb0_-_CFKS92gchOFjjPGHTahRenrTc_n4A6sq6gmOvrj_fWig&sai=AMfl-YTfSrZmT01_GwivjqGcOSgGRbshbxQ4_N34eqxS1xRe7gLz6q0WN1i10PBQdE7u-FtAH_KsyU8gqAwBcZo_DD-N8vAheQKl7b7hgFQPn6i2IK773RIMRk4c8MhqZKxy&sig=Cg0ArKJSzHuWVzZgZeu4EAE&adurl=
Frame ID: 651CE9AB1AB908D0188BF75D3BDBA7E9
Requests: 9 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 4EB688D521236028ED9A109153CA85E5
Requests: 6 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: C0BD1393BEC118B876444C7111271D25
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK-hNBDg0zcYl_-knQEwAQ&v=APEucNVviophhnu2QXyXZVGWKcE9wysyf4RTjypkZIHM59a1OOK8Fkfl_VEq0xYlY3GyqumUReLvWLq-aJLa68MUY5FX_lQdec_67bEQXPtnXqm_hZgWe5GSa7TH7_W8atSpfkqnYsNMc5aXQD27sFqYUg5RXx0exRIY_2wqg8SN2101EVYhTuQ
Frame ID: 2C6F76555EC8810E5BB603CDDBEB80BE
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D2ECE694EBBCCCAEFF814E9D4E204C8F
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61851409/20210805032649100/2021_wehkamp_awareness_300x250/wehkamp_awareness_300x250/index.html?e=69&leftOffset=0&topOffset=0&c=3j4BlSNWp1&t=1&renderingType=2
Frame ID: E3B60560DACFB1FEF235D4E091E7DB3E
Requests: 13 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 16F7968B90493493931087D7269D63BA
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 99E607466A5C32DF60EA17DC648551DC
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 87504226DD851EFD1BA8B93BA4EDFA25
Requests: 5 HTTP requests in this frame

Frame: https://hal900014.redintelligence.net/request_content.php?s=35543200047231900719594011688014&a=c5897368
Frame ID: BEDDFBB91CA41A36FBE691A7139B8656
Requests: 10 HTTP requests in this frame

Frame: https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A34F015236CB9C0EB2393A376318678A
Requests: 22 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: C24FB319BBE58ADF6C754ED5BBB28857
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gNlTKBZ5R8AAOiwGb4ScEkJ-hJdRSD5i8Nb9VbYnj7U.js
Frame ID: 858E378E8A8E394B1C2A9DA82C8C7615
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 2955AC4E1BDE26E6A98C9DD8A9FCB68D
Requests: 11 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_5f161ae6.js
Frame ID: EDDD4DD4FFA87F674B8195AAE4DA6863
Requests: 11 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,
Frame ID: 4722B9B004F9EB73E4F0537BB418BADE
Requests: 35 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: FC5B3C0124C0BE71FC957AFC791F4A0C
Requests: 23 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=89A3FAE2-63FC-4CCA-AA74-FA8BC092C8F6
Frame ID: C5D738F8A3AC94F1AF9EC1A730AD8C99
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3449042233335088210
Frame ID: 1A006FDA3B522E1B605B9EBFB205C591
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 6B9FD89F92EC9B2B190A079CB4FCDBB1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6996928413008197774
Frame ID: E09FE636909F9B1A0F8B0D86376C2C82
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: 5C19BAA04F89D04E15388B0568E4E457
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Frame ID: 799278A6F1CE639A3C37D23878E79542
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-e760ac3e-19db-4119-93e4-7c02f5135c4d-003
Frame ID: D05D348D39F22DCCB2868B91A3D4D00E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=X7DzUF9nYkvxcjYgw3ahXUfn
Frame ID: 694D351816AA33B14CE9F85369F03E4C
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: B482EEA95F364D9BF8B55133A67F38C9
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: AD8999A6CE648E77E9988A042C82FF36
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=FetGAuX0XRvO&pid=557219
Frame ID: C7F5B72C1871282825D80905E5256C8C
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: B8B2593AEBDFAF169550907FD2B5774F
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=46037738-0a6c-4ea5-b7ac-96c7ac87ff81-tuct8139ad0&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 14A6794AFE503DD323D8541A66DB444F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: E96B2EB5A7D5443B1AFC4995696091B7
Requests: 10 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js
Frame ID: 33FEB62CCA33CEC4E00313A7505DD5C4
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.474.0_en.html
Frame ID: C7FC735359F98A6424EF324FBBBF585F
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 0EE13BD27E8F00C3263D9362DBFA571B
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: 11E0695C10B3D157DE6F5D022926820C
Requests: 5 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.11.js
Frame ID: 62DAE062343909F74681A64B773E1096
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 08B417426DAB5214B0C49DCF1C83E6CB
Requests: 3 HTTP requests in this frame

Frame: https://image4.pubmatic.com/AdServer/SPug?pmc=-1&partnerID=156498&partnerUID=(null)
Frame ID: D1306AE9C6ED3C0DF1B7214FC1FECD6A
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: C48899A05D82A468D77277359F657088
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 3B39A379B2F7F08989C359108A072751
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://bit.ly/3BLEvtJ HTTP 301
    https://tinyurl.com/hldpresslogic HTTP 301
    https://holiday.presslogic.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

526
Requests

98 %
HTTPS

40 %
IPv6

71
Domains

121
Subdomains

86
IPs

9
Countries

6022 kB
Transfer

12582 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/3BLEvtJ HTTP 301
    https://tinyurl.com/hldpresslogic HTTP 301
    https://holiday.presslogic.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://platform.instagram.com/en_US/embeds.js HTTP 301
  • https://www.instagram.com/embed.js HTTP 302
  • https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
Request Chain 60
  • https://sb.scorecardresearch.com/b?c1=2&c2=21733041&ns__t=1629099340663&ns_c=UTF-8&c8=HolidaySmart%20%E5%81%87%E6%9C%9F%E6%97%A5%E5%B8%B8%20%7C%20%E9%A6%99%E6%B8%AF%E6%9C%80%E5%BC%B7%E9%A3%9F%E8%B2%B7%E7%8E%A9%E6%97%85%E9%81%8A%E8%B3%87%E8%A8%8A%E7%B2%BE%E6%98%8E%E6%B6%88%E8%B2%BB%E9%9B%9C%E8%AA%8C&c7=https%3A%2F%2Fholiday.presslogic.com%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=21733041&ns__t=1629099340663&ns_c=UTF-8&c8=HolidaySmart%20%E5%81%87%E6%9C%9F%E6%97%A5%E5%B8%B8%20%7C%20%E9%A6%99%E6%B8%AF%E6%9C%80%E5%BC%B7%E9%A3%9F%E8%B2%B7%E7%8E%A9%E6%97%85%E9%81%8A%E8%B3%87%E8%A8%8A%E7%B2%BE%E6%98%8E%E6%B6%88%E8%B2%BB%E9%9B%9C%E8%AA%8C&c7=https%3A%2F%2Fholiday.presslogic.com%2F&c9=
Request Chain 140
  • https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=1686107568269712&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df141000b21ecec%26domain%3Dholiday.presslogic.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fholiday.presslogic.com%252Ff1acb6afde47c4c%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=http%3A%2F%2Fwww.facebook.com%2F1177918368921987&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=300 HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%3D1686107568269712%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df141000b21ecec%2526domain%253Dholiday.presslogic.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fholiday.presslogic.com%25252Ff1acb6afde47c4c%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttp%253A%252F%252Fwww.facebook.com%252F1177918368921987%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D300
Request Chain 141
  • https://sb.scorecardresearch.com/c2/21733041/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 174
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAhdguSvpKqjzGNNao3e88c&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAhdguSvpKqjzGNNao3e88c&google_cver=1&C=1
Request Chain 175
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YRoVTZqCTbzC4Oty1tn3LAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAhdguSvpKqjzGNNao3e88c&google_cver=1
Request Chain 176
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIBGIKJvTnqFuPtedylXAz8&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEIBGIKJvTnqFuPtedylXAz8%26google_cver%3D1
Request Chain 177
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk1ODgzODQzMjYyMDc4MTIw
Request Chain 206
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
Request Chain 207
  • https://x.bidswitch.net/sync?ssp=vidoomy&user_id=946186937.33051721505295326.8488918 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=946186937.33051721505295326.8488918 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dvidoomy%26bsw_param%3Dcc792c78-a41d-4864-be0f-2f9886fcfaa8&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=704e611a-154d-4000-a806-bfaa261b6118&expires=30&ssp=vidoomy&bsw_param=cc792c78-a41d-4864-be0f-2f9886fcfaa8&gdpr=&gdpr_consent= HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=cc792c78-a41d-4864-be0f-2f9886fcfaa8
Request Chain 208
  • https://sync.1rx.io/usersync2/vidoomy?redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DUN%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=104520718 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=104520718 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/b85658ec-c6e1-4e7e-aa6a-e06004a73bb6 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-537074f1-4f2a-4d49-9b93-e8749fc493ca-003?redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DUN%26uid%3DRX-537074f1-4f2a-4d49-9b93-e8749fc493ca-003 HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=UN&uid=RX-537074f1-4f2a-4d49-9b93-e8749fc493ca-003
Request Chain 213
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAhdguSvpKqjzGNNao3e88c&google_cver=1
Request Chain 214
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YRoVTZ5GFt-0elHUZePuwwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAhdguSvpKqjzGNNao3e88c&google_cver=1
Request Chain 215
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIBGIKJvTnqFuPtedylXAz8&google_cver=1
Request Chain 216
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk1ODgzODQzMjYyMDc4MTIw
Request Chain 241
  • https://hal900014.redintelligence.net/request.php?zone=mu72dqmlk6df&nw=20&renderingType=javascript&namespace=3cfb5bddb0&subid=&uid=4b0084cbf4cff7b1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZWOOTRUaYayVH-mL7_UP1IWi6AbisNzwX6v77-n3DPAuEAEg75PENGCRhICAjBjIAQmpAkjW9MUDyrM-qAMBqgTuAU_QDVmfZ4kXUv-RDHIywYC5WE7abWV6P5qI9UlZewQpRTtZ8Fgfqqt7FtqOdFhwS0dr11Pe2zhHl0bsm4reg7WMND_jMCAzHNcX6Ox_3FhWWkUn5QbBYNBALnZ9gapjt-mstVivgKY4J9Z2WZWEQaD4Ow_W_yG35qfILuxj2ryxoQqfLLfVkRc2lW4E56mjmgCoEDH3KII-f80b_SZVt0inBCyNz_zZZDEZZK2hY38nJQwq4JAGGoGY53YiPEphZkas3MgRTcrDMpCoLe8TzVI3Wv7M55kYWbzsdhggQakIdZ9A-GquU2uECRAnudTABNvzvffUAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG6gHqpuxAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAaIMCCoGCgT4nrECsBOX5bIK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRomKFtfVCnDtVUN80UhjBoQqK1NQ%26sig%3DAOD64_0u_ie63OUUEOnySipquqEzo8kcVA%26client%3Dca-pub-9582422795991114%26dbm_c%3DAKAmf-DBYdjGIdyV9xHQfcj7kPafGsmhPrmd0qFUS1Aks9hYQvfJrlhXPyqHRKpv0QPn3u-BEXKPaoxUqnp_WnP7ukrrAT0EvpX3yaA1Ymc3NUjiCEFB4qedvEGFpiuMUIYKZqGlfuZw0-nxGrGy0dhKnENEMOKoEQ%26cry%3D1%26dbm_d%3DAKAmf-Bh2oaa9hAw85EnZi17mwbfjO9I6Kx2LX7mOIqBTL4bCD8yuNvX9n3_xQsERIyZaufu-3mUj_zxRl_AyklSpeCsS7N4CukXh3-wHXBmL983U9gucojJrVWrQMlXbk1SVZPYlfukYl1bK5CDGO8bPbABB9i6HfmjnKlefdWDbR0Rxjp22Gv_FSRORYDqIwYwyJ951kQtzcJX3ch9ru4R5BOI6oB5lZrA6QNYitzEGrQhzThpHbU05x3MuRQva5rctTdFRi1gQ9Mp5JO29l8ML1JSYbJX8BlxhluiS4qiDZebv8J231Je8bXcb2GUthZ_dGoucgAgD8Z2oaNC8tZVsJAF7krMZpB-9Q3fLOszvrdzgLU94aiqui_SZyCuk3ITaJBzRsGxDLEYBWVly8cwZVa0lzATVbSZXUOVh1wUfILIpFLlbTB6ayqmOHtkC7goevhli9com7n2778cCidUfS0dX2FEIA%26adurl%3D&documentReferer=https%3A%2F%2Fholiday.presslogic.com%2F&ancestorOrigins=https%3A%2F%2Fholiday.presslogic.com&random=9173316112338&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900014.redintelligence.net/request.php?zone=mu72dqmlk6df&nw=20&renderingType=javascript&namespace=3cfb5bddb0&subid=&uid=4b0084cbf4cff7b1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZWOOTRUaYayVH-mL7_UP1IWi6AbisNzwX6v77-n3DPAuEAEg75PENGCRhICAjBjIAQmpAkjW9MUDyrM-qAMBqgTuAU_QDVmfZ4kXUv-RDHIywYC5WE7abWV6P5qI9UlZewQpRTtZ8Fgfqqt7FtqOdFhwS0dr11Pe2zhHl0bsm4reg7WMND_jMCAzHNcX6Ox_3FhWWkUn5QbBYNBALnZ9gapjt-mstVivgKY4J9Z2WZWEQaD4Ow_W_yG35qfILuxj2ryxoQqfLLfVkRc2lW4E56mjmgCoEDH3KII-f80b_SZVt0inBCyNz_zZZDEZZK2hY38nJQwq4JAGGoGY53YiPEphZkas3MgRTcrDMpCoLe8TzVI3Wv7M55kYWbzsdhggQakIdZ9A-GquU2uECRAnudTABNvzvffUAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG6gHqpuxAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAaIMCCoGCgT4nrECsBOX5bIK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRomKFtfVCnDtVUN80UhjBoQqK1NQ%26sig%3DAOD64_0u_ie63OUUEOnySipquqEzo8kcVA%26client%3Dca-pub-9582422795991114%26dbm_c%3DAKAmf-DBYdjGIdyV9xHQfcj7kPafGsmhPrmd0qFUS1Aks9hYQvfJrlhXPyqHRKpv0QPn3u-BEXKPaoxUqnp_WnP7ukrrAT0EvpX3yaA1Ymc3NUjiCEFB4qedvEGFpiuMUIYKZqGlfuZw0-nxGrGy0dhKnENEMOKoEQ%26cry%3D1%26dbm_d%3DAKAmf-Bh2oaa9hAw85EnZi17mwbfjO9I6Kx2LX7mOIqBTL4bCD8yuNvX9n3_xQsERIyZaufu-3mUj_zxRl_AyklSpeCsS7N4CukXh3-wHXBmL983U9gucojJrVWrQMlXbk1SVZPYlfukYl1bK5CDGO8bPbABB9i6HfmjnKlefdWDbR0Rxjp22Gv_FSRORYDqIwYwyJ951kQtzcJX3ch9ru4R5BOI6oB5lZrA6QNYitzEGrQhzThpHbU05x3MuRQva5rctTdFRi1gQ9Mp5JO29l8ML1JSYbJX8BlxhluiS4qiDZebv8J231Je8bXcb2GUthZ_dGoucgAgD8Z2oaNC8tZVsJAF7krMZpB-9Q3fLOszvrdzgLU94aiqui_SZyCuk3ITaJBzRsGxDLEYBWVly8cwZVa0lzATVbSZXUOVh1wUfILIpFLlbTB6ayqmOHtkC7goevhli9com7n2778cCidUfS0dX2FEIA%26adurl%3D&documentReferer=https%3A%2F%2Fholiday.presslogic.com%2F&ancestorOrigins=https%3A%2F%2Fholiday.presslogic.com&random=9173316112338&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 246
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8339154403167957530
Request Chain 247
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECbciOLWR558kN_bKIDZCrY&google_cver=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESECbciOLWR558kN_bKIDZCrY&google_cver=1
Request Chain 248
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MGUzOWM0YmQtNTdlMy0yNjVhLWQwOTItOWEzYjU4ZjMwNGZi
Request Chain 249
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEA337EiWLw3qz0YA1UNgQS0&google_cver=1
Request Chain 255
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8122981621054173722
Request Chain 314
  • https://ti.tradetracker.net/?c=34211&m=1888189&a=70002&r=35543200047231900719594011688014&t=html HTTP 302
  • https://static.tradetracker.net/nl/material_image/f1/e6244d1a4401c7fe26622998bffa5f86940922.png
Request Chain 327
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8339154403167957530
Request Chain 332
  • https://ti.tradetracker.net/?c=558&m=24180&a=70002&r=35543200047231900719594011688014&t=html HTTP 302
  • https://static.tradetracker.net/nl/material_image/49/1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg
Request Chain 333
  • https://ti.tradetracker.net/?c=29026&m=1463044&a=70002&r=35543200047231900719594011688014&t=html HTTP 302
  • https://static.tradetracker.net/nl/material_image/6b/d4fbe93890fb48767a755f66b5fd1571de5cf9.gif
Request Chain 335
  • https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=http%3A%2F%2Fholiday.presslogic.com%2F&cb=968740405&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C57736%2C1%2C45811821812051969511892246877,, HTTP 302
  • https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=http%3A%2F%2Fholiday.presslogic.com%2F&cb=968740405&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C57736%2C1%2C45811821812051969511892246877,, HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NGYwMDE1MzktYzk5Yy02MGZlLTc4MzUtMTE2ZGU3ZmJhNGJj
Request Chain 342
  • https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=http%3A%2F%2Fholiday.presslogic.com%2F&cb=1273692327&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C57736%2C1%2C9863344934581182181205196951,, HTTP 302
  • https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=http%3A%2F%2Fholiday.presslogic.com%2F&cb=1273692327&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C57736%2C1%2C9863344934581182181205196951,, HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NGYwMDE1MzktYzk5Yy02MGZlLTc4MzUtMTE2ZGU3ZmJhNGJj
Request Chain 343
  • https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=http%3A%2F%2Fholiday.presslogic.com%2F&cb=184201748&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C57736%2C1%2C11314920944581182181205196951,, HTTP 302
  • https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=http%3A%2F%2Fholiday.presslogic.com%2F&cb=184201748&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C57736%2C1%2C11314920944581182181205196951,, HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NGYwMDE1MzktYzk5Yy02MGZlLTc4MzUtMTE2ZGU3ZmJhNGJj
Request Chain 356
  • https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=http%3A%2F%2Fholiday.presslogic.com%2F&cb=968740405&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C57736%2C1%2C45811821812051969511892246877,, HTTP 302
  • https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=http%3A%2F%2Fholiday.presslogic.com%2F&cb=968740405&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C57736%2C1%2C45811821812051969511892246877,,
Request Chain 357
  • https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=http%3A%2F%2Fholiday.presslogic.com%2F&cb=1273692327&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C57736%2C1%2C9863344934581182181205196951,, HTTP 302
  • https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=http%3A%2F%2Fholiday.presslogic.com%2F&cb=1273692327&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C57736%2C1%2C9863344934581182181205196951,,
Request Chain 358
  • https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=http%3A%2F%2Fholiday.presslogic.com%2F&cb=184201748&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C57736%2C1%2C11314920944581182181205196951,, HTTP 302
  • https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=http%3A%2F%2Fholiday.presslogic.com%2F&cb=184201748&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C57736%2C1%2C11314920944581182181205196951,,
Request Chain 372
  • https://c1.adform.net/serving/cookie/match?party=14&cid=89A3FAE2-63FC-4CCA-AA74-FA8BC092C8F6 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=89A3FAE2-63FC-4CCA-AA74-FA8BC092C8F6
Request Chain 373
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3449042233335088210
Request Chain 375
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6996928413008197774
Request Chain 376
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEQmMwN0NOQ3NBQUZ3dWN3YXZIQQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Request Chain 377
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Request Chain 378
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6475517174 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6475517174 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/d0a0c727-0e85-4919-8a7f-f17f49e1daeb HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-e760ac3e-19db-4119-93e4-7c02f5135c4d-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-e760ac3e-19db-4119-93e4-7c02f5135c4d-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-e760ac3e-19db-4119-93e4-7c02f5135c4d-003
Request Chain 379
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=X7DzUF9nYkvxcjYgw3ahXUfn
Request Chain 381
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 382
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=FetGAuX0XRvO&pid=557219
Request Chain 384
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=46037738-0a6c-4ea5-b7ac-96c7ac87ff81-tuct8139ad0&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 385
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iaP64mP8TMqqdPqLwJLI9g%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 386
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c338611a-1550-4b00-9e97-92ee98dbb235
Request Chain 387
  • https://pixel.onaudience.com/?partner=214&mapped=89A3FAE2-63FC-4CCA-AA74-FA8BC092C8F6 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=d0a0c727-0e85-4919-8a7f-f17f49e1daeb&icm HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=fcf393129a95d212108a3e0978f8f00b
Request Chain 388
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODlBM0ZBRTItNjNGQy00Q0NBLUFBNzQtRkE4QkMwOTJDOEY2&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 389
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEByhuC3OF2yFffCTYOkLz5E&google_cver=1
Request Chain 391
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5672549974542469245
Request Chain 392
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:5325611a-1550-4c00-a0dd-2789e90c0c1b&gdpr=0&gdpr_consent=
Request Chain 393
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d0a0c727-0e85-4919-8a7f-f17f49e1daeb
Request Chain 394
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3238271451576390218&gdpr=0&gdpr_consent=
Request Chain 396
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=89A3FAE2-63FC-4CCA-AA74-FA8BC092C8F6&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=89A3FAE2-63FC-4CCA-AA74-FA8BC092C8F6&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-pVfr7ttE2uWAAwst_x9QncLf_shv3EY-~A&gdpr=0&gdpr_consent=
Request Chain 397
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=EDZALhcyRH8LYxJ4FD9ceh9iRH8LZkV-R2OXHZ9C
Request Chain 398
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=bef72ce8-86bd-4dc9-83b8-2277a7941761&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=a7ea0b95-77cf-432a-bb16-4f4a139c2cee&expires=1&user_group=2&ssp=pubmatic&bsw_param=bef72ce8-86bd-4dc9-83b8-2277a7941761 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=bef72ce8-86bd-4dc9-83b8-2277a7941761&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 399
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YRoVUQADy41gtAA4 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YRoVUQADy41gtAA4&gdpr=0&gdpr_consent=&_test=YRoVUQADy41gtAA4
Request Chain 400
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3295687969489678874&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 402
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:d5ae4625-12c1-49cd-a274-bf7d47ff3375&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 403
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 404
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3238271451576390218
Request Chain 405
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_8c812a43-0d7c-4359-afd9-3be3b7df0db7
Request Chain 424
  • https://gcdn.2mdn.net/videoplayback/id/6b50fea60e1a1db7/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3772083129/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/4490F73446D819578F1E5D7916F135E1B7FED7.AA540425178C16B7F5F75B4EEE0E6D89B4A6FAAC/key/ck2/file/file.mp4 HTTP 302
  • https://r1---sn-4g5ednsr.c.2mdn.net/videoplayback/id/6b50fea60e1a1db7/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3772083129/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5CE824A588B9BFAC3748640BCE25CFDC01B93AE3.2732AEFE8CB3DCBFE15AE5E1DB09DB01476FA831/key/cms1/cms_redirect/yes/mh/5w/mip/2a01:4f8:121:131a::2/mm/42/mn/sn-4g5ednsr/ms/onc/mt/1629098751/mv/u/mvi/1/pl/52/file/file.mp4 HTTP 302
  • https://r3---sn-4g5ednsr.c.2mdn.net/videoplayback/id/6b50fea60e1a1db7/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3772083129/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5CE824A588B9BFAC3748640BCE25CFDC01B93AE3.2732AEFE8CB3DCBFE15AE5E1DB09DB01476FA831/key/cms1/cms_redirect/yes/mh/5w/mip/2a01:4f8:121:131a::2/mm/42/mn/sn-4g5ednsr/ms/onc/mt/1629098751/mv/u/mvi/1/pl/52/ir/1/rr/12/file/file.mp4
Request Chain 426
  • https://gcdn.2mdn.net/videoplayback/id/6b50fea60e1a1db7/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3772083129/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/4490F73446D819578F1E5D7916F135E1B7FED7.AA540425178C16B7F5F75B4EEE0E6D89B4A6FAAC/key/ck2/file/file.mp4 HTTP 302
  • https://r1---sn-4g5ednsr.c.2mdn.net/videoplayback/id/6b50fea60e1a1db7/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3772083129/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/05A8295D2F20FDD3089C929D31D39590FBB4E19E.21F551E9EC78438BDBEEAD1439FABCBF23B9BFE4/key/cms1/cms_redirect/yes/mh/5w/mip/2a01:4f8:121:131a::2/mm/42/mn/sn-4g5ednsr/ms/onc/mt/1629098751/mv/u/mvi/1/pl/52/file/file.mp4 HTTP 302
  • https://r3---sn-4g5ednsr.c.2mdn.net/videoplayback/id/6b50fea60e1a1db7/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3772083129/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/05A8295D2F20FDD3089C929D31D39590FBB4E19E.21F551E9EC78438BDBEEAD1439FABCBF23B9BFE4/key/cms1/cms_redirect/yes/mh/5w/mip/2a01:4f8:121:131a::2/mm/42/mn/sn-4g5ednsr/ms/onc/mt/1629098751/mv/u/mvi/1/pl/52/ir/1/rr/12/file/file.mp4
Request Chain 435
  • https://pixel.adsafeprotected.com/rfw/st/781848/56214926/skeleton.js?videoId=16b1f3871918fd8e00685de4e7f3c55b&apiframeworks=2&bundleId=[BUNDLEID]&mon=56214927&omidPartner=-1&xmapp=0&xmtp=v&xsId=df72c843-b00d-484c-9216-ce82707c3762&adsafe_par=&logTestResults=false&adsafe_url=https%3A%2F%2Fholiday.presslogic.com%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:8fb5b9a5-c7a9-770d-6a59-3c85126a8275,c:lrpa6B,sl:outOfView,em:false,fr:true,mn:app24ie,pt:2-5-15,wc:0.0.1600.1200,ac:1645.960.400.225,am:v,cc:1645.960.400.225,piv:0,obst:0,th:0,reas:l.v,br:u,abv:na,an:n,oam:0,vc:jv3,nbld:0,mtim:2,fm:sGeyQ8n+1*.781848-56214926%7C11%7C12%7C13%7C14%7C151%7C152%7C153%7C1611%7C1612%7C1621%7C1631%7C1632%7C17%7C18%7C191%7C192%7C193%7C1a%7C1b1%7C1b2%7C1b311%7C1c%7C1d%7C1e111%7C1e112%7C1e113%7C1e114%7C1e115%7C1e116%7C1e117%7C1e118%7C1e119%7C1e11a%7C1e11b%7C1e11c%7C1e11d%7C1e12%7C1e13%7C1f%7C1g1%7C1h,idMap:1*,pl:,rmeas:1,rend:1,renddet:env,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:fwjsvid,thd:1,et:35,oid:929adf43-fe64-11eb-b931-02cb850ca5c2,v:19.8.229,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0,abc:0,abct:133,x_vv:3.7.0,x_vanstag:fw,x_xpc:iaso HTTP 302
  • https://static.adsafeprotected.com/skeleton.js?videoId=16b1f3871918fd8e00685de4e7f3c55b&apiframeworks=2&bundleId=[BUNDLEID]&mon=56214927&omidPartner=-1&xmapp=0&xmtp=v&xsId=df72c843-b00d-484c-9216-ce82707c3762
Request Chain 440
  • https://pixel.adsafeprotected.com/rfw/st/781848/56214927/skeleton.gif?xmtp=v&xmapp=0&xsId=df72c843-b00d-484c-9216-ce82707c3762 HTTP 302
  • https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=df72c843-b00d-484c-9216-ce82707c3762
Request Chain 449
  • https://image8.pubmatic.com/AdServer/ImgSync?&fp=1&mpc=10&p=156498&gdpr=0&gdpr_consent=&pmc=-1&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fpmc%3D-1%26partnerID%3D156498%26partnerUID%3D%28null%29 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTgxOUVDREQtQkFDQi00RjYzLUI3NjAtNENCMEQzQjA0N0VC&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESED6WoiNMR6QWMPtqaypfF5I&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Request Chain 464
  • https://sb.scorecardresearch.com/p?C1=1&C2=23229166&C3=platform&C5=01&C7=http://holiday.presslogic.com/ HTTP 302
  • https://sb.scorecardresearch.com/p2?C1=1&C2=23229166&C3=platform&C5=01&C7=http%3A%2F%2Fholiday.presslogic.com%2F
Request Chain 465
  • https://sb.scorecardresearch.com/p?c1=2&c2=23229166&c3=platform&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1629099343&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va&ns_st_cl=30000&ns_st_pt=0&ns_ts=1629099343 HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=2&c2=23229166&c3=platform&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1629099343&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va&ns_st_cl=30000&ns_st_pt=0&ns_ts=1629099343
Request Chain 470
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8732223626832666502 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?pmc=-1&partnerID=156498&partnerUID=(null)
Request Chain 471
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7345683001871814248 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 472
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:d1f9611a-1554-4100-8509-e224090033ab&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?pmc=-1&partnerID=156498&partnerUID=(null)
Request Chain 473
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=eff4d2fc-de2a-4bda-9b7b-f4a9be5186f1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 475
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6889997221510224435&gdpr=0&gdpr_consent=
Request Chain 476
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=2T-TXt47lwvCb5FajG-PBtg5mwnCbcQKimrfV_MF HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YRoVVAADgVY0OQBg HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YRoVVAADgVY0OQBg&gdpr=0&gdpr_consent=&_test=YRoVVAADgVY0OQBg
Request Chain 478
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=9819ECDD-BACB-4F63-B760-4CB0D3B047EB&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=9819ECDD-BACB-4F63-B760-4CB0D3B047EB&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-p8XZze5E2uXJPGwjiNVtZrya0F915YM-~A&gdpr=0&gdpr_consent=
Request Chain 479
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=d84321da-6a95-40f4-87d3-d9d52e9e514a HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=d84321da-6a95-40f4-87d3-d9d52e9e514a HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=045c9388-1f2f-4395-9b59-41bc712f08e5&user_group=1&ssp=pubmatic&bsw_param=d84321da-6a95-40f4-87d3-d9d52e9e514a HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d84321da-6a95-40f4-87d3-d9d52e9e514a&gdpr=&gdpr_consent=&gdpr_pd=

526 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
holiday.presslogic.com/
Redirect Chain
  • https://bit.ly/3BLEvtJ
  • https://tinyurl.com/hldpresslogic
  • https://holiday.presslogic.com/
117 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0df1bd9b2088fe2894fd904600c7475cede0fa8f546b6274cd1ca40f9e1a4055

Request headers

:method
GET
:authority
holiday.presslogic.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
content-type
text/html; charset=utf-8
x-envoy-upstream-service-time
1
x-ua-device
pc
x-varnish
577865471 564331200
age
68568
x-cache
HIT
vary
Accept-Encoding, Origin, User-Agent
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
67f8fcbb9c534e61-FRA
content-encoding
br

Redirect headers

date
Mon, 16 Aug 2021 07:35:40 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.3.26
location
https://holiday.presslogic.com/
cache-control
max-age=0, public, s-max-age=900, stale-if-error: 86400
referrer-policy
unsafe-url
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
67f8fcb83d954e7f-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
58b07fec4121.js
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain
  • https://platform.instagram.com/en_US/embeds.js
  • https://www.instagram.com/embed.js
  • https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f245:e0:face:b00c:0:4420 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
55e4952be9599ffd0c411a904a954ac984ed919d612ac2c044545a373aebd1f8

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 01:37:30 GMT
content-encoding
br
etag
"58b07fec4121"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
edge-control
max-age=1209600, no-transform
cache-control
public,max-age=31536000,immutable
content-length
4824
priority
u=3,i

Redirect headers

date
Mon, 16 Aug 2021 07:35:40 GMT
x-fb-trip-id
1679558926
x-ig-origin-region
ash
content-type
text/html; charset=utf-8
location
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
cache-control
max-age=21600
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
gpt.js
www.googletagservices.com/tag/js/ 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
4a6ac4fb37c41c4170ff785ba5051af72ef9ff0043895cbaee23cb70890bf566
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"960 / 602 of 1000 / last-modified: 1628892752"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25211
x-xss-protection
0
expires
Mon, 16 Aug 2021 07:35:40 GMT
gtm.js
www.googletagmanager.com/ 		184 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PRD2XB9
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3ccb72da607eda9c351eb0dea0e87cd7456d63e0c4723c75060d79c6d8975781
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62472
x-xss-protection
0
last-modified
Mon, 16 Aug 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 16 Aug 2021 07:35:40 GMT
f4e7f19.js
holiday.presslogic.com/my/_nuxt/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/f4e7f19.js
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
358fc1efac6ebe684f843d91d508f0291f9689c1dd64ed34b63502148973e685

Request headers

:path
/my/_nuxt/f4e7f19.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
270514
x-cache
HIT
content-type
application/javascript; charset=UTF-8
x-ua-device
mobile-iphone
x-envoy-upstream-service-time
1
content-encoding
br
last-modified
Fri, 13 Aug 2021 03:42:26 GMT
server
cloudflare
etag
W/"257b-17b3d9a94d0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
378339423 369701184
cache-control
public, max-age=31536000
cf-ray
67f8fcbde8f84e61-FRA
expires
Tue, 16 Aug 2022 07:35:40 GMT
85a75e1.js
holiday.presslogic.com/my/_nuxt/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/85a75e1.js
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f2b4365d34a3674dca8130a0ad100fb822c288485faac1afed2eca07af7acb9

Request headers

:path
/my/_nuxt/85a75e1.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
4770109
x-cache
HIT
content-type
application/javascript; charset=UTF-8
x-ua-device
pc
x-envoy-upstream-service-time
1
content-encoding
br
last-modified
Tue, 22 Jun 2021 01:54:13 GMT
server
cloudflare
etag
W/"5574-17a316cd188"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
537302046 517066275
cache-control
public, max-age=31536000
cf-ray
67f8fcbde8fb4e61-FRA
expires
Tue, 16 Aug 2022 07:35:40 GMT
1f6cf10.js
holiday.presslogic.com/my/_nuxt/ 		64 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/1f6cf10.js
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b2d5e88c36ab8efc1347d619bff25b503bed8c97e9431fb5053bf61ba297426

Request headers

:path
/my/_nuxt/1f6cf10.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
2687550
x-cache
HIT
content-type
application/javascript; charset=UTF-8
x-ua-device
mobile-iphone
x-envoy-upstream-service-time
1
content-encoding
br
last-modified
Fri, 16 Jul 2021 01:41:44 GMT
server
cloudflare
etag
W/"fe1a-17aacfa03c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
816917985 815316697
cache-control
public, max-age=31536000
cf-ray
67f8fcbde8fc4e61-FRA
expires
Tue, 16 Aug 2022 07:35:40 GMT
9fc8a55.js
holiday.presslogic.com/my/_nuxt/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/9fc8a55.js
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87f89557eebee9305eeda94f705ea5155509685cb4a274f042e9b3bb43f43ae0

Request headers

:path
/my/_nuxt/9fc8a55.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
2687550
x-cache
HIT
content-type
application/javascript; charset=UTF-8
x-ua-device
mobile-iphone
x-envoy-upstream-service-time
1
content-encoding
br
last-modified
Fri, 16 Jul 2021 01:41:44 GMT
server
cloudflare
etag
W/"351d-17aacfa03c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
816917981 817172772
cache-control
public, max-age=31536000
cf-ray
67f8fcbde8fd4e61-FRA
expires
Tue, 16 Aug 2022 07:35:40 GMT
1d10af8.js
holiday.presslogic.com/my/_nuxt/ 		46 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/1d10af8.js
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
812f8be8df3e614cc2c0c83f37b4448e0c7d9cbcee2d7f87e8dd83344c4e72d1

Request headers

:path
/my/_nuxt/1d10af8.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
5377700
x-cache
HIT
content-type
application/javascript; charset=UTF-8
x-ua-device
pc
x-envoy-upstream-service-time
1
content-encoding
br
last-modified
Tue, 15 Jun 2021 01:28:45 GMT
server
cloudflare
etag
W/"b729-17a0d48fcc8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
465243626 467731146
cache-control
public, max-age=31536000
cf-ray
67f8fcbde8ff4e61-FRA
expires
Tue, 16 Aug 2022 07:35:40 GMT
2972cbb.js
holiday.presslogic.com/my/_nuxt/ 		64 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/2972cbb.js
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ca6497a42e24612a860882911fa235b3a1b94620da002b84af1fead572a282b

Request headers

:path
/my/_nuxt/2972cbb.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
4770109
x-cache
HIT
content-type
application/javascript; charset=UTF-8
x-ua-device
pc
x-envoy-upstream-service-time
1
content-encoding
br
last-modified
Tue, 22 Jun 2021 01:54:13 GMT
server
cloudflare
etag
W/"101b7-17a316cd188"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
536709679 537397915
cache-control
public, max-age=31536000
cf-ray
67f8fcbde9064e61-FRA
expires
Tue, 16 Aug 2022 07:35:40 GMT
14b916ce.b96088d.css
holiday.presslogic.com/my/_nuxt/vendors/app/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/vendors/app/14b916ce.b96088d.css
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66703b9abb25d3f3e8209351e79e43bb40720de5d0d32fbc83ca4b29af1bcc09

Request headers

:path
/my/_nuxt/vendors/app/14b916ce.b96088d.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
9941537
x-cache
HIT
content-type
text/css; charset=UTF-8
x-ua-device
mobile-iphone
x-envoy-upstream-service-time
2
content-encoding
br
last-modified
Thu, 22 Apr 2021 05:59:45 GMT
server
cloudflare
etag
W/"1399-178f829b068"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
6341547 14926419
cache-control
public, max-age=31536000
cf-ray
67f8fcbde9034e61-FRA
expires
Tue, 16 Aug 2022 07:35:40 GMT
7626e0a.js
holiday.presslogic.com/my/_nuxt/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/7626e0a.js
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d5ad4161562b6ba4bc9e6a0932600b410753be316b9a1015f731e657ce16a8d

Request headers

:path
/my/_nuxt/7626e0a.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
4770109
x-cache
HIT
content-type
application/javascript; charset=UTF-8
x-ua-device
pc
x-envoy-upstream-service-time
2
content-encoding
br
last-modified
Tue, 22 Jun 2021 01:54:13 GMT
server
cloudflare
etag
W/"73e8-17a316cd188"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
515516214 527764863
cache-control
public, max-age=31536000
cf-ray
67f8fcbde9154e61-FRA
expires
Tue, 16 Aug 2022 07:35:40 GMT
63df3c6.js
holiday.presslogic.com/my/_nuxt/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/63df3c6.js
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c863026af0aca0b6e8067015b05c5be855682e861c8cb376075ad8e7b313f06f

Request headers

:path
/my/_nuxt/63df3c6.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
8124545
x-cache
HIT
content-type
application/javascript; charset=UTF-8
x-ua-device
pc
x-envoy-upstream-service-time
1
content-encoding
br
last-modified
Fri, 14 May 2021 06:32:22 GMT
server
cloudflare
etag
W/"830-179699374f0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
6401547 7047798
cache-control
public, max-age=31536000
cf-ray
67f8fcbde91b4e61-FRA
expires
Tue, 16 Aug 2022 07:35:40 GMT
7cb4df6.js
holiday.presslogic.com/my/_nuxt/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/7cb4df6.js
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e65f82f6a83a9037b41abe38e84b5095104efa3c0a1a7c086240644c0b0d6c4

Request headers

:path
/my/_nuxt/7cb4df6.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
8124907
x-cache
HIT
content-type
application/javascript; charset=UTF-8
x-ua-device
mobile-iphone
x-envoy-upstream-service-time
1
content-encoding
br
last-modified
Fri, 14 May 2021 06:32:22 GMT
server
cloudflare
etag
W/"d98-179699374f0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
5331434 5331411
cache-control
public, max-age=31536000
cf-ray
67f8fcbde91f4e61-FRA
expires
Tue, 16 Aug 2022 07:35:40 GMT
5b3fdf9.js
holiday.presslogic.com/my/_nuxt/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/5b3fdf9.js
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e88efe32efdb6348bf7e652f94fe2ac0b4fc2de4e372d2a9fe436db686e0a99d

Request headers

:path
/my/_nuxt/5b3fdf9.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
8124906
x-cache
HIT
content-type
application/javascript; charset=UTF-8
x-ua-device
mobile-iphone
x-envoy-upstream-service-time
1
content-encoding
br
last-modified
Fri, 14 May 2021 06:32:22 GMT
server
cloudflare
etag
W/"91d-179699374f0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
7177983 5331417
cache-control
public, max-age=31536000
cf-ray
67f8fcbde92a4e61-FRA
expires
Tue, 16 Aug 2022 07:35:40 GMT
ff27d5f.js
holiday.presslogic.com/my/_nuxt/ 		46 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/ff27d5f.js
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db8e982e9d4aee00d8b7052edd851e00a8cf4ae33ca811272b67c6e048d93a25

Request headers

:path
/my/_nuxt/ff27d5f.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
4770109
x-cache
HIT
content-type
application/javascript; charset=UTF-8
x-ua-device
pc
x-envoy-upstream-service-time
2
content-encoding
br
last-modified
Tue, 22 Jun 2021 01:54:13 GMT
server
cloudflare
etag
W/"b868-17a316cd188"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
523605567 526519225
cache-control
public, max-age=31536000
cf-ray
67f8fcbde9304e61-FRA
expires
Tue, 16 Aug 2022 07:35:40 GMT
321c313.js
holiday.presslogic.com/my/_nuxt/ 		52 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/321c313.js
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
620d2496ce892dbfea08cde89081ccc445f49c1155faa3fd431f09b0152e3ec1

Request headers

:path
/my/_nuxt/321c313.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
2687550
x-cache
HIT
content-type
application/javascript; charset=UTF-8
x-ua-device
mobile-iphone
x-envoy-upstream-service-time
1
content-encoding
br
last-modified
Fri, 16 Jul 2021 01:41:44 GMT
server
cloudflare
etag
W/"ce74-17aacfa03c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
821203459 811541361
cache-control
public, max-age=31536000
cf-ray
67f8fcbde9324e61-FRA
expires
Tue, 16 Aug 2022 07:35:40 GMT
96c0bb8.js
holiday.presslogic.com/my/_nuxt/ 		49 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/96c0bb8.js
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7115b000d09e26c8d4acddcdc655544309634c73189e9dbdd7160b5e2cb9582

Request headers

:path
/my/_nuxt/96c0bb8.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
2687550
x-cache
HIT
content-type
application/javascript; charset=UTF-8
x-ua-device
mobile-iphone
x-envoy-upstream-service-time
3
content-encoding
br
last-modified
Fri, 16 Jul 2021 01:41:44 GMT
server
cloudflare
etag
W/"c20d-17aacfa03c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
821203458 819751278
cache-control
public, max-age=31536000
cf-ray
67f8fcbde9354e61-FRA
expires
Tue, 16 Aug 2022 07:35:40 GMT
09e9d85.js
holiday.presslogic.com/my/_nuxt/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/09e9d85.js
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b838024f7eb1457a19caad1dc9fe45ed130118c7e34da184105f3ae40887898

Request headers

:path
/my/_nuxt/09e9d85.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
4770109
x-cache
HIT
content-type
application/javascript; charset=UTF-8
x-ua-device
pc
x-envoy-upstream-service-time
2
content-encoding
br
last-modified
Tue, 22 Jun 2021 01:54:14 GMT
server
cloudflare
etag
W/"29d8-17a316cd570"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
537302045 536775001
cache-control
public, max-age=31536000
cf-ray
67f8fcbde9364e61-FRA
expires
Tue, 16 Aug 2022 07:35:40 GMT
4b2de3b.js
holiday.presslogic.com/my/_nuxt/ 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/4b2de3b.js
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcba340c9bc5486c71ff1141807a0fcfc21e3492981f0a78c69b33a6e3a572cc

Request headers

:path
/my/_nuxt/4b2de3b.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
4770109
x-cache
HIT
content-type
application/javascript; charset=UTF-8
x-ua-device
pc
x-envoy-upstream-service-time
1
content-encoding
br
last-modified
Tue, 22 Jun 2021 01:54:14 GMT
server
cloudflare
etag
W/"7030-17a316cd570"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
527632123 524854329
cache-control
public, max-age=31536000
cf-ray
67f8fcbde9384e61-FRA
expires
Tue, 16 Aug 2022 07:35:40 GMT
91dcb95.js
holiday.presslogic.com/my/_nuxt/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/91dcb95.js
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13b8277e949ea93ffc1b329a1f95b2775593340d17fe828ed40f2b3f9e125f9a

Request headers

:path
/my/_nuxt/91dcb95.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
5273534
x-cache
HIT
content-type
application/javascript; charset=UTF-8
x-ua-device
pc
x-envoy-upstream-service-time
1
content-encoding
br
last-modified
Wed, 16 Jun 2021 06:27:46 GMT
server
cloudflare
etag
W/"2db0-17a13811ad0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
466165334 472355353
cache-control
public, max-age=31536000
cf-ray
67f8fcbde9394e61-FRA
expires
Tue, 16 Aug 2022 07:35:40 GMT
5f47eab.js
holiday.presslogic.com/my/_nuxt/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/5f47eab.js
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a43607be29f655abb526294f1c784c828dc78d6d39786a5f1bb400ac0c13725

Request headers

:path
/my/_nuxt/5f47eab.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
5273534
x-cache
HIT
content-type
application/javascript; charset=UTF-8
x-ua-device
pc
x-envoy-upstream-service-time
1
content-encoding
br
last-modified
Wed, 16 Jun 2021 06:27:46 GMT
server
cloudflare
etag
W/"1339-17a13811ad0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
456041117 465933721
cache-control
public, max-age=31536000
cf-ray
67f8fcbde93a4e61-FRA
expires
Tue, 16 Aug 2022 07:35:40 GMT
f685aff.js
holiday.presslogic.com/my/_nuxt/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/f685aff.js
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1a4276cc356a6b35abd1932607bfe1fbdaacd3ea50c6c465cb636b63c9b80d1

Request headers

:path
/my/_nuxt/f685aff.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
4770109
x-cache
HIT
content-type
application/javascript; charset=UTF-8
x-ua-device
pc
x-envoy-upstream-service-time
1
content-encoding
br
last-modified
Tue, 22 Jun 2021 01:54:14 GMT
server
cloudflare
etag
W/"5abd-17a316cd570"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
536709682 518539097
cache-control
public, max-age=31536000
cf-ray
67f8fcbdf9454e61-FRA
expires
Tue, 16 Aug 2022 07:35:40 GMT
908ade4.js
holiday.presslogic.com/my/_nuxt/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/908ade4.js
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb8c12f38c58542a19e9bc876eea0078159aa560794bc0244608946d0f7ec64b

Request headers

:path
/my/_nuxt/908ade4.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
506493
x-cache
HIT
content-type
application/javascript; charset=UTF-8
x-ua-device
pc
x-envoy-upstream-service-time
1
content-encoding
br
last-modified
Fri, 30 Jul 2021 02:30:06 GMT
server
cloudflare
etag
W/"3112-17af53f53b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
404320756 412927027
cache-control
public, max-age=31536000
cf-ray
67f8fcbdf9474e61-FRA
expires
Tue, 16 Aug 2022 07:35:40 GMT
76ff1a8.js
holiday.presslogic.com/my/_nuxt/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/76ff1a8.js
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0583d749537c347d42a4ca3c939933db2d7c2b2cf87ef6206f8525de99aba10

Request headers

:path
/my/_nuxt/76ff1a8.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
4770109
x-cache
HIT
content-type
application/javascript; charset=UTF-8
x-ua-device
pc
x-envoy-upstream-service-time
1
content-encoding
br
last-modified
Tue, 22 Jun 2021 01:54:14 GMT
server
cloudflare
etag
W/"9e02-17a316cd570"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
515516215 518954001
cache-control
public, max-age=31536000
cf-ray
67f8fcbdf9494e61-FRA
expires
Tue, 16 Aug 2022 07:35:40 GMT
1ba1641.js
holiday.presslogic.com/my/_nuxt/ 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/1ba1641.js
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f79c4cf2b5494dac51a38f8c149d66042f46e6a3bb07510fb5d64f296895ea75

Request headers

:path
/my/_nuxt/1ba1641.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
2687550
x-cache
HIT
content-type
application/javascript; charset=UTF-8
x-ua-device
mobile-iphone
x-envoy-upstream-service-time
2
content-encoding
br
last-modified
Fri, 16 Jul 2021 01:41:44 GMT
server
cloudflare
etag
W/"8852-17aacfa03c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
810765874 811541363
cache-control
public, max-age=31536000
cf-ray
67f8fcbdf94a4e61-FRA
expires
Tue, 16 Aug 2022 07:35:40 GMT
537793f.js
holiday.presslogic.com/my/_nuxt/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/537793f.js
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
858c67a87c1e3521cb7ed90b52eb2815b41ce7f27b21160d8a0941da25ea38d2

Request headers

:path
/my/_nuxt/537793f.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
4770109
x-cache
HIT
content-type
application/javascript; charset=UTF-8
x-ua-device
pc
x-envoy-upstream-service-time
3
content-encoding
br
last-modified
Tue, 22 Jun 2021 01:54:14 GMT
server
cloudflare
etag
W/"19cc-17a316cd570"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
527632124 507211818
cache-control
public, max-age=31536000
cf-ray
67f8fcbdf94d4e61-FRA
expires
Tue, 16 Aug 2022 07:35:40 GMT
04f031b.js
holiday.presslogic.com/my/_nuxt/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/04f031b.js
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3918f5549f6a86dadacaa9ac21d53eaec20f6f88e45c3575051d6d7a3999143

Request headers

:path
/my/_nuxt/04f031b.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
2076029
x-cache
HIT
content-type
application/javascript; charset=UTF-8
x-ua-device
pc
x-envoy-upstream-service-time
1
content-encoding
br
last-modified
Mon, 19 Jul 2021 06:19:08 GMT
server
cloudflare
etag
W/"1bc0-17abd6b0f60"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
885204521 880680736
cache-control
public, max-age=31536000
cf-ray
67f8fcbdf9554e61-FRA
expires
Tue, 16 Aug 2022 07:35:40 GMT
6e45e56.js
holiday.presslogic.com/my/_nuxt/ 		49 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/6e45e56.js
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48b587363801affa439a25c88c4df2baffa4ee1e7aa8f7cd0995a23af0087c95

Request headers

:path
/my/_nuxt/6e45e56.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
8124903
x-cache
HIT
content-type
application/javascript; charset=UTF-8
x-ua-device
mobile-iphone
x-envoy-upstream-service-time
1
content-encoding
br
last-modified
Fri, 14 May 2021 06:32:22 GMT
server
cloudflare
etag
W/"c366-179699374f0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
5597000 5890043
cache-control
public, max-age=31536000
cf-ray
67f8fcbdf9574e61-FRA
expires
Tue, 16 Aug 2022 07:35:40 GMT
b429c638.170edba.css
holiday.presslogic.com/my/_nuxt/vendors/app/ 		62 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/vendors/app/b429c638.170edba.css
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
090b0d5b9c6fcad898bf80088a9b08666736e32872bfd4329fc14f28dbdd9a5d

Request headers

:path
/my/_nuxt/vendors/app/b429c638.170edba.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
9941536
x-cache
HIT
content-type
text/css; charset=UTF-8
x-ua-device
mobile-iphone
x-envoy-upstream-service-time
2
content-encoding
br
last-modified
Thu, 22 Apr 2021 05:59:45 GMT
server
cloudflare
etag
W/"f97d-178f829b068"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
7391618 30351412
cache-control
public, max-age=31536000
cf-ray
67f8fcbdf93c4e61-FRA
expires
Tue, 16 Aug 2022 07:35:40 GMT
93f0101.js
holiday.presslogic.com/my/_nuxt/ 		65 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/93f0101.js
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44fb13854aa442c76f3a69420e5ac500ebef070f9c3796e43115dd1ce851a166

Request headers

:path
/my/_nuxt/93f0101.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
4770109
x-cache
HIT
content-type
application/javascript; charset=UTF-8
x-ua-device
pc
x-envoy-upstream-service-time
1
content-encoding
br
last-modified
Tue, 22 Jun 2021 01:54:14 GMT
server
cloudflare
etag
W/"10265-17a316cd570"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
526977096 518954009
cache-control
public, max-age=31536000
cf-ray
67f8fcbdf95a4e61-FRA
expires
Tue, 16 Aug 2022 07:35:40 GMT
e854962.js
holiday.presslogic.com/my/_nuxt/ 		70 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/e854962.js
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
482630e04e56e186b6821c33288f0a5be8ee31638cd5f1dfbb33169b5dd6a204

Request headers

:path
/my/_nuxt/e854962.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
4770109
x-cache
HIT
content-type
application/javascript; charset=UTF-8
x-ua-device
pc
x-envoy-upstream-service-time
2
content-encoding
br
last-modified
Tue, 22 Jun 2021 01:54:14 GMT
server
cloudflare
etag
W/"11867-17a316cd570"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
515516216 516734192
cache-control
public, max-age=31536000
cf-ray
67f8fcbdf95c4e61-FRA
expires
Tue, 16 Aug 2022 07:35:40 GMT
46438e7.js
holiday.presslogic.com/my/_nuxt/ 		52 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/46438e7.js
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b12be8ea0b99ddff6a37e0b868de5a4b7f8cf1c8b9d13de72e675d13b46bc83c

Request headers

:path
/my/_nuxt/46438e7.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
2076029
x-cache
MISS
content-type
application/javascript; charset=UTF-8
x-ua-device
pc
x-envoy-upstream-service-time
30
content-encoding
br
last-modified
Mon, 19 Jul 2021 06:19:08 GMT
server
cloudflare
etag
W/"cf50-17abd6b0f60"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
876266135
cache-control
public, max-age=31536000
cf-ray
67f8fcbdf95d4e61-FRA
expires
Tue, 16 Aug 2022 07:35:40 GMT
b58f7129.bb3c038.css
holiday.presslogic.com/my/_nuxt/vendors/app/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/vendors/app/b58f7129.bb3c038.css
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
891b590b7c68d10805cba9374cd11d711d160e92466c23759590ed50039aa585

Request headers

:path
/my/_nuxt/vendors/app/b58f7129.bb3c038.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
1574077
x-cache
MISS
content-type
text/css; charset=UTF-8
x-ua-device
tablet-ipad
x-envoy-upstream-service-time
6
content-encoding
br
last-modified
Thu, 29 Jul 2021 01:33:36 GMT
server
cloudflare
etag
W/"5640-17aefe53d80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
930351690
cache-control
public, max-age=31536000
cf-ray
67f8fcbdf93f4e61-FRA
expires
Tue, 16 Aug 2022 07:35:40 GMT
39d3125.js
holiday.presslogic.com/my/_nuxt/ 		84 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/39d3125.js
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
918ba0dc0f0ad5e21feceaa8882c3377f777dfc684f8238b9866cb9b8e70a30f

Request headers

:path
/my/_nuxt/39d3125.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
1574072
x-cache
MISS
content-type
application/javascript; charset=UTF-8
x-ua-device
tablet-ipad
x-envoy-upstream-service-time
6
content-encoding
br
last-modified
Thu, 29 Jul 2021 01:33:36 GMT
server
cloudflare
etag
W/"14f8a-17aefe53d80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
932810017
cache-control
public, max-age=31536000
cf-ray
67f8fcbdf95f4e61-FRA
expires
Tue, 16 Aug 2022 07:35:40 GMT
ec8c427e.5959bde.css
holiday.presslogic.com/my/_nuxt/vendors/app/ 		18 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/vendors/app/ec8c427e.5959bde.css
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74e0a79ef6d63e8502a4efc5db37400f4da1facea09eec134af5db57ebd0f84c

Request headers

:path
/my/_nuxt/vendors/app/ec8c427e.5959bde.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
9941536
x-cache
HIT
content-type
text/css; charset=UTF-8
x-ua-device
mobile-iphone
x-envoy-upstream-service-time
2
content-encoding
br
last-modified
Thu, 22 Apr 2021 05:59:45 GMT
server
cloudflare
etag
W/"475c-178f829b068"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
30874494 28174039
cache-control
public, max-age=31536000
cf-ray
67f8fcbdf9414e61-FRA
expires
Tue, 16 Aug 2022 07:35:40 GMT
8158ed1.js
holiday.presslogic.com/my/_nuxt/ 		510 B
392 B 		Script
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/8158ed1.js
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24e7a872e97ddca5fc2cacc625c2a147bde894a764ba51300214781560368116

Request headers

:path
/my/_nuxt/8158ed1.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
8124902
x-cache
MISS
content-type
application/javascript; charset=UTF-8
x-ua-device
mobile-iphone
x-envoy-upstream-service-time
6
content-encoding
br
last-modified
Fri, 14 May 2021 06:32:22 GMT
server
cloudflare
etag
W/"1fe-179699374f0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
322453
cache-control
public, max-age=31536000
cf-ray
67f8fcbdf9604e61-FRA
expires
Tue, 16 Aug 2022 07:35:40 GMT
a406b00.js
holiday.presslogic.com/my/_nuxt/ 		129 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/a406b00.js
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
429359266b178dc66a512ca84aec255558c9916a41f3fc8c0ceeea0421b4899d

Request headers

:path
/my/_nuxt/a406b00.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
4770109
x-cache
HIT
content-type
application/javascript; charset=UTF-8
x-ua-device
pc
x-envoy-upstream-service-time
1
content-encoding
br
last-modified
Tue, 22 Jun 2021 01:54:14 GMT
server
cloudflare
etag
W/"20463-17a316cd570"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
536709681 530714883
cache-control
public, max-age=31536000
cf-ray
67f8fcbdf9614e61-FRA
expires
Tue, 16 Aug 2022 07:35:40 GMT
d14b5de.js
holiday.presslogic.com/my/_nuxt/ 		82 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/d14b5de.js
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21c5cdf88a9219f623264dd4d24e3e0692f58c5618617030fb634b11f8a6116c

Request headers

:path
/my/_nuxt/d14b5de.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
4770109
x-cache
HIT
content-type
application/javascript; charset=UTF-8
x-ua-device
pc
x-envoy-upstream-service-time
2
content-encoding
br
last-modified
Tue, 22 Jun 2021 01:54:14 GMT
server
cloudflare
etag
W/"147c4-17a316cd570"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
527632125 516307472
cache-control
public, max-age=31536000
cf-ray
67f8fcbdf9634e61-FRA
expires
Tue, 16 Aug 2022 07:35:40 GMT
f69643ec.b08e073.css
holiday.presslogic.com/my/_nuxt/app/ 		254 B
231 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/app/f69643ec.b08e073.css
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd52c122328222aa09da5268422e69f9cd61111fbcd7b125cfcf5a7f03a22384

Request headers

:path
/my/_nuxt/app/f69643ec.b08e073.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
9941536
x-cache
MISS
content-type
text/css; charset=UTF-8
x-ua-device
mobile-iphone
x-envoy-upstream-service-time
9
content-encoding
br
last-modified
Thu, 22 Apr 2021 05:59:45 GMT
server
cloudflare
etag
W/"fe-178f829b068"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
30120994
cache-control
public, max-age=31536000
cf-ray
67f8fcbdf9424e61-FRA
expires
Tue, 16 Aug 2022 07:35:40 GMT
12676c3.js
holiday.presslogic.com/my/_nuxt/ 		66 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/12676c3.js
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4645e41595da9c672140b15610528c886785a6fa90b17a8ce8458786139c9932

Request headers

:path
/my/_nuxt/12676c3.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
2687550
x-cache
HIT
content-type
application/javascript; charset=UTF-8
x-ua-device
mobile-iphone
x-envoy-upstream-service-time
2
content-encoding
br
last-modified
Fri, 16 Jul 2021 01:41:44 GMT
server
cloudflare
etag
W/"108d7-17aacfa03c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
821203463 821542443
cache-control
public, max-age=31536000
cf-ray
67f8fcbdf9644e61-FRA
expires
Tue, 16 Aug 2022 07:35:40 GMT
01e7b97c.3c5d4f5.css
holiday.presslogic.com/my/_nuxt/app/ 		66 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/app/01e7b97c.3c5d4f5.css
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffce136a8f1516b57b0a4c1ad896246c5fc44dfdf513d8f5f0768881fefb71a4

Request headers

:path
/my/_nuxt/app/01e7b97c.3c5d4f5.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
2687550
x-cache
HIT
content-type
text/css; charset=UTF-8
x-ua-device
mobile-iphone
x-envoy-upstream-service-time
1
content-encoding
br
last-modified
Fri, 16 Jul 2021 01:41:44 GMT
server
cloudflare
etag
W/"109f2-17aacfa03c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
816917982 816013264
cache-control
public, max-age=31536000
cf-ray
67f8fcbdf9434e61-FRA
expires
Tue, 16 Aug 2022 07:35:40 GMT
511a22d.js
holiday.presslogic.com/my/_nuxt/ 		43 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/511a22d.js
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
425050ba5cddd6da2e5c8ca0f0e2b49f4b842c425767dbb1e984861fd64f21f7

Request headers

:path
/my/_nuxt/511a22d.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
2687550
x-cache
HIT
content-type
application/javascript; charset=UTF-8
x-ua-device
mobile-iphone
x-envoy-upstream-service-time
1
content-encoding
br
last-modified
Fri, 16 Jul 2021 01:41:44 GMT
server
cloudflare
etag
W/"aa8b-17aacfa03c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
807444884 815316706
cache-control
public, max-age=31536000
cf-ray
67f8fcbdf9664e61-FRA
expires
Tue, 16 Aug 2022 07:35:40 GMT
684085e2.aaf3ed0.css
holiday.presslogic.com/my/_nuxt/app/ 		23 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/app/684085e2.aaf3ed0.css
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d52ba9d1eaa9f0e44d54860455271a4c409b0535dda3430c2fe9856d3bfa5cb

Request headers

:path
/my/_nuxt/app/684085e2.aaf3ed0.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
4770109
x-cache
HIT
content-type
text/css; charset=UTF-8
x-ua-device
pc
x-envoy-upstream-service-time
1
content-encoding
br
last-modified
Tue, 22 Jun 2021 01:54:13 GMT
server
cloudflare
etag
W/"5dc6-17a316cd188"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
515516213 526519345
cache-control
public, max-age=31536000
cf-ray
67f8fcbdf9504e61-FRA
expires
Tue, 16 Aug 2022 07:35:40 GMT
952bbb1.js
holiday.presslogic.com/my/_nuxt/ 		44 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/952bbb1.js
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0795a9add8aaabcf9fc428586bf8e7e73038c95798adeb038a287ff2a586dbb7

Request headers

:path
/my/_nuxt/952bbb1.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
1574071
x-cache
MISS
content-type
application/javascript; charset=UTF-8
x-ua-device
tablet-ipad
x-envoy-upstream-service-time
6
content-encoding
br
last-modified
Thu, 29 Jul 2021 01:33:36 GMT
server
cloudflare
etag
W/"b075-17aefe53d80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
932087387
cache-control
public, max-age=31536000
cf-ray
67f8fcbdf9674e61-FRA
expires
Tue, 16 Aug 2022 07:35:40 GMT
f075b844.ab9c0ff.css
holiday.presslogic.com/my/_nuxt/pages/index/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/pages/index/f075b844.ab9c0ff.css
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f0f73603fc825165a86d3f8cea2192f39822851516608324fc3bc0c69f694d5

Request headers

:path
/my/_nuxt/pages/index/f075b844.ab9c0ff.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
1564344
x-cache
HIT
content-type
text/css; charset=UTF-8
x-ua-device
pc
x-envoy-upstream-service-time
1
content-encoding
br
last-modified
Thu, 29 Jul 2021 01:33:36 GMT
server
cloudflare
etag
W/"23a1-17aefe53d80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
911587950 911586120
cache-control
public, max-age=31536000
cf-ray
67f8fcbdf9514e61-FRA
expires
Tue, 16 Aug 2022 07:35:40 GMT
c13dc5d.js
holiday.presslogic.com/my/_nuxt/ 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/c13dc5d.js
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa21139e68e8398007aa02e976493467cc6699ef57f9a1e54919b5cda680f2f1

Request headers

:path
/my/_nuxt/c13dc5d.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
1564343
x-cache
MISS
content-type
application/javascript; charset=UTF-8
x-ua-device
pc
x-envoy-upstream-service-time
8
content-encoding
br
last-modified
Thu, 29 Jul 2021 01:33:36 GMT
server
cloudflare
etag
W/"65b8-17aefe53d80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
931992637
cache-control
public, max-age=31536000
cf-ray
67f8fcbdf9684e61-FRA
expires
Tue, 16 Aug 2022 07:35:40 GMT
e3dbdb39.dfb590b.css
holiday.presslogic.com/my/_nuxt/pages/_country/tag/_slug/pages/article/_wpid/index/pages/article/amp/_wpid/index/pages/author/_blogg/ 		1013 B
409 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/pages/_country/tag/_slug/pages/article/_wpid/index/pages/article/amp/_wpid/index/pages/author/_blogg/e3dbdb39.dfb590b.css
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bbba340d2f452e7c662f1e486a08477ae6aa7c10093dfe09f6636674df8a720

Request headers

:path
/my/_nuxt/pages/_country/tag/_slug/pages/article/_wpid/index/pages/article/amp/_wpid/index/pages/author/_blogg/e3dbdb39.dfb590b.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
4770109
x-cache
HIT
content-type
text/css; charset=UTF-8
x-ua-device
pc
x-envoy-upstream-service-time
2
content-encoding
br
last-modified
Tue, 22 Jun 2021 01:54:13 GMT
server
cloudflare
etag
W/"3f5-17a316cd188"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
527632122 504262045
cache-control
public, max-age=31536000
cf-ray
67f8fcbdf9544e61-FRA
expires
Tue, 16 Aug 2022 07:35:40 GMT
9d4f805.js
holiday.presslogic.com/my/_nuxt/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/9d4f805.js
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6d9014a237b2b9ad7c03a94d1f7ff0534ea0f9b941ee9df4a73f6d440f84fe1

Request headers

:path
/my/_nuxt/9d4f805.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
2687550
x-cache
HIT
content-type
application/javascript; charset=UTF-8
x-ua-device
mobile-iphone
x-envoy-upstream-service-time
2
content-encoding
br
last-modified
Fri, 16 Jul 2021 01:41:44 GMT
server
cloudflare
etag
W/"1bd6-17aacfa03c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
816917984 808218733
cache-control
public, max-age=31536000
cf-ray
67f8fcbdf9784e61-FRA
expires
Tue, 16 Aug 2022 07:35:40 GMT
presslogic-logo.png
assets.presslogic.com/presslogic-hk-hd/static/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.presslogic.com/presslogic-hk-hd/static/images/presslogic-logo.png
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa27f35fb69e04575f2b6a30221f1c1641d23346e8587295c6630238d9c9bae

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
cf-cache-status
HIT
age
710339
x-guploader-uploadid
ADPycdtHCgFw6BUcAC-W3b7arrWcyslnLKSdMriHR2Hxlht9JpBQRKXKB9rSYXx8VEytVa8e_HcVC9SSoiZz6JlCtMFjnp-UOg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
10
x-goog-stored-content-encoding
identity
content-type
image/png
content-length
1685
last-modified
Fri, 12 Mar 2021 04:05:23 GMT
server
cloudflare
etag
"3c683679e8133a689608a2d58319b3af"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=Pu5y9w==, md5=PGg2eegTOmiWCKLVgxmzrw==
x-goog-generation
1615521923566635
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=31536000
x-goog-stored-content-length
1685
accept-ranges
bytes
cf-ray
67f8fcbe098a4e61-FRA
expires
Tue, 16 Aug 2022 07:35:40 GMT
logo.png
assets.presslogic.com/presslogic-hk-hd/static/images/holiday/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.presslogic.com/presslogic-hk-hd/static/images/holiday/logo.png?v=191112
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60c5faf531c04e9a0436fcf0c1365934af930380a45e1900e59ac70f4742ca2b

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
cf-cache-status
HIT
age
9941529
x-guploader-uploadid
ABg5-UzVk0Zl1rUSwi7aNikLTexfXMT4XIR6QZOrVEnIdxKOQi467cyoiVFxhPXfcRO_cacmwAf0bN-zFJnssMeumvF_2dIhLw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
10
x-goog-stored-content-encoding
identity
content-type
image/png
content-length
75851
last-modified
Fri, 12 Mar 2021 04:06:48 GMT
server
cloudflare
etag
"a089b504e4353b8e0f90edc65276bb87"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=/dfCeA==, md5=oIm1BOQ1O44PkO3GUna7hw==
x-goog-generation
1615522008209031
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=31536000
x-goog-stored-content-length
75851
accept-ranges
bytes
cf-ray
67f8fcbe09854e61-FRA
expires
Tue, 16 Aug 2022 07:35:40 GMT
loading.png
assets.presslogic.com/presslogic-hk-hd/static/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.presslogic.com/presslogic-hk-hd/static/images/loading.png
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95e572491860557badd4d4d1d3e37f1f3c602cc3d163a0cdac6b6523fbee67c3

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
cf-cache-status
HIT
age
983205
x-guploader-uploadid
ADPycduI9jeT_R9OBNmjtu9Gb4DvRTTGD_ljP7dKtaxoXlX8WPwpJaYEGdkWX04FkTYxSv71k8E6MvVbve6DqsIN7-MXofuSbA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
10
x-goog-stored-content-encoding
identity
content-type
image/png
content-length
1692
last-modified
Fri, 12 Mar 2021 04:05:20 GMT
server
cloudflare
etag
"8a583b3705a086f29df69cd898e3ed10"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=DrWs/g==, md5=ilg7NwWghvKd9pzYmOPtEA==
x-goog-generation
1615521920858130
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=31536000
x-goog-stored-content-length
1692
accept-ranges
bytes
cf-ray
67f8fcbe09844e61-FRA
expires
Tue, 16 Aug 2022 07:35:40 GMT
youtube-white.png
assets.presslogic.com/presslogic-hk-hd/static/images/ 		948 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.presslogic.com/presslogic-hk-hd/static/images/youtube-white.png
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9bc60b625ef89de00f22bc264e3f085526b4bd0fed14e2f5ebf3b8ab7ac8b95

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
cf-cache-status
HIT
age
9936447
x-guploader-uploadid
ABg5-Uyvr5qw6OY6syWDlRZQoe7xb0oqrGiZzijqbIqOONNuOyqiR7PuypdYN4u7JEJ1JFqbpsrjsODtv04q3htMsHo
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
10
x-goog-stored-content-encoding
identity
content-type
image/png
content-length
948
last-modified
Fri, 12 Mar 2021 04:05:25 GMT
server
cloudflare
etag
"2bc9bef3c70a6e784b6cbc94d45c8cfe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=tAungA==, md5=K8m+88cKbnhLbLyU1FyM/g==
x-goog-generation
1615521925069537
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=31536000
x-goog-stored-content-length
948
accept-ranges
bytes
cf-ray
67f8fcbe09814e61-FRA
expires
Tue, 16 Aug 2022 07:35:40 GMT
pubads_impl_2021081001.js
securepubads.g.doubleclick.net/gpt/ 		329 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js?31062246
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN (),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
79cc39ab51de99510d98e22dfc56bd456b3ffbb29671e3d2e61719ee50792565
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Aug 2021 08:39:05 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117457
x-xss-protection
0
expires
Mon, 16 Aug 2021 07:35:40 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		100 B
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=holiday.presslogic.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN (),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
313980e71cc69f18608b91680d9ed20c5b888629ee2d8904c168f01a3a21a6eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 16 Aug 2021 07:35:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
91
x-xss-protection
0
expires
Mon, 16 Aug 2021 07:35:40 GMT
css
fonts.googleapis.com/ 		117 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/app/01e7b97c.3c5d4f5.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
ESF /
Resource Hash
f32e5a054bca9ebc3601a7a908ca341f2de553f2a18b83b61e8f1c040cb936bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 16 Aug 2021 07:35:40 GMT
server
ESF
date
Mon, 16 Aug 2021 07:35:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 16 Aug 2021 07:35:40 GMT
category_maple.png
assets.presslogic.com/presslogic-hk-hd/static/images/event/201908_klook/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.presslogic.com/presslogic-hk-hd/static/images/event/201908_klook/category_maple.png
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59cc7fa40540cc164a9c69d98d697f14010ff99f62cb8afe97610cacd2d32c04

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
cf-cache-status
HIT
age
9941530
x-guploader-uploadid
ABg5-UwrmZ-t4vV33iIz6GCVwnTcPEbvjWMwW4kNH1Dd_iMhwHhFHxzxuBVgbtkRFdMb6V46yNCrNDn-eMnm1ZYpLg4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
10
x-goog-stored-content-encoding
identity
content-type
image/png
content-length
19835
last-modified
Fri, 12 Mar 2021 04:05:49 GMT
server
cloudflare
etag
"ea6d559e1da640abc88fcfe89a97e522"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=E4cgrQ==, md5=6m1Vnh2mQKvIj8/ompflIg==
x-goog-generation
1615521949402695
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=31536000
x-goog-stored-content-length
19835
accept-ranges
bytes
cf-ray
67f8fcbe7a544e61-FRA
expires
Tue, 16 Aug 2022 07:35:40 GMT
element-icons.2fad952.woff
holiday.presslogic.com/my/_nuxt/fonts/ 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/fonts/element-icons.2fad952.woff
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/vendors/app/b429c638.170edba.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d810d62c27c55c915feaca97af37fac9580073e4c1482b7f1665912d74627ac1

Request headers

:path
/my/_nuxt/fonts/element-icons.2fad952.woff
pragma
no-cache
origin
https://holiday.presslogic.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/my/_nuxt/vendors/app/b429c638.170edba.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://holiday.presslogic.com
Referer
https://holiday.presslogic.com/my/_nuxt/vendors/app/b429c638.170edba.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
729688
cf-ray
67f8fcbe8a794e61-FRA
x-cache
MISS
x-ua-device
mobile-iphone
x-envoy-upstream-service-time
7
content-length
6164
last-modified
Fri, 30 Jul 2021 02:30:06 GMT
server
cloudflare
etag
W/"1814-17af53f53b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
405777642
access-control-allow-origin
https://holiday.presslogic.com
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
font/woff
expires
Tue, 16 Aug 2022 07:35:40 GMT
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRD2XB9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
1319
date
Mon, 16 Aug 2021 07:13:41 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Mon, 16 Aug 2021 09:13:41 GMT
atrk.js
certify-js.alexametrics.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://certify-js.alexametrics.com/atrk.js
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 24 May 2021 06:38:31 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 27 Apr 2021 18:03:54 GMT
Server
AmazonS3
Age
7261030
ETag
W/"d89453438fbf10dcf4c13265c40d5160"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 609487f3e9c1fd7ddcc7b01d9818bfed.cloudfront.net (CloudFront)
Cache-Control
max-age=26920000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Cf-Id
LPJvJMdXNYIyWezHnuDGJ1Gko8B_3OI2asqkBh-VHo5tkPotD4GFVQ==
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
/
Resource Hash
c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25944
x-xss-protection
0
pragma
public
x-fb-debug
bVHVtRfRpjWyD6bKll0kxAvm/XHh61hSzOfRZXilcDe+UciEMKKopR6FwamJ6MmGohyOVNbaws/oBV0vaAHXcA==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
date
Mon, 16 Aug 2021 07:35:40 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=21733041&ns__t=1629099340663&ns_c=UTF-8&c8=HolidaySmart%20%E5%81%87%E6%9C%9F%E6%97%A5%E5%B8%B8%20%7C%20%E9%A6%99%E6%B8%AF%E6%9C%80%E5%BC%B7%E9%A3%9F%E8%B2...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=21733041&ns__t=1629099340663&ns_c=UTF-8&c8=HolidaySmart%20%E5%81%87%E6%9C%9F%E6%97%A5%E5%B8%B8%20%7C%20%E9%A6%99%E6%B8%AF%E6%9C%80%E5%BC%B7%E9%A3%9F%E8%B...
64 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=21733041&ns__t=1629099340663&ns_c=UTF-8&c8=HolidaySmart%20%E5%81%87%E6%9C%9F%E6%97%A5%E5%B8%B8%20%7C%20%E9%A6%99%E6%B8%AF%E6%9C%80%E5%BC%B7%E9%A3%9F%E8%B2%B7%E7%8E%A9%E6%97%85%E9%81%8A%E8%B3%87%E8%A8%8A%E7%B2%BE%E6%98%8E%E6%B6%88%E8%B2%BB%E9%9B%9C%E8%AA%8C&c7=https%3A%2F%2Fholiday.presslogic.com%2F&c9=
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
via
1.1 a06d82f018833bef3e7f2e9fd230e5ee.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
bwSM9HqXP1DcMZVg1rQ7zFfFrefN9-TmfqKrAoodabsOGxh8IyErRw==

Redirect headers

date
Mon, 16 Aug 2021 07:35:40 GMT
via
1.1 a06d82f018833bef3e7f2e9fd230e5ee.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=21733041&ns__t=1629099340663&ns_c=UTF-8&c8=HolidaySmart%20%E5%81%87%E6%9C%9F%E6%97%A5%E5%B8%B8%20%7C%20%E9%A6%99%E6%B8%AF%E6%9C%80%E5%BC%B7%E9%A3%9F%E8%B2%B7%E7%8E%A9%E6%97%85%E9%81%8A%E8%B3%87%E8%A8%8A%E7%B2%BE%E6%98%8E%E6%B6%88%E8%B2%BB%E9%9B%9C%E8%AA%8C&c7=https%3A%2F%2Fholiday.presslogic.com%2F&c9=
content-length
369
x-amz-cf-id
QiTXejMi7aD-AK435k6L5W1Wk5jpP670toYvvPqcwrY3MqN4oRCX0g==
beacon.min.js
static.cloudflareinsights.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5e41 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
content-encoding
gzip
last-modified
Fri, 28 May 2021 17:24:20 GMT
server
cloudflare
etag
W/"5753bdd2-d310-49fa-bd2b-065a8e512116"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
67f8fcbf68bfc295-FRA
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.119.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.119.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77c3d215298f95357de947f102cc00bded45bdb71ab3c20f9dfdc64e490729c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://holiday.presslogic.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Aug 2021 06:47:56 GMT
x-content-type-options
nosniff
age
521264
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25360
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:18:53 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Aug 2022 06:47:56 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.118.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.118.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c2abab588ed1aa226fff507bb12cc00b354738c203f4b6cd202f40352cdc6591
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://holiday.presslogic.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Aug 2021 09:52:58 GMT
x-content-type-options
nosniff
age
510162
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43804
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:19:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Aug 2022 09:52:58 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.117.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.117.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f83c6e3eac9d41d51bc8e3b63f353ea889cc70b9938e2f701719aef80bf8528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://holiday.presslogic.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Aug 2021 04:58:24 GMT
x-content-type-options
nosniff
age
527836
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47312
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:25:13 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Aug 2022 04:58:24 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.116.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		51 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.116.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
717de30a4e041b92e5d3aa230aeede4e08434647e627279477a2f642ac2861eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://holiday.presslogic.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 23:09:30 GMT
x-content-type-options
nosniff
age
548770
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52052
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:09:56 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 Aug 2022 23:09:30 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.115.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.115.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a7695bf1c26b3250de42c8ad42bc4e3abf7418876f76ad67bb58092c9244478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://holiday.presslogic.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Aug 2021 09:37:05 GMT
x-content-type-options
nosniff
age
511115
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52792
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:08:38 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Aug 2022 09:37:05 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.114.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		51 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.114.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5472cbce3d59802ab140c5b8eecfca4d357343c47a1c9ea601ccf1d50145955b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://holiday.presslogic.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Aug 2021 15:36:04 GMT
x-content-type-options
nosniff
age
489576
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51852
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:25:08 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Aug 2022 15:36:04 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.113.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.113.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5a369d3d8be69eaf6a54f958015e687947252be07dbb197750fa8147caea4dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://holiday.presslogic.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 23:54:50 GMT
x-content-type-options
nosniff
age
546050
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53144
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:25:06 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 Aug 2022 23:54:50 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.112.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.112.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9f94f957c781ac27e4257c276659d678b1cd9dcd5931b6c0b068da46198378e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://holiday.presslogic.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Aug 2021 11:35:45 GMT
x-content-type-options
nosniff
age
503995
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54000
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:25:02 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Aug 2022 11:35:45 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.107.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.107.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57e7135d32625d7e1d8117a0571033a7564dc662dfe18bafdefd6633633858b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://holiday.presslogic.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Aug 2021 00:35:19 GMT
x-content-type-options
nosniff
age
543621
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52988
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:10:01 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Aug 2022 00:35:19 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.106.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.106.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35adff49f4f7c4fa7112da10261ed1abecd865549fadc40690a4cc1f2e6bf832
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://holiday.presslogic.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Aug 2021 08:29:31 GMT
x-content-type-options
nosniff
age
515169
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52836
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:19:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Aug 2022 08:29:31 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.104.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.104.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63a218801054b8267a86e48b10025b463f4fc573ad1c58ea95ccbb69627e9905
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://holiday.presslogic.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Aug 2021 09:03:32 GMT
x-content-type-options
nosniff
age
513128
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48552
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:25:43 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Aug 2022 09:03:32 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.110.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		55 KB
55 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.110.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdd3e502fbd1bda1da8283465cb8fe741ed9543e851e645711d9383280fbe3b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://holiday.presslogic.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 21:33:04 GMT
x-content-type-options
nosniff
age
554556
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56272
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:24:59 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 Aug 2022 21:33:04 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.109.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.109.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9625dd5f36e9196b741bfb4558fb8809318495207eb6213427f4ee42b7baa57e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://holiday.presslogic.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Aug 2021 10:39:42 GMT
x-content-type-options
nosniff
age
507358
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52844
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:25:01 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Aug 2022 10:39:42 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.108.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.108.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c69739431e5aff1b7174a81209cbd0658da6c4d1b6527580f9f2f070df848290
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://holiday.presslogic.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Aug 2021 00:19:56 GMT
x-content-type-options
nosniff
age
544544
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50784
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:25:01 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Aug 2022 00:19:56 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.101.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.101.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed05afea1d3578981db83b3d1732720ccf15dd91054ca328207ac7f0fb7c7b5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://holiday.presslogic.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 18:33:12 GMT
x-content-type-options
nosniff
age
565348
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44828
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:25:07 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 Aug 2022 18:33:12 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.102.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		45 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.102.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61fb409fcea7eda0419035ff2d75faea6742fcccdf5ff99fa44eb783f5053bb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://holiday.presslogic.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Aug 2021 05:45:39 GMT
x-content-type-options
nosniff
age
525001
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46208
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:09:58 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Aug 2022 05:45:39 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.54.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.54.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e39706fbc73a8d1e5000aa07fac46ccd733ee66ddfe6a8da014871bf350a73a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://holiday.presslogic.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Aug 2021 02:14:53 GMT
x-content-type-options
nosniff
age
537647
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31752
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:13:20 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Aug 2022 02:14:53 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.103.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.103.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
720540fdf6be1b3d2aee9c54172a0b328457b3e6860da752f37c88a0860607cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://holiday.presslogic.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 21:57:37 GMT
x-content-type-options
nosniff
age
553083
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50856
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:09:56 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 Aug 2022 21:57:37 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.31.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.31.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1e6db17beead6421070bed74c889ccf58b7b28dea2cb631d1341297bdaa2da9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://holiday.presslogic.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 20:29:36 GMT
x-content-type-options
nosniff
age
558364
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22696
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:35:16 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 Aug 2022 20:29:36 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.79.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.79.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cef5bfad4ba0ea5b896f810f67e6c872f5fa317ca792cd927ac6497540e5030f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://holiday.presslogic.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Aug 2021 05:22:12 GMT
x-content-type-options
nosniff
age
526408
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19296
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:23:45 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Aug 2022 05:22:12 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.105.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.105.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef7ddeaf31d487bf07b79b1aeb4f9cad24ffa35c280e0702c276dd5cf709cf67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://holiday.presslogic.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Aug 2021 10:40:12 GMT
x-content-type-options
nosniff
age
507328
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48324
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:25:08 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Aug 2022 10:40:12 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.78.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.78.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f992a3471511cc92b4d7a8a249c809c31edc7c242ebe26ed274543c98cb7fe3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://holiday.presslogic.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Aug 2021 01:43:41 GMT
x-content-type-options
nosniff
age
539519
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30084
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:23:54 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Aug 2022 01:43:41 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.28.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.28.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba0b79d245022145fc11027797e0229f0a056a842d0aa507999363e6d7e2a500
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://holiday.presslogic.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Aug 2021 09:01:00 GMT
x-content-type-options
nosniff
age
513280
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41604
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:11:22 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Aug 2022 09:01:00 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.100.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.100.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
727dc8fdc7e925a8557fff31749df1ae2b0ba759fa4bb3e052978c09ac1be735
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://holiday.presslogic.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 20:34:44 GMT
x-content-type-options
nosniff
age
558056
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46808
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:14:44 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 Aug 2022 20:34:44 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.21.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.21.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04e304e4d4e9573263793d7534afef67d42568427eebd978e54e523c8f3a6035
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://holiday.presslogic.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Aug 2021 23:15:57 GMT
x-content-type-options
nosniff
age
461983
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33296
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:22:10 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Aug 2022 23:15:57 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.111.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		57 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.111.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4176795e7304f2d0373d2c3edad1600cab1a1a0e8b202c6cfe3e06c7466172
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://holiday.presslogic.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Aug 2021 00:19:15 GMT
x-content-type-options
nosniff
age
544585
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57968
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:25:14 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Aug 2022 00:19:15 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.42.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.42.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd0de16f52f2d467a82f934e2648ac80a0c8b0a005af7aef860562e44a81fb6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://holiday.presslogic.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 23:52:56 GMT
x-content-type-options
nosniff
age
546164
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34552
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:35:23 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 Aug 2022 23:52:56 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.69.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.69.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
456c75a094a65d46a9b65bd6e0a59c3498e304d595055216a477045c99f2df1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://holiday.presslogic.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Aug 2021 11:18:55 GMT
x-content-type-options
nosniff
age
505005
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32252
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:23:14 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Aug 2022 11:18:55 GMT
db300d2f.6e808e7.css
holiday.presslogic.com/my/_nuxt/vendors/pages/about/pages/article/_wpid/index/pages/category/_slug/pages/index/ 		982 B
265 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/vendors/pages/about/pages/article/_wpid/index/pages/category/_slug/pages/index/db300d2f.6e808e7.css
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/f4e7f19.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10451b01ead5e286ee4dd7fba2a18aeae2a0ecc31035fa9eeed6130865bd514a

Request headers

:path
/my/_nuxt/vendors/pages/about/pages/article/_wpid/index/pages/category/_slug/pages/index/db300d2f.6e808e7.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
2687478
x-cache
HIT
content-type
text/css; charset=UTF-8
x-ua-device
pc
x-envoy-upstream-service-time
1
content-encoding
br
last-modified
Fri, 16 Jul 2021 01:41:44 GMT
server
cloudflare
etag
W/"3d6-17aacfa03c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
816251599 817172847
cache-control
public, max-age=31536000
cf-ray
67f8fcc08ea74e61-FRA
expires
Tue, 16 Aug 2022 07:35:40 GMT
169b266.js
holiday.presslogic.com/my/_nuxt/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/169b266.js
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/f4e7f19.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
514b89b0fe7489acf030d8e607218f6473c0ead7488a01447c8cdb2d86ed5350

Request headers

:path
/my/_nuxt/169b266.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
5263
x-cache
MISS
content-type
application/javascript; charset=UTF-8
x-ua-device
mobile-iphone
x-envoy-upstream-service-time
24
content-encoding
br
last-modified
Fri, 13 Aug 2021 03:42:26 GMT
server
cloudflare
etag
W/"1b67-17b3d9a94d0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
498046584
cache-control
public, max-age=31536000
cf-ray
67f8fcc09ea94e61-FRA
expires
Tue, 16 Aug 2022 07:35:40 GMT
6cfe8caa.dc73841.css
holiday.presslogic.com/my/_nuxt/vendors/pages/bloggers/pages/category/_slug/pages/index/ 		2 KB
669 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/vendors/pages/bloggers/pages/category/_slug/pages/index/6cfe8caa.dc73841.css
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/f4e7f19.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7d8388031f5fdf89c50b8a437841156016b65640cf9a19ed0b663aea62c2e6d

Request headers

:path
/my/_nuxt/vendors/pages/bloggers/pages/category/_slug/pages/index/6cfe8caa.dc73841.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
663681
x-cache
MISS
content-type
text/css; charset=UTF-8
x-ua-device
bot
x-envoy-upstream-service-time
7
content-encoding
br
last-modified
Fri, 30 Jul 2021 02:30:06 GMT
server
cloudflare
etag
W/"762-17af53f53b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
407165715
cache-control
public, max-age=31536000
cf-ray
67f8fcc09eaa4e61-FRA
expires
Tue, 16 Aug 2022 07:35:40 GMT
1fa48b9.js
holiday.presslogic.com/my/_nuxt/ 		273 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/1fa48b9.js
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/f4e7f19.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79a23dca95e4bb730b33af450264d22633e9c68cfb5a0fe118466f7bcd0dd919

Request headers

:path
/my/_nuxt/1fa48b9.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
2687470
x-cache
HIT
content-type
application/javascript; charset=UTF-8
x-ua-device
pc
x-envoy-upstream-service-time
2
content-encoding
br
last-modified
Fri, 16 Jul 2021 01:41:44 GMT
server
cloudflare
etag
W/"44521-17aacfa03c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
822118992 821542474
cache-control
public, max-age=31536000
cf-ray
67f8fcc09ead4e61-FRA
expires
Tue, 16 Aug 2022 07:35:40 GMT
a3d577b.js
holiday.presslogic.com/my/_nuxt/ 		34 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/a3d577b.js
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/f4e7f19.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4921546c0a359575d12e5e7c7990a501872a1bd67f91b7bc4f95003bdf6f84d

Request headers

:path
/my/_nuxt/a3d577b.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:40 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
2687470
x-cache
HIT
content-type
application/javascript; charset=UTF-8
x-ua-device
pc
x-envoy-upstream-service-time
1
content-encoding
br
last-modified
Fri, 16 Jul 2021 01:41:44 GMT
server
cloudflare
etag
W/"86b5-17aacfa03c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
819084382 813627862
cache-control
public, max-age=31536000
cf-ray
67f8fcc09eb04e61-FRA
expires
Tue, 16 Aug 2022 07:35:40 GMT
2597336253707076
connect.facebook.net/signals/config/ 		253 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2597336253707076?v=2.9.44&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
/
Resource Hash
82f7485255164ff17c3a7c718d8893f5633192de5fc3f0951b7416bd5feda2be
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
oNMZczV3Kdr0TeEgQPibKORUXZPPMyliriyPd/AW3UwZpSo5OnMVtIodMJsB/5tx4wqk3mqDyOOP/+wYXep/yw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 16 Aug 2021 07:35:40 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
atrk.gif
certify.alexametrics.com/ 		43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=HolidaySmart%20%E5%81%87%E6%9C%9F%E6%97%A5%E5%B8%B8%20%7C%20%E9%A6%99%E6%B8%AF%E6%9C%80%E5%BC%B7%E9%A3%9F%E8%B2%B7%E7%8E%A9%E6%97%85%E9%81%8A%E8%B3%87%E8%A8%8A%E7%B2%BE%E6%98%8E%E6%B6%88%E8%B2%BB%E9%9B%9C%E8%AA%8C&time=1629099340907&time_zone_offset=-120&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fholiday.presslogic.com%2F&random_number=3344044243&sess_cookie=d86638a517b4de3346a81b8e241&sess_cookie_flag=1&user_cookie=d86638a517b4de3346a81b8e241&user_cookie_flag=1&dynamic=true&domain=presslogic.com&account=aj+Wm1aMp4Z34B&jsv=20130128&user_lang=en-US
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.96.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 16 Aug 2021 03:30:12 GMT
Via
1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
Age
14730
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Pop
PRG50-C1
x-amz-meta-alexa-last-modified
20110117123941
Content-Length
43
X-Amz-Cf-Id
zlFedp8Qr6uct67v-zJjczO5JnT39Pqu1XbSGATyIqo1Oko1fJODLQ==
x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.15.171.234 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-15-171-234.us-east-2.compute.amazonaws.com
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:41 GMT
server
Server
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=379078660&t=pageview&_s=1&dl=https%3A%2F%2Fholiday.presslogic.com%2F&ul=en-us&de=UTF-8&dt=HolidaySmart%20%E5%81%87%E6%9C%9F%E6%97%A5%E5%B8%B8%20%7C%20%E9%A6%99%E6%B8%AF%E6%9C%80%E5%BC%B7%E9%A3%9F%E8%B2%B7%E7%8E%A9%E6%97%85%E9%81%8A%E8%B3%87%E8%A8%8A%E7%B2%BE%E6%98%8E%E6%B6%88%E8%B2%BB%E9%9B%9C%E8%AA%8C&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=583955987&gjid=1762633146&cid=597430667.1629099341&tid=UA-75313505-12&_gid=923126546.1629099341&_r=1&gtm=2wg8b0PRD2XB9&cd2=null&cd3=null&z=2098759008
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://holiday.presslogic.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=379078660&t=pageview&_s=1&dl=https%3A%2F%2Fholiday.presslogic.com%2F&ul=en-us&de=UTF-8&dt=HolidaySmart%20%E5%81%87%E6%9C%9F%E6%97%A5%E5%B8%B8%20%7C%20%E9%A6%99%E6%B8%AF%E6%9C%80%E5%BC%B7%E9%A3%9F%E8%B2%B7%E7%8E%A9%E6%97%85%E9%81%8A%E8%B3%87%E8%A8%8A%E7%B2%BE%E6%98%8E%E6%B6%88%E8%B2%BB%E9%9B%9C%E8%AA%8C&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAAC~&jid=1879212531&gjid=1543858125&cid=597430667.1629099341&tid=UA-75313505-7&_gid=923126546.1629099341&_r=1&gtm=2wg8b0PRD2XB9&cd2=null&cd3=null&z=1192088904
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://holiday.presslogic.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&a=379078660&t=event&ni=1&_s=1&dl=https%3A%2F%2Fholiday.presslogic.com%2F&ul=en-us&de=UTF-8&dt=HolidaySmart%20%E5%81%87%E6%9C%9F%E6%97%A5%E5%B8%B8%20%7C%20%E9%A6%99%E6%B8%AF%E6%9C%80%E5%BC%B7%E9%A3%9F%E8%B2%B7%E7%8E%A9%E6%97%85%E9%81%8A%E8%B3%87%E8%A8%8A%E7%B2%BE%E6%98%8E%E6%B6%88%E8%B2%BB%E9%9B%9C%E8%AA%8C&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Pageview&ea=Article%20category&_u=YEDAAEABAAAAAC~&jid=&gjid=&cid=597430667.1629099341&tid=UA-75313505-12&_gid=923126546.1629099341&gtm=2wg8b0PRD2XB9&cd2=null&cd3=null&z=1894136949
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Aug 2021 22:07:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
34096
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/952bbb1.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
/
Resource Hash
f49ea908d24834fc61cf2b1b0aeade33ef295a569252bd27606ebe1636fc832b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
Mb725KArQ+UEltx6XRmnxQ==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1684
x-fb-rlafr
0
x-fb-debug
okxrHzkz/J2tl/X+2RdU6SEoVAcRtuK5TqDzLr4GPDDCIv/mKOw03NWQUZumj9p+kX2bqX+w2TOxOzTRdZ5xeg==
x-fb-content-md5
dbc1bb7b8e156b33f7246bde9de9059d
x-frame-options
DENY
date
Mon, 16 Aug 2021 07:35:40 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"f2e767cb0735de3e61e05477849b98e1"
timing-allow-origin
*
priority
u=3,i
expires
Mon, 16 Aug 2021 07:46:45 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-75313505-7&cid=597430667.1629099341&jid=1879212531&gjid=1543858125&_gid=923126546.1629099341&_u=YEDAAEABAAAAAC~&z=870745407
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/ff27d5f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 16 Aug 2021 07:35:40 GMT
content-type
text/plain
access-control-allow-origin
https://holiday.presslogic.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-75313505-12&cid=597430667.1629099341&jid=583955987&gjid=1762633146&_gid=923126546.1629099341&_u=YEBAAEAAAAAAAC~&z=1120414994
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/ff27d5f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 16 Aug 2021 07:35:40 GMT
content-type
text/plain
access-control-allow-origin
https://holiday.presslogic.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/ 		235 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=aace6a5fd1aa3003b16bfcd07724efb7
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
/
Resource Hash
0ac089360b766a0fc35fb684600efa83d84b9017341e56c5116150664979d99d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://holiday.presslogic.com
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
8oJ2SkjTOMGNpkIW+4ngIQ==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
69718
x-fb-rlafr
0
x-fb-debug
h15rRcEPkEJbgB+V4ZZw22QFHilmXTX598gYF+XZxKwNNgx+pAw7KDZCDHNELLTrq658g84KReMClQNeO8NSyA==
x-fb-content-md5
8fcc32cc42265a82a2784fbd52a583f6
x-frame-options
DENY
date
Mon, 16 Aug 2021 07:35:40 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"08a5f5171211809f22e1e10cb112af31"
timing-allow-origin
*
priority
u=3,i
expires
Tue, 16 Aug 2022 06:13:29 GMT
3e12e216.jpg
image.presslogic.com/holiday.presslogic.com/wp-content/uploads/2021/08/ 		108 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.presslogic.com/holiday.presslogic.com/wp-content/uploads/2021/08/3e12e216.jpg?auto=format&w=830
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30b3c1d1b754d0d7fe1e26f574554e56d9eef5e8b9b65a4c21a7680b540b3e76
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:41 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 13 Aug 2021 09:22:54 GMT
server
cloudflare
etag
"cf8zbIGODyPlF6KwZbsJuRtQ:d362ddcea8f3c16c0c0778ba0a48ed9e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000
content-length
111090
accept-ranges
bytes
cf-ray
67f8fcc1fa034e61-FRA
cf-resized
internal=ok/h q=0 n=96 c=142 v=2021.7.7
/
sentry.io/api/1471869/store/ 		61 B
479 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.io/api/1471869/store/?sentry_key=a9108d2b2c8346a8b0e8a5f2899cbbcd&sentry_version=7
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/ff27d5f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.42.15 Council Bluffs, United States, ASN (),
Reverse DNS
15.42.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
dcc2f457f01dbf232ce54bd2a3fdb5b1af63acd152b1dd8046b89f3e50030ba2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 16 Aug 2021 07:35:41 GMT
vary
Origin
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/json
access-control-allow-origin
https://holiday.presslogic.com
access-control-expose-headers
retry-after, x-sentry-rate-limits, x-sentry-error
x-envoy-upstream-service-time
0
Connection
keep-alive
Content-Length
61
integrator.js
adservice.google.de/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=holiday.presslogic.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js?31062246
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 16 Aug 2021 07:35:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=holiday.presslogic.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js?31062246
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 16 Aug 2021 07:35:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		473 B
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=547975879344089&correlator=534344953351463&output=ldjh&impl=fifs&eid=31062030%2C31062142%2C31062246%2C31062281%2C31062204%2C20211866%2C31062179%2C31062297&vrg=2021081001&ptt=17&sc=1&sfv=1-0-38&ecs=20210816&iu_parts=123517519%2Cpresslogic-1200x300-topbanner&enc_prev_ius=%2F0%2F1&prev_iu_szs=1200x300%7C1x1&prev_scp=subdomain%3Dholiday%26env%3Dproduction%26page_url%3Dhttps%253A%252F%252Fholiday.presslogic.com%26page_type%3Dmain%26inskin_desktop_yes%3Dtrue%26inskin_mobile_yes%3Dtrue%26ad-demo%3D%2520&eri=4&cookie_enabled=1&cdm=holiday.presslogic.com&bc=31&abxe=1&dt=1629099341137&dlt=1629099340437&idt=392&frm=20&biw=1600&bih=1200&oid=3&adxs=274&adys=0&adks=207468977&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fholiday.presslogic.com&loc=https%3A%2F%2Fholiday.presslogic.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=597430667.1629099341&ga_sid=1629099341&ga_hid=379078660&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/ff27d5f.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN (),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
1f9780310201d73ac014370dae4d09cc57028d72974aa71b114afea6f4cf4b8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:42 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
251
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://holiday.presslogic.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 804F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js?31062246
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://holiday.presslogic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://holiday.presslogic.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Mon, 16 Aug 2021 07:35:41 GMT
expires
Tue, 16 Aug 2022 07:35:41 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
securepubads.g.doubleclick.net/gampad/ 		36 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=547975879344089&correlator=534344953351463&output=ldjh&impl=fifs&eid=31062030%2C31062142%2C31062246%2C31062281%2C31062204%2C20211866%2C31062179%2C31062297&vrg=2021081001&ptt=17&sc=1&sfv=1-0-38&ecs=20210816&iu_parts=123517519%2Cpresslogic-300x250%2Cpresslogic-300x250-article-sidebar-lrec&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C1x1&prev_scp=subdomain%3Dholiday%26env%3Dproduction%26page_url%3Dhttps%253A%252F%252Fholiday.presslogic.com%26page_type%3Dmain%26inskin_desktop_yes%3Dtrue%26inskin_mobile_yes%3Dtrue%26ad-demo%3D%2520&eri=4&cookie_enabled=1&cdm=holiday.presslogic.com&bc=31&abxe=1&dt=1629099341141&dlt=1629099340437&idt=392&frm=20&biw=1600&bih=1200&oid=3&adxs=1027&adys=724&adks=1613867078&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fholiday.presslogic.com&loc=https%3A%2F%2Fholiday.presslogic.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x3419&msz=300x0&ga_vid=597430667.1629099341&ga_sid=1629099341&ga_hid=379078660&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/ff27d5f.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN (),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
d606561d55e92471ea7d36f2924827dd1ea0483d6039a3791c4219ab05da2cc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:42 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14615
x-xss-protection
0
google-lineitem-id
5761539284
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138359566018
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://holiday.presslogic.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		15 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=547975879344089&correlator=534344953351463&output=ldjh&impl=fifs&eid=31062030%2C31062142%2C31062246%2C31062281%2C31062204%2C20211866%2C31062179%2C31062297&vrg=2021081001&ptt=17&sc=1&sfv=1-0-38&ecs=20210816&iu_parts=123517519%2Cpresslogic-300x250%2Cpresslogic-300x250-article-sidebar-lrec-2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C1x1&prev_scp=subdomain%3Dholiday%26env%3Dproduction%26page_url%3Dhttps%253A%252F%252Fholiday.presslogic.com%26page_type%3Dmain%26inskin_desktop_yes%3Dtrue%26inskin_mobile_yes%3Dtrue%26ad-demo%3D%2520&eri=4&cookie_enabled=1&cdm=holiday.presslogic.com&bc=31&abxe=1&dt=1629099341142&dlt=1629099340437&idt=392&frm=20&biw=1600&bih=1200&oid=3&adxs=1027&adys=2713&adks=2061189380&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fholiday.presslogic.com&loc=https%3A%2F%2Fholiday.presslogic.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x20&msz=300x0&ga_vid=597430667.1629099341&ga_sid=1629099341&ga_hid=379078660&ga_fc=false&fws=0&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/ff27d5f.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN (),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
87560b6cb91106ba45195d2dc30a0409e162747d056d8e0ed4ee85af36df26f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8236
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://holiday.presslogic.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		12 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=547975879344089&correlator=534344953351463&output=ldjh&impl=fifs&eid=31062030%2C31062142%2C31062246%2C31062281%2C31062204%2C20211866%2C31062179%2C31062297&vrg=2021081001&ptt=17&sc=1&sfv=1-0-38&ecs=20210816&iu_parts=123517519%2Cpresslogic-300x250%2Cpresslogic-300x250-article-sidebar-lrec-3&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C1x1&prev_scp=subdomain%3Dholiday%26env%3Dproduction%26page_url%3Dhttps%253A%252F%252Fholiday.presslogic.com%26page_type%3Dmain%26inskin_desktop_yes%3Dtrue%26inskin_mobile_yes%3Dtrue%26ad-demo%3D%2520&eri=4&cookie_enabled=1&cdm=holiday.presslogic.com&bc=31&abxe=1&dt=1629099341144&dlt=1629099340437&idt=392&frm=20&biw=1600&bih=1200&oid=3&adxs=1027&adys=4083&adks=2624743460&ucis=4&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fholiday.presslogic.com&loc=https%3A%2F%2Fholiday.presslogic.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x20&msz=300x0&ga_vid=597430667.1629099341&ga_sid=1629099341&ga_hid=379078660&ga_fc=false&fws=0&ohw=0&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/ff27d5f.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN (),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
17c6eb54c5592ee6adaa73f0cc0b84f74b980b29e101698ebb365ee5b051cd39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7374
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://holiday.presslogic.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		139 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=547975879344089&correlator=534344953351463&output=ldjh&impl=fifs&eid=31062030%2C31062142%2C31062246%2C31062281%2C31062204%2C20211866%2C31062179%2C31062297&vrg=2021081001&ptt=17&sc=1&sfv=1-0-38&ecs=20210816&iu_parts=123517519%2Cpresslogic-300x600%2Cpresslogic-300x600-article-sidebar-half&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600%7C1x1&prev_scp=subdomain%3Dholiday%26env%3Dproduction%26page_url%3Dhttps%253A%252F%252Fholiday.presslogic.com%26page_type%3Dmain%26inskin_desktop_yes%3Dtrue%26inskin_mobile_yes%3Dtrue%26ad-demo%3D%2520&eri=4&cookie_enabled=1&cdm=holiday.presslogic.com&bc=31&abxe=1&dt=1629099341146&dlt=1629099340437&idt=392&frm=20&biw=1600&bih=1200&oid=3&adxs=1027&adys=4103&adks=3463955818&ucis=5&ifi=5&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fholiday.presslogic.com&loc=https%3A%2F%2Fholiday.presslogic.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x20&msz=300x0&ga_vid=597430667.1629099341&ga_sid=1629099341&ga_hid=379078660&ga_fc=false&fws=0&ohw=0&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/ff27d5f.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN (),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
a641367cdd5f0d6e0e26fb9a3f3c418160182c7b8c7ccc95fda01841acc3c27e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25105
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://holiday.presslogic.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		13 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=547975879344089&correlator=534344953351463&output=ldjh&impl=fifs&eid=31062030%2C31062142%2C31062246%2C31062281%2C31062204%2C20211866%2C31062179%2C31062297&vrg=2021081001&ptt=17&sc=1&sfv=1-0-38&ecs=20210816&iu_parts=123517519%2Cpresslogic-300x250%2Cpresslogic-300x250-article-sidebar-lrec-4&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C1x1&prev_scp=subdomain%3Dholiday%26env%3Dproduction%26page_url%3Dhttps%253A%252F%252Fholiday.presslogic.com%26page_type%3Dmain%26inskin_desktop_yes%3Dtrue%26inskin_mobile_yes%3Dtrue%26ad-demo%3D%2520&eri=4&cookie_enabled=1&cdm=holiday.presslogic.com&bc=31&abxe=1&dt=1629099341149&dlt=1629099340437&idt=392&frm=20&biw=1600&bih=1200&oid=3&adxs=1027&adys=4123&adks=3644655724&ucis=6&ifi=6&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fholiday.presslogic.com&loc=https%3A%2F%2Fholiday.presslogic.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x20&msz=300x0&ga_vid=597430667.1629099341&ga_sid=1629099341&ga_hid=379078660&ga_fc=false&fws=0&ohw=0&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/ff27d5f.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN (),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
a5b14c6fe6d0f6c3949f54bc90c2e2c8261d7fefdcd03252ed84dff4a8d6acb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7463
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://holiday.presslogic.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		487 B
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=547975879344089&correlator=534344953351463&output=ldjh&impl=fifs&eid=31062030%2C31062142%2C31062246%2C31062281%2C31062204%2C20211866%2C31062179%2C31062297&vrg=2021081001&ptt=17&sc=1&sfv=1-0-38&ecs=20210816&iu_parts=123517519%2Cpresslogic-popup%2Cpresslogic-mobile-pop-up-iframe-full&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&prev_scp=subdomain%3Dholiday%26env%3Dproduction%26page_url%3Dhttps%253A%252F%252Fholiday.presslogic.com%26page_type%3Dmain%26inskin_desktop_yes%3Dtrue%26inskin_mobile_yes%3Dtrue%26ad-demo%3D%2520&eri=4&cookie_enabled=1&cdm=holiday.presslogic.com&bc=31&abxe=1&dt=1629099341152&dlt=1629099340437&idt=392&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1646352535&ucis=7&ifi=7&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fholiday.presslogic.com&loc=https%3A%2F%2Fholiday.presslogic.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1&msz=0x-1&ga_vid=597430667.1629099341&ga_sid=1629099341&ga_hid=379078660&ga_fc=false&fws=640&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/ff27d5f.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN (),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
9b080c98b82f314631aeab1af76926dba063440ac1e9e8dddafeb956a02453a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:42 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://holiday.presslogic.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		480 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=547975879344089&correlator=534344953351463&output=ldjh&impl=fifs&eid=31062030%2C31062142%2C31062246%2C31062281%2C31062204%2C20211866%2C31062179%2C31062297&vrg=2021081001&ptt=17&sc=1&sfv=1-0-38&ecs=20210816&iu_parts=123517519%2Cpresslogic-popup%2Cpresslogic-interstitial-image&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&prev_scp=subdomain%3Dholiday%26env%3Dproduction%26page_url%3Dhttps%253A%252F%252Fholiday.presslogic.com%26page_type%3Dmain%26inskin_desktop_yes%3Dtrue%26inskin_mobile_yes%3Dtrue%26ad-demo%3D%2520&eri=4&cookie_enabled=1&cdm=holiday.presslogic.com&bc=31&abxe=1&dt=1629099341155&dlt=1629099340437&idt=392&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=4973&adks=3915609447&ucis=8&ifi=8&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fholiday.presslogic.com&loc=https%3A%2F%2Fholiday.presslogic.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=597430667.1629099341&ga_sid=1629099341&ga_hid=379078660&ga_fc=false&fws=0&ohw=0&btvi=5&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/ff27d5f.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN (),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
b412dce026277f46cd58514e383a5ddb188496de7a675d410d9b8d245760959c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:42 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
250
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://holiday.presslogic.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		462 B
270 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=547975879344089&correlator=534344953351463&output=ldjh&impl=fifs&eid=31062030%2C31062142%2C31062246%2C31062281%2C31062204%2C20211866%2C31062179%2C31062297&vrg=2021081001&ptt=17&sc=1&sfv=1-0-38&ecs=20210816&iu_parts=123517519%2Cpresslogic-1x1-article-top-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&prev_scp=subdomain%3Dholiday%26env%3Dproduction%26page_url%3Dhttps%253A%252F%252Fholiday.presslogic.com%26page_type%3Dmain%26inskin_desktop_yes%3Dtrue%26inskin_mobile_yes%3Dtrue%26ad-demo%3D%2520&eri=4&cookie_enabled=1&cdm=holiday.presslogic.com&bc=31&abxe=1&dt=1629099341156&dlt=1629099340437&idt=392&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=4973&adks=956914594&ucis=9&ifi=9&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fholiday.presslogic.com&loc=https%3A%2F%2Fholiday.presslogic.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=597430667.1629099341&ga_sid=1629099341&ga_hid=379078660&ga_fc=false&fws=0&ohw=0&btvi=6&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/ff27d5f.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN (),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
a98506768a2f465c8ba6c1bc10f22668ca40f3ccecc27b6c7412c267dabc041c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:41 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
240
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://holiday.presslogic.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		462 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=547975879344089&correlator=534344953351463&output=ldjh&impl=fifs&eid=31062030%2C31062142%2C31062246%2C31062281%2C31062204%2C20211866%2C31062179%2C31062297&vrg=2021081001&ptt=17&sc=1&sfv=1-0-38&ecs=20210816&iu_parts=123517519%2Cpresslogic-1x1-article-top-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&prev_scp=subdomain%3Dholiday%26env%3Dproduction%26page_url%3Dhttps%253A%252F%252Fholiday.presslogic.com%26page_type%3Dmain%26inskin_desktop_yes%3Dtrue%26inskin_mobile_yes%3Dtrue%26ad-demo%3D%2520&eri=4&cookie_enabled=1&cdm=holiday.presslogic.com&bc=31&abxe=1&dt=1629099341157&dlt=1629099340437&idt=392&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=4973&adks=3922314216&ucis=a&ifi=10&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fholiday.presslogic.com&loc=https%3A%2F%2Fholiday.presslogic.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=597430667.1629099341&ga_sid=1629099341&ga_hid=379078660&ga_fc=false&fws=0&ohw=0&btvi=7&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/ff27d5f.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN (),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
f52daf4d69d6ae951be55c38f428d13917ae955f72fee89c7460428a3f390c55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:41 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://holiday.presslogic.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=547975879344089&correlator=534344953351463&output=ldjh&impl=fifs&eid=31062030%2C31062142%2C31062246%2C31062281%2C31062204%2C20211866%2C31062179%2C31062297&vrg=2021081001&ptt=17&sc=1&sfv=1-0-38&ecs=20210816&iu_parts=123517519%2Cpresslogic-1x1-article-top-4&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&prev_scp=subdomain%3Dholiday%26env%3Dproduction%26page_url%3Dhttps%253A%252F%252Fholiday.presslogic.com%26page_type%3Dmain%26inskin_desktop_yes%3Dtrue%26inskin_mobile_yes%3Dtrue%26ad-demo%3D%2520&eri=4&cookie_enabled=1&cdm=holiday.presslogic.com&bc=31&abxe=1&dt=1629099341158&dlt=1629099340437&idt=392&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=4973&adks=1383998169&ucis=b&ifi=11&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fholiday.presslogic.com&loc=https%3A%2F%2Fholiday.presslogic.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=597430667.1629099341&ga_sid=1629099341&ga_hid=379078660&ga_fc=false&fws=0&ohw=0&btvi=8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/ff27d5f.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN (),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ba3c0ebd66e3d3c419c666539c3afbcafbd0114fa8727ed3be89241d1961c938
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:41 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7797
x-xss-protection
0
google-lineitem-id
5358482576
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138310170868
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://holiday.presslogic.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		462 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=547975879344089&correlator=534344953351463&output=ldjh&impl=fifs&eid=31062030%2C31062142%2C31062246%2C31062281%2C31062204%2C20211866%2C31062179%2C31062297&vrg=2021081001&ptt=17&sc=1&sfv=1-0-38&ecs=20210816&iu_parts=123517519%2Cpresslogic-1x1-article-top-5&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&prev_scp=subdomain%3Dholiday%26env%3Dproduction%26page_url%3Dhttps%253A%252F%252Fholiday.presslogic.com%26page_type%3Dmain%26inskin_desktop_yes%3Dtrue%26inskin_mobile_yes%3Dtrue%26ad-demo%3D%2520&eri=4&cookie_enabled=1&cdm=holiday.presslogic.com&bc=31&abxe=1&dt=1629099341160&dlt=1629099340437&idt=392&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=4973&adks=3859160431&ucis=c&ifi=12&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fholiday.presslogic.com&loc=https%3A%2F%2Fholiday.presslogic.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=597430667.1629099341&ga_sid=1629099341&ga_hid=379078660&ga_fc=false&fws=0&ohw=0&btvi=9&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/ff27d5f.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN (),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
3c1c45be16cdc4c3f937571eaae7577a412b968be501ee267f450a696058951e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:42 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
241
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://holiday.presslogic.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-75313505-7&cid=597430667.1629099341&jid=1879212531&_u=YEDAAEABAAAAAC~&z=441105643
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-75313505-7&cid=597430667.1629099341&jid=1879212531&_u=YEDAAEABAAAAAC~&z=441105643
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-75313505-12&cid=597430667.1629099341&jid=583955987&_u=YEBAAEAAAAAAAC~&z=1259222209
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-75313505-12&cid=597430667.1629099341&jid=583955987&_u=YEBAAEAAAAAAAC~&z=1259222209
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
facebook-white.png
assets.presslogic.com/presslogic-hk-hd/static/images/ 		434 B
923 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.presslogic.com/presslogic-hk-hd/static/images/facebook-white.png
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c38e0daca00b89a7abd05c03405d75e8c23b5c341754fdfce5663f0f36e1d845

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:41 GMT
cf-cache-status
HIT
age
710338
x-guploader-uploadid
ADPycdsGDhq56fVQ0E3h1OSPunWrU3oicg-CVJU5GCsPIAqlU5Wi2Zb0GquM0wi6lxn1z4oNcu74FaSHklFruQTc9AsDLVQh2A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
10
x-goog-stored-content-encoding
identity
content-type
image/png
content-length
434
last-modified
Fri, 12 Mar 2021 04:05:18 GMT
server
cloudflare
etag
"3c0e335db5a178d13aefa74fec2eb4e3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=WfHFew==, md5=PA4zXbWheNE676dP7C604w==
x-goog-generation
1615521918714402
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=31536000
x-goog-stored-content-length
434
accept-ranges
bytes
cf-ray
67f8fcc26ad54e61-FRA
expires
Tue, 16 Aug 2022 07:35:41 GMT
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2597336253707076&ev=PageView&dl=https%3A%2F%2Fholiday.presslogic.com%2F&rl=&if=false&ts=1629099341196&sw=1600&sh=1200&v=2.9.44&r=stable&ec=0&o=30&fbp=fb.1.1629099341195.1318342067&it=1629099340905&coo=false&rqm=GET
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN (),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:41 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Mon, 16 Aug 2021 07:35:41 GMT
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1686107568269712&ev=fb_page_view&dl=https%3A%2F%2Fholiday.presslogic.com%2F&rl=&if=false&ts=1629099341210&sw=1600&sh=1200&at=
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN (),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:41 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Mon, 16 Aug 2021 07:35:41 GMT
8d937d0f.4197e0b.css
holiday.presslogic.com/my/_nuxt/pages/fb/pages/search/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/pages/fb/pages/search/8d937d0f.4197e0b.css
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/f4e7f19.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1108f1916ae7a8c7298e032eeb7a87fb86f0aa24b3883f62911b6206d5107c2b

Request headers

:path
/my/_nuxt/pages/fb/pages/search/8d937d0f.4197e0b.css
pragma
no-cache
cookie
__asc=d86638a517b4de3346a81b8e241; __auc=d86638a517b4de3346a81b8e241; _ga=GA1.2.597430667.1629099341; _gid=GA1.2.923126546.1629099341; _gat_UA-75313505-12=1; _gat_UA-75313505-7=1; _fbp=fb.1.1629099341195.1318342067
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:41 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
324387
x-cache
HIT
content-type
text/css; charset=UTF-8
x-ua-device
mobile-iphone
x-envoy-upstream-service-time
1
content-encoding
br
last-modified
Fri, 30 Jul 2021 02:30:06 GMT
server
cloudflare
etag
W/"c8f-17af53f53b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
455050566 420753838
cache-control
public, max-age=31536000
cf-ray
67f8fcc2ab3b4e61-FRA
expires
Tue, 16 Aug 2022 07:35:41 GMT
8525797.js
holiday.presslogic.com/my/_nuxt/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/8525797.js
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/f4e7f19.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34f4765beef1963a50e6f26df1523b3b0d0db5fcb77331eb5f5a71243e0ac461

Request headers

:path
/my/_nuxt/8525797.js
pragma
no-cache
cookie
__asc=d86638a517b4de3346a81b8e241; __auc=d86638a517b4de3346a81b8e241; _ga=GA1.2.597430667.1629099341; _gid=GA1.2.923126546.1629099341; _gat_UA-75313505-12=1; _gat_UA-75313505-7=1; _fbp=fb.1.1629099341195.1318342067
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:41 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
2687471
x-cache
HIT
content-type
application/javascript; charset=UTF-8
x-ua-device
pc
x-envoy-upstream-service-time
2
content-encoding
br
last-modified
Fri, 16 Jul 2021 01:41:44 GMT
server
cloudflare
etag
W/"1953-17aacfa03c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
817956587 814995214
cache-control
public, max-age=31536000
cf-ray
67f8fcc2ab3c4e61-FRA
expires
Tue, 16 Aug 2022 07:35:41 GMT
bd35df2a.a198961.css
holiday.presslogic.com/my/_nuxt/pages/search/ 		440 B
414 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/pages/search/bd35df2a.a198961.css
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/f4e7f19.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c83d3b2626e5c7be290676f31d079ab4a3c1013458e1748494cbe3e05145b27

Request headers

:path
/my/_nuxt/pages/search/bd35df2a.a198961.css
pragma
no-cache
cookie
__asc=d86638a517b4de3346a81b8e241; __auc=d86638a517b4de3346a81b8e241; _ga=GA1.2.597430667.1629099341; _gid=GA1.2.923126546.1629099341; _gat_UA-75313505-12=1; _gat_UA-75313505-7=1; _fbp=fb.1.1629099341195.1318342067
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:41 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
5376726
x-cache
HIT
content-type
text/css; charset=UTF-8
x-ua-device
pc
x-envoy-upstream-service-time
2
content-encoding
br
last-modified
Tue, 15 Jun 2021 01:28:45 GMT
server
cloudflare
etag
W/"1b8-17a0d48fcc8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
436446934 458752691
cache-control
public, max-age=31536000
cf-ray
67f8fcc2ab3e4e61-FRA
expires
Tue, 16 Aug 2022 07:35:41 GMT
89dafb4.js
holiday.presslogic.com/my/_nuxt/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/89dafb4.js
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/f4e7f19.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e647c5d18350402817098a6f79853790ace79be9a1bf94cc3c8797addc5cdd34

Request headers

:path
/my/_nuxt/89dafb4.js
pragma
no-cache
cookie
__asc=d86638a517b4de3346a81b8e241; __auc=d86638a517b4de3346a81b8e241; _ga=GA1.2.597430667.1629099341; _gid=GA1.2.923126546.1629099341; _gat_UA-75313505-12=1; _gat_UA-75313505-7=1; _fbp=fb.1.1629099341195.1318342067
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:41 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
2076029
x-cache
MISS
content-type
application/javascript; charset=UTF-8
x-ua-device
pc
x-envoy-upstream-service-time
6
content-encoding
br
last-modified
Mon, 19 Jul 2021 06:19:08 GMT
server
cloudflare
etag
W/"c35-17abd6b0f60"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
882589531
cache-control
public, max-age=31536000
cf-ray
67f8fcc2ab3f4e61-FRA
expires
Tue, 16 Aug 2022 07:35:41 GMT
e776cc8.js
holiday.presslogic.com/my/_nuxt/ 		302 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/e776cc8.js
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/f4e7f19.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26a59f5cd2e558222d7fe0c2883f7e3926c15534d1ea4b846ce1aa2ea79c4adf

Request headers

:path
/my/_nuxt/e776cc8.js
pragma
no-cache
cookie
__asc=d86638a517b4de3346a81b8e241; __auc=d86638a517b4de3346a81b8e241; _ga=GA1.2.597430667.1629099341; _gid=GA1.2.923126546.1629099341; _gat_UA-75313505-12=1; _gat_UA-75313505-7=1; _fbp=fb.1.1629099341195.1318342067
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:41 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
2687478
x-cache
HIT
content-type
application/javascript; charset=UTF-8
x-ua-device
pc
x-envoy-upstream-service-time
2
content-encoding
br
last-modified
Fri, 16 Jul 2021 01:41:44 GMT
server
cloudflare
etag
W/"4b69f-17aacfa03c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
816949076 817172668
cache-control
public, max-age=31536000
cf-ray
67f8fcc2ab434e61-FRA
expires
Tue, 16 Aug 2022 07:35:41 GMT
760b5c95.5b90dde.css
holiday.presslogic.com/my/_nuxt/vendors/pages/article/_wpid/index/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/vendors/pages/article/_wpid/index/760b5c95.5b90dde.css
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/f4e7f19.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ad462c24b7db7dd8b19893f55f6101838f756bbf9473c8ed172389f61ecf1c8

Request headers

:path
/my/_nuxt/vendors/pages/article/_wpid/index/760b5c95.5b90dde.css
pragma
no-cache
cookie
__asc=d86638a517b4de3346a81b8e241; __auc=d86638a517b4de3346a81b8e241; _ga=GA1.2.597430667.1629099341; _gid=GA1.2.923126546.1629099341; _gat_UA-75313505-12=1; _gat_UA-75313505-7=1; _fbp=fb.1.1629099341195.1318342067
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:41 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
1660997
x-cache
MISS
content-type
text/css; charset=UTF-8
x-ua-device
tablet-ipad
x-envoy-upstream-service-time
10
content-encoding
br
last-modified
Mon, 19 Jul 2021 06:19:08 GMT
server
cloudflare
etag
W/"3ad6-17abd6b0f60"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
900805940
cache-control
public, max-age=31536000
cf-ray
67f8fcc2ab414e61-FRA
expires
Tue, 16 Aug 2022 07:35:41 GMT
6448b3d.js
holiday.presslogic.com/my/_nuxt/ 		84 B
194 B 		Script
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/6448b3d.js
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/f4e7f19.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5ab65d9bc23ec6f0a9aa0777bcedb0b5c81722ca1baeb73070fed2421bcbd0c

Request headers

:path
/my/_nuxt/6448b3d.js
pragma
no-cache
cookie
__asc=d86638a517b4de3346a81b8e241; __auc=d86638a517b4de3346a81b8e241; _ga=GA1.2.597430667.1629099341; _gid=GA1.2.923126546.1629099341; _gat_UA-75313505-12=1; _gat_UA-75313505-7=1; _fbp=fb.1.1629099341195.1318342067
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:41 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
2687478
x-cache
HIT
content-type
application/javascript; charset=UTF-8
x-ua-device
pc
x-envoy-upstream-service-time
1
content-encoding
br
last-modified
Fri, 16 Jul 2021 01:41:44 GMT
server
cloudflare
etag
W/"54-17aacfa03c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
819084354 819857772
cache-control
public, max-age=31536000
cf-ray
67f8fcc2ab494e61-FRA
expires
Tue, 16 Aug 2022 07:35:41 GMT
890ca723.c915abf.css
holiday.presslogic.com/my/_nuxt/pages/article/_wpid/index/pages/article/amp/_wpid/index/ 		3 KB
998 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/pages/article/_wpid/index/pages/article/amp/_wpid/index/890ca723.c915abf.css
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/f4e7f19.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8da0c3872beb7b2262f0405bef8d4f6a35b74cfd167d443ba4d2ecd0caf3c9e0

Request headers

:path
/my/_nuxt/pages/article/_wpid/index/pages/article/amp/_wpid/index/890ca723.c915abf.css
pragma
no-cache
cookie
__asc=d86638a517b4de3346a81b8e241; __auc=d86638a517b4de3346a81b8e241; _ga=GA1.2.597430667.1629099341; _gid=GA1.2.923126546.1629099341; _gat_UA-75313505-12=1; _gat_UA-75313505-7=1; _fbp=fb.1.1629099341195.1318342067
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:41 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
376787
x-cache
MISS
content-type
text/css; charset=UTF-8
x-ua-device
bot
x-envoy-upstream-service-time
8
content-encoding
br
last-modified
Fri, 30 Jul 2021 02:30:06 GMT
server
cloudflare
etag
W/"bae-17af53f53b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
352819047
cache-control
public, max-age=31536000
cf-ray
67f8fcc2ab444e61-FRA
expires
Tue, 16 Aug 2022 07:35:41 GMT
e7c6c75.js
holiday.presslogic.com/my/_nuxt/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/e7c6c75.js
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/f4e7f19.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
747de4f700fc38ad6aec697eca9a96c31b522213c90f3b50211c869a5d7f0464

Request headers

:path
/my/_nuxt/e7c6c75.js
pragma
no-cache
cookie
__asc=d86638a517b4de3346a81b8e241; __auc=d86638a517b4de3346a81b8e241; _ga=GA1.2.597430667.1629099341; _gid=GA1.2.923126546.1629099341; _gat_UA-75313505-12=1; _gat_UA-75313505-7=1; _fbp=fb.1.1629099341195.1318342067
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:41 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
2687551
x-cache
HIT
content-type
application/javascript; charset=UTF-8
x-ua-device
mobile-iphone
x-envoy-upstream-service-time
2
content-encoding
br
last-modified
Fri, 16 Jul 2021 01:41:44 GMT
server
cloudflare
etag
W/"2e53-17aacfa03c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
807444885 814328801
cache-control
public, max-age=31536000
cf-ray
67f8fcc2ab4a4e61-FRA
expires
Tue, 16 Aug 2022 07:35:41 GMT
01e7b97c.7ea623f.css
holiday.presslogic.com/my/_nuxt/pages/article/_wpid/index/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/pages/article/_wpid/index/01e7b97c.7ea623f.css
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/f4e7f19.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
503fdf21c73cbd004617290290875aae1c12e70ea356b10206112cb41bc023e0

Request headers

:path
/my/_nuxt/pages/article/_wpid/index/01e7b97c.7ea623f.css
pragma
no-cache
cookie
__asc=d86638a517b4de3346a81b8e241; __auc=d86638a517b4de3346a81b8e241; _ga=GA1.2.597430667.1629099341; _gid=GA1.2.923126546.1629099341; _gat_UA-75313505-12=1; _gat_UA-75313505-7=1; _fbp=fb.1.1629099341195.1318342067
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:41 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
1483630
x-cache
HIT
content-type
text/css; charset=UTF-8
x-ua-device
mobile-iphone
x-envoy-upstream-service-time
1
content-encoding
br
last-modified
Fri, 30 Jul 2021 02:30:06 GMT
server
cloudflare
etag
W/"2935-17af53f53b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
10717621 1940457
cache-control
public, max-age=31536000
cf-ray
67f8fcc2ab484e61-FRA
expires
Tue, 16 Aug 2022 07:35:41 GMT
a96ca58.js
holiday.presslogic.com/my/_nuxt/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/my/_nuxt/a96ca58.js
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/f4e7f19.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
881d7ee9c548267e8868c706be137e571769363579475059b680777d2f8ad88d

Request headers

:path
/my/_nuxt/a96ca58.js
pragma
no-cache
cookie
__asc=d86638a517b4de3346a81b8e241; __auc=d86638a517b4de3346a81b8e241; _ga=GA1.2.597430667.1629099341; _gid=GA1.2.923126546.1629099341; _gat_UA-75313505-12=1; _gat_UA-75313505-7=1; _fbp=fb.1.1629099341195.1318342067
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:41 GMT
via
1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status
HIT
age
493931
x-cache
HIT
content-type
application/javascript; charset=UTF-8
x-ua-device
mobile-iphone
x-envoy-upstream-service-time
1
content-encoding
br
last-modified
Fri, 30 Jul 2021 02:30:06 GMT
server
cloudflare
etag
W/"3598-17af53f53b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin, User-Agent
x-varnish
347069227 353705271
cache-control
public, max-age=31536000
cf-ray
67f8fcc2ab4c4e61-FRA
expires
Tue, 16 Aug 2022 07:35:41 GMT
/
www.facebook.com/login/ Frame 2372
Redirect Chain
  • https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=1686107568269712&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1...
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%3D1686107568269712%26channel%3Dhttps%253A%252F%252Fstaticxx.faceboo...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%3D1686107568269712%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df141000b21ecec%2526domain%253Dholiday.presslogic.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fholiday.presslogic.com%25252Ff1acb6afde47c4c%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttp%253A%252F%252Fwww.facebook.com%252F1177918368921987%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D300
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=aace6a5fd1aa3003b16bfcd07724efb7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%3D1686107568269712%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df141000b21ecec%2526domain%253Dholiday.presslogic.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fholiday.presslogic.com%25252Ff1acb6afde47c4c%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttp%253A%252F%252Fwww.facebook.com%252F1177918368921987%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D300
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://holiday.presslogic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
about:blank

Response headers

vary
Accept-Encoding
content-encoding
br
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
x-fb-rlafr
0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com;font-src data: *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob:;frame-src *.facebook.com fbsbx.com;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-security-policy
default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
NmU00MeFHywpUeF/CZXA8Jyg9G8BjTndUL1XbwjNE7EUlVJXYXzjCrLO8PrC7cxRt+rDUfRPZP1J3UFf0IxSyQ==
date
Mon, 16 Aug 2021 07:35:41 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i

Redirect headers

location
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%3D1686107568269712%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df141000b21ecec%2526domain%253Dholiday.presslogic.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fholiday.presslogic.com%25252Ff1acb6afde47c4c%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttp%253A%252F%252Fwww.facebook.com%252F1177918368921987%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D300
x-fb-rlafr
0
cross-origin-opener-policy
unsafe-none
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info *.atdmt.com blob:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com fbsbx.com *.atdmt.com;report-uri https://www.facebook.com/csp/reporting/;
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version
v4.0
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
Y6KoYdmzzSpeV6gfbHGRWb4OwuvX00g8UkKAiik6LwkRvapt8u9K4m7mhElNqoMeehXuY/VN2YJH/EcG0upnlA==
content-length
0
date
Mon, 16 Aug 2021 07:35:41 GMT
priority
u=3,i
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/21733041/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
348 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:37 GMT
via
1.1 a06d82f018833bef3e7f2e9fd230e5ee.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
last-modified
Mon, 01 Mar 2021 20:42:20 GMT
server
AmazonS3
age
5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
content-length
0
x-amz-cf-id
HNdaHlW9yfTQ-goJDsEDWTKEQf2Do7zURGzMrZ3zEDuPh_sbiPOULA==

Redirect headers

date
Mon, 16 Aug 2021 07:35:41 GMT
via
1.1 a06d82f018833bef3e7f2e9fd230e5ee.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
/internal-c2/default/cs.js
content-length
48
x-amz-cf-id
35weFhqusPE1sUcjbdiAAlz5Nrz6YgoDPkFbnBKoHGLQG8KWvsQ08w==
rum
holiday.presslogic.com/cdn-cgi/ 		0
238 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://holiday.presslogic.com/cdn-cgi/rum?req_id=67f8fcbb9c534e61
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/ff27d5f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-fetch-mode
cors
origin
https://holiday.presslogic.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
empty
content-length
39840
:path
/cdn-cgi/rum?req_id=67f8fcbb9c534e61
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json
accept
*/*
cache-control
no-cache
:authority
holiday.presslogic.com
referer
https://holiday.presslogic.com/
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

date
Mon, 16 Aug 2021 07:35:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://holiday.presslogic.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
67f8fcc32c4d4e61-FRA
vary
Origin
loading.png
assets.presslogic.com/presslogic-hk-hd/static/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.presslogic.com/presslogic-hk-hd/static/images/loading.png
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/d14b5de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95e572491860557badd4d4d1d3e37f1f3c602cc3d163a0cdac6b6523fbee67c3

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:41 GMT
cf-cache-status
HIT
age
983206
x-guploader-uploadid
ADPycduI9jeT_R9OBNmjtu9Gb4DvRTTGD_ljP7dKtaxoXlX8WPwpJaYEGdkWX04FkTYxSv71k8E6MvVbve6DqsIN7-MXofuSbA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
10
x-goog-stored-content-encoding
identity
content-type
image/png
content-length
1692
last-modified
Fri, 12 Mar 2021 04:05:20 GMT
server
cloudflare
etag
"8a583b3705a086f29df69cd898e3ed10"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=DrWs/g==, md5=ilg7NwWghvKd9pzYmOPtEA==
x-goog-generation
1615521920858130
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=31536000
x-goog-stored-content-length
1692
accept-ranges
bytes
cf-ray
67f8fcc33c704e61-FRA
expires
Tue, 16 Aug 2022 07:35:41 GMT
AhHg0hkM4oza4MXdMzbSAqJ8djY7neLeTDcpjSTK.png
assets.presslogic.com/presslogic-hk-hd/images/upload/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.presslogic.com/presslogic-hk-hd/images/upload/AhHg0hkM4oza4MXdMzbSAqJ8djY7neLeTDcpjSTK.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36764ad99858aeabc8630ce12a731d82ec32feb371c88b2572e7f848159127d3

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:41 GMT
cf-cache-status
HIT
age
710338
x-guploader-uploadid
ADPycdun0rlg-V4I_krV9WKKD3xy_nRf6FFTi-xoQezYW72gqbVE-owLs7PyQo8RoayAylO6a7BzYxvHDnCHAnpDAVvuET39IQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
9
x-goog-stored-content-encoding
identity
content-type
image/png
content-length
10269
last-modified
Fri, 12 Mar 2021 05:28:09 GMT
server
cloudflare
etag
"2d7753b68ba0094de669f30c3f7f937e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=55pcBA==, md5=LXdTtougCU3mafMMP3+Tfg==
x-goog-generation
1615526889655790
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=31536000
x-goog-stored-content-length
10269
accept-ranges
bytes
cf-ray
67f8fcc36cc24e61-FRA
expires
Tue, 16 Aug 2022 07:35:41 GMT
instagram-white.png
assets.presslogic.com/presslogic-hk-hd/static/images/ 		558 B
839 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.presslogic.com/presslogic-hk-hd/static/images/instagram-white.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c1ce9c9a9b386bde0f0788bcf893c32952042c6b409d5a86c184f0cfc967727

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:41 GMT
cf-cache-status
HIT
age
656838
x-guploader-uploadid
ADPycdujOb3eJm0nDp5GkSORXsD7213acIbdVYn0zjjXZTYUwMbiNH7vuwv7OIk-HCF1Whxw76_I0eaxZxdpGnqp958
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
10
x-goog-stored-content-encoding
identity
content-type
image/png
content-length
558
last-modified
Fri, 12 Mar 2021 04:05:20 GMT
server
cloudflare
etag
"af21074b14882776e25431cdfdf995bb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=UM87jA==, md5=ryEHSxSIJ3biVDHN/fmVuw==
x-goog-generation
1615521919956450
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=31536000
x-goog-stored-content-length
558
accept-ranges
bytes
cf-ray
67f8fcc36cc44e61-FRA
expires
Tue, 16 Aug 2022 07:35:41 GMT
f332ebcb.jpg
image.presslogic.com/holiday.presslogic.com/wp-content/uploads/2021/08/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.presslogic.com/holiday.presslogic.com/wp-content/uploads/2021/08/f332ebcb.jpg?w=400&auto=format
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
445f0d762cbfbc40b6fcc7587a67b36a25d2f3f91215f83283e077d2e03c2ab3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:41 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Fri, 13 Aug 2021 13:09:43 GMT
server
cloudflare
etag
"cf0NYSfZqmWwSFeMDwfIOPrg:6445d0e1989bafd4671fde17ff5fa52d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000
content-length
27650
accept-ranges
bytes
cf-ray
67f8fcc36cc54e61-FRA
cf-resized
internal=ok/h q=0 n=56 c=51 v=2021.7.7
3e12e216.jpg
image.presslogic.com/holiday.presslogic.com/wp-content/uploads/2021/08/ 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.presslogic.com/holiday.presslogic.com/wp-content/uploads/2021/08/3e12e216.jpg?w=700&auto=format
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7030d1bfd4c94e51a0d21f6b267fb7986a1f482528eb25a4be6a0f2892feee27
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:41 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Fri, 13 Aug 2021 09:22:54 GMT
server
cloudflare
etag
"cfSv7k92Q-L2qCy3PuyqK5xw:d362ddcea8f3c16c0c0778ba0a48ed9e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000
content-length
86568
accept-ranges
bytes
cf-ray
67f8fcc36cc64e61-FRA
cf-resized
internal=ok/h q=0 n=53 c=109 v=2021.7.7
f46d9633.jpg
image.presslogic.com/holiday.presslogic.com/wp-content/uploads/2021/08/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.presslogic.com/holiday.presslogic.com/wp-content/uploads/2021/08/f46d9633.jpg?w=300&auto=format
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af7f50885294a42692ed5f322ba2ee5fd104962d8cbe573e7297b3698d1a41db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:41 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 13 Aug 2021 04:37:10 GMT
server
cloudflare
etag
"cfGuXUkLHpJAF3layPlVOFcA:7844bb5bcf508ce2eb8a3cd39d99c088"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000
content-length
19878
accept-ranges
bytes
cf-ray
67f8fcc36cc74e61-FRA
cf-resized
internal=ok/h q=0 n=45 c=22 v=2021.7.7
AhHg0hkM4oza4MXdMzbSAqJ8djY7neLeTDcpjSTK.png
assets.presslogic.com/presslogic-hk-hd/images/upload/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.presslogic.com/presslogic-hk-hd/images/upload/AhHg0hkM4oza4MXdMzbSAqJ8djY7neLeTDcpjSTK.png
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/d14b5de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36764ad99858aeabc8630ce12a731d82ec32feb371c88b2572e7f848159127d3

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:41 GMT
cf-cache-status
HIT
age
710338
x-guploader-uploadid
ADPycdun0rlg-V4I_krV9WKKD3xy_nRf6FFTi-xoQezYW72gqbVE-owLs7PyQo8RoayAylO6a7BzYxvHDnCHAnpDAVvuET39IQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
9
x-goog-stored-content-encoding
identity
content-type
image/png
content-length
10269
last-modified
Fri, 12 Mar 2021 05:28:09 GMT
server
cloudflare
etag
"2d7753b68ba0094de669f30c3f7f937e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=55pcBA==, md5=LXdTtougCU3mafMMP3+Tfg==
x-goog-generation
1615526889655790
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=31536000
x-goog-stored-content-length
10269
accept-ranges
bytes
cf-ray
67f8fcc37cf44e61-FRA
expires
Tue, 16 Aug 2022 07:35:41 GMT
instagram-white.png
assets.presslogic.com/presslogic-hk-hd/static/images/ 		558 B
627 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.presslogic.com/presslogic-hk-hd/static/images/instagram-white.png
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/d14b5de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c1ce9c9a9b386bde0f0788bcf893c32952042c6b409d5a86c184f0cfc967727

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:41 GMT
cf-cache-status
HIT
age
656838
x-guploader-uploadid
ADPycdujOb3eJm0nDp5GkSORXsD7213acIbdVYn0zjjXZTYUwMbiNH7vuwv7OIk-HCF1Whxw76_I0eaxZxdpGnqp958
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
10
x-goog-stored-content-encoding
identity
content-type
image/png
content-length
558
last-modified
Fri, 12 Mar 2021 04:05:20 GMT
server
cloudflare
etag
"af21074b14882776e25431cdfdf995bb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=UM87jA==, md5=ryEHSxSIJ3biVDHN/fmVuw==
x-goog-generation
1615521919956450
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=31536000
x-goog-stored-content-length
558
accept-ranges
bytes
cf-ray
67f8fcc38cfb4e61-FRA
expires
Tue, 16 Aug 2022 07:35:41 GMT
f46d9633.jpg
image.presslogic.com/holiday.presslogic.com/wp-content/uploads/2021/08/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.presslogic.com/holiday.presslogic.com/wp-content/uploads/2021/08/f46d9633.jpg?w=300&auto=format
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/d14b5de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af7f50885294a42692ed5f322ba2ee5fd104962d8cbe573e7297b3698d1a41db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:41 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 13 Aug 2021 04:37:10 GMT
server
cloudflare
etag
"cfGuXUkLHpJAF3layPlVOFcA:7844bb5bcf508ce2eb8a3cd39d99c088"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000
content-length
19878
accept-ranges
bytes
cf-ray
67f8fcc39d224e61-FRA
cf-resized
internal=ok/h q=0 n=45 c=22 v=2021.7.7
f332ebcb.jpg
image.presslogic.com/holiday.presslogic.com/wp-content/uploads/2021/08/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.presslogic.com/holiday.presslogic.com/wp-content/uploads/2021/08/f332ebcb.jpg?w=400&auto=format
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/d14b5de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
445f0d762cbfbc40b6fcc7587a67b36a25d2f3f91215f83283e077d2e03c2ab3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:41 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 13 Aug 2021 13:09:43 GMT
server
cloudflare
etag
"cf0NYSfZqmWwSFeMDwfIOPrg:6445d0e1989bafd4671fde17ff5fa52d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000
content-length
27650
accept-ranges
bytes
cf-ray
67f8fcc43e554e61-FRA
cf-resized
internal=ok/h q=0 n=56 c=51 v=2021.7.7
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021081001&st=env
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/ff27d5f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d9a25d34669b677255bd55ac3095c0ca88ad5ffe0879bb89df9ce2053380cd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 16 Aug 2021 07:35:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8558
x-xss-protection
0
container.html
08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EC05 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js?31062246
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://holiday.presslogic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://holiday.presslogic.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Mon, 16 Aug 2021 07:35:41 GMT
expires
Tue, 16 Aug 2022 07:35:41 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js?31062246
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
7761979199bf20d25fe4726392f9e6c268295e5d179b2bb5a683cb10fb6ad0d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:41 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1628854342869989"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27733
x-xss-protection
0
expires
Mon, 16 Aug 2021 07:35:41 GMT
ae98b6a3-8ed5-4e9b-b4ce-988ca54dc313
https://holiday.presslogic.com/ 		131 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://holiday.presslogic.com/ae98b6a3-8ed5-4e9b-b4ce-988ca54dc313
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b58ee3d7b8cf7715cb2efcc2910ced1fbeeac027b23a5f5b600cd8c07c100b1f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
131
Content-Type
text/javascript
view
securepubads.g.doubleclick.net/pcs/ Frame CA8E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstRwmEpNJcYQ0KkaZxer_7YYd22bExxfAKdDRXd8te4cdwZ2JFKWwdYPC1ZaxNcwz72MK8twendubKQdClixQtNeBW4M7Un4kHskX9Ru9D67pnUoNZ--d7AnhYaKkNG8R4qbMmlTxzM4dUbQET5AMP5ElES5joMQeI6fVcz6jmz6mUYkd54A0BiYf-kOcysx21yqtLLvJhrzswUHYnUwHOGE8mTjul0jvSJsoeMNbfQdRHuaWFlWPG8rFRvMkedm2a4Dik1PsjWEOOZZMECU9kpcXpGK_rNdaCb60Rd9ZAlS0QRWcFhu5-LTu52_1_8sa74Vas67TLIBOOYvqgKjR7ILbZccA&sai=AMfl-YSo-yOD9Cx9C1s9b5udAvT7yGnK-isH66t8aUY4eBRf_RwuTar-vo0N008V6XylXYGNohrX94Yasl0qQ3eNALXwXa1OMPeHpSkv0qr_C4HNkfH1eNHYnBZVyGuxojce&sig=Cg0ArKJSzKahYrFKBSJOEAE&urlfix=1&adurl=
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN (),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 16 Aug 2021 07:35:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 16 Aug 2021 07:35:41 GMT
holidaypresslogic_12227.js
ads.vidoomy.com/ Frame CA8E 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.vidoomy.com/holidaypresslogic_12227.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js?31062246
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.129.250.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-129-250-65.us-east-2.compute.amazonaws.com
Software
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash
41f9cd0839a2a56085d916434db0241b19cb55d3d1cc317a718b6625813fc16f

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16 Aug 2021 07:35:41 GMT
Server
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By
PHP/7.0.33
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=300
Content-Length
4386
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CA8E 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js?31062246
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
37fbc56848d8a6f47f63521ede0688ab5769b28faecbd34e9fecbfc9e1dcd029
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:41 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1628854326415524"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38195
x-xss-protection
0
expires
Mon, 16 Aug 2021 07:35:41 GMT
3e12e216.jpg
image.presslogic.com/holiday.presslogic.com/wp-content/uploads/2021/08/ 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.presslogic.com/holiday.presslogic.com/wp-content/uploads/2021/08/3e12e216.jpg?w=700&auto=format
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/d14b5de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7030d1bfd4c94e51a0d21f6b267fb7986a1f482528eb25a4be6a0f2892feee27
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:41 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 13 Aug 2021 09:22:54 GMT
server
cloudflare
etag
"cfSv7k92Q-L2qCy3PuyqK5xw:d362ddcea8f3c16c0c0778ba0a48ed9e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000
content-length
86568
accept-ranges
bytes
cf-ray
67f8fcc4dfda4e61-FRA
cf-resized
internal=ok/h q=0 n=53 c=109 v=2021.7.7
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4657 		624 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCNZxCDtmkY1vncrwEwAQ&v=APEucNWk_PYJoYW4JcqOsB54tWIuGx5ew8ehKkX_X1fszMMs9GsUTAVQUNQzv9nujD9_vSHkapWIWu36e5fC_Z_9dA6GCzvpgaZf7tSW93NXDyc68le0ir79t7FHbJ-TnKAkZcD8Q2y5DREVYynDEA45KPXbgqiG9coMrtJjZXDERi9buWRbvYQ
Requested by
Host: 08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
URL: https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CJCNZxCDtmkY1vncrwEwAQ&v=APEucNWk_PYJoYW4JcqOsB54tWIuGx5ew8ehKkX_X1fszMMs9GsUTAVQUNQzv9nujD9_vSHkapWIWu36e5fC_Z_9dA6GCzvpgaZf7tSW93NXDyc68le0ir79t7FHbJ-TnKAkZcD8Q2y5DREVYynDEA45KPXbgqiG9coMrtJjZXDERi9buWRbvYQ
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 16 Aug 2021 07:35:41 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUmXFzByeS4sdg4ZVTCcTJA4UtoNxa4B67j5jTLv740zW65zMRGikTHdrHoT; expires=Sat, 10-Sep-2022 07:35:41 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 16 Aug 2021 07:35:41 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame EC05 		60 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CLGfk2zFC5lWBaXNNmLNQySxbx_VI77fHej3B0ZlB-Btvop5eah3QNUQMW38Xm9R3ISUiF55I6PmQ0VFMlLXc60xU5fHLrOl_TlYC6xiLmAk4mSB32Pgbef500pImYGD7VnHC63KWA6qAgBv061dYtBblKmA&dbm_d=AKAmf-CMK3XjyMNzlk6bpUbYts-M_Bc3ofICE_WjqJzu3Ajtxzbtns-lKEbxXWtjcW7RffnbacFBiqVAOisjfYThXGPFCPtgTkA1qKs0PSARzHSdr1Rb-naH983dA4JSyT-uXJr5uUi-ZjMSIsmavmwtawu_lZyd-mR55Uo8F8yI0wO9pkSqEcHlpt6bzqQ5-kQQd_RXgpUH-651LIJRm0Kdpv9U6fB46oYUEvg3jdpOBJerDNypAbzWYKe5eukQp9BKbo6S3NbmpnXd6nYD3CjcQWbfaq5ESrW80cumWa74lJEfrJA20d4RJ5wjebrQOm1xadwTW5kLuFh0VDjil_lGZVOFgfsI5pKSeBtbKVCn6p4w0NLJE5jgl59duSeVJkjAqBF_C8vEy6-XeCYgPuYA1z3dPzzpegMQEmkPhh4au9gqmrtHZLjjJ_mWc0cC7Jm3wR3kPU2UqEba7oaiWUchsohrItTd1AzQ7eZoMUsAD1ZNlhQ9ZVpuTw1xnTNOcRe-W5XIVhoyoQr84uzkyAdK1yEcaBQTFW6hNe5L4nhcEWS2WKmgd3JUv3cnMr2jxE_F3amUzqwtLKK6Aeh0W3KUL-kcbH40FH9t2-5Bn3RBADeODNFKatYdm3yJ1D14Y92C85s6K6lwkv0EaiwpGiQo-xN8p5VhyhWGWGSJpoF9Er21xpk1enP_Jv7d5Re4isGNDG4U7h_yxx8BbLP2KE5wI8v5u93DbTGWwehPOel-n2Ltanoj8j5Xo08XncXJxZoBDahIYQfwOlfrNbziqDmRdlwBBcdTKhpUyd-oqvMVTPZ11nQDA34LkOh6YYXZYT0Rc1bue9Ed8TG0eKi7fKw_IMgepLdT7GbdxmylTNnRBMjh80Joo4ImvgIAkiyQa8fZk-sIzlmWgGIT8UKb8cTiyzXFdqWB6Vi3cT3SuY7VtQ3YN2YwfQJ_EBEtk2aWemNq9SAt4D10WGmp8QwkJwC7FZXcSfeSMzwnGPt6uPLKp5S-bCMzvtb_Co92gf6YCeCj0JKnEY5qpPYII-MpqgtjT4ck8UlqsQih5hIt-DpzA3iv1M0gWH2DBWA5egfIsk03a6zNAQmE8GOpvwo0NiY-Fr2vZ4PTuxsDJs1MnhMldcx9j481uiGPmtYhc8q0H7SAiePtUe6cWyQPFgw6T7rzTQdtlarYf915be0zI10a1EldWJ9r1ofvcGmhEye-cmz23jFXMBZxr_nECQgar6VjRlla7rFrthJ4XuSwIdRdSH8D4J7gagTdE6xzRHyNb0zDEQVtySvpvACBKVVA1w9EM59oZXGvWpGJmT5glTVET1bM4i6oO3SoM1TBHlS4EROjmZrTLlBUkfals2S4mmnS1eGPWvPAU_l0aJoff3JcZ3JIqPYFYzSV-UnJDlReeFf5wy6mttc9L-HmhF6ca8uUSCIYcHKMwG8t-oJolXWA2agSEGlvQioaCoA_sy34YF6x4Q4G_6p944Ro9_mWaYgAZzsK4-LwUSjusGMCFvhpe15sGzmfKp2yQjG8NghL9rj_lxTv-ZSG2lHaTgjlzb2wG3bB-eHuFfIm1PpAzdEJOqePYsjTB2dRgyqgAIiDTDOWHzrcaQR-IUCMvvpPwDsZGrd-ZsFOcv9dgzPmJtdRyq-ndQyK2M4ZmFeuZGS-J27spWfgiOa4evTI8iWnyiERckXIxt8ag6ZseHeDTWaMHWrlm1qelQlOWRFy7_DD1SWg9rRDgme5GNslZsIW7NiSIPwwRhpRbAhppXuL-mCapDYqEY-VvgsaT4XW90yXfkkOVzduSOIbOz_VhvrgiyBk5s4pQGiUas221kDAHdIwdavdG7DgZ5_kgZWM7EENQsN07FZERdXy7Qo-1ZwQqMcDAFPlmaJo27QxSFQmcqHz_UI7_9cjEFq2D_sp4v-msPqLSeLvI2v1gSBWa4wXKkAuBsmbbtGXgwxRhE-sLetQEvPAvLbGr1JIdhZLimWPQf_kC52nJCoRfxF-Jmxl3JfDNirK30jnERlW-LRILM5J8rF80WgKVm0ayFLVFYkoxzBgNNug93rghExUGXrrAucwtWuD5_rxCdnMyKYYJ5luPcpWW3G1NE-OuxpBG5462d9PbTR9326xgEXriqxGvXbwR_n2c4SeLCMrJUtWtcHJWBA1FoMyxvCaI6LtpUo71g0ohSsA6-c2h3-JuCFENJ9v5Trq94uxCkMj2__2sk4DGx3AzYm4C3_eNBFv5tFBcaaMwBUOqLSxFx_qDMlG-gtFi84EbtZythU80zlJ1hRuHmHuxfeZzBS-teWs7Qy-uc1gcXaCfKxAE_BCbWBkhlg58sGhgiwhL_3zcmOkabcFT-cm0cKZLBaJ1n_lJaPmSRZtW4N9qpJKVYm1_TFOVpsfF-IMaOqBSgund1rdcNtgiAJ5X17lS_uhLomd_gfBXuwQNAz7TLDWzyz1VD40nU03XCw-cn6mYEAWlFKwZE7md7hXxvlrSZV5apvfXbOr7udDAdJKXXBZczGcTqbKeMN8JHr-novWwcHmrc1pUJEuY-vCb3LVvgSr3s8YzS-xi9n9P3cBZZLuWhWKY5teYXSN7E11LZ3yb0cuwg-sefLkvVXxtXCKLAFF3ku72eIyXtws5ccqvSKw3ETcOd3bq-M6T-32Q7F4oH-7UlGgdth1uIxSjUsV-NvrRdvt9NGjUfS1g9aEriQU2UNPQuzKun1qmoKGPFTjtbZvFBF291OxKCeysUEkEgurOxYpkLlSK9V9ShYzirZAPVSd5c1UtGIP2D-tOzrSa88IXvmAvltRamecfU8iYW854mpcywHKSavKjsA98H1MkdX4Yzr_Jo3aDJQBcqNy6cDdLkcyGkfXsb1LtiHqG-HuhkVxRjlFy9RTAztNu-mR98OPqIhn13ISqTseKES4w7xHATtBNDyHfgmR2xxfTpKA6ayR83bSgnS8-YG5mt_mWOM4qvCf4V-f8H2MWUwgcx1xi34EOuEs2CuNl8lxZJdV5TyYC1LQ3j6VFQfmImIWOk2xt-Qu1uFGaZAK_p0CW1tYp6-efkyXxUFPlh0Ijh1XvM1Vtkpl_Uvs01xFYvOZFckESEJ9SxZy33xC47Q7YBCw5DyaUDQ8_fOU5v3HUYNiAm1MnSYmvwGjMcwWzPK-F6ca5oX193U65Sq-XLyWp-fUKaqOY3e3konzwv3SqzmoAz36ncnM-NxGv2nhg2Wg&cid=CAASFeRozz1UVC58fRaJhDl6kIy__HxghQ&rfl=1%2Chttps%253A%252F%252Fholiday.presslogic.com%252F%240
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
96503e04ada430a3ec5cb6b037fdb924008f7b89154a977fe9a455bc2e4bfced
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25160
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EC05 		42 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BfG-Mw2803TWfmF_J084mN7-fcCXq6tzOOgzVk26vGbKsWybQV40PRMUkN139tPOX_n82Ito8N0zsf4YUxK8dlRzkfLjxEjNciTGhNAUwrBa07r4I
Requested by
Host: 08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
URL: https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame EC05 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/window_focus_fy2019.js
Requested by
Host: 08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
URL: https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:26:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
565
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Aug 2021 07:26:16 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EC05 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
URL: https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
37fbc56848d8a6f47f63521ede0688ab5769b28faecbd34e9fecbfc9e1dcd029
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:41 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1628854326415524"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38195
x-xss-protection
0
expires
Mon, 16 Aug 2021 07:35:41 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame EC05 		14 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
URL: https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:28:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
436
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6204
x-xss-protection
0
server
cafe
etag
11055049251678278959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Aug 2021 07:28:25 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js?31062246
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Mon, 16 Aug 2021 07:35:41 GMT
truncated
/ Frame CA8E 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6545222b04476f1895fdc73c3411e0a525609ae3e070250c007a3175d69fb0ff

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
express_html_inpage_rendering_lib_200_273.js
s0.2mdn.net/879366/ Frame EC05 		114 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 09:43:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78712
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40185
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 16 Aug 2021 09:43:49 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210809/r20110914/elements/html/ Frame EC05 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210809/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CLGfk2zFC5lWBaXNNmLNQySxbx_VI77fHej3B0ZlB-Btvop5eah3QNUQMW38Xm9R3ISUiF55I6PmQ0VFMlLXc60xU5fHLrOl_TlYC6xiLmAk4mSB32Pgbef500pImYGD7VnHC63KWA6qAgBv061dYtBblKmA&dbm_d=AKAmf-CMK3XjyMNzlk6bpUbYts-M_Bc3ofICE_WjqJzu3Ajtxzbtns-lKEbxXWtjcW7RffnbacFBiqVAOisjfYThXGPFCPtgTkA1qKs0PSARzHSdr1Rb-naH983dA4JSyT-uXJr5uUi-ZjMSIsmavmwtawu_lZyd-mR55Uo8F8yI0wO9pkSqEcHlpt6bzqQ5-kQQd_RXgpUH-651LIJRm0Kdpv9U6fB46oYUEvg3jdpOBJerDNypAbzWYKe5eukQp9BKbo6S3NbmpnXd6nYD3CjcQWbfaq5ESrW80cumWa74lJEfrJA20d4RJ5wjebrQOm1xadwTW5kLuFh0VDjil_lGZVOFgfsI5pKSeBtbKVCn6p4w0NLJE5jgl59duSeVJkjAqBF_C8vEy6-XeCYgPuYA1z3dPzzpegMQEmkPhh4au9gqmrtHZLjjJ_mWc0cC7Jm3wR3kPU2UqEba7oaiWUchsohrItTd1AzQ7eZoMUsAD1ZNlhQ9ZVpuTw1xnTNOcRe-W5XIVhoyoQr84uzkyAdK1yEcaBQTFW6hNe5L4nhcEWS2WKmgd3JUv3cnMr2jxE_F3amUzqwtLKK6Aeh0W3KUL-kcbH40FH9t2-5Bn3RBADeODNFKatYdm3yJ1D14Y92C85s6K6lwkv0EaiwpGiQo-xN8p5VhyhWGWGSJpoF9Er21xpk1enP_Jv7d5Re4isGNDG4U7h_yxx8BbLP2KE5wI8v5u93DbTGWwehPOel-n2Ltanoj8j5Xo08XncXJxZoBDahIYQfwOlfrNbziqDmRdlwBBcdTKhpUyd-oqvMVTPZ11nQDA34LkOh6YYXZYT0Rc1bue9Ed8TG0eKi7fKw_IMgepLdT7GbdxmylTNnRBMjh80Joo4ImvgIAkiyQa8fZk-sIzlmWgGIT8UKb8cTiyzXFdqWB6Vi3cT3SuY7VtQ3YN2YwfQJ_EBEtk2aWemNq9SAt4D10WGmp8QwkJwC7FZXcSfeSMzwnGPt6uPLKp5S-bCMzvtb_Co92gf6YCeCj0JKnEY5qpPYII-MpqgtjT4ck8UlqsQih5hIt-DpzA3iv1M0gWH2DBWA5egfIsk03a6zNAQmE8GOpvwo0NiY-Fr2vZ4PTuxsDJs1MnhMldcx9j481uiGPmtYhc8q0H7SAiePtUe6cWyQPFgw6T7rzTQdtlarYf915be0zI10a1EldWJ9r1ofvcGmhEye-cmz23jFXMBZxr_nECQgar6VjRlla7rFrthJ4XuSwIdRdSH8D4J7gagTdE6xzRHyNb0zDEQVtySvpvACBKVVA1w9EM59oZXGvWpGJmT5glTVET1bM4i6oO3SoM1TBHlS4EROjmZrTLlBUkfals2S4mmnS1eGPWvPAU_l0aJoff3JcZ3JIqPYFYzSV-UnJDlReeFf5wy6mttc9L-HmhF6ca8uUSCIYcHKMwG8t-oJolXWA2agSEGlvQioaCoA_sy34YF6x4Q4G_6p944Ro9_mWaYgAZzsK4-LwUSjusGMCFvhpe15sGzmfKp2yQjG8NghL9rj_lxTv-ZSG2lHaTgjlzb2wG3bB-eHuFfIm1PpAzdEJOqePYsjTB2dRgyqgAIiDTDOWHzrcaQR-IUCMvvpPwDsZGrd-ZsFOcv9dgzPmJtdRyq-ndQyK2M4ZmFeuZGS-J27spWfgiOa4evTI8iWnyiERckXIxt8ag6ZseHeDTWaMHWrlm1qelQlOWRFy7_DD1SWg9rRDgme5GNslZsIW7NiSIPwwRhpRbAhppXuL-mCapDYqEY-VvgsaT4XW90yXfkkOVzduSOIbOz_VhvrgiyBk5s4pQGiUas221kDAHdIwdavdG7DgZ5_kgZWM7EENQsN07FZERdXy7Qo-1ZwQqMcDAFPlmaJo27QxSFQmcqHz_UI7_9cjEFq2D_sp4v-msPqLSeLvI2v1gSBWa4wXKkAuBsmbbtGXgwxRhE-sLetQEvPAvLbGr1JIdhZLimWPQf_kC52nJCoRfxF-Jmxl3JfDNirK30jnERlW-LRILM5J8rF80WgKVm0ayFLVFYkoxzBgNNug93rghExUGXrrAucwtWuD5_rxCdnMyKYYJ5luPcpWW3G1NE-OuxpBG5462d9PbTR9326xgEXriqxGvXbwR_n2c4SeLCMrJUtWtcHJWBA1FoMyxvCaI6LtpUo71g0ohSsA6-c2h3-JuCFENJ9v5Trq94uxCkMj2__2sk4DGx3AzYm4C3_eNBFv5tFBcaaMwBUOqLSxFx_qDMlG-gtFi84EbtZythU80zlJ1hRuHmHuxfeZzBS-teWs7Qy-uc1gcXaCfKxAE_BCbWBkhlg58sGhgiwhL_3zcmOkabcFT-cm0cKZLBaJ1n_lJaPmSRZtW4N9qpJKVYm1_TFOVpsfF-IMaOqBSgund1rdcNtgiAJ5X17lS_uhLomd_gfBXuwQNAz7TLDWzyz1VD40nU03XCw-cn6mYEAWlFKwZE7md7hXxvlrSZV5apvfXbOr7udDAdJKXXBZczGcTqbKeMN8JHr-novWwcHmrc1pUJEuY-vCb3LVvgSr3s8YzS-xi9n9P3cBZZLuWhWKY5teYXSN7E11LZ3yb0cuwg-sefLkvVXxtXCKLAFF3ku72eIyXtws5ccqvSKw3ETcOd3bq-M6T-32Q7F4oH-7UlGgdth1uIxSjUsV-NvrRdvt9NGjUfS1g9aEriQU2UNPQuzKun1qmoKGPFTjtbZvFBF291OxKCeysUEkEgurOxYpkLlSK9V9ShYzirZAPVSd5c1UtGIP2D-tOzrSa88IXvmAvltRamecfU8iYW854mpcywHKSavKjsA98H1MkdX4Yzr_Jo3aDJQBcqNy6cDdLkcyGkfXsb1LtiHqG-HuhkVxRjlFy9RTAztNu-mR98OPqIhn13ISqTseKES4w7xHATtBNDyHfgmR2xxfTpKA6ayR83bSgnS8-YG5mt_mWOM4qvCf4V-f8H2MWUwgcx1xi34EOuEs2CuNl8lxZJdV5TyYC1LQ3j6VFQfmImIWOk2xt-Qu1uFGaZAK_p0CW1tYp6-efkyXxUFPlh0Ijh1XvM1Vtkpl_Uvs01xFYvOZFckESEJ9SxZy33xC47Q7YBCw5DyaUDQ8_fOU5v3HUYNiAm1MnSYmvwGjMcwWzPK-F6ca5oX193U65Sq-XLyWp-fUKaqOY3e3konzwv3SqzmoAz36ncnM-NxGv2nhg2Wg&cid=CAASFeRozz1UVC58fRaJhDl6kIy__HxghQ&rfl=1%2Chttps%253A%252F%252Fholiday.presslogic.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:32:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
197
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Aug 2021 07:32:24 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210809/r20110914/ Frame EC05 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210809/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CLGfk2zFC5lWBaXNNmLNQySxbx_VI77fHej3B0ZlB-Btvop5eah3QNUQMW38Xm9R3ISUiF55I6PmQ0VFMlLXc60xU5fHLrOl_TlYC6xiLmAk4mSB32Pgbef500pImYGD7VnHC63KWA6qAgBv061dYtBblKmA&dbm_d=AKAmf-CMK3XjyMNzlk6bpUbYts-M_Bc3ofICE_WjqJzu3Ajtxzbtns-lKEbxXWtjcW7RffnbacFBiqVAOisjfYThXGPFCPtgTkA1qKs0PSARzHSdr1Rb-naH983dA4JSyT-uXJr5uUi-ZjMSIsmavmwtawu_lZyd-mR55Uo8F8yI0wO9pkSqEcHlpt6bzqQ5-kQQd_RXgpUH-651LIJRm0Kdpv9U6fB46oYUEvg3jdpOBJerDNypAbzWYKe5eukQp9BKbo6S3NbmpnXd6nYD3CjcQWbfaq5ESrW80cumWa74lJEfrJA20d4RJ5wjebrQOm1xadwTW5kLuFh0VDjil_lGZVOFgfsI5pKSeBtbKVCn6p4w0NLJE5jgl59duSeVJkjAqBF_C8vEy6-XeCYgPuYA1z3dPzzpegMQEmkPhh4au9gqmrtHZLjjJ_mWc0cC7Jm3wR3kPU2UqEba7oaiWUchsohrItTd1AzQ7eZoMUsAD1ZNlhQ9ZVpuTw1xnTNOcRe-W5XIVhoyoQr84uzkyAdK1yEcaBQTFW6hNe5L4nhcEWS2WKmgd3JUv3cnMr2jxE_F3amUzqwtLKK6Aeh0W3KUL-kcbH40FH9t2-5Bn3RBADeODNFKatYdm3yJ1D14Y92C85s6K6lwkv0EaiwpGiQo-xN8p5VhyhWGWGSJpoF9Er21xpk1enP_Jv7d5Re4isGNDG4U7h_yxx8BbLP2KE5wI8v5u93DbTGWwehPOel-n2Ltanoj8j5Xo08XncXJxZoBDahIYQfwOlfrNbziqDmRdlwBBcdTKhpUyd-oqvMVTPZ11nQDA34LkOh6YYXZYT0Rc1bue9Ed8TG0eKi7fKw_IMgepLdT7GbdxmylTNnRBMjh80Joo4ImvgIAkiyQa8fZk-sIzlmWgGIT8UKb8cTiyzXFdqWB6Vi3cT3SuY7VtQ3YN2YwfQJ_EBEtk2aWemNq9SAt4D10WGmp8QwkJwC7FZXcSfeSMzwnGPt6uPLKp5S-bCMzvtb_Co92gf6YCeCj0JKnEY5qpPYII-MpqgtjT4ck8UlqsQih5hIt-DpzA3iv1M0gWH2DBWA5egfIsk03a6zNAQmE8GOpvwo0NiY-Fr2vZ4PTuxsDJs1MnhMldcx9j481uiGPmtYhc8q0H7SAiePtUe6cWyQPFgw6T7rzTQdtlarYf915be0zI10a1EldWJ9r1ofvcGmhEye-cmz23jFXMBZxr_nECQgar6VjRlla7rFrthJ4XuSwIdRdSH8D4J7gagTdE6xzRHyNb0zDEQVtySvpvACBKVVA1w9EM59oZXGvWpGJmT5glTVET1bM4i6oO3SoM1TBHlS4EROjmZrTLlBUkfals2S4mmnS1eGPWvPAU_l0aJoff3JcZ3JIqPYFYzSV-UnJDlReeFf5wy6mttc9L-HmhF6ca8uUSCIYcHKMwG8t-oJolXWA2agSEGlvQioaCoA_sy34YF6x4Q4G_6p944Ro9_mWaYgAZzsK4-LwUSjusGMCFvhpe15sGzmfKp2yQjG8NghL9rj_lxTv-ZSG2lHaTgjlzb2wG3bB-eHuFfIm1PpAzdEJOqePYsjTB2dRgyqgAIiDTDOWHzrcaQR-IUCMvvpPwDsZGrd-ZsFOcv9dgzPmJtdRyq-ndQyK2M4ZmFeuZGS-J27spWfgiOa4evTI8iWnyiERckXIxt8ag6ZseHeDTWaMHWrlm1qelQlOWRFy7_DD1SWg9rRDgme5GNslZsIW7NiSIPwwRhpRbAhppXuL-mCapDYqEY-VvgsaT4XW90yXfkkOVzduSOIbOz_VhvrgiyBk5s4pQGiUas221kDAHdIwdavdG7DgZ5_kgZWM7EENQsN07FZERdXy7Qo-1ZwQqMcDAFPlmaJo27QxSFQmcqHz_UI7_9cjEFq2D_sp4v-msPqLSeLvI2v1gSBWa4wXKkAuBsmbbtGXgwxRhE-sLetQEvPAvLbGr1JIdhZLimWPQf_kC52nJCoRfxF-Jmxl3JfDNirK30jnERlW-LRILM5J8rF80WgKVm0ayFLVFYkoxzBgNNug93rghExUGXrrAucwtWuD5_rxCdnMyKYYJ5luPcpWW3G1NE-OuxpBG5462d9PbTR9326xgEXriqxGvXbwR_n2c4SeLCMrJUtWtcHJWBA1FoMyxvCaI6LtpUo71g0ohSsA6-c2h3-JuCFENJ9v5Trq94uxCkMj2__2sk4DGx3AzYm4C3_eNBFv5tFBcaaMwBUOqLSxFx_qDMlG-gtFi84EbtZythU80zlJ1hRuHmHuxfeZzBS-teWs7Qy-uc1gcXaCfKxAE_BCbWBkhlg58sGhgiwhL_3zcmOkabcFT-cm0cKZLBaJ1n_lJaPmSRZtW4N9qpJKVYm1_TFOVpsfF-IMaOqBSgund1rdcNtgiAJ5X17lS_uhLomd_gfBXuwQNAz7TLDWzyz1VD40nU03XCw-cn6mYEAWlFKwZE7md7hXxvlrSZV5apvfXbOr7udDAdJKXXBZczGcTqbKeMN8JHr-novWwcHmrc1pUJEuY-vCb3LVvgSr3s8YzS-xi9n9P3cBZZLuWhWKY5teYXSN7E11LZ3yb0cuwg-sefLkvVXxtXCKLAFF3ku72eIyXtws5ccqvSKw3ETcOd3bq-M6T-32Q7F4oH-7UlGgdth1uIxSjUsV-NvrRdvt9NGjUfS1g9aEriQU2UNPQuzKun1qmoKGPFTjtbZvFBF291OxKCeysUEkEgurOxYpkLlSK9V9ShYzirZAPVSd5c1UtGIP2D-tOzrSa88IXvmAvltRamecfU8iYW854mpcywHKSavKjsA98H1MkdX4Yzr_Jo3aDJQBcqNy6cDdLkcyGkfXsb1LtiHqG-HuhkVxRjlFy9RTAztNu-mR98OPqIhn13ISqTseKES4w7xHATtBNDyHfgmR2xxfTpKA6ayR83bSgnS8-YG5mt_mWOM4qvCf4V-f8H2MWUwgcx1xi34EOuEs2CuNl8lxZJdV5TyYC1LQ3j6VFQfmImIWOk2xt-Qu1uFGaZAK_p0CW1tYp6-efkyXxUFPlh0Ijh1XvM1Vtkpl_Uvs01xFYvOZFckESEJ9SxZy33xC47Q7YBCw5DyaUDQ8_fOU5v3HUYNiAm1MnSYmvwGjMcwWzPK-F6ca5oX193U65Sq-XLyWp-fUKaqOY3e3konzwv3SqzmoAz36ncnM-NxGv2nhg2Wg&cid=CAASFeRozz1UVC58fRaJhDl6kIy__HxghQ&rfl=1%2Chttps%253A%252F%252Fholiday.presslogic.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f9da31cabd7ad9f32c9a2c18ce1838a6eaeeca9fbf55995a3e5a2abb2aface6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:30:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
308
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9343
x-xss-protection
0
server
cafe
etag
12459758733850244510
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Aug 2021 07:30:33 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 15E6 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://holiday.presslogic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://holiday.presslogic.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Mon, 16 Aug 2021 00:46:54 GMT
expires
Tue, 16 Aug 2022 00:46:54 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
24527
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 6D9B 		783 B
813 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
GSE /
Resource Hash
ae6dadd0b9fb16a8194e26f078bf454bc09719380d50f3d50021c71c12551e7b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-XW5ZzWABr8GasYElcxpblA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://holiday.presslogic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://holiday.presslogic.com/

Response headers

expires
Mon, 16 Aug 2021 07:35:41 GMT
date
Mon, 16 Aug 2021 07:35:41 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-XW5ZzWABr8GasYElcxpblA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rum
dsum-sec.casalemedia.com/ Frame 4657
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAhdguSvpKqjzGNNao3e88c&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAhdguSvpKqjzGNNao3e88c&google_cver=1&C=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAhdguSvpKqjzGNNao3e88c&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCNZxCDtmkY1vncrwEwAQ&v=APEucNWk_PYJoYW4JcqOsB54tWIuGx5ew8ehKkX_X1fszMMs9GsUTAVQUNQzv9nujD9_vSHkapWIWu36e5fC_Z_9dA6GCzvpgaZf7tSW93NXDyc68le0ir79t7FHbJ-TnKAkZcD8Q2y5DREVYynDEA45KPXbgqiG9coMrtJjZXDERi9buWRbvYQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16 Aug 2021 07:35:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 16 Aug 2021 07:35:41 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 16 Aug 2021 07:35:41 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAhdguSvpKqjzGNNao3e88c&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Mon, 16 Aug 2021 07:35:41 GMT
rum
dsum-sec.casalemedia.com/ Frame 4657
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YRoVTZqCTbzC4Oty1tn3LAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAhdguSvpKqjzGNNao3e88c&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAhdguSvpKqjzGNNao3e88c&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCNZxCDtmkY1vncrwEwAQ&v=APEucNWk_PYJoYW4JcqOsB54tWIuGx5ew8ehKkX_X1fszMMs9GsUTAVQUNQzv9nujD9_vSHkapWIWu36e5fC_Z_9dA6GCzvpgaZf7tSW93NXDyc68le0ir79t7FHbJ-TnKAkZcD8Q2y5DREVYynDEA45KPXbgqiG9coMrtJjZXDERi9buWRbvYQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16 Aug 2021 07:35:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 16 Aug 2021 07:35:41 GMT

Redirect headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAhdguSvpKqjzGNNao3e88c&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 4657
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIBGIKJvTnqFuPtedylXAz8&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEIBGIKJvTnqFuPtedylXAz8%26google_cver%3D1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEIBGIKJvTnqFuPtedylXAz8%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCNZxCDtmkY1vncrwEwAQ&v=APEucNWk_PYJoYW4JcqOsB54tWIuGx5ew8ehKkX_X1fszMMs9GsUTAVQUNQzv9nujD9_vSHkapWIWu36e5fC_Z_9dA6GCzvpgaZf7tSW93NXDyc68le0ir79t7FHbJ-TnKAkZcD8Q2y5DREVYynDEA45KPXbgqiG9coMrtJjZXDERi9buWRbvYQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN (),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16 Aug 2021 07:35:41 GMT
X-Proxy-Origin
213.232.87.179; 213.232.87.179; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
08877389-7752-4bb6-ac96-03737b6a6c85
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 16 Aug 2021 07:35:41 GMT
X-Proxy-Origin
213.232.87.179; 213.232.87.179; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
9f8fa6b2-1b33-4ffa-b686-78f9ad68e15d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEIBGIKJvTnqFuPtedylXAz8%26google_cver%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4657
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk1ODgzODQzMjYyMDc4MTIw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk1ODgzODQzMjYyMDc4MTIw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCNZxCDtmkY1vncrwEwAQ&v=APEucNWk_PYJoYW4JcqOsB54tWIuGx5ew8ehKkX_X1fszMMs9GsUTAVQUNQzv9nujD9_vSHkapWIWu36e5fC_Z_9dA6GCzvpgaZf7tSW93NXDyc68le0ir79t7FHbJ-TnKAkZcD8Q2y5DREVYynDEA45KPXbgqiG9coMrtJjZXDERi9buWRbvYQ
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN (),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 16 Aug 2021 07:35:41 GMT
X-Proxy-Origin
213.232.87.179; 213.232.87.179; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
2f8a5d99-1947-4d00-a521-7f13f05afc74
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk1ODgzODQzMjYyMDc4MTIw
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame EC05 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
URL: https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 17:07:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
224870
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 Aug 2022 17:07:51 GMT
truncated
/ Frame EC05 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ea16dee42780c7632193ecbd813d5dfb775e881448219a0bb98694a176e80fd

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
/
www.facebook.com/tr/ 		0
15 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN (),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryw27BBc57o8U1eBAe

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Mon, 16 Aug 2021 07:35:41 GMT
content-type
text/plain
access-control-allow-origin
https://holiday.presslogic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame CE8F 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Mon, 16 Aug 2021 00:46:47 GMT
expires
Tue, 16 Aug 2022 00:46:47 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
24534
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
index.html
s0.2mdn.net/5762573/1626254229071/ Frame AEDD 		42 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/5762573/1626254229071/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
787a420648dba63de75fd3ae2a52e5deffa2534f99a68039548c5f32d5023c6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/5762573/1626254229071/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
13197
date
Sun, 15 Aug 2021 10:23:58 GMT
expires
Mon, 16 Aug 2021 10:23:58 GMT
last-modified
Wed, 14 Jul 2021 09:17:09 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
76303
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame EC05 		0
592 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstMF-3UpkXqeKgTGUqyC2FtotNzJIFVAjTgNZrSgv6XxMd-0zlXIiLNghEdQdSUmjOVB5alfc24p9FroQGAEXKkv2PxjJpkQ4n0fGzDCxK_kLP9p70BgZzoIbDn4wIiPYCxtV8GHurZHndIuTc6dSknGRpzqFJubcjSSr_NKiPKvLs6gj7fdW3IeD2DSSQ9NnRjW7Qjtdlt14_VV2mJVZpXpj86uMZFoGWvs4HYXJzYZqSVRQbq0rEV67i6PIltLV59Pjg150z1yt658TNL5wE7Z1LDD28taw-b39BoWXppwOSoM-4tUgSLg40kZCMR21YrZny8wyRKC0gNrbv1pyM_bLi3YaOCKczeKdbnanrukAi31793GFLBFMS50Pbhgih89dCHxDCavVo-NnFbpqn0pT3x7dgLb16bpLzznrRBgofSkB1Gy15l5VqWtS_AH64lDYxL4cfWB4FZCIlyF4MguBo9J1Es_n_HF6O7ZzLdG5XLZhA35X0b34UCNOTceb3Vt3zEz6QWgqyYi3smQcnk-gwfFVV6ox0XogURfaXnoDKKYdRdprx_uHQ8JKpWnIorroM--eixTUzOzk1AvcVSZeumHhaSJ0N1DYRXoo8LusmuzYRS6EWLZEbxpmKDKgVes_UzMRXJLoG7Dnz8Eru7pozi79yUd1M4PVWlaDX294z7YK9Ance7w8ifUD0hiOUc-Whz2RGJ1IX3UzCt0hcpaLDs-NDIxVfK2Sw29zS78RQDASmeo5-jj1VgxpcPPr0XCGw9FKUoxrrirNI6D9Ntzet8YciKujE3aOI5b0sJvrdAeIOcKHUX8X51ZZrFQ1H0vLqnx5FPTwbLxTa-8mC0tyXUMRU-WWjIB5fqXRP5FRbQ6QE3cvhcRLka4BnLotVixrJuls4cfu5nAPnuTjxxMS7RowUIJPCZB7h8ew2Z91ZBAeGQQlPvkrau0RAPYaQUe-66Yhd-A80wCyycuVawpWxsucTwyq9_yeCVVNXKfBR_G-iuImCT64uAhvkTURoC7xZYSrdlEEyWsao3UO6DfvnXLriz2XlsI0qd8ak0JhwklteVSKB-b4sgeP0UlnpLGavKAfwNWDqMK-oI8Q9tIliEtf5IZ4JtSpeSDPPThndsbFEmuLl_J21SlCRVj38QYJHEAz1HxTAJy9VOBN72OUXt_2_SiPNuOAGhSfNNiTeHjJ3HX43PIHn2vmY3rpe1PQ&sai=AMfl-YS5lqtjIuCOf87wHQ3qXLMUg0oKxXPAEynJDlunskLtjvPXC27wvLxLWXCX1GvSWh4QWfP8iKSDWqR9Rx-9ijGNVnUWVfJoxoQ3NIZ5ruVv9BdvbqSev6mxS8sitn0MeRUSe2czdhzRwT-a4tnCCHYxGl9eUg-uYDgepYQ&sig=Cg0ArKJSzKFxn41SX_ghEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=81&cbvp=1&cstd=78&cisv=r20210809.14031&adurl=
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN (),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Mon, 16 Aug 2021 07:35:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gNlTKBZ5R8AAOiwGb4ScEkJ-hJdRSD5i8Nb9VbYnj7U.js
pagead2.googlesyndication.com/bg/ Frame 15E6 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gNlTKBZ5R8AAOiwGb4ScEkJ-hJdRSD5i8Nb9VbYnj7U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80d95328167947c0003a2c066f849c12427e849751483e62f0d6fd55b6278fb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 15:52:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
56619
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13306
x-xss-protection
0
last-modified
Tue, 03 Aug 2021 09:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 15 Aug 2022 15:52:02 GMT
gNlTKBZ5R8AAOiwGb4ScEkJ-hJdRSD5i8Nb9VbYnj7U.js
pagead2.googlesyndication.com/bg/ Frame CE8F 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gNlTKBZ5R8AAOiwGb4ScEkJ-hJdRSD5i8Nb9VbYnj7U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80d95328167947c0003a2c066f849c12427e849751483e62f0d6fd55b6278fb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 15:52:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
56619
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13306
x-xss-protection
0
last-modified
Tue, 03 Aug 2021 09:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 15 Aug 2022 15:52:02 GMT
gsap_3.2.4_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame AEDD 		57 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5762573/1626254229071/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/5762573/1626254229071/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23276
x-xss-protection
0
last-modified
Thu, 05 Mar 2020 03:53:22 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 16 Aug 2021 07:35:41 GMT
container.html
08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F112 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js?31062246
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://holiday.presslogic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://holiday.presslogic.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Mon, 16 Aug 2021 07:35:41 GMT
expires
Tue, 16 Aug 2022 07:35:41 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
imagesxqkq4mihc7kqqavopjdi.jpg
s0.2mdn.net/5762573/1626254229071/ Frame AEDD 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5762573/1626254229071/imagesxqkq4mihc7kqqavopjdi.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5762573/1626254229071/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
57094f413279468aec48e27575d858ea7979a867788ed1120f6192e2fe7140ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/5762573/1626254229071/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 10:23:58 GMT
x-content-type-options
nosniff
last-modified
Wed, 14 Jul 2021 09:17:09 GMT
server
sffe
age
76303
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1083
x-xss-protection
0
expires
Mon, 16 Aug 2021 10:23:58 GMT
0152248ca6fd3eecc73b6b43f7521c59.png
s0.2mdn.net/5762573/1626254229071/ Frame AEDD 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5762573/1626254229071/0152248ca6fd3eecc73b6b43f7521c59.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5762573/1626254229071/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
1fc439cefd3df15d3a55ec84c735eeb7ec3422f4803534624ba2e5dd44936482
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/5762573/1626254229071/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 10:23:58 GMT
x-content-type-options
nosniff
last-modified
Wed, 14 Jul 2021 09:17:09 GMT
server
sffe
age
76303
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12693
x-xss-protection
0
expires
Mon, 16 Aug 2021 10:23:58 GMT
imagesjwd1xy5p5tvkwcv9g2dy.png
s0.2mdn.net/5762573/1626254229071/ Frame AEDD 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5762573/1626254229071/imagesjwd1xy5p5tvkwcv9g2dy.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5762573/1626254229071/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
8c9f2f7036ef7b1e4a9efe172c079cc136c1a2babffb00add9895c8c4f72bfa6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/5762573/1626254229071/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 10:23:58 GMT
x-content-type-options
nosniff
last-modified
Wed, 14 Jul 2021 09:17:09 GMT
server
sffe
age
76303
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2655
x-xss-protection
0
expires
Mon, 16 Aug 2021 10:23:58 GMT
75d80cf66daea47fa0ac28075ac1219e.png
s0.2mdn.net/5762573/1626254229071/ Frame AEDD 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5762573/1626254229071/75d80cf66daea47fa0ac28075ac1219e.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5762573/1626254229071/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
192ce45115302bb7202d16fb8eac17a5cfcb359e0f9a6348b316774991348ba8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/5762573/1626254229071/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 10:23:58 GMT
x-content-type-options
nosniff
last-modified
Wed, 14 Jul 2021 09:17:09 GMT
server
sffe
age
76303
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59317
x-xss-protection
0
expires
Mon, 16 Aug 2021 10:23:58 GMT
cc86cbb364ded7d7b39b45a38dba1529.png
s0.2mdn.net/5762573/1626254229071/ Frame AEDD 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5762573/1626254229071/cc86cbb364ded7d7b39b45a38dba1529.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5762573/1626254229071/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
4103ccf167d53c0b9a5fdd5df1d05e935bc69a579d103f61854bfa3091bf5cc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/5762573/1626254229071/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 10:23:58 GMT
x-content-type-options
nosniff
last-modified
Wed, 14 Jul 2021 09:17:09 GMT
server
sffe
age
76303
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47407
x-xss-protection
0
expires
Mon, 16 Aug 2021 10:23:58 GMT
1cf06c9569d704d8e0a5380596c34c9b.png
s0.2mdn.net/5762573/1626254229071/ Frame AEDD 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5762573/1626254229071/1cf06c9569d704d8e0a5380596c34c9b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5762573/1626254229071/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
002f30f9530ff18be5fef9bc2dccac6f7982a2e5ca5f9eeef662f4a354fc2426
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/5762573/1626254229071/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 10:23:58 GMT
x-content-type-options
nosniff
last-modified
Wed, 14 Jul 2021 09:17:09 GMT
server
sffe
age
76303
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44202
x-xss-protection
0
expires
Mon, 16 Aug 2021 10:23:58 GMT
d61e1adc05b703014b6ce771b2a3430b.png
s0.2mdn.net/5762573/1626254229071/ Frame AEDD 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5762573/1626254229071/d61e1adc05b703014b6ce771b2a3430b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5762573/1626254229071/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
c26388169a1c9a5ad9a24d13308ac4ee4c708a2a91f54b186f7ff32a0b3428c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/5762573/1626254229071/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 10:23:58 GMT
x-content-type-options
nosniff
last-modified
Wed, 14 Jul 2021 09:17:09 GMT
server
sffe
age
76303
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27555
x-xss-protection
0
expires
Mon, 16 Aug 2021 10:23:58 GMT
70ec7f3c5668ea3d1be044f46a29730b.png
s0.2mdn.net/5762573/1626254229071/ Frame AEDD 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5762573/1626254229071/70ec7f3c5668ea3d1be044f46a29730b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5762573/1626254229071/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
aadec4c72d6732dfc94c76c94e38be18b3e817c0607ce864f6a3ca5a4b26601a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/5762573/1626254229071/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 10:23:58 GMT
x-content-type-options
nosniff
last-modified
Wed, 14 Jul 2021 09:17:09 GMT
server
sffe
age
76303
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12466
x-xss-protection
0
expires
Mon, 16 Aug 2021 10:23:58 GMT
truncated
/ Frame AEDD 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cc4858f93b8a1aa64b45c9b7bcf4b74e39a818a27fb9c50b397b92ee83f1f5c0

Request headers

Origin
https://s0.2mdn.net
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
font/truetype;charset=utf-8
view
googleads4.g.doubleclick.net/pcs/ Frame EC05 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstMF-3UpkXqeKgTGUqyC2FtotNzJIFVAjTgNZrSgv6XxMd-0zlXIiLNghEdQdSUmjOVB5alfc24p9FroQGAEXKkv2PxjJpkQ4n0fGzDCxK_kLP9p70BgZzoIbDn4wIiPYCxtV8GHurZHndIuTc6dSknGRpzqFJubcjSSr_NKiPKvLs6gj7fdW3IeD2DSSQ9NnRjW7Qjtdlt14_VV2mJVZpXpj86uMZFoGWvs4HYXJzYZqSVRQbq0rEV67i6PIltLV59Pjg150z1yt658TNL5wE7Z1LDD28taw-b39BoWXppwOSoM-4tUgSLg40kZCMR21YrZny8wyRKC0gNrbv1pyM_bLi3YaOCKczeKdbnanrukAi31793GFLBFMS50Pbhgih89dCHxDCavVo-NnFbpqn0pT3x7dgLb16bpLzznrRBgofSkB1Gy15l5VqWtS_AH64lDYxL4cfWB4FZCIlyF4MguBo9J1Es_n_HF6O7ZzLdG5XLZhA35X0b34UCNOTceb3Vt3zEz6QWgqyYi3smQcnk-gwfFVV6ox0XogURfaXnoDKKYdRdprx_uHQ8JKpWnIorroM--eixTUzOzk1AvcVSZeumHhaSJ0N1DYRXoo8LusmuzYRS6EWLZEbxpmKDKgVes_UzMRXJLoG7Dnz8Eru7pozi79yUd1M4PVWlaDX294z7YK9Ance7w8ifUD0hiOUc-Whz2RGJ1IX3UzCt0hcpaLDs-NDIxVfK2Sw29zS78RQDASmeo5-jj1VgxpcPPr0XCGw9FKUoxrrirNI6D9Ntzet8YciKujE3aOI5b0sJvrdAeIOcKHUX8X51ZZrFQ1H0vLqnx5FPTwbLxTa-8mC0tyXUMRU-WWjIB5fqXRP5FRbQ6QE3cvhcRLka4BnLotVixrJuls4cfu5nAPnuTjxxMS7RowUIJPCZB7h8ew2Z91ZBAeGQQlPvkrau0RAPYaQUe-66Yhd-A80wCyycuVawpWxsucTwyq9_yeCVVNXKfBR_G-iuImCT64uAhvkTURoC7xZYSrdlEEyWsao3UO6DfvnXLriz2XlsI0qd8ak0JhwklteVSKB-b4sgeP0UlnpLGavKAfwNWDqMK-oI8Q9tIliEtf5IZ4JtSpeSDPPThndsbFEmuLl_J21SlCRVj38QYJHEAz1HxTAJy9VOBN72OUXt_2_SiPNuOAGhSfNNiTeHjJ3HX43PIHn2vmY3rpe1PQ&sai=AMfl-YS5lqtjIuCOf87wHQ3qXLMUg0oKxXPAEynJDlunskLtjvPXC27wvLxLWXCX1GvSWh4QWfP8iKSDWqR9Rx-9ijGNVnUWVfJoxoQ3NIZ5ruVv9BdvbqSev6mxS8sitn0MeRUSe2czdhzRwT-a4tnCCHYxGl9eUg-uYDgepYQ&sig=Cg0ArKJSzKFxn41SX_ghEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=244&vt=11&dtpt=163&dett=3&cstd=78&cisv=r20210809.14031&adurl=
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN (),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Mon, 16 Aug 2021 07:35:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
pixel
googleads.g.doubleclick.net/xbbe/ Frame F5AF 		624 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYpsvZlQEwAQ&v=APEucNWM3ROScElVa-NfY7evYaeAagEdFoDtLlJlprOejxJuF_fHZTWR_DymVN8VtB1SwH9OoXCN7KLo7uFQp41XBiLB-leQCv_8PYydXThTn75vWGpn95wcy9JJpDhnjZOpAcqWiitMFGNdmnA9_VM_NiJ75jRSrpDVSk7-hEyv3hrxLA9Z7OY
Requested by
Host: 08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
URL: https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CN-KGhCn9EsYpsvZlQEwAQ&v=APEucNWM3ROScElVa-NfY7evYaeAagEdFoDtLlJlprOejxJuF_fHZTWR_DymVN8VtB1SwH9OoXCN7KLo7uFQp41XBiLB-leQCv_8PYydXThTn75vWGpn95wcy9JJpDhnjZOpAcqWiitMFGNdmnA9_VM_NiJ75jRSrpDVSk7-hEyv3hrxLA9Z7OY
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnRn5BflH__RB6AYBIjBrZoQ5E3csSCR854CmVP14JPAputkI7iROsBNWWiMCU; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 16 Aug 2021 07:35:41 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 16 Aug 2021 07:35:41 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame F112 		25 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AS39ZQnCqygagLSsppyrVdKQAxnh1631MS-tOW1YF_JW2HnTjKaVvrsDBblUpOWdvcffSVA4ErmPbWNrjyjCOERE8jyweqfpFyx2tL6C6Enro1BgC4U90dUa-8Osmm2OQ8Q_9P6QVbKbkpJbUOQipECDIVZg&cry=1&dbm_d=AKAmf-CfAVITXj2w2zghvNy7hX8gMJSp9hF9qE7kyDHzEDJL5YHsMJpT8Rq4-wPzJ6BQC3IMoXbjB0ubFf8273xVQ1sPh3beeyXnQGlrTmv1-jC7zHt7uaY00DPJ-O4XSpyTp_w9-PAPmda43kFO7ZGxcUtEJ1AkjIJWfrmYTpWk_u73BJUQzpHBrVFZ-urAQyYD3RacnMr7IMmLa1suQGkxXhBIBmt53qtrpXKPkHOecgjIll-bY8RGtrPA45BBbgrTXrPd4B0g_QFSDPWjyXXEEKWEYSYTnRZi4vi-dh2WanTfUfcdoDUG7K5n1otvPxmrZHBMLqO25fSZA2rzHUFH6q5D96x0e0iC0mPfDUcPanYC37t2G3T4uO8IQlby56rtyBt3DyNxEROo7i8K1Gaf8rkhpqeiNYzzrq2Q7X5337fLsnnJP_hMO5uppR5xn0O-LLL0QRoOLD70ijT8YO1D53mLQCUp8kWpIrHwnptl7nzC_LNzRXYlI3N3EgaOTHZbv3vKIwajZ2KvhmPehvaWx31YDFfeel6DbHfbZdIG9Jofq__ZNceIo-blzGiFh0vE_pYUZKCSSlpL2h3t_-fzrkmGLEwJAnx3bghUlGtcZDCmPcW_FMSIjWU4BhxZNxTbxRnxPXcYJ_B3LiAUIHsemRvUM2SdSPeZcC_Gp5oi8LtbdimXjNq1uMd-9MDTya44BWO9NmRhwFKdSUfxiPgmrfmv1KNtBvrD3_T6D0za-0Y9yrFu4TC3X4CtaiOllE91bKFxzAJ2hLde6ICOspTsTmk685mEdPL2oXQuYENMyhbLRadqW6cGPeOdxCJfe-0CJZhh0u5pyynBGiCVilbheaQi7euqmw-3hJ7sYJOSqOeO8tlSqz9bQxxW3WRBeJt3Z8JQFBuC0_J9xkVTiZJHO-bDVQ_gJD_faBhU6ldunkkMsr7F_K4_UM-lla8_oA9wkx01PlwGMF4G8qVPnYzIRNPvSL_kMfDKQhgkEy1_v92hKec7hT4wIonmQL-YtHqm4maXukzj9jDLj8hVIWHEFAyGv9QlFvacz6vA-MOKHE933VUx8mTcppWWsm6nbx8IGbd8-aQzym8i-SDeaw1aeffMwiMYemd9ZccQwNls3BZ0UBC_tr7bXgcBWeVClcALYjUFlWYDpEvhRU1u0ykPKtB8-ct5_vvor5JTMVT8XeScvJeh_j2D6hGPoKFDeHo-5pZhG_4mCk1ACqndyRUSXmtA8VllVOi0TR7dmZSHz3IWxXDcSqeogFdwjgo594pgmmcnEY7Gx51B7znrI8AyogDyrlf_6Qhb_j-lcbWWqLTermee46ZhIbY4LLiFb3K7ymUby2O3e7AML8Ej7rv-M7O0HqzJWKuP4rRhuRTp0A_vuo--Sw6vTQZ7HzWT4OUoG8GBqjB7qiI0hXdDGxPVM2T60fQYjGCcTSYEyew56rvijyOKbbmuKzTJG8U-OCTYZA2Ei66IcJLlQQfOIQw1TXpYiEiVxS64tKWyIcUtFU48vnKwZYxxApci_Tc8ydVk4zqJefUHxpwVqtmfnooG_2K7WbBHpXp6l-0Lsdqthwk31QqXkIr7wZEL5fw1uzcmtmgzkBUy2N7ifP6Yg28_00eRACcIgjcfnPrq8I_hXnKptQE8WMTbvVHkYkVnH5QR-uroARzSi8CcQBskpVFuxqFlW5IsEpGKNa691Zde771b2Bn7O0-PCWyhE__weKoiwan08NWDaTb-86Ik-BHP__Fr5IIbAG4VJKDgUA3D60roI2qcsbGQgMpVHC5sSCfgCg9Tu_ihYl09JhwcDNhOU2XXJNYYdhrk5qZYlk1g2_mPSwrHpf5gZmFd7RkUwMwsoy_F_vmd9qArRziDogzNMJxH1wdiddOCQ5GyYMvfCc6dPKDggCSuj9bKUcWYTjuvITzBiWJiWLw1UXE7HVbKd2OiNCxMZ7BOwJJtCMduYOcq-dLZT3KmCSEdzlkMJy0NnMoIwjrK2fhggocfJxKqVsBKZSX8845vIkLDUbc5pkddEEKBemwFb47JwXOTUCNih-c53C0mB54GNFeMpVMa-CHLtUjHlDVJBhJoLxdr5II8hffIbOz985mKquBBEV0ZAwp5uPWzjgOQTzyIQgFLCk8LEmHdWWwBGzhj_pqsn2r2E6WZkl8h3FxGweugUXUGcVNBBvDhs6lnmFsfT9tqUqx7pMtVEvccHoejrgDvLQrHMMy2_SpxOIc8wGuZnxnw7ucOa-KbI8j2zstejNrzj8LiaOzRm6LN90nv_KdrP1N4nyUJOZiW1rZEhbApZOhaXWz2XYD7zs3hedhgHYA13qQ0_UlPzHJ5H2iJpb5xr-5we8SKg8-UAeobfdmrLNrT-OvBAxJ3yx-A_eKkzriahnGfKQSNYQ-CyMxUUmyC4WFB1B86hBeKgiuxQq_ifSVrDeWUCY2L5RxQktJNvLAQWbpN0tavNcY2wZyA-L9nZD4iKXytQrocisDlK24jDLNmFB0--ugBATqdh_LQiEE6Uxx7Q_x8zjRluCBnwJoSFmSLfGeCaphJYpbs9p2AbzArhnA6KBBTAU2kGv_fBNjSaDsbPznK9H0nxwXkLoM0mFrNtX3nqIaG98MYxXAo7dTzR4nJ6LWyzedKE8PGZoml5KrZYRSiWIKMVZM3ZHiViB2sdEJLJHra7BhzyZB0gnybyaO7S1QG5G2yHZyIM6ZZDAFjEHRFAtoNnqjWU99Q1ZIkodLCNawoNg77MEA6mev7n1I2rcadfSdn8Vpw4owHCvbA-2cxLdrh3Ynemg14N1_bFfsRrgExWMfwip28mCtA70G0KOlNdKfhIVRDBYep8yBhUvNMbf5aK8z1kaeMwvRW1Y4LOUTo7WudIhR2HgwQ5nF8Myb4toND3ZRBYATKG48yxgWyaj8TMvlAZZr0MZcyFZFNKRVvBXiUHRUAMZeFsNZ8JjgDDIDojf6o6pPJkiUQVO9lG3gvFgdMy2JsOBjYvQ-egm4bCLsFzn0AIVhhWDzkByvxuPVFbAVHvCn1Qs5lWY8Fp32XMoLif0SqR5CkGJ6x-AdQHk3-uq5015m8kpLhA7QoorK0hla4vrBP9TErZau0zSvninbeK7j7nz4SM5r4HL8OtBdr5eJYe2rPP87Q4SiQnUdTg0hiQdnuB8G3d6J-1r45vjEBpCla-28Isb8ODEr_tCczzcEaN5z0QmBCHqbIAZzcNWJDFYos700KduwanmYoG_z73HIPvgyspX9ckJA&cid=CAASFeRomKFtfVCnDtVUN80UhjBoQqK1NQ&rfl=1%2Chttps%253A%252F%252Fholiday.presslogic.com%252F%240
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9fa10c61eb18b3a4cadfeb44cb0e7d1dec2e300f5157cb1966acfae8b7d0d8fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13049
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F112 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C_UWpUfMNeHnu1R3yt0cd9w7Mu8DOqD8JME7G4JT8qsZR_qR-voFzeROMAKzOGuxMseLLhD3W_B3r-yhxxv628q-ONxY7CALzJsdhftGhIzWtYrn8
Requested by
Host: 08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
URL: https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame F112 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/window_focus_fy2019.js
Requested by
Host: 08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
URL: https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:31:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
267
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Aug 2021 07:31:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F112 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
URL: https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
37fbc56848d8a6f47f63521ede0688ab5769b28faecbd34e9fecbfc9e1dcd029
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:41 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1628854326415524"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38195
x-xss-protection
0
expires
Mon, 16 Aug 2021 07:35:41 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame F112 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
URL: https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:32:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
169
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6204
x-xss-protection
0
server
cafe
etag
11055049251678278959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Aug 2021 07:32:52 GMT
formats.js
ad.lkqd.net/vpaid/ Frame 77A3 		118 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/formats.js
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN (),
Reverse DNS
Software
/
Resource Hash
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:42 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 00:09:23 GMT
etag
"286704660baa2c113268f28385080796"
x-hw
1629099342.cds143.am5.hn,1629099342.cds264.am5.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
35765
formats.js
ad.lkqd.net/vpaid/ Frame 6D0A 		118 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/formats.js
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN (),
Reverse DNS
Software
/
Resource Hash
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:42 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 00:09:23 GMT
etag
"286704660baa2c113268f28385080796"
x-hw
1629099342.cds143.am5.hn,1629099342.cds264.am5.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
35765
cookie
a.vidoomy.com/api/rtbserver/ Frame 3D92
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
  • https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
43 B
290 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.86.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-86-56.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

:method
GET
:authority
a.vidoomy.com
:scheme
https
:path
/api/rtbserver/cookie?i=CEN&uid=no-consent
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://holiday.presslogic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://holiday.presslogic.com/

Response headers

date
Mon, 16 Aug 2021 07:35:42 GMT
content-type
image/gif
content-length
43
content-encoding
none
set-cookie
vidoomy-uids=eyJ1aWRzIjp7IkNFTiI6eyJ1aWQiOiJuby1jb25zZW50IiwiZXhwaXJlcyI6MTYzMTY5MTM0Mn19fQ==; Path=/; Domain=vidoomy.com; Expires=Tue, 16 Aug 2022 07:35:42 GMT; Secure; SameSite=None
vary
Origin

Redirect headers

cache-control
max-age=0,no-cache,no-store
pragma
no-cache
expires
Tue, 11 Oct 1977 12:34:56 GMT
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
content-length
0
date
Mon, 16 Aug 2021 07:35:41 GMT
server
AC1.1
cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=vidoomy&user_id=946186937.33051721505295326.8488918
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=946186937.33051721505295326.8488918
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dvidoomy%26bsw_param%3Dcc792c78-a41d-4864-be0f-2f9886fcfaa...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=704e611a-154d-4000-a806-bfaa261b6118&expires=30&ssp=vidoomy&bsw_param=cc792c78-a41d-4864-be0f-2f9886fcfaa8&gdpr=&gdpr_consent=
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=cc792c78-a41d-4864-be0f-2f9886fcfaa8
43 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=cc792c78-a41d-4864-be0f-2f9886fcfaa8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.86.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-86-56.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:42 GMT
content-encoding
none
content-length
43
vary
Origin
content-type
image/gif

Redirect headers

location
//a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=cc792c78-a41d-4864-be0f-2f9886fcfaa8
date
Mon, 16 Aug 2021 07:35:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain
  • https://sync.1rx.io/usersync2/vidoomy?redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DUN%26uid%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=104520718
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=104520718
  • https://sync.1rx.io/usersync/tradedesk/b85658ec-c6e1-4e7e-aa6a-e06004a73bb6
  • https://sync.targeting.unrulymedia.com/csync/RX-537074f1-4f2a-4d49-9b93-e8749fc493ca-003?redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DUN%26uid%3DRX-537074f1-4f2a-4d49-9b93-e87...
  • https://a.vidoomy.com/api/rtbserver/cookie?i=UN&uid=RX-537074f1-4f2a-4d49-9b93-e8749fc493ca-003
43 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=UN&uid=RX-537074f1-4f2a-4d49-9b93-e8749fc493ca-003
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.86.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-86-56.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:42 GMT
content-encoding
none
content-length
43
vary
Origin
content-type
image/gif

Redirect headers

location
https://a.vidoomy.com/api/rtbserver/cookie?i=UN&uid=RX-537074f1-4f2a-4d49-9b93-e8749fc493ca-003
date
Mon, 16 Aug 2021 07:35:42 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX537074f14f2a4d499b93e8749fc493ca003
content-type
text/html
auto-user-sync
ads.stickyadstv.com/ 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/auto-user-sync
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.21.112 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a184-30-21-112.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16 Aug 2021 07:35:42 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1629099341934064-367
Expires
Mon, 16 Aug 2021 07:35:42 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210809/r20110914/ Frame F112 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210809/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AS39ZQnCqygagLSsppyrVdKQAxnh1631MS-tOW1YF_JW2HnTjKaVvrsDBblUpOWdvcffSVA4ErmPbWNrjyjCOERE8jyweqfpFyx2tL6C6Enro1BgC4U90dUa-8Osmm2OQ8Q_9P6QVbKbkpJbUOQipECDIVZg&cry=1&dbm_d=AKAmf-CfAVITXj2w2zghvNy7hX8gMJSp9hF9qE7kyDHzEDJL5YHsMJpT8Rq4-wPzJ6BQC3IMoXbjB0ubFf8273xVQ1sPh3beeyXnQGlrTmv1-jC7zHt7uaY00DPJ-O4XSpyTp_w9-PAPmda43kFO7ZGxcUtEJ1AkjIJWfrmYTpWk_u73BJUQzpHBrVFZ-urAQyYD3RacnMr7IMmLa1suQGkxXhBIBmt53qtrpXKPkHOecgjIll-bY8RGtrPA45BBbgrTXrPd4B0g_QFSDPWjyXXEEKWEYSYTnRZi4vi-dh2WanTfUfcdoDUG7K5n1otvPxmrZHBMLqO25fSZA2rzHUFH6q5D96x0e0iC0mPfDUcPanYC37t2G3T4uO8IQlby56rtyBt3DyNxEROo7i8K1Gaf8rkhpqeiNYzzrq2Q7X5337fLsnnJP_hMO5uppR5xn0O-LLL0QRoOLD70ijT8YO1D53mLQCUp8kWpIrHwnptl7nzC_LNzRXYlI3N3EgaOTHZbv3vKIwajZ2KvhmPehvaWx31YDFfeel6DbHfbZdIG9Jofq__ZNceIo-blzGiFh0vE_pYUZKCSSlpL2h3t_-fzrkmGLEwJAnx3bghUlGtcZDCmPcW_FMSIjWU4BhxZNxTbxRnxPXcYJ_B3LiAUIHsemRvUM2SdSPeZcC_Gp5oi8LtbdimXjNq1uMd-9MDTya44BWO9NmRhwFKdSUfxiPgmrfmv1KNtBvrD3_T6D0za-0Y9yrFu4TC3X4CtaiOllE91bKFxzAJ2hLde6ICOspTsTmk685mEdPL2oXQuYENMyhbLRadqW6cGPeOdxCJfe-0CJZhh0u5pyynBGiCVilbheaQi7euqmw-3hJ7sYJOSqOeO8tlSqz9bQxxW3WRBeJt3Z8JQFBuC0_J9xkVTiZJHO-bDVQ_gJD_faBhU6ldunkkMsr7F_K4_UM-lla8_oA9wkx01PlwGMF4G8qVPnYzIRNPvSL_kMfDKQhgkEy1_v92hKec7hT4wIonmQL-YtHqm4maXukzj9jDLj8hVIWHEFAyGv9QlFvacz6vA-MOKHE933VUx8mTcppWWsm6nbx8IGbd8-aQzym8i-SDeaw1aeffMwiMYemd9ZccQwNls3BZ0UBC_tr7bXgcBWeVClcALYjUFlWYDpEvhRU1u0ykPKtB8-ct5_vvor5JTMVT8XeScvJeh_j2D6hGPoKFDeHo-5pZhG_4mCk1ACqndyRUSXmtA8VllVOi0TR7dmZSHz3IWxXDcSqeogFdwjgo594pgmmcnEY7Gx51B7znrI8AyogDyrlf_6Qhb_j-lcbWWqLTermee46ZhIbY4LLiFb3K7ymUby2O3e7AML8Ej7rv-M7O0HqzJWKuP4rRhuRTp0A_vuo--Sw6vTQZ7HzWT4OUoG8GBqjB7qiI0hXdDGxPVM2T60fQYjGCcTSYEyew56rvijyOKbbmuKzTJG8U-OCTYZA2Ei66IcJLlQQfOIQw1TXpYiEiVxS64tKWyIcUtFU48vnKwZYxxApci_Tc8ydVk4zqJefUHxpwVqtmfnooG_2K7WbBHpXp6l-0Lsdqthwk31QqXkIr7wZEL5fw1uzcmtmgzkBUy2N7ifP6Yg28_00eRACcIgjcfnPrq8I_hXnKptQE8WMTbvVHkYkVnH5QR-uroARzSi8CcQBskpVFuxqFlW5IsEpGKNa691Zde771b2Bn7O0-PCWyhE__weKoiwan08NWDaTb-86Ik-BHP__Fr5IIbAG4VJKDgUA3D60roI2qcsbGQgMpVHC5sSCfgCg9Tu_ihYl09JhwcDNhOU2XXJNYYdhrk5qZYlk1g2_mPSwrHpf5gZmFd7RkUwMwsoy_F_vmd9qArRziDogzNMJxH1wdiddOCQ5GyYMvfCc6dPKDggCSuj9bKUcWYTjuvITzBiWJiWLw1UXE7HVbKd2OiNCxMZ7BOwJJtCMduYOcq-dLZT3KmCSEdzlkMJy0NnMoIwjrK2fhggocfJxKqVsBKZSX8845vIkLDUbc5pkddEEKBemwFb47JwXOTUCNih-c53C0mB54GNFeMpVMa-CHLtUjHlDVJBhJoLxdr5II8hffIbOz985mKquBBEV0ZAwp5uPWzjgOQTzyIQgFLCk8LEmHdWWwBGzhj_pqsn2r2E6WZkl8h3FxGweugUXUGcVNBBvDhs6lnmFsfT9tqUqx7pMtVEvccHoejrgDvLQrHMMy2_SpxOIc8wGuZnxnw7ucOa-KbI8j2zstejNrzj8LiaOzRm6LN90nv_KdrP1N4nyUJOZiW1rZEhbApZOhaXWz2XYD7zs3hedhgHYA13qQ0_UlPzHJ5H2iJpb5xr-5we8SKg8-UAeobfdmrLNrT-OvBAxJ3yx-A_eKkzriahnGfKQSNYQ-CyMxUUmyC4WFB1B86hBeKgiuxQq_ifSVrDeWUCY2L5RxQktJNvLAQWbpN0tavNcY2wZyA-L9nZD4iKXytQrocisDlK24jDLNmFB0--ugBATqdh_LQiEE6Uxx7Q_x8zjRluCBnwJoSFmSLfGeCaphJYpbs9p2AbzArhnA6KBBTAU2kGv_fBNjSaDsbPznK9H0nxwXkLoM0mFrNtX3nqIaG98MYxXAo7dTzR4nJ6LWyzedKE8PGZoml5KrZYRSiWIKMVZM3ZHiViB2sdEJLJHra7BhzyZB0gnybyaO7S1QG5G2yHZyIM6ZZDAFjEHRFAtoNnqjWU99Q1ZIkodLCNawoNg77MEA6mev7n1I2rcadfSdn8Vpw4owHCvbA-2cxLdrh3Ynemg14N1_bFfsRrgExWMfwip28mCtA70G0KOlNdKfhIVRDBYep8yBhUvNMbf5aK8z1kaeMwvRW1Y4LOUTo7WudIhR2HgwQ5nF8Myb4toND3ZRBYATKG48yxgWyaj8TMvlAZZr0MZcyFZFNKRVvBXiUHRUAMZeFsNZ8JjgDDIDojf6o6pPJkiUQVO9lG3gvFgdMy2JsOBjYvQ-egm4bCLsFzn0AIVhhWDzkByvxuPVFbAVHvCn1Qs5lWY8Fp32XMoLif0SqR5CkGJ6x-AdQHk3-uq5015m8kpLhA7QoorK0hla4vrBP9TErZau0zSvninbeK7j7nz4SM5r4HL8OtBdr5eJYe2rPP87Q4SiQnUdTg0hiQdnuB8G3d6J-1r45vjEBpCla-28Isb8ODEr_tCczzcEaN5z0QmBCHqbIAZzcNWJDFYos700KduwanmYoG_z73HIPvgyspX9ckJA&cid=CAASFeRomKFtfVCnDtVUN80UhjBoQqK1NQ&rfl=1%2Chttps%253A%252F%252Fholiday.presslogic.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f9da31cabd7ad9f32c9a2c18ce1838a6eaeeca9fbf55995a3e5a2abb2aface6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:30:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
309
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9343
x-xss-protection
0
server
cafe
etag
12459758733850244510
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Aug 2021 07:30:33 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame F112 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AS39ZQnCqygagLSsppyrVdKQAxnh1631MS-tOW1YF_JW2HnTjKaVvrsDBblUpOWdvcffSVA4ErmPbWNrjyjCOERE8jyweqfpFyx2tL6C6Enro1BgC4U90dUa-8Osmm2OQ8Q_9P6QVbKbkpJbUOQipECDIVZg&cry=1&dbm_d=AKAmf-CfAVITXj2w2zghvNy7hX8gMJSp9hF9qE7kyDHzEDJL5YHsMJpT8Rq4-wPzJ6BQC3IMoXbjB0ubFf8273xVQ1sPh3beeyXnQGlrTmv1-jC7zHt7uaY00DPJ-O4XSpyTp_w9-PAPmda43kFO7ZGxcUtEJ1AkjIJWfrmYTpWk_u73BJUQzpHBrVFZ-urAQyYD3RacnMr7IMmLa1suQGkxXhBIBmt53qtrpXKPkHOecgjIll-bY8RGtrPA45BBbgrTXrPd4B0g_QFSDPWjyXXEEKWEYSYTnRZi4vi-dh2WanTfUfcdoDUG7K5n1otvPxmrZHBMLqO25fSZA2rzHUFH6q5D96x0e0iC0mPfDUcPanYC37t2G3T4uO8IQlby56rtyBt3DyNxEROo7i8K1Gaf8rkhpqeiNYzzrq2Q7X5337fLsnnJP_hMO5uppR5xn0O-LLL0QRoOLD70ijT8YO1D53mLQCUp8kWpIrHwnptl7nzC_LNzRXYlI3N3EgaOTHZbv3vKIwajZ2KvhmPehvaWx31YDFfeel6DbHfbZdIG9Jofq__ZNceIo-blzGiFh0vE_pYUZKCSSlpL2h3t_-fzrkmGLEwJAnx3bghUlGtcZDCmPcW_FMSIjWU4BhxZNxTbxRnxPXcYJ_B3LiAUIHsemRvUM2SdSPeZcC_Gp5oi8LtbdimXjNq1uMd-9MDTya44BWO9NmRhwFKdSUfxiPgmrfmv1KNtBvrD3_T6D0za-0Y9yrFu4TC3X4CtaiOllE91bKFxzAJ2hLde6ICOspTsTmk685mEdPL2oXQuYENMyhbLRadqW6cGPeOdxCJfe-0CJZhh0u5pyynBGiCVilbheaQi7euqmw-3hJ7sYJOSqOeO8tlSqz9bQxxW3WRBeJt3Z8JQFBuC0_J9xkVTiZJHO-bDVQ_gJD_faBhU6ldunkkMsr7F_K4_UM-lla8_oA9wkx01PlwGMF4G8qVPnYzIRNPvSL_kMfDKQhgkEy1_v92hKec7hT4wIonmQL-YtHqm4maXukzj9jDLj8hVIWHEFAyGv9QlFvacz6vA-MOKHE933VUx8mTcppWWsm6nbx8IGbd8-aQzym8i-SDeaw1aeffMwiMYemd9ZccQwNls3BZ0UBC_tr7bXgcBWeVClcALYjUFlWYDpEvhRU1u0ykPKtB8-ct5_vvor5JTMVT8XeScvJeh_j2D6hGPoKFDeHo-5pZhG_4mCk1ACqndyRUSXmtA8VllVOi0TR7dmZSHz3IWxXDcSqeogFdwjgo594pgmmcnEY7Gx51B7znrI8AyogDyrlf_6Qhb_j-lcbWWqLTermee46ZhIbY4LLiFb3K7ymUby2O3e7AML8Ej7rv-M7O0HqzJWKuP4rRhuRTp0A_vuo--Sw6vTQZ7HzWT4OUoG8GBqjB7qiI0hXdDGxPVM2T60fQYjGCcTSYEyew56rvijyOKbbmuKzTJG8U-OCTYZA2Ei66IcJLlQQfOIQw1TXpYiEiVxS64tKWyIcUtFU48vnKwZYxxApci_Tc8ydVk4zqJefUHxpwVqtmfnooG_2K7WbBHpXp6l-0Lsdqthwk31QqXkIr7wZEL5fw1uzcmtmgzkBUy2N7ifP6Yg28_00eRACcIgjcfnPrq8I_hXnKptQE8WMTbvVHkYkVnH5QR-uroARzSi8CcQBskpVFuxqFlW5IsEpGKNa691Zde771b2Bn7O0-PCWyhE__weKoiwan08NWDaTb-86Ik-BHP__Fr5IIbAG4VJKDgUA3D60roI2qcsbGQgMpVHC5sSCfgCg9Tu_ihYl09JhwcDNhOU2XXJNYYdhrk5qZYlk1g2_mPSwrHpf5gZmFd7RkUwMwsoy_F_vmd9qArRziDogzNMJxH1wdiddOCQ5GyYMvfCc6dPKDggCSuj9bKUcWYTjuvITzBiWJiWLw1UXE7HVbKd2OiNCxMZ7BOwJJtCMduYOcq-dLZT3KmCSEdzlkMJy0NnMoIwjrK2fhggocfJxKqVsBKZSX8845vIkLDUbc5pkddEEKBemwFb47JwXOTUCNih-c53C0mB54GNFeMpVMa-CHLtUjHlDVJBhJoLxdr5II8hffIbOz985mKquBBEV0ZAwp5uPWzjgOQTzyIQgFLCk8LEmHdWWwBGzhj_pqsn2r2E6WZkl8h3FxGweugUXUGcVNBBvDhs6lnmFsfT9tqUqx7pMtVEvccHoejrgDvLQrHMMy2_SpxOIc8wGuZnxnw7ucOa-KbI8j2zstejNrzj8LiaOzRm6LN90nv_KdrP1N4nyUJOZiW1rZEhbApZOhaXWz2XYD7zs3hedhgHYA13qQ0_UlPzHJ5H2iJpb5xr-5we8SKg8-UAeobfdmrLNrT-OvBAxJ3yx-A_eKkzriahnGfKQSNYQ-CyMxUUmyC4WFB1B86hBeKgiuxQq_ifSVrDeWUCY2L5RxQktJNvLAQWbpN0tavNcY2wZyA-L9nZD4iKXytQrocisDlK24jDLNmFB0--ugBATqdh_LQiEE6Uxx7Q_x8zjRluCBnwJoSFmSLfGeCaphJYpbs9p2AbzArhnA6KBBTAU2kGv_fBNjSaDsbPznK9H0nxwXkLoM0mFrNtX3nqIaG98MYxXAo7dTzR4nJ6LWyzedKE8PGZoml5KrZYRSiWIKMVZM3ZHiViB2sdEJLJHra7BhzyZB0gnybyaO7S1QG5G2yHZyIM6ZZDAFjEHRFAtoNnqjWU99Q1ZIkodLCNawoNg77MEA6mev7n1I2rcadfSdn8Vpw4owHCvbA-2cxLdrh3Ynemg14N1_bFfsRrgExWMfwip28mCtA70G0KOlNdKfhIVRDBYep8yBhUvNMbf5aK8z1kaeMwvRW1Y4LOUTo7WudIhR2HgwQ5nF8Myb4toND3ZRBYATKG48yxgWyaj8TMvlAZZr0MZcyFZFNKRVvBXiUHRUAMZeFsNZ8JjgDDIDojf6o6pPJkiUQVO9lG3gvFgdMy2JsOBjYvQ-egm4bCLsFzn0AIVhhWDzkByvxuPVFbAVHvCn1Qs5lWY8Fp32XMoLif0SqR5CkGJ6x-AdQHk3-uq5015m8kpLhA7QoorK0hla4vrBP9TErZau0zSvninbeK7j7nz4SM5r4HL8OtBdr5eJYe2rPP87Q4SiQnUdTg0hiQdnuB8G3d6J-1r45vjEBpCla-28Isb8ODEr_tCczzcEaN5z0QmBCHqbIAZzcNWJDFYos700KduwanmYoG_z73HIPvgyspX9ckJA&cid=CAASFeRomKFtfVCnDtVUN80UhjBoQqK1NQ&rfl=1%2Chttps%253A%252F%252Fholiday.presslogic.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 17:07:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
224871
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 Aug 2022 17:07:51 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame CA8E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuK2GzftHRReN6YwB4htfnd5I0LRILBIwtJiPcF-nGId6GKsBWAClmIocWYWmBzYfZmmCZ-rzn4TOpOtJZGWClpfys93zUn3HZSmTdWmgHFRtn17J6OezfirnzJMymB5OOay8aHBJOkLZhc6SA5ZPP6H3Ft_JDOlILJ2wJ9bc5SsYA-i1egSSDNTJRqIJT5i88wA_P6bnx9oun1SDPlGUqE1Oc3SQ4B3VAs8ZU-FJjBA8fQvhuo9O-rJE_pD6e-Dod86eV4w9KYJTC-TfU_esJVeP3OYcx7gkEKcazr2XsNhDrg7ZVz4s6X-bz1ua_0YM1jg_31nx3YHMGruoIQZMXuHrTnbs_0&sai=AMfl-YRKgt6blgm7xKTLd1ZDRCNOH1Mq6PrA0RHzDHXqFrq5YO7yBFySOQpFTG7_FCvzH20DPpt1kDBuZ0eCSsmYenmQA4UaTGG5ljTzQlFtRNMpGCPhlA55i6CVgpbUBMG4&sig=Cg0ArKJSzDmqpMKr5vnZEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN (),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 16 Aug 2021 07:35:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 16 Aug 2021 07:35:42 GMT
rum
dsum-sec.casalemedia.com/ Frame F5AF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAhdguSvpKqjzGNNao3e88c&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAhdguSvpKqjzGNNao3e88c&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYpsvZlQEwAQ&v=APEucNWM3ROScElVa-NfY7evYaeAagEdFoDtLlJlprOejxJuF_fHZTWR_DymVN8VtB1SwH9OoXCN7KLo7uFQp41XBiLB-leQCv_8PYydXThTn75vWGpn95wcy9JJpDhnjZOpAcqWiitMFGNdmnA9_VM_NiJ75jRSrpDVSk7-hEyv3hrxLA9Z7OY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16 Aug 2021 07:35:42 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 16 Aug 2021 07:35:42 GMT

Redirect headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAhdguSvpKqjzGNNao3e88c&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame F5AF
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YRoVTZ5GFt-0elHUZePuwwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAhdguSvpKqjzGNNao3e88c&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAhdguSvpKqjzGNNao3e88c&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYpsvZlQEwAQ&v=APEucNWM3ROScElVa-NfY7evYaeAagEdFoDtLlJlprOejxJuF_fHZTWR_DymVN8VtB1SwH9OoXCN7KLo7uFQp41XBiLB-leQCv_8PYydXThTn75vWGpn95wcy9JJpDhnjZOpAcqWiitMFGNdmnA9_VM_NiJ75jRSrpDVSk7-hEyv3hrxLA9Z7OY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16 Aug 2021 07:35:42 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 16 Aug 2021 07:35:42 GMT

Redirect headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAhdguSvpKqjzGNNao3e88c&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame F5AF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIBGIKJvTnqFuPtedylXAz8&google_cver=1
43 B
1005 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEIBGIKJvTnqFuPtedylXAz8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYpsvZlQEwAQ&v=APEucNWM3ROScElVa-NfY7evYaeAagEdFoDtLlJlprOejxJuF_fHZTWR_DymVN8VtB1SwH9OoXCN7KLo7uFQp41XBiLB-leQCv_8PYydXThTn75vWGpn95wcy9JJpDhnjZOpAcqWiitMFGNdmnA9_VM_NiJ75jRSrpDVSk7-hEyv3hrxLA9Z7OY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN (),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16 Aug 2021 07:35:42 GMT
X-Proxy-Origin
213.232.87.179; 213.232.87.179; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
34514ce9-3ca5-4bd7-86b8-d70f3d02f341
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEIBGIKJvTnqFuPtedylXAz8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F5AF
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk1ODgzODQzMjYyMDc4MTIw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk1ODgzODQzMjYyMDc4MTIw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYpsvZlQEwAQ&v=APEucNWM3ROScElVa-NfY7evYaeAagEdFoDtLlJlprOejxJuF_fHZTWR_DymVN8VtB1SwH9OoXCN7KLo7uFQp41XBiLB-leQCv_8PYydXThTn75vWGpn95wcy9JJpDhnjZOpAcqWiitMFGNdmnA9_VM_NiJ75jRSrpDVSk7-hEyv3hrxLA9Z7OY
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN (),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 16 Aug 2021 07:35:42 GMT
X-Proxy-Origin
213.232.87.179; 213.232.87.179; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
9d2dcec9-0e2b-4aaa-bda8-dd1bded59729
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk1ODgzODQzMjYyMDc4MTIw
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame E418 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Mon, 16 Aug 2021 00:46:47 GMT
expires
Tue, 16 Aug 2022 00:46:47 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
24535
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
mu72dqmlk6df
hal9000.redintelligence.net/zone/ Frame F112 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/mu72dqmlk6df?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZWOOTRUaYayVH-mL7_UP1IWi6AbisNzwX6v77-n3DPAuEAEg75PENGCRhICAjBjIAQmpAkjW9MUDyrM-qAMBqgTuAU_QDVmfZ4kXUv-RDHIywYC5WE7abWV6P5qI9UlZewQpRTtZ8Fgfqqt7FtqOdFhwS0dr11Pe2zhHl0bsm4reg7WMND_jMCAzHNcX6Ox_3FhWWkUn5QbBYNBALnZ9gapjt-mstVivgKY4J9Z2WZWEQaD4Ow_W_yG35qfILuxj2ryxoQqfLLfVkRc2lW4E56mjmgCoEDH3KII-f80b_SZVt0inBCyNz_zZZDEZZK2hY38nJQwq4JAGGoGY53YiPEphZkas3MgRTcrDMpCoLe8TzVI3Wv7M55kYWbzsdhggQakIdZ9A-GquU2uECRAnudTABNvzvffUAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG6gHqpuxAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAaIMCCoGCgT4nrECsBOX5bIK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRomKFtfVCnDtVUN80UhjBoQqK1NQ%26sig%3DAOD64_0u_ie63OUUEOnySipquqEzo8kcVA%26client%3Dca-pub-9582422795991114%26dbm_c%3DAKAmf-DBYdjGIdyV9xHQfcj7kPafGsmhPrmd0qFUS1Aks9hYQvfJrlhXPyqHRKpv0QPn3u-BEXKPaoxUqnp_WnP7ukrrAT0EvpX3yaA1Ymc3NUjiCEFB4qedvEGFpiuMUIYKZqGlfuZw0-nxGrGy0dhKnENEMOKoEQ%26cry%3D1%26dbm_d%3DAKAmf-Bh2oaa9hAw85EnZi17mwbfjO9I6Kx2LX7mOIqBTL4bCD8yuNvX9n3_xQsERIyZaufu-3mUj_zxRl_AyklSpeCsS7N4CukXh3-wHXBmL983U9gucojJrVWrQMlXbk1SVZPYlfukYl1bK5CDGO8bPbABB9i6HfmjnKlefdWDbR0Rxjp22Gv_FSRORYDqIwYwyJ951kQtzcJX3ch9ru4R5BOI6oB5lZrA6QNYitzEGrQhzThpHbU05x3MuRQva5rctTdFRi1gQ9Mp5JO29l8ML1JSYbJX8BlxhluiS4qiDZebv8J231Je8bXcb2GUthZ_dGoucgAgD8Z2oaNC8tZVsJAF7krMZpB-9Q3fLOszvrdzgLU94aiqui_SZyCuk3ITaJBzRsGxDLEYBWVly8cwZVa0lzATVbSZXUOVh1wUfILIpFLlbTB6ayqmOHtkC7goevhli9com7n2778cCidUfS0dX2FEIA%26adurl%3D
Requested by
Host: 08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
URL: https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
908655ae4a844e806e5542be8b86a5b748bf79a8b8a911c36239420e0fe4f098

Request headers

Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 16 Aug 2021 07:35:42 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3942
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021081001&jk=547975879344089&bg=!RUalRgLNAAbOj6irzo87ACkAdvg8WjvbtctWbQl74F_nFvFa6sgxz11x0TeFDitLW1SqicrNW6j3VgIAAADZUgAAABBoAQcKAMJ_Q_o1PvCr5fz1id8ALEBgFzNq9WoTL6vf9k58Djkfh86uCJ0G9kydRQyOl5aZxyL9p8pE5H-9mFsMHcwXGeoP2zsr9oqKJV-QqZN5FCCe6HhemaGzwUc-RFXiszzBwvWFMkprYyuoghCr14Qa4gd7gsoMWOjdMTdjA6Xy4vLd8EUHzcTmTkB6i45lYTe8GYZzHUTYR905zCxiCyn7PRU2MtHHTr5PSwj45FjnXfqH7VmHV4UNISlKriG01sT-xw83q5kCm0Px-ZNSk_J1Yy2K2HBpmMf9zEVnJM3ZZfsg5Ny3XAMdfG9_r999cjl2Ppq9NE3wNwcFK9HdZdaom6JWbMbafa_owHCsZOJQwV0y0HXebVbJRGMEjKdZMTL6_JMuM_ostXIE-4-VEexNmep9zAjjGNITM_PunptpRhm71fFM0x8TkHP7v-U2oBCaQJJTKXfbMjZ1oel7xttymn-fUg8dN_I1MBXuoX6upYDOaCGO4J0hfPKPGuOKzgSWVYasUYRbNG_224AL_9o01DDmUvHXl5iH0hv4Kbx1RL5zP4aUpo_1M07qkQ6GyBU5fEa3KNKgs0lDRrY-bn8ncMnAiuy3UMTiqs5zI-eYTqYhNiFE7DjfNjX1ROuIRuj4beOPzUvWcF0_GnBq3hIe6CfKwcWOMImbMwLldleV8gRbh25wvv0-N69f8T_uh0J2c-qki_eZn7EbVXg3s1oLjC_DOR92MOvBCprUDOSfBmrOTo_akQRjYZhbA4UQxSTcBrbt_WYjQ5S3YLM0_w5p9m_Kn-C3rRYHBbhtpc6wSvPUXJrBiYlsOHpEyEYsu8BzcRUC3_roOjlreXZH7UR_FP05n7y58BsDuhPjSNjabGjAU-RMKfuzkPujn3qvU2fFibJNCLUFEagpQgyFo4G64mcAHWnAVLmYoiwL87oma1Dtfdt8aa6A8p7Xh8LfpYwdBMu-vFbt0yApsisVrDmaPIGr4fTeIHc9rNg6OlYb9hISpShHcK65rg3N78RCSDbGj3JCzSHIayJiwrDOpcnM4OyJBmKACYkPzZX00wr_sLrfPw71lq9Sytwo40U0F5KnCJiV5ZGD1c_35FfRlB7C2M_GAe72rvGmBxgPergXcfV1dpUJwW1qZV2lWj6I-CyQa0w
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CE8F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BZO0QTRUaYca8JdDG7_UPoI6CuAYAAAAAOAHgBAI&bg=!sbKlsvbNAAbOj6irzo87ACkAdvg8WoDsC-Zedrobf-807aOgJQAYHhuYO54i_ojl4NWHHr4mxAT8aAIAAADSUgAAAA5oAQeZAtQLULOdHgE6bPblC6Bv8q9_suPO_gk7J5VcTY5tDO15WhUaVoYk0Tebe_Hfb9kuoXDQ28k-4n50PFox5hPFDH4vkXNQKTDDKSjCBWz61qShgTQa-J21MDGz5uNBMDSSjeKglRnODBc17STJ8PABlOxtTDnhidgkacUn220q0_DMXDui0vO4TzTbWICbOTZV9Tw6jMzuNFxGE3oU78ALK0h-Eedm8gYvSDnRWquvjOHlR1in-vrW5EFl9PwLwa6VidKgZInNiq6v06w58-kSgdQb2mxwuDFkiUJlxA9t-lzhtar3D5xJIgPNZNjzAPDt3OzWr1S5ZiexShU3tt1rJSZh_cId6Eqv6r5wr2Q5j3U_bn1kW-RDOu3jiqbBz6hE70jGtO8XQVMOxCalGEmJbfTtl84612qWd3JYTAu4XhbHxYlAy7wUmfTYQLVmBwZ2sxdc3op-4JGlgQl3Knde2-QqR7IkbGeQl6azmoqC7f0Eyz51TKRPF4eljYw8xGgVZ8rLvOMno8EQnZZNWqbwXAilZRL8GJCFJbI_QbIxalTqViQnZ1YOn5Im_SPXvc4Q0xwbwsWMYNO868nHRRuyNQ17pi0L5Eg60TrtL2rkxj0cd7Y8gfBQa3Rep6ZKL66Ihon7E72dCIyGErR53o1TCYigH2sC-Gul37VwObQEmWk5qQwDeMwu9cTa9DxHKL9Um51SeG05GrlXDP8U0wLUwoeMHrqbIGXw6Tbwy2mWRAe8rKWVlw5k-mreI_xSrVe_8DC2ojuhTWzxWc13xHcr8RwDqB1kcRt7Vb5KbqIV6j9Id66sUu6TUSDcPzQhGnm1Ldjf5B553NBmgqMhHtQ6SN3iv9X7cPM6lwu3YkeoOp61sQ1B2iwc9pNVrKtzrkqpQ4tLZAzvZWrSFGk3boUZsLr5sDAC1LhQC3ju_KdMYbvmMkVp54eKynOWzMwPndBVXVRJD-Ma
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gNlTKBZ5R8AAOiwGb4ScEkJ-hJdRSD5i8Nb9VbYnj7U.js
pagead2.googlesyndication.com/bg/ Frame E418 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gNlTKBZ5R8AAOiwGb4ScEkJ-hJdRSD5i8Nb9VbYnj7U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80d95328167947c0003a2c066f849c12427e849751483e62f0d6fd55b6278fb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 15:52:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
56620
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13306
x-xss-protection
0
last-modified
Tue, 03 Aug 2021 09:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 15 Aug 2022 15:52:02 GMT
container.html
08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8AEF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js?31062246
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://holiday.presslogic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://holiday.presslogic.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Mon, 16 Aug 2021 07:35:41 GMT
expires
Tue, 16 Aug 2022 07:35:41 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame 651C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvM1ufRFzQWy_mwx8TNzyoCh7BhSbMLaXlDaKr_XFs42AeJRR9AzGuAagB0fimjPAIFFK5na0-qmh8ZE4m26qf3o7npTlVaJqpb0MgVruLWeRTs-FttxWzX_pj5hD_2oQZi6vP7v2Wv4pyUCoBi8Uj1uQom4gPC2HCSfksZoYH9DfW2EsJWRwMWdxhMVL5BBEgOeJhs-xI6O8WNr7c5qmfLcJioIkPM5dLZbUn9Q1DJIbXFEKxXspTFEC1f6a_yWk74UbQM0N9r-fcF-1U5qihn6hwGODIbUdl-4ruir-zHX7b-ZSyae2G3PkJdXIPCAQpI-FbDTSl2yKZoA45iAb0_-_CFKS92gchOFjjPGHTahRenrTc_n4A6sq6gmOvrj_fWig&sai=AMfl-YTfSrZmT01_GwivjqGcOSgGRbshbxQ4_N34eqxS1xRe7gLz6q0WN1i10PBQdE7u-FtAH_KsyU8gqAwBcZo_DD-N8vAheQKl7b7hgFQPn6i2IK773RIMRk4c8MhqZKxy&sig=Cg0ArKJSzHuWVzZgZeu4EAE&adurl=
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN (),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 16 Aug 2021 07:35:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/ Frame 651C 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js?31062246
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:30:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
310
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7614
x-xss-protection
0
server
cafe
etag
9899176843389144697
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Aug 2021 07:30:32 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame 651C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js?31062246
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:31:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
268
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Aug 2021 07:31:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 651C 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js?31062246
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
37fbc56848d8a6f47f63521ede0688ab5769b28faecbd34e9fecbfc9e1dcd029
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:42 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1628854326415524"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38195
x-xss-protection
0
expires
Mon, 16 Aug 2021 07:35:42 GMT
l
www.google.com/ads/measurement/ Frame 651C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRbJoTTBcyQRgAkT47_YY1wlHLEzRckJPb-tWJU10A6lFdH_r2UdBEBO-Qlk8Hdc2rPxi-KA27Ps6LU4q4IDAa8FX3t8w
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js?31062246
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
Wave3-Arte_LREC_20210816-Mood_V1.gif
storage.googleapis.com/assets-presslogic/admaterials/ Frame 651C 		118 KB
118 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/assets-presslogic/admaterials/Wave3-Arte_LREC_20210816-Mood_V1.gif
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js?31062246
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
1dbdb430a025a536468a22e7a93984413d120c1e973c62afc780feb85632163b

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:42 GMT
age
0
x-guploader-uploadid
ADPycdvvLROor4Wsz1X5H0H6a9MQsqo3TfbzZUgZ-s-SlS6OTKm1v61jm64etoGXfOcx17j8rZflKStS1sXuAYV_cc2EjggeyQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120635
last-modified
Thu, 12 Aug 2021 09:36:24 GMT
server
UploadServer
etag
"7ad99b75fc379fd6cc7859fbbac346ef"
x-goog-hash
crc32c=LjsMtQ==, md5=etmbdfw3n9bMeFn7usNG7w==
x-goog-generation
1628760984842486
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
120635
accept-ranges
bytes
content-type
image/gif
expires
Mon, 16 Aug 2021 08:35:42 GMT
usync.html
ad.lkqd.net/cookie-sync/ Frame 4EB6 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN (),
Reverse DNS
Software
/
Resource Hash
6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3

Request headers

:method
GET
:authority
ad.lkqd.net
:scheme
https
:path
/cookie-sync/usync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:42 GMT
content-encoding
gzip
content-length
1868
content-type
text/html
last-modified
Thu, 29 Jul 2021 21:50:27 GMT
accept-ranges
bytes
etag
"81f08e6987a7c8675462207e3514d72e"
cache-control
public, max-age=1209600
x-hw
1629099342.cds143.am5.hn,1629099342.cds257.am5.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame 77A3 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1118955&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fholiday.presslogic.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C57736%2C1%2C&c4=&c5=&c6=57736&rnd=68121908&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.108 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
9b715ce2f21edf6de07065ad01134a91663a20229064d3c8f25fd365aeb22ee0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:42 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://holiday.presslogic.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1361
usync.html
ad.lkqd.net/cookie-sync/ Frame C0BD 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN (),
Reverse DNS
Software
/
Resource Hash
6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3

Request headers

:method
GET
:authority
ad.lkqd.net
:scheme
https
:path
/cookie-sync/usync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:42 GMT
content-encoding
gzip
content-length
1868
content-type
text/html
last-modified
Thu, 29 Jul 2021 21:50:27 GMT
accept-ranges
bytes
etag
"81f08e6987a7c8675462207e3514d72e"
cache-control
public, max-age=1209600
x-hw
1629099342.cds143.am5.hn,1629099342.cds257.am5.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame 6D0A 		180 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1118956&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fholiday.presslogic.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C57736%2C1%2C&c4=&c5=&c6=57736&rnd=3580201&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.108 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:42 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://holiday.presslogic.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
150
truncated
/ Frame 651C 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
91bb6446e110aaf95fb682807decc8c52b133df863cd5fffa07f3eb1f9ef47e1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
pixel
googleads.g.doubleclick.net/xbbe/ Frame 2C6F 		640 B
318 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CK-hNBDg0zcYl_-knQEwAQ&v=APEucNVviophhnu2QXyXZVGWKcE9wysyf4RTjypkZIHM59a1OOK8Fkfl_VEq0xYlY3GyqumUReLvWLq-aJLa68MUY5FX_lQdec_67bEQXPtnXqm_hZgWe5GSa7TH7_W8atSpfkqnYsNMc5aXQD27sFqYUg5RXx0exRIY_2wqg8SN2101EVYhTuQ
Requested by
Host: 08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
URL: https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CK-hNBDg0zcYl_-knQEwAQ&v=APEucNVviophhnu2QXyXZVGWKcE9wysyf4RTjypkZIHM59a1OOK8Fkfl_VEq0xYlY3GyqumUReLvWLq-aJLa68MUY5FX_lQdec_67bEQXPtnXqm_hZgWe5GSa7TH7_W8atSpfkqnYsNMc5aXQD27sFqYUg5RXx0exRIY_2wqg8SN2101EVYhTuQ
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnRn5BflH__RB6AYBIjBrZoQ5E3csSCR854CmVP14JPAputkI7iROsBNWWiMCU; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 16 Aug 2021 07:35:42 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 16 Aug 2021 07:35:42 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 8AEF 		65 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ddo0t4FA5rDQfoHpKPZtKWfQbzchtT1T2dyao3d8Wfh6EA-hY9z_S2Cp98nTVutY2JXbq54nTZW_u85dt75gZNdT4Z6huuALk0dSmfXQkQ3tM-GJlmKsqfazXo70rMyzkL2f0H2nRRHdjUOYJS42Nmu7wtBw&dbm_d=AKAmf-ALRoV5yq1C2ifiKV4pztez8Jq-iz-ZCZDOiotqEU4648R3Vk22wnp-MpZzeeqY2yBN0JCVgdaHL7cnVtnuQ9dKooOhzYTOre5zOrTPWjIBk9MdBZGZms5qxQZymloEy9r0gLHmDhX3cOCdwFWkQVgsULx-AYirX3FS3ubdy3IzoaLE-fTCNCgPgKIWDykZsXi8t7wBpf3_YkxhuoGEbcQSkFvCtaPYBHy1m13WsioeiTiU50KoQz2o7pHtei6DfQ8r60_FM0sMUM4094usyrI-Kb2I0r7LhQuhFqkdN81HG-JvBFqn-zqv2_4B2Ph4AUqtD4lGSrV4g_UEt2-PTLstOFzSp4CDR5uIlSwRAPyIjLQGfXES8nleJjMdGWIHZDmIWgVPQZED54XWJIfF2RM3bHmD8WBxtA2bOjmuuqrtD_33ZFQk3uNiEKDNj1hb0vp6bXj5Lguhtrt7abLUogqG9XVsSwMiPpfy5eP4L0Y5xPvDEBHc1rdpVE4R2hNXRPkZ3dbfK1fB9mLshO4PMdJ4tZ0gumC5EMmvJvZ-P61dL6pYw8fSat1LtEOCKNz606DqGN0vvnbZ8KoOIX3CvtsVfxzkmXCd00mM-EdcQKiywANPsS_o2Z5CkatT1D-DpuLxuffCiFuZDPUPPUrskk7m0LugMyKs0Y21_CdADeT8UnA6Sx12BWDZgkHTzvXezzLBs7L4ZJjTb2OKPWWF5dQDYoiwPUmr7i7KiUD5vcClbU2Rkn_BGcIfiS4_HBo882rEqlzyBoKYommBJHU9-Ps0lbtw5zXOwsphY0H-Dwwao132r4clBXpSMOYbwsuYBmKA9nFMFhQWUz4sSmXQKean_9aeisLzwcV0dyDN1elzMRij7huIxLJcfiN4WDRbYzoslNWCtzO86MWnlXu8ypphHx9KPAjM0pD1lkk_mS79oZtI6EDg8H2hXmDyEP2EDMh-offxSAZq8RfoJBk-ec1WegvMF5JzmetQ83wqEuzBIhqyhwHxZFS0dXRtc5Dwioi69e6TvjOfiQn3Ks2zccCJ4lN5eU8oRQRGI-62p7rmzTi3-whJJUrCEwG5Xgeq4ElNftxP1sc752icG3uFOAfA09IUWaNkjk41GxZyk7JLPBUxUN0V-73hJlBHosZ42PASlDG1NDW2DMGEVVf-wo2ROaUpL17jzSyDL7xT0SiAjYaerpxAaCJNwMJZ2jDiTBAxfzgE32eG3KFkKNuno5esjSw-5zAUv7a82pCa7QJ1Dl_GLUpN9ggyZxy24RXVQVOP-Al5IaYV08l-FCHMpg2nFh7cx8CRFKAjpb9u4PLHkCq8HLRtTucYPzHEnrY-ArglyNGqMFQ2UVLqNrtSuRtujJ-2eLzSlzuDnTuecsdCMrH00zloUCfShgi54NDpzKHPOZ_1PmIbAxnYEawpxQckqvHvYgj5F5pHxeDiD2kotf7s9iiSVii77Stx-GxOMYbUqO4P4vdCHui0q0YD8NqJA5PWXcZcLEweh0SRptRcSzUFkWAexsLDQjINF1PRAgY-MK68Y60pQ7rbozKDutcsbgxUgvck4Bxbumf61m2iXLEAPw9GkCTuh3YYbiCBANeoKEHr3bJ-UWDSR_STFyY2XUYdC7paC310blIElK_Hwlz98fsrBpo8rALfkZgXF8waLm4nuRPWzWeVk83PjEm1xvfHX0v0wo627TXY4BKPlRlCh94UKYS5o0rLXLs43TSUL9gCpEtMzA5G_Tr7TDNHYPXIx_qml3Tys72cR06zt8feuXfekaekLGh7sU0E6-cK1LlNY9cT56Wg3F2cuzaQTznx1wwMFtTF6wqjvIW7fpTGExZxCrP0X3BRHaBqrzwC0rVEidjXbanKGMTuMWo3c5nRTiqBqXOneqqCKrLQ3hzB-F47_z-n4EE-AWk5pcmS0euEjWz1J9BnASLa6H1nyH2UeLeU5mwhZGIdqaxyBJF5yC3NX6VZLLoLoyPwk_sIE2Y5tZhDM8GUxkcC_KvfnR5iqp2hAet9N17o0VH2oV0ypUhwpSI-AzVtH9SW5Qt_63jF4XWyJdWzVoUYx4Cm36NHs034u8fw2_Z3zQiIzeGpZwX-wXmAmtswAiZPbOu3qowfivSEpCkkiSBel6sy89EuGtR0eYx4RiTy0DYED4vQhhgyK_mXy5jVcx16qO1RMXcLvfQMR-8aN9KO7kUYNuah3pV4F02NpicLBpm7w58atcaLVqliYSXdmt5k_TuEfefFH2PP4VpFfmZbgWJKPYvdBxlkTj7K9NkwiuYi7ZI39FrBXRGOz9oU7j-f25JtIAmdN0cgIqxkCsvUJqZAuNj92H1f3uFL27YEsuDKs6Bi-hLCWPCJ4DnuM-j-sVOfZ9ey5wqXSp8aJveFe0CA7wDJ_RiSl-eXov7Wjn-R7Qvz_0IiCd9xSAUVUtHPsH6I2mcfhKRRzLgokOgerly92K9jo4W9QLh9j0zJeb7k3RrztE3eXNpJfRomwxnbVPrr0Bgp4kaT8lwPoG45Cv-G4APNwpUAkp6IaoujA7IhSNDFlP-GShjU0dDJ_DbVV7Y2DKsgQnp56BbenPIu8iOqceWF_FFckMutuNmyOT8nqQpR_ET8SYE8VsfcAb4EExqa_UdqkmxpnPaLNXj9vgJw-TKZ-m2n955GfmDVQItgqgN9UcCkrUBefODJ5NuQE5uacVwNhXP5k1jUwmfOmWcoHbHmZhWQCmjmciEmSFKyPIPIHB2ZsJHmV-E3jqRw5vAiuo34tYDMdrDAbeja2EXtnzudnP8CIjILOOfCrCECfmIkFpLFrX9WPRM0KWKTI0Qs-glMC7IFvDvFQUhy_fgrSScDH0XhHcCU8jpANo8QTckKLeTMu-UCJsLJJ2OQlQ4wVnv1Upy2Ylw9tM1StNeqKp7WXEYJI1h30W7jn1CibXxOrX8Qju59HRaAI5qfZRV0ptusQfbXyw72wcuPNAiTZtJpvwPReVNCPemj2ofJCbzuquIMtuQxYRiGakiSYaiYU3XKNtD1UAWkcOhxr8Owkvokz9IH36wiI0gYok9kNr52BjeSHvgHmkN1yf4K4_Yz9OmVcGvkjdA-ehp_bgaZb3FYKuS3bD-Zn7j9gcNhMWFLOswz0o4U6cD5RKTFX6bO6vGUZFKdhTXc0f2PoVtfZiclDPaVspMHITR9FkNnk6H8H8lqPx2Fq6eQAa7Fwzw95vQl&cid=CAASFeRoEn1xvc4_iQpqQeyPfmd47DI4Tg&rfl=1%2Chttps%253A%252F%252Fholiday.presslogic.com%252F%240
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b553ff5b6a9ee1030c38227841672191ac02da3a546d2587347b76c8d27c1a9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25992
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8AEF 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CxWw4sg9bGaep_1Ga0AirDo4X5AyLEAswMbN4wnEfiXjtl5XqEMpo4pohiIZFsBKIzz74lyyKg_A_u9-225J_jlgk5yvgRwp7M21gSsSOdD5kbLBA
Requested by
Host: 08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
URL: https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame 8AEF 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/window_focus_fy2019.js
Requested by
Host: 08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
URL: https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:31:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
268
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Aug 2021 07:31:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8AEF 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
URL: https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
37fbc56848d8a6f47f63521ede0688ab5769b28faecbd34e9fecbfc9e1dcd029
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:42 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1628854326415524"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38195
x-xss-protection
0
expires
Mon, 16 Aug 2021 07:35:42 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame 8AEF 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
URL: https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:32:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
170
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6204
x-xss-protection
0
server
cafe
etag
11055049251678278959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Aug 2021 07:32:52 GMT
l
www.google.com/ads/measurement/ Frame 8AEF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTjZ2KFxJBwVQAHG0LGFiPbu7RRVZdhmbXu8pPCaLNuzM_Nc-mjRbUcn5jBYTsovOPamR4dBlIX-2Y68dH_0mVmC57aqQ
Requested by
Host: 08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
URL: https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
request.php
hal900014.redintelligence.net/ Frame F112
Redirect Chain
  • https://hal900014.redintelligence.net/request.php?zone=mu72dqmlk6df&nw=20&renderingType=javascript&namespace=3cfb5bddb0&subid=&uid=4b0084cbf4cff7b1&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900014.redintelligence.net/request.php?zone=mu72dqmlk6df&nw=20&renderingType=javascript&namespace=3cfb5bddb0&subid=&uid=4b0084cbf4cff7b1&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900014.redintelligence.net/request.php?zone=mu72dqmlk6df&nw=20&renderingType=javascript&namespace=3cfb5bddb0&subid=&uid=4b0084cbf4cff7b1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZWOOTRUaYayVH-mL7_UP1IWi6AbisNzwX6v77-n3DPAuEAEg75PENGCRhICAjBjIAQmpAkjW9MUDyrM-qAMBqgTuAU_QDVmfZ4kXUv-RDHIywYC5WE7abWV6P5qI9UlZewQpRTtZ8Fgfqqt7FtqOdFhwS0dr11Pe2zhHl0bsm4reg7WMND_jMCAzHNcX6Ox_3FhWWkUn5QbBYNBALnZ9gapjt-mstVivgKY4J9Z2WZWEQaD4Ow_W_yG35qfILuxj2ryxoQqfLLfVkRc2lW4E56mjmgCoEDH3KII-f80b_SZVt0inBCyNz_zZZDEZZK2hY38nJQwq4JAGGoGY53YiPEphZkas3MgRTcrDMpCoLe8TzVI3Wv7M55kYWbzsdhggQakIdZ9A-GquU2uECRAnudTABNvzvffUAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG6gHqpuxAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAaIMCCoGCgT4nrECsBOX5bIK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRomKFtfVCnDtVUN80UhjBoQqK1NQ%26sig%3DAOD64_0u_ie63OUUEOnySipquqEzo8kcVA%26client%3Dca-pub-9582422795991114%26dbm_c%3DAKAmf-DBYdjGIdyV9xHQfcj7kPafGsmhPrmd0qFUS1Aks9hYQvfJrlhXPyqHRKpv0QPn3u-BEXKPaoxUqnp_WnP7ukrrAT0EvpX3yaA1Ymc3NUjiCEFB4qedvEGFpiuMUIYKZqGlfuZw0-nxGrGy0dhKnENEMOKoEQ%26cry%3D1%26dbm_d%3DAKAmf-Bh2oaa9hAw85EnZi17mwbfjO9I6Kx2LX7mOIqBTL4bCD8yuNvX9n3_xQsERIyZaufu-3mUj_zxRl_AyklSpeCsS7N4CukXh3-wHXBmL983U9gucojJrVWrQMlXbk1SVZPYlfukYl1bK5CDGO8bPbABB9i6HfmjnKlefdWDbR0Rxjp22Gv_FSRORYDqIwYwyJ951kQtzcJX3ch9ru4R5BOI6oB5lZrA6QNYitzEGrQhzThpHbU05x3MuRQva5rctTdFRi1gQ9Mp5JO29l8ML1JSYbJX8BlxhluiS4qiDZebv8J231Je8bXcb2GUthZ_dGoucgAgD8Z2oaNC8tZVsJAF7krMZpB-9Q3fLOszvrdzgLU94aiqui_SZyCuk3ITaJBzRsGxDLEYBWVly8cwZVa0lzATVbSZXUOVh1wUfILIpFLlbTB6ayqmOHtkC7goevhli9com7n2778cCidUfS0dX2FEIA%26adurl%3D&documentReferer=https%3A%2F%2Fholiday.presslogic.com%2F&ancestorOrigins=https%3A%2F%2Fholiday.presslogic.com&random=9173316112338&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
URL: https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.26.250 , Germany, ASN (),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
3ae447f22175635e4c9b6e89b1efa8b5bef4c04757b26c1486ba8428fb14f800

Request headers

Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16 Aug 2021 07:35:42 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
35543200047231900719594011688014
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
954
Expires
Mon, 16 Aug 2021 08:35:42 +0200

Redirect headers

Pragma
no-cache
Date
Mon, 16 Aug 2021 07:35:42 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=mu72dqmlk6df&nw=20&renderingType=javascript&namespace=3cfb5bddb0&subid=&uid=4b0084cbf4cff7b1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZWOOTRUaYayVH-mL7_UP1IWi6AbisNzwX6v77-n3DPAuEAEg75PENGCRhICAjBjIAQmpAkjW9MUDyrM-qAMBqgTuAU_QDVmfZ4kXUv-RDHIywYC5WE7abWV6P5qI9UlZewQpRTtZ8Fgfqqt7FtqOdFhwS0dr11Pe2zhHl0bsm4reg7WMND_jMCAzHNcX6Ox_3FhWWkUn5QbBYNBALnZ9gapjt-mstVivgKY4J9Z2WZWEQaD4Ow_W_yG35qfILuxj2ryxoQqfLLfVkRc2lW4E56mjmgCoEDH3KII-f80b_SZVt0inBCyNz_zZZDEZZK2hY38nJQwq4JAGGoGY53YiPEphZkas3MgRTcrDMpCoLe8TzVI3Wv7M55kYWbzsdhggQakIdZ9A-GquU2uECRAnudTABNvzvffUAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG6gHqpuxAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAaIMCCoGCgT4nrECsBOX5bIK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRomKFtfVCnDtVUN80UhjBoQqK1NQ%26sig%3DAOD64_0u_ie63OUUEOnySipquqEzo8kcVA%26client%3Dca-pub-9582422795991114%26dbm_c%3DAKAmf-DBYdjGIdyV9xHQfcj7kPafGsmhPrmd0qFUS1Aks9hYQvfJrlhXPyqHRKpv0QPn3u-BEXKPaoxUqnp_WnP7ukrrAT0EvpX3yaA1Ymc3NUjiCEFB4qedvEGFpiuMUIYKZqGlfuZw0-nxGrGy0dhKnENEMOKoEQ%26cry%3D1%26dbm_d%3DAKAmf-Bh2oaa9hAw85EnZi17mwbfjO9I6Kx2LX7mOIqBTL4bCD8yuNvX9n3_xQsERIyZaufu-3mUj_zxRl_AyklSpeCsS7N4CukXh3-wHXBmL983U9gucojJrVWrQMlXbk1SVZPYlfukYl1bK5CDGO8bPbABB9i6HfmjnKlefdWDbR0Rxjp22Gv_FSRORYDqIwYwyJ951kQtzcJX3ch9ru4R5BOI6oB5lZrA6QNYitzEGrQhzThpHbU05x3MuRQva5rctTdFRi1gQ9Mp5JO29l8ML1JSYbJX8BlxhluiS4qiDZebv8J231Je8bXcb2GUthZ_dGoucgAgD8Z2oaNC8tZVsJAF7krMZpB-9Q3fLOszvrdzgLU94aiqui_SZyCuk3ITaJBzRsGxDLEYBWVly8cwZVa0lzATVbSZXUOVh1wUfILIpFLlbTB6ayqmOHtkC7goevhli9com7n2778cCidUfS0dX2FEIA%26adurl%3D&documentReferer=https%3A%2F%2Fholiday.presslogic.com%2F&ancestorOrigins=https%3A%2F%2Fholiday.presslogic.com&random=9173316112338&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Mon, 16 Aug 2021 08:35:42 +0200
cs
cs.lkqd.net/ Frame 4EB6 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.161 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:42 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 4EB6 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.161 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:42 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 4EB6 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.161 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:42 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 4EB6 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.161 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:42 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 4EB6
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8339154403167957530
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8339154403167957530
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.161 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:42 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8339154403167957530
pragma
no-cache
date
Mon, 16 Aug 2021 07:35:41 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 2C6F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECbciOLWR558kN_bKIDZCrY&google_cver=1
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESECbciOLWR558kN_bKIDZCrY&google_cver=1
43 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESECbciOLWR558kN_bKIDZCrY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK-hNBDg0zcYl_-knQEwAQ&v=APEucNVviophhnu2QXyXZVGWKcE9wysyf4RTjypkZIHM59a1OOK8Fkfl_VEq0xYlY3GyqumUReLvWLq-aJLa68MUY5FX_lQdec_67bEQXPtnXqm_hZgWe5GSa7TH7_W8atSpfkqnYsNMc5aXQD27sFqYUg5RXx0exRIY_2wqg8SN2101EVYhTuQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN (),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.213.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:42 GMT
via
1.1 google
server
OXGW/16.213.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESECbciOLWR558kN_bKIDZCrY&google_cver=1
date
Mon, 16 Aug 2021 07:35:42 GMT
via
1.1 google
server
OXGW/16.213.0
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
pixel
cm.g.doubleclick.net/ Frame 2C6F
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MGUzOWM0YmQtNTdlMy0yNjVhLWQwOTItOWEzYjU4ZjMwNGZi
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MGUzOWM0YmQtNTdlMy0yNjVhLWQwOTItOWEzYjU4ZjMwNGZi
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK-hNBDg0zcYl_-knQEwAQ&v=APEucNVviophhnu2QXyXZVGWKcE9wysyf4RTjypkZIHM59a1OOK8Fkfl_VEq0xYlY3GyqumUReLvWLq-aJLa68MUY5FX_lQdec_67bEQXPtnXqm_hZgWe5GSa7TH7_W8atSpfkqnYsNMc5aXQD27sFqYUg5RXx0exRIY_2wqg8SN2101EVYhTuQ
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN (),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 16 Aug 2021 07:35:42 GMT
content-encoding
gzip
server
OXGW/16.213.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MGUzOWM0YmQtNTdlMy0yNjVhLWQwOTItOWEzYjU4ZjMwNGZi
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame 2C6F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEA337EiWLw3qz0YA1UNgQS0&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEA337EiWLw3qz0YA1UNgQS0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK-hNBDg0zcYl_-knQEwAQ&v=APEucNVviophhnu2QXyXZVGWKcE9wysyf4RTjypkZIHM59a1OOK8Fkfl_VEq0xYlY3GyqumUReLvWLq-aJLa68MUY5FX_lQdec_67bEQXPtnXqm_hZgWe5GSa7TH7_W8atSpfkqnYsNMc5aXQD27sFqYUg5RXx0exRIY_2wqg8SN2101EVYhTuQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.88.106 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a184-31-88-106.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.3 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:42 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 16 Aug 2021 07:35:42 GMT
server
akka-http/10.2.3
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEA337EiWLw3qz0YA1UNgQS0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 2C6F 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK-hNBDg0zcYl_-knQEwAQ&v=APEucNVviophhnu2QXyXZVGWKcE9wysyf4RTjypkZIHM59a1OOK8Fkfl_VEq0xYlY3GyqumUReLvWLq-aJLa68MUY5FX_lQdec_67bEQXPtnXqm_hZgWe5GSa7TH7_W8atSpfkqnYsNMc5aXQD27sFqYUg5RXx0exRIY_2wqg8SN2101EVYhTuQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.88.106 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a184-31-88-106.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.3 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:42 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 16 Aug 2021 07:35:42 GMT
server
akka-http/10.2.3
content-length
23
content-type
image/gif
cs
cs.lkqd.net/ Frame C0BD 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.161 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:42 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame C0BD 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.161 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:42 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame C0BD 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.161 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:42 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame C0BD 		43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.161 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:42 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame C0BD
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8122981621054173722
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8122981621054173722
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.161 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:42 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8122981621054173722
pragma
no-cache
date
Mon, 16 Aug 2021 07:35:41 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
html_inpage_rendering_lib_200_273.js
s0.2mdn.net/879366/ Frame 8AEF 		169 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
2cff7ab03cb4e476b49ea05511c6cfcc71af6d5ed20d40e9b40ee31062149e77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 09:43:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78711
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59842
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:49 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 16 Aug 2021 09:43:51 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210809/r20110914/elements/html/ Frame 8AEF 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210809/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ddo0t4FA5rDQfoHpKPZtKWfQbzchtT1T2dyao3d8Wfh6EA-hY9z_S2Cp98nTVutY2JXbq54nTZW_u85dt75gZNdT4Z6huuALk0dSmfXQkQ3tM-GJlmKsqfazXo70rMyzkL2f0H2nRRHdjUOYJS42Nmu7wtBw&dbm_d=AKAmf-ALRoV5yq1C2ifiKV4pztez8Jq-iz-ZCZDOiotqEU4648R3Vk22wnp-MpZzeeqY2yBN0JCVgdaHL7cnVtnuQ9dKooOhzYTOre5zOrTPWjIBk9MdBZGZms5qxQZymloEy9r0gLHmDhX3cOCdwFWkQVgsULx-AYirX3FS3ubdy3IzoaLE-fTCNCgPgKIWDykZsXi8t7wBpf3_YkxhuoGEbcQSkFvCtaPYBHy1m13WsioeiTiU50KoQz2o7pHtei6DfQ8r60_FM0sMUM4094usyrI-Kb2I0r7LhQuhFqkdN81HG-JvBFqn-zqv2_4B2Ph4AUqtD4lGSrV4g_UEt2-PTLstOFzSp4CDR5uIlSwRAPyIjLQGfXES8nleJjMdGWIHZDmIWgVPQZED54XWJIfF2RM3bHmD8WBxtA2bOjmuuqrtD_33ZFQk3uNiEKDNj1hb0vp6bXj5Lguhtrt7abLUogqG9XVsSwMiPpfy5eP4L0Y5xPvDEBHc1rdpVE4R2hNXRPkZ3dbfK1fB9mLshO4PMdJ4tZ0gumC5EMmvJvZ-P61dL6pYw8fSat1LtEOCKNz606DqGN0vvnbZ8KoOIX3CvtsVfxzkmXCd00mM-EdcQKiywANPsS_o2Z5CkatT1D-DpuLxuffCiFuZDPUPPUrskk7m0LugMyKs0Y21_CdADeT8UnA6Sx12BWDZgkHTzvXezzLBs7L4ZJjTb2OKPWWF5dQDYoiwPUmr7i7KiUD5vcClbU2Rkn_BGcIfiS4_HBo882rEqlzyBoKYommBJHU9-Ps0lbtw5zXOwsphY0H-Dwwao132r4clBXpSMOYbwsuYBmKA9nFMFhQWUz4sSmXQKean_9aeisLzwcV0dyDN1elzMRij7huIxLJcfiN4WDRbYzoslNWCtzO86MWnlXu8ypphHx9KPAjM0pD1lkk_mS79oZtI6EDg8H2hXmDyEP2EDMh-offxSAZq8RfoJBk-ec1WegvMF5JzmetQ83wqEuzBIhqyhwHxZFS0dXRtc5Dwioi69e6TvjOfiQn3Ks2zccCJ4lN5eU8oRQRGI-62p7rmzTi3-whJJUrCEwG5Xgeq4ElNftxP1sc752icG3uFOAfA09IUWaNkjk41GxZyk7JLPBUxUN0V-73hJlBHosZ42PASlDG1NDW2DMGEVVf-wo2ROaUpL17jzSyDL7xT0SiAjYaerpxAaCJNwMJZ2jDiTBAxfzgE32eG3KFkKNuno5esjSw-5zAUv7a82pCa7QJ1Dl_GLUpN9ggyZxy24RXVQVOP-Al5IaYV08l-FCHMpg2nFh7cx8CRFKAjpb9u4PLHkCq8HLRtTucYPzHEnrY-ArglyNGqMFQ2UVLqNrtSuRtujJ-2eLzSlzuDnTuecsdCMrH00zloUCfShgi54NDpzKHPOZ_1PmIbAxnYEawpxQckqvHvYgj5F5pHxeDiD2kotf7s9iiSVii77Stx-GxOMYbUqO4P4vdCHui0q0YD8NqJA5PWXcZcLEweh0SRptRcSzUFkWAexsLDQjINF1PRAgY-MK68Y60pQ7rbozKDutcsbgxUgvck4Bxbumf61m2iXLEAPw9GkCTuh3YYbiCBANeoKEHr3bJ-UWDSR_STFyY2XUYdC7paC310blIElK_Hwlz98fsrBpo8rALfkZgXF8waLm4nuRPWzWeVk83PjEm1xvfHX0v0wo627TXY4BKPlRlCh94UKYS5o0rLXLs43TSUL9gCpEtMzA5G_Tr7TDNHYPXIx_qml3Tys72cR06zt8feuXfekaekLGh7sU0E6-cK1LlNY9cT56Wg3F2cuzaQTznx1wwMFtTF6wqjvIW7fpTGExZxCrP0X3BRHaBqrzwC0rVEidjXbanKGMTuMWo3c5nRTiqBqXOneqqCKrLQ3hzB-F47_z-n4EE-AWk5pcmS0euEjWz1J9BnASLa6H1nyH2UeLeU5mwhZGIdqaxyBJF5yC3NX6VZLLoLoyPwk_sIE2Y5tZhDM8GUxkcC_KvfnR5iqp2hAet9N17o0VH2oV0ypUhwpSI-AzVtH9SW5Qt_63jF4XWyJdWzVoUYx4Cm36NHs034u8fw2_Z3zQiIzeGpZwX-wXmAmtswAiZPbOu3qowfivSEpCkkiSBel6sy89EuGtR0eYx4RiTy0DYED4vQhhgyK_mXy5jVcx16qO1RMXcLvfQMR-8aN9KO7kUYNuah3pV4F02NpicLBpm7w58atcaLVqliYSXdmt5k_TuEfefFH2PP4VpFfmZbgWJKPYvdBxlkTj7K9NkwiuYi7ZI39FrBXRGOz9oU7j-f25JtIAmdN0cgIqxkCsvUJqZAuNj92H1f3uFL27YEsuDKs6Bi-hLCWPCJ4DnuM-j-sVOfZ9ey5wqXSp8aJveFe0CA7wDJ_RiSl-eXov7Wjn-R7Qvz_0IiCd9xSAUVUtHPsH6I2mcfhKRRzLgokOgerly92K9jo4W9QLh9j0zJeb7k3RrztE3eXNpJfRomwxnbVPrr0Bgp4kaT8lwPoG45Cv-G4APNwpUAkp6IaoujA7IhSNDFlP-GShjU0dDJ_DbVV7Y2DKsgQnp56BbenPIu8iOqceWF_FFckMutuNmyOT8nqQpR_ET8SYE8VsfcAb4EExqa_UdqkmxpnPaLNXj9vgJw-TKZ-m2n955GfmDVQItgqgN9UcCkrUBefODJ5NuQE5uacVwNhXP5k1jUwmfOmWcoHbHmZhWQCmjmciEmSFKyPIPIHB2ZsJHmV-E3jqRw5vAiuo34tYDMdrDAbeja2EXtnzudnP8CIjILOOfCrCECfmIkFpLFrX9WPRM0KWKTI0Qs-glMC7IFvDvFQUhy_fgrSScDH0XhHcCU8jpANo8QTckKLeTMu-UCJsLJJ2OQlQ4wVnv1Upy2Ylw9tM1StNeqKp7WXEYJI1h30W7jn1CibXxOrX8Qju59HRaAI5qfZRV0ptusQfbXyw72wcuPNAiTZtJpvwPReVNCPemj2ofJCbzuquIMtuQxYRiGakiSYaiYU3XKNtD1UAWkcOhxr8Owkvokz9IH36wiI0gYok9kNr52BjeSHvgHmkN1yf4K4_Yz9OmVcGvkjdA-ehp_bgaZb3FYKuS3bD-Zn7j9gcNhMWFLOswz0o4U6cD5RKTFX6bO6vGUZFKdhTXc0f2PoVtfZiclDPaVspMHITR9FkNnk6H8H8lqPx2Fq6eQAa7Fwzw95vQl&cid=CAASFeRoEn1xvc4_iQpqQeyPfmd47DI4Tg&rfl=1%2Chttps%253A%252F%252Fholiday.presslogic.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:32:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
198
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Aug 2021 07:32:24 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210809/r20110914/ Frame 8AEF 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210809/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ddo0t4FA5rDQfoHpKPZtKWfQbzchtT1T2dyao3d8Wfh6EA-hY9z_S2Cp98nTVutY2JXbq54nTZW_u85dt75gZNdT4Z6huuALk0dSmfXQkQ3tM-GJlmKsqfazXo70rMyzkL2f0H2nRRHdjUOYJS42Nmu7wtBw&dbm_d=AKAmf-ALRoV5yq1C2ifiKV4pztez8Jq-iz-ZCZDOiotqEU4648R3Vk22wnp-MpZzeeqY2yBN0JCVgdaHL7cnVtnuQ9dKooOhzYTOre5zOrTPWjIBk9MdBZGZms5qxQZymloEy9r0gLHmDhX3cOCdwFWkQVgsULx-AYirX3FS3ubdy3IzoaLE-fTCNCgPgKIWDykZsXi8t7wBpf3_YkxhuoGEbcQSkFvCtaPYBHy1m13WsioeiTiU50KoQz2o7pHtei6DfQ8r60_FM0sMUM4094usyrI-Kb2I0r7LhQuhFqkdN81HG-JvBFqn-zqv2_4B2Ph4AUqtD4lGSrV4g_UEt2-PTLstOFzSp4CDR5uIlSwRAPyIjLQGfXES8nleJjMdGWIHZDmIWgVPQZED54XWJIfF2RM3bHmD8WBxtA2bOjmuuqrtD_33ZFQk3uNiEKDNj1hb0vp6bXj5Lguhtrt7abLUogqG9XVsSwMiPpfy5eP4L0Y5xPvDEBHc1rdpVE4R2hNXRPkZ3dbfK1fB9mLshO4PMdJ4tZ0gumC5EMmvJvZ-P61dL6pYw8fSat1LtEOCKNz606DqGN0vvnbZ8KoOIX3CvtsVfxzkmXCd00mM-EdcQKiywANPsS_o2Z5CkatT1D-DpuLxuffCiFuZDPUPPUrskk7m0LugMyKs0Y21_CdADeT8UnA6Sx12BWDZgkHTzvXezzLBs7L4ZJjTb2OKPWWF5dQDYoiwPUmr7i7KiUD5vcClbU2Rkn_BGcIfiS4_HBo882rEqlzyBoKYommBJHU9-Ps0lbtw5zXOwsphY0H-Dwwao132r4clBXpSMOYbwsuYBmKA9nFMFhQWUz4sSmXQKean_9aeisLzwcV0dyDN1elzMRij7huIxLJcfiN4WDRbYzoslNWCtzO86MWnlXu8ypphHx9KPAjM0pD1lkk_mS79oZtI6EDg8H2hXmDyEP2EDMh-offxSAZq8RfoJBk-ec1WegvMF5JzmetQ83wqEuzBIhqyhwHxZFS0dXRtc5Dwioi69e6TvjOfiQn3Ks2zccCJ4lN5eU8oRQRGI-62p7rmzTi3-whJJUrCEwG5Xgeq4ElNftxP1sc752icG3uFOAfA09IUWaNkjk41GxZyk7JLPBUxUN0V-73hJlBHosZ42PASlDG1NDW2DMGEVVf-wo2ROaUpL17jzSyDL7xT0SiAjYaerpxAaCJNwMJZ2jDiTBAxfzgE32eG3KFkKNuno5esjSw-5zAUv7a82pCa7QJ1Dl_GLUpN9ggyZxy24RXVQVOP-Al5IaYV08l-FCHMpg2nFh7cx8CRFKAjpb9u4PLHkCq8HLRtTucYPzHEnrY-ArglyNGqMFQ2UVLqNrtSuRtujJ-2eLzSlzuDnTuecsdCMrH00zloUCfShgi54NDpzKHPOZ_1PmIbAxnYEawpxQckqvHvYgj5F5pHxeDiD2kotf7s9iiSVii77Stx-GxOMYbUqO4P4vdCHui0q0YD8NqJA5PWXcZcLEweh0SRptRcSzUFkWAexsLDQjINF1PRAgY-MK68Y60pQ7rbozKDutcsbgxUgvck4Bxbumf61m2iXLEAPw9GkCTuh3YYbiCBANeoKEHr3bJ-UWDSR_STFyY2XUYdC7paC310blIElK_Hwlz98fsrBpo8rALfkZgXF8waLm4nuRPWzWeVk83PjEm1xvfHX0v0wo627TXY4BKPlRlCh94UKYS5o0rLXLs43TSUL9gCpEtMzA5G_Tr7TDNHYPXIx_qml3Tys72cR06zt8feuXfekaekLGh7sU0E6-cK1LlNY9cT56Wg3F2cuzaQTznx1wwMFtTF6wqjvIW7fpTGExZxCrP0X3BRHaBqrzwC0rVEidjXbanKGMTuMWo3c5nRTiqBqXOneqqCKrLQ3hzB-F47_z-n4EE-AWk5pcmS0euEjWz1J9BnASLa6H1nyH2UeLeU5mwhZGIdqaxyBJF5yC3NX6VZLLoLoyPwk_sIE2Y5tZhDM8GUxkcC_KvfnR5iqp2hAet9N17o0VH2oV0ypUhwpSI-AzVtH9SW5Qt_63jF4XWyJdWzVoUYx4Cm36NHs034u8fw2_Z3zQiIzeGpZwX-wXmAmtswAiZPbOu3qowfivSEpCkkiSBel6sy89EuGtR0eYx4RiTy0DYED4vQhhgyK_mXy5jVcx16qO1RMXcLvfQMR-8aN9KO7kUYNuah3pV4F02NpicLBpm7w58atcaLVqliYSXdmt5k_TuEfefFH2PP4VpFfmZbgWJKPYvdBxlkTj7K9NkwiuYi7ZI39FrBXRGOz9oU7j-f25JtIAmdN0cgIqxkCsvUJqZAuNj92H1f3uFL27YEsuDKs6Bi-hLCWPCJ4DnuM-j-sVOfZ9ey5wqXSp8aJveFe0CA7wDJ_RiSl-eXov7Wjn-R7Qvz_0IiCd9xSAUVUtHPsH6I2mcfhKRRzLgokOgerly92K9jo4W9QLh9j0zJeb7k3RrztE3eXNpJfRomwxnbVPrr0Bgp4kaT8lwPoG45Cv-G4APNwpUAkp6IaoujA7IhSNDFlP-GShjU0dDJ_DbVV7Y2DKsgQnp56BbenPIu8iOqceWF_FFckMutuNmyOT8nqQpR_ET8SYE8VsfcAb4EExqa_UdqkmxpnPaLNXj9vgJw-TKZ-m2n955GfmDVQItgqgN9UcCkrUBefODJ5NuQE5uacVwNhXP5k1jUwmfOmWcoHbHmZhWQCmjmciEmSFKyPIPIHB2ZsJHmV-E3jqRw5vAiuo34tYDMdrDAbeja2EXtnzudnP8CIjILOOfCrCECfmIkFpLFrX9WPRM0KWKTI0Qs-glMC7IFvDvFQUhy_fgrSScDH0XhHcCU8jpANo8QTckKLeTMu-UCJsLJJ2OQlQ4wVnv1Upy2Ylw9tM1StNeqKp7WXEYJI1h30W7jn1CibXxOrX8Qju59HRaAI5qfZRV0ptusQfbXyw72wcuPNAiTZtJpvwPReVNCPemj2ofJCbzuquIMtuQxYRiGakiSYaiYU3XKNtD1UAWkcOhxr8Owkvokz9IH36wiI0gYok9kNr52BjeSHvgHmkN1yf4K4_Yz9OmVcGvkjdA-ehp_bgaZb3FYKuS3bD-Zn7j9gcNhMWFLOswz0o4U6cD5RKTFX6bO6vGUZFKdhTXc0f2PoVtfZiclDPaVspMHITR9FkNnk6H8H8lqPx2Fq6eQAa7Fwzw95vQl&cid=CAASFeRoEn1xvc4_iQpqQeyPfmd47DI4Tg&rfl=1%2Chttps%253A%252F%252Fholiday.presslogic.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f9da31cabd7ad9f32c9a2c18ce1838a6eaeeca9fbf55995a3e5a2abb2aface6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:30:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
309
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9343
x-xss-protection
0
server
cafe
etag
12459758733850244510
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Aug 2021 07:30:33 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 8AEF 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
URL: https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 17:07:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
224871
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 Aug 2022 17:07:51 GMT
truncated
/ Frame 8AEF 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb25bbb91427026f6b2b8e4c2f0ffe7d41ae35f54e147b6c48a416bd2daff98a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame D2EC 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Mon, 16 Aug 2021 00:46:47 GMT
expires
Tue, 16 Aug 2022 00:46:47 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
24535
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
index.html
s0.2mdn.net/ads/richmedia/studio/pv2/61851409/20210805032649100/2021_wehkamp_awareness_300x250/wehkamp_awareness_300x250/ Frame E3B6 		8 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61851409/20210805032649100/2021_wehkamp_awareness_300x250/wehkamp_awareness_300x250/index.html?e=69&leftOffset=0&topOffset=0&c=3j4BlSNWp1&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
0c1853209c0da53570fbeca97a7ad5a2e2623875abd6395bab3409d2bdc7ea69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/ads/richmedia/studio/pv2/61851409/20210805032649100/2021_wehkamp_awareness_300x250/wehkamp_awareness_300x250/index.html?e=69&leftOffset=0&topOffset=0&c=3j4BlSNWp1&t=1&renderingType=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1122
date
Mon, 16 Aug 2021 07:35:42 GMT
expires
Tue, 17 Aug 2021 07:35:42 GMT
cache-control
public, max-age=86400
last-modified
Thu, 05 Aug 2021 10:26:49 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 8AEF 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstKX3FgztSRYXqMxo1L1FlLkPpSYeb97SQLxfBoe2xPJSx4zB_uLkiSiHhFaDf5ylrq7RNA-BQZ8HZs7efrATxkvc8LV4Ns5IcUTxgvUZxxX0hPvp07roc0vVXQJGXwyvpAsmCMHxXjorLbhSWPPGXXirXqFflCOvc74fETCk9ebMawA8kn-UHCdUAZ-0nRvrH88DySL1_uJt9ZQBLklU7UlMO2ikYtydpAtMq8-YUaUov8YRXeujKiJB9yFoKvAgI1D-CpoYt2yD9Q8GQAB30FWRk0Fof37JpOVvdlJwh2z6IZybxWU3LqCJ62z76L245e2Yzcxt1vcFbT2naJnk-QKVaiXVLqLJelKtJdRtTcbS0F_0DwwKpPt4STtBopVHK6ndFrsAR4IFCoHcGP5m_w6qISlaPSWmziQy4yiUf2E2N4p9lIJnMAKdqythLR0U6yFN2VfVWwn3aauY54JY4hCxdwXuv9QKvdnQPI2jDfn8a5ZlYuAApZtFI0v5K6tIoJU_njYN7D49WxHPWZ1vCZ1sO_iGhnyq06JaaOvrrlRa_43_YaNy2Zt_nPCScpK4LDa8xhTV7CWPnRdIYUyzUcfOEc7z6yHe7KU2aMIqKhnL-PVPRblFUeQoShSht-9dJnSX2jk-m-noCeFbowsuihvaVAEEo5YqPAr7DcBayMKV2lG6Bofccy_n7tIEhAI3n78GV_lqkYLKgrb6OgUc_cyRZ_DmKIQWffr3GY4JeeTL8D6RDl1nmDN66p6194-TnePJTdHH-hvE9vWf-7hF9uago58joJ1WqTFTj-WGyuchrldItOEu27Les1G1qLVt_4JO4yMoShrAAH6cRn92CQFqhHEaOrJko4rN1nTmvqX2bLXnhNfsX3duxMSEGPjeu5gRID1BVUdj4xzRRNYhnAY1_eNKoED7TlNp6cfBxwjdkcdDBdMCySRieodbVrg3oWVj-ovo1EyDiqvfP1abQmn4m56oaPV26w6WenS5t8wKQFALK6IrH2OJyWSQcM5GB9wsYudMTPjWPczprhqGVGZ10SC13B2Wp0H9ZY0zkZegsaVUU6k6o6M9jgyoxT-1og-9pPwRE5CPuYgQf0BCnQS2ojQKzHyoZd_HSX6W0wgmMCDRy9IYuJwmmVx3bYajWfQi-RLUEsb9FV_70gSDLSbrbxnLLSTOMwV00OLGw4pSzjV7H9c3zCE5fP1g&sai=AMfl-YT2JDXO_kcV7wMV3pNigCsyJuDCy5tlGEFzUI_uuYGupDoXnJuBn8eaSwwLdHBFi_HO7rJwfDjvF2G1e3YjNcqZ-mWMtM0d2Okq5vQj5JFpDuFIf-yLLCsAxGMAwBelW1-cvgTRrhmGbxj-b1wUTM4NdhieNWamje8alTM&sig=Cg0ArKJSzAUvgxzpGgDZEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=56&cbvp=1&cstd=51&cisv=r20210809.88371&adurl=
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN (),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Mon, 16 Aug 2021 07:35:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
pixel.gif
opt.objectiveportal.com/ Frame 8AEF 		35 B
529 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://opt.objectiveportal.com/pixel.gif?customer=WEH&brand=WEH&domain=NL&process=banner&campaignid=25026030&placementid=295706755&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: 08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
URL: https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.152.90 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.90.152.201.195.clients.your-server.de
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.objectiveportal.com objectiveportal.com
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:42 GMT
referrer-policy
strict-origin-when-cross-origin
server
nginx
etag
5d5c8282-0888-4f79-aadd-bac8c607e611
x-frame-options
DENY
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-security-policy
frame-ancestors *.objectiveportal.com objectiveportal.com
strict-transport-security
max-age=63072000; includeSubdomains
content-length
35
x-content-type-options
nosniff
gen_204
pagead2.googlesyndication.com/pagead/ Frame E418 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BurHqTRUaYfjqOdr43gPTyLF4AAAAADgB4AQC&bg=!ExClEFTNAAbOj6irzo87ACkAdvg8Wsf1OU-y1riR334xLOO73VdrqPNl-UMMXZLrDr6i7yV7J4ERWgIAAADDUgAAACRoAQeZAsniPnZ84V-mEcWnj99ssqPWds6pJLwW81sdECgB303PuIrtyVDHaY0hSeRPYlHNuFn80YFoFPHSlXB1HdzAXNe3iVjsAsv0G0RGhM5Y07slHdb7ad7zs9rJZNKJktejU-sDNUwFmV_kZzDRnjoL1fkLwQhY0eNlWsqfJrnqJj1aEdc5zH0wo15hEf-m_VaWDQjTwHWLEHcvMMqM5FuSRHXkG8LeOI6UONJNiAFJAa6Ultbk5TuEIO5V9p3YvZ3EZgOlfOJjd2QzKftXNfJCztEASZaB4NOFOqK0dLRZN1oWcrp2bwKXyOOoTq8f51pSNdYIgPajm7Wwf8PRhbXVLKc95m7QRR2sH4aZ5QTTMH3q7v_LzeAlaWENF5EFVzhp8S-QmFT5LaKveVlDJvAeyhU-kTN_sXk1ZxGzbvQn3BSVTInTEGpfRk5bhMh4YlseDtf1NfXeb3Rr66v2uXxee0fbmf5r6iKcsv1-XLHBjUv_-FLYpqGeSuSqJ0k878o4mZCcQcld_R8wHGq-CCZMZZqUS-LHdku7zajkzZhZfAcYwgycqL9b42dOqt-by0JF43brvZuInaLJj3LBD1VYWpQpHH1PDiboO1YXGRCFix127geVxLDiI6JCsJgIsXqgSsJboSdtqu7vG8WVTtjJsEIgeHT4xJIEu-HzZefQSgisnZeNiJAXcDNr4AYfx9b-fhoF1L_kSUj-SMA778vltk1bCbqwzuw8PSEcQN1t95lBdJlfhiHmkRYtc8UIFMCy3Y1C-F44iNNaInMrQMmC_XAbRSF_lFgE_kLX8RcMu9UtH_CKTWfGRcpvZHK2SH9Cpoh1Q2uZ9M0KsXNsaJNOXVZQBlI12suLkZf3cLurgKetsajv1Avdf3htapPwtYFtz2sVa5ohyBicNeC_uXUxFjzZdW11IrQKirDJCQkuELrPnaKXFY4RNha-_A
Requested by
Host: 08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
URL: https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gNlTKBZ5R8AAOiwGb4ScEkJ-hJdRSD5i8Nb9VbYnj7U.js
pagead2.googlesyndication.com/bg/ Frame D2EC 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gNlTKBZ5R8AAOiwGb4ScEkJ-hJdRSD5i8Nb9VbYnj7U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80d95328167947c0003a2c066f849c12427e849751483e62f0d6fd55b6278fb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 15:52:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
56620
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13306
x-xss-protection
0
last-modified
Tue, 03 Aug 2021 09:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 15 Aug 2022 15:52:02 GMT
jsf.css
s0.2mdn.net/ads/richmedia/studio/pv2/61851409/20210805032649100/2021_wehkamp_awareness_300x250/wehkamp_awareness_300x250/ Frame E3B6 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61851409/20210805032649100/2021_wehkamp_awareness_300x250/wehkamp_awareness_300x250/jsf.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61851409/20210805032649100/2021_wehkamp_awareness_300x250/wehkamp_awareness_300x250/index.html?e=69&leftOffset=0&topOffset=0&c=3j4BlSNWp1&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
e605a33d737b143267491094222614ed38991e31096d3169108c8ebee516f8e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61851409/20210805032649100/2021_wehkamp_awareness_300x250/wehkamp_awareness_300x250/index.html?e=69&leftOffset=0&topOffset=0&c=3j4BlSNWp1&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 11:09:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73589
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1533
x-xss-protection
0
last-modified
Thu, 05 Aug 2021 10:26:49 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 16 Aug 2021 11:09:13 GMT
Enabler_01_246.js
s0.2mdn.net/879366/ Frame E3B6 		116 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_246.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61851409/20210805032649100/2021_wehkamp_awareness_300x250/wehkamp_awareness_300x250/index.html?e=69&leftOffset=0&topOffset=0&c=3j4BlSNWp1&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61851409/20210805032649100/2021_wehkamp_awareness_300x250/wehkamp_awareness_300x250/index.html?e=69&leftOffset=0&topOffset=0&c=3j4BlSNWp1&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 08:08:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84429
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40237
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:51 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 16 Aug 2021 08:08:33 GMT
feedImport.js
s0.2mdn.net/ads/richmedia/studio/pv2/61851409/20210805032649100/2021_wehkamp_awareness_300x250/wehkamp_awareness_300x250/ Frame E3B6 		11 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61851409/20210805032649100/2021_wehkamp_awareness_300x250/wehkamp_awareness_300x250/feedImport.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61851409/20210805032649100/2021_wehkamp_awareness_300x250/wehkamp_awareness_300x250/index.html?e=69&leftOffset=0&topOffset=0&c=3j4BlSNWp1&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
aac79529a8c3f553f89f439b86d32a07fd3973327817352a2846b699a94f9d60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61851409/20210805032649100/2021_wehkamp_awareness_300x250/wehkamp_awareness_300x250/index.html?e=69&leftOffset=0&topOffset=0&c=3j4BlSNWp1&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 11:09:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73589
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1345
x-xss-protection
0
last-modified
Thu, 05 Aug 2021 10:26:49 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 16 Aug 2021 11:09:13 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame E3B6 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61851409/20210805032649100/2021_wehkamp_awareness_300x250/wehkamp_awareness_300x250/index.html?e=69&leftOffset=0&topOffset=0&c=3j4BlSNWp1&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61851409/20210805032649100/2021_wehkamp_awareness_300x250/wehkamp_awareness_300x250/index.html?e=69&leftOffset=0&topOffset=0&c=3j4BlSNWp1&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 16 Aug 2021 07:35:42 GMT
slides.js
s0.2mdn.net/ads/richmedia/studio/pv2/61851409/20210805032649100/2021_wehkamp_awareness_300x250/wehkamp_awareness_300x250/ Frame E3B6 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61851409/20210805032649100/2021_wehkamp_awareness_300x250/wehkamp_awareness_300x250/slides.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61851409/20210805032649100/2021_wehkamp_awareness_300x250/wehkamp_awareness_300x250/index.html?e=69&leftOffset=0&topOffset=0&c=3j4BlSNWp1&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
1da3ac76216232275cfc3ac537a7fbab9bbaa8624058ba797425f2ed2afd414a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61851409/20210805032649100/2021_wehkamp_awareness_300x250/wehkamp_awareness_300x250/index.html?e=69&leftOffset=0&topOffset=0&c=3j4BlSNWp1&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 11:09:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73589
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2701
x-xss-protection
0
last-modified
Thu, 05 Aug 2021 10:26:49 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 16 Aug 2021 11:09:13 GMT
swipeHandler.js
s0.2mdn.net/ads/richmedia/studio/pv2/61851409/20210805032649100/2021_wehkamp_awareness_300x250/wehkamp_awareness_300x250/ Frame E3B6 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61851409/20210805032649100/2021_wehkamp_awareness_300x250/wehkamp_awareness_300x250/swipeHandler.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61851409/20210805032649100/2021_wehkamp_awareness_300x250/wehkamp_awareness_300x250/index.html?e=69&leftOffset=0&topOffset=0&c=3j4BlSNWp1&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
43a96715349ca6acfd5f08d90d5af4c11b8a0d7976faf938d99119ce0aa45c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61851409/20210805032649100/2021_wehkamp_awareness_300x250/wehkamp_awareness_300x250/index.html?e=69&leftOffset=0&topOffset=0&c=3j4BlSNWp1&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 11:09:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73588
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1958
x-xss-protection
0
last-modified
Thu, 05 Aug 2021 10:26:49 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 16 Aug 2021 11:09:14 GMT
swipe.svg
s0.2mdn.net/creatives/assets/4008410/ Frame E3B6 		38 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4008410/swipe.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61851409/20210805032649100/2021_wehkamp_awareness_300x250/wehkamp_awareness_300x250/index.html?e=69&leftOffset=0&topOffset=0&c=3j4BlSNWp1&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
da38b17bcd33d8afdfb2ba334966431117fd9717ef7bd752c0102e5340243d15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61851409/20210805032649100/2021_wehkamp_awareness_300x250/wehkamp_awareness_300x250/index.html?e=69&leftOffset=0&topOffset=0&c=3j4BlSNWp1&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:32:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
214
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28531
x-xss-protection
0
last-modified
Tue, 19 Jan 2021 11:46:14 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 16 Aug 2021 07:47:08 GMT
spinning-circles.svg
s0.2mdn.net/ads/richmedia/studio/pv2/61851409/20210805032649100/2021_wehkamp_awareness_300x250/wehkamp_awareness_300x250/ Frame E3B6 		3 KB
497 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61851409/20210805032649100/2021_wehkamp_awareness_300x250/wehkamp_awareness_300x250/spinning-circles.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61851409/20210805032649100/2021_wehkamp_awareness_300x250/wehkamp_awareness_300x250/jsf.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
320bdb63f5150f35fa6b9f3de2f204ed2caea8d6207cdb82ebfafb1ee136f818
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61851409/20210805032649100/2021_wehkamp_awareness_300x250/wehkamp_awareness_300x250/jsf.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 11:09:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73588
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
471
x-xss-protection
0
last-modified
Thu, 05 Aug 2021 10:26:49 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 16 Aug 2021 11:09:14 GMT
frame-300x250.svg
s0.2mdn.net/creatives/assets/4031071/ Frame E3B6 		625 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4031071/frame-300x250.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61851409/20210805032649100/2021_wehkamp_awareness_300x250/wehkamp_awareness_300x250/jsf.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
182eef66015deee87a9e972aae3d3a87bf95c2a4bf3cc9572d73f794750280dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61851409/20210805032649100/2021_wehkamp_awareness_300x250/wehkamp_awareness_300x250/jsf.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:20:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
885
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
427
x-xss-protection
0
last-modified
Fri, 22 Jan 2021 11:08:13 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 16 Aug 2021 07:35:57 GMT
Gibson-Regular.woff2
s0.2mdn.net/creatives/assets/4018236/ Frame E3B6 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4018236/Gibson-Regular.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61851409/20210805032649100/2021_wehkamp_awareness_300x250/wehkamp_awareness_300x250/jsf.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
314620316b791996fa0238a4ec9ec6fdfe87e76f66e7023b8057b713521be828
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61851409/20210805032649100/2021_wehkamp_awareness_300x250/wehkamp_awareness_300x250/jsf.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:32:00 GMT
x-content-type-options
nosniff
last-modified
Tue, 12 Jan 2021 14:42:40 GMT
server
sffe
age
222
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10016
x-xss-protection
0
expires
Mon, 16 Aug 2021 07:47:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 651C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvatknJBmWdMESJeEgmwEwnZ0RD1wT5bbcc2P98LJPy9PDNwTI5na-x1IrrhUZIkGplw_f9D--I5VZUqBmZlTp-tvw5Ys_6sn3MalnUeUL4tqUxBamoBbGIf6eEigR-buPlRgLKaQrpcUVHgRRUWcw3TxklyJieu6zH33U3zKZmyDB3ObRE6Qb8KK0JXELc92oiwB42e6iV3_y4nr_LmM1U4WkRiUVK5AiHQs20_x3sJZEe84a-ntBvljKvLDHuad-Rvie-ZuAhA4D9zal3e6V5b-E0fr4dAcCc7DWSGn-32EU_uIRAGSjbz76-JAK2YKRNb4R8NvU0tX79Zg1doTfx7GnE3_tnAC0xo-ruDDQ6Q2aW4_oXxlz485fTDVplMLlzBNME&sai=AMfl-YR7gN49XuuJ2PCbJUXO2uXb67_pv--ZCJ-AJsgiJFNYxyeflZBO6O1dNEP_Q3deaPIHX4TasZ9fmdW41eBvIz4508fE90PAzi6HcJrfc3-SO6322nU1AlVAw-8evrWv&sig=Cg0ArKJSzPvYaHDzrmhfEAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN (),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 16 Aug 2021 07:35:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 16 Aug 2021 07:35:42 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 8AEF 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstKX3FgztSRYXqMxo1L1FlLkPpSYeb97SQLxfBoe2xPJSx4zB_uLkiSiHhFaDf5ylrq7RNA-BQZ8HZs7efrATxkvc8LV4Ns5IcUTxgvUZxxX0hPvp07roc0vVXQJGXwyvpAsmCMHxXjorLbhSWPPGXXirXqFflCOvc74fETCk9ebMawA8kn-UHCdUAZ-0nRvrH88DySL1_uJt9ZQBLklU7UlMO2ikYtydpAtMq8-YUaUov8YRXeujKiJB9yFoKvAgI1D-CpoYt2yD9Q8GQAB30FWRk0Fof37JpOVvdlJwh2z6IZybxWU3LqCJ62z76L245e2Yzcxt1vcFbT2naJnk-QKVaiXVLqLJelKtJdRtTcbS0F_0DwwKpPt4STtBopVHK6ndFrsAR4IFCoHcGP5m_w6qISlaPSWmziQy4yiUf2E2N4p9lIJnMAKdqythLR0U6yFN2VfVWwn3aauY54JY4hCxdwXuv9QKvdnQPI2jDfn8a5ZlYuAApZtFI0v5K6tIoJU_njYN7D49WxHPWZ1vCZ1sO_iGhnyq06JaaOvrrlRa_43_YaNy2Zt_nPCScpK4LDa8xhTV7CWPnRdIYUyzUcfOEc7z6yHe7KU2aMIqKhnL-PVPRblFUeQoShSht-9dJnSX2jk-m-noCeFbowsuihvaVAEEo5YqPAr7DcBayMKV2lG6Bofccy_n7tIEhAI3n78GV_lqkYLKgrb6OgUc_cyRZ_DmKIQWffr3GY4JeeTL8D6RDl1nmDN66p6194-TnePJTdHH-hvE9vWf-7hF9uago58joJ1WqTFTj-WGyuchrldItOEu27Les1G1qLVt_4JO4yMoShrAAH6cRn92CQFqhHEaOrJko4rN1nTmvqX2bLXnhNfsX3duxMSEGPjeu5gRID1BVUdj4xzRRNYhnAY1_eNKoED7TlNp6cfBxwjdkcdDBdMCySRieodbVrg3oWVj-ovo1EyDiqvfP1abQmn4m56oaPV26w6WenS5t8wKQFALK6IrH2OJyWSQcM5GB9wsYudMTPjWPczprhqGVGZ10SC13B2Wp0H9ZY0zkZegsaVUU6k6o6M9jgyoxT-1og-9pPwRE5CPuYgQf0BCnQS2ojQKzHyoZd_HSX6W0wgmMCDRy9IYuJwmmVx3bYajWfQi-RLUEsb9FV_70gSDLSbrbxnLLSTOMwV00OLGw4pSzjV7H9c3zCE5fP1g&sai=AMfl-YT2JDXO_kcV7wMV3pNigCsyJuDCy5tlGEFzUI_uuYGupDoXnJuBn8eaSwwLdHBFi_HO7rJwfDjvF2G1e3YjNcqZ-mWMtM0d2Okq5vQj5JFpDuFIf-yLLCsAxGMAwBelW1-cvgTRrhmGbxj-b1wUTM4NdhieNWamje8alTM&sig=Cg0ArKJSzAUvgxzpGgDZEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=231&vt=11&dtpt=175&dett=3&cstd=51&cisv=r20210809.88371&adurl=
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN (),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Mon, 16 Aug 2021 07:35:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
t
t.lkqd.net/ Frame 16F7 		0
0
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.173 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://holiday.presslogic.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Mon, 16 Aug 2021 07:35:42 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://holiday.presslogic.com
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.173 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://holiday.presslogic.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Mon, 16 Aug 2021 07:35:42 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://holiday.presslogic.com
t
t.lkqd.net/ Frame 99E6 		0
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.173 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://holiday.presslogic.com
date
Mon, 16 Aug 2021 07:35:43 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
vpaid.js
ad.lkqd.net/vpaid/ Frame 8750 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN (),
Reverse DNS
Software
/
Resource Hash
ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:42 GMT
content-encoding
gzip
last-modified
Mon, 10 May 2021 16:09:54 GMT
etag
"18431b5d583ab7507824ab63424fc76a"
x-hw
1629099342.cds143.am5.hn,1629099342.cds300.am5.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62012
/
ti.tradetracker.net/ Frame F112 		442 B
921 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ti.tradetracker.net/?c=34211&amp;m=1888189&amp;a=70002&amp;r=35543200047231900719594011688014&amp;t=js&amp;wid=tt-454864
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.25.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-25-216.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
fe28a9452943fb95a3cb0efd9f31e982bdaf3075472d19ebc3b09bf58c35e63f

Request headers

Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:42 GMT
cache-control
no-cache, must-revalidate
expires
Mon, 26 Jul 1997 05:00:00 GMT
server
nginx
content-type
text/javascript; charset=UTF-8
request_content.php
hal900014.redintelligence.net/ Frame BEDD 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900014.redintelligence.net/request_content.php?s=35543200047231900719594011688014&a=c5897368
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request.php?zone=mu72dqmlk6df&nw=20&renderingType=javascript&namespace=3cfb5bddb0&subid=&uid=4b0084cbf4cff7b1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZWOOTRUaYayVH-mL7_UP1IWi6AbisNzwX6v77-n3DPAuEAEg75PENGCRhICAjBjIAQmpAkjW9MUDyrM-qAMBqgTuAU_QDVmfZ4kXUv-RDHIywYC5WE7abWV6P5qI9UlZewQpRTtZ8Fgfqqt7FtqOdFhwS0dr11Pe2zhHl0bsm4reg7WMND_jMCAzHNcX6Ox_3FhWWkUn5QbBYNBALnZ9gapjt-mstVivgKY4J9Z2WZWEQaD4Ow_W_yG35qfILuxj2ryxoQqfLLfVkRc2lW4E56mjmgCoEDH3KII-f80b_SZVt0inBCyNz_zZZDEZZK2hY38nJQwq4JAGGoGY53YiPEphZkas3MgRTcrDMpCoLe8TzVI3Wv7M55kYWbzsdhggQakIdZ9A-GquU2uECRAnudTABNvzvffUAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG6gHqpuxAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAaIMCCoGCgT4nrECsBOX5bIK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRomKFtfVCnDtVUN80UhjBoQqK1NQ%26sig%3DAOD64_0u_ie63OUUEOnySipquqEzo8kcVA%26client%3Dca-pub-9582422795991114%26dbm_c%3DAKAmf-DBYdjGIdyV9xHQfcj7kPafGsmhPrmd0qFUS1Aks9hYQvfJrlhXPyqHRKpv0QPn3u-BEXKPaoxUqnp_WnP7ukrrAT0EvpX3yaA1Ymc3NUjiCEFB4qedvEGFpiuMUIYKZqGlfuZw0-nxGrGy0dhKnENEMOKoEQ%26cry%3D1%26dbm_d%3DAKAmf-Bh2oaa9hAw85EnZi17mwbfjO9I6Kx2LX7mOIqBTL4bCD8yuNvX9n3_xQsERIyZaufu-3mUj_zxRl_AyklSpeCsS7N4CukXh3-wHXBmL983U9gucojJrVWrQMlXbk1SVZPYlfukYl1bK5CDGO8bPbABB9i6HfmjnKlefdWDbR0Rxjp22Gv_FSRORYDqIwYwyJ951kQtzcJX3ch9ru4R5BOI6oB5lZrA6QNYitzEGrQhzThpHbU05x3MuRQva5rctTdFRi1gQ9Mp5JO29l8ML1JSYbJX8BlxhluiS4qiDZebv8J231Je8bXcb2GUthZ_dGoucgAgD8Z2oaNC8tZVsJAF7krMZpB-9Q3fLOszvrdzgLU94aiqui_SZyCuk3ITaJBzRsGxDLEYBWVly8cwZVa0lzATVbSZXUOVh1wUfILIpFLlbTB6ayqmOHtkC7goevhli9com7n2778cCidUfS0dX2FEIA%26adurl%3D&documentReferer=https%3A%2F%2Fholiday.presslogic.com%2F&ancestorOrigins=https%3A%2F%2Fholiday.presslogic.com&random=9173316112338&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.26.250 , Germany, ASN (),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
08d4b1ac1610a9457a6e1fa77efde7ce1b99a41880b73a9e2c74b46b6de8a9a7

Request headers

Host
hal900014.redintelligence.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
8lcfmzhxc8d6_uid=8d50bba553701d2a
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/

Response headers

Date
Mon, 16 Aug 2021 07:35:42 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Mon, 16 Aug 2021 08:35:42 +0200
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2308
Connection
close
Content-Type
text/html; charset=utf-8
truncated
/ Frame F112 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dc8ddaa583bfcc0ab71cf6824ca3b6d58aa3b0432f72f875289c0a66ae77a860

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
container.html
08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A34F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js?31062246
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://holiday.presslogic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://holiday.presslogic.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Mon, 16 Aug 2021 07:35:41 GMT
expires
Tue, 16 Aug 2022 07:35:41 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
usync.html
ad.lkqd.net/cookie-sync/ Frame C24F 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN (),
Reverse DNS
Software
/
Resource Hash
6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3

Request headers

:method
GET
:authority
ad.lkqd.net
:scheme
https
:path
/cookie-sync/usync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:42 GMT
content-encoding
gzip
content-length
1868
content-type
text/html
last-modified
Thu, 29 Jul 2021 21:50:27 GMT
accept-ranges
bytes
etag
"81f08e6987a7c8675462207e3514d72e"
cache-control
public, max-age=1209600
x-hw
1629099342.cds143.am5.hn,1629099342.cds257.am5.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame 8750 		168 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1118955&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fholiday.presslogic.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C57736%2C1%2C&c4=&c5=&c6=57736&rnd=68121908&m=&rtv=1&thost=holiday.presslogic.com
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.108 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
bba16626e801e6583dd3bd02659f05871382323a003d68257f4f67ddb980e8d8

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 16 Aug 2021 07:35:43 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://holiday.presslogic.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
8838
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1118955&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fholiday.presslogic.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C57736%2C1%2C&c4=&c5=&c6=57736&rnd=68121908&m=&rtv=1&thost=holiday.presslogic.com
Protocol
H2
Server
146.20.132.108 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://holiday.presslogic.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Mon, 16 Aug 2021 07:35:42 GMT
content-length
0
access-control-allow-origin
https://holiday.presslogic.com
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
sodar
pagead2.googlesyndication.com/getconfig/ Frame E3B6 		6 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_246&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6b89adada767e0cb60e6b0437dd797ee859757430a13cd3d7d9c4544627d593e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 16 Aug 2021 07:35:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4381
x-xss-protection
0
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame A34F 		5 KB
671 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%7CGoogle%20Sans%20Display%3A400
Requested by
Host: 08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
URL: https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
ESF /
Resource Hash
b741ecd7a4536cf1090389c411c21aacf10e1793cae5051849ebe211aef453ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 16 Aug 2021 07:12:25 GMT
server
ESF
date
Mon, 16 Aug 2021 07:35:42 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 16 Aug 2021 07:35:42 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame A34F 		1 KB
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
URL: https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:31:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
227
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
830
x-xss-protection
0
server
cafe
etag
3558876194914413708
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Aug 2021 07:31:55 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame A34F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CxlwYThUaYYSyBKjX7_UP7ZmzqA7ZsI3BZKaSsPyFCpLUpLrIGBABIO-TxDRgkYSAgIwYoAHqiYfhA8gBCakCHCPJoElLhT7gAgCoAwHIA5sEqgT2AU_QN20iRzwEDPPW4eWFmcDxe3kdu68qsTUA7mNacnZCAKSS_v5DzTs-_F0j6iqn_dP0ClVJlI8g7di_JLjrv3Ac5Y7MaA4G_O9MyiPNnn6MjZVocZhJ09uxA22pYWJy3V9s_e8LaC5FoVP7gjGGjvM3Jeyw4_GOZJgTR9Rmt1muu0CPF3dRAxvGQVhxHjjvadsZJkFDUWMTQslC9Jo9mmgFTzku_DH0Se0bEmXvVFs_keQMgZp-fF3BoRTtWouJ-y9fplitpWZWl8LfFOxsIfresHgY5q21ddNt8sGjRrWR2oC1-dY8-v7MyAiqpeD0JuPuDnXa1sAE6cuEw7IC4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB_71-B6oB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEOuoBNIICQiI4YAQEAEYHYAKA8gLAdgTDtAVAZgWAYAXAbIXHgocCAASFHB1Yi05NTgyNDIyNzk1OTkxMTE0GJesJA&sigh=aWqRY3vUofI&template_id=494
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN (),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/ Frame A34F 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/abg_lite_fy2019.js
Requested by
Host: 08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
URL: https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:30:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
310
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7614
x-xss-protection
0
server
cafe
etag
9899176843389144697
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Aug 2021 07:30:32 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame A34F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/window_focus_fy2019.js
Requested by
Host: 08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
URL: https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:31:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
268
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Aug 2021 07:31:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A34F 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
URL: https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
37fbc56848d8a6f47f63521ede0688ab5769b28faecbd34e9fecbfc9e1dcd029
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:42 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1628854326415524"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38195
x-xss-protection
0
expires
Mon, 16 Aug 2021 07:35:42 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame A34F 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
URL: https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:32:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
170
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6204
x-xss-protection
0
server
cafe
etag
11055049251678278959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Aug 2021 07:32:52 GMT
b0784018e1fbf9b21026a03ef4bd1046.js
www.gstatic.com/mysidia/ Frame A34F 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/b0784018e1fbf9b21026a03ef4bd1046.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
URL: https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
357839b656a38b688c109822362a471abf0cfa1c50b94f913e8c141fba7f59bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Aug 2021 06:50:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
175495
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10788
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 03:04:34 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 12 Nov 2021 06:50:47 GMT
truncated
/ Frame A34F 		358 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a785e674d7e0a971efb769521d506914d875c0cbb461fbf0ee92885725ef03d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
shopping
encrypted-tbn3.gstatic.com/ Frame A34F 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSxmlwCiUUG3-F6FBDnyKsJ7F1TL_t9hvO8sGwfI1o1ocpbikgi&usqp=CAI
Requested by
Host: 08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
URL: https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
a47151678a73e538750e03c7b21bfad10f41b69dfde40588b6652982da65d762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 09:31:29 GMT
x-content-type-options
nosniff
last-modified
Thu, 29 Oct 2020 07:03:28 GMT
server
sffe
age
338653
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5694
x-xss-protection
0
expires
Fri, 12 Aug 2022 09:31:29 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame A34F 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQzN1l5YDjJoBIlE2lhJ-dSX7-lBsvx-7u-MexHYDeHK2OJShg&usqp=CAI
Requested by
Host: 08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
URL: https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
d68ec72b228d808280de4f74bb74f3db12e9baf5915feddfeed57c007efdd5d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Aug 2021 06:59:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 08 Nov 2020 01:26:25 GMT
server
sffe
age
520566
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4979
x-xss-protection
0
expires
Wed, 10 Aug 2022 06:59:36 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame A34F 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcT3m_T3-NVI0RF2Asl6Zs6rA-pdV1syRk0FmALgPeRY0YgvdE6u&usqp=CAI
Requested by
Host: 08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
URL: https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
aa2b19d2cb958f55d6700e64c751c1a8010ea3ed9824ac54a510b7d80c090683
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Aug 2021 06:59:36 GMT
x-content-type-options
nosniff
last-modified
Thu, 29 Oct 2020 07:20:02 GMT
server
sffe
age
520566
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14252
x-xss-protection
0
expires
Wed, 10 Aug 2022 06:59:36 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame A34F 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRLxgTNWNoUVk2UeUEXJtiuTmpMzGjbSZqLPzb2bfS84sFeAqcz&usqp=CAI
Requested by
Host: 08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
URL: https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d18b7a795610e8257cff2e8299216d7ab0993c97374546320e2e17637385204a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Aug 2021 06:28:44 GMT
x-content-type-options
nosniff
last-modified
Thu, 11 Mar 2021 15:23:28 GMT
server
sffe
age
522418
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10058
x-xss-protection
0
expires
Wed, 10 Aug 2022 06:28:44 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame A34F 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSPDXT-HhlIP4dp-HY2_TjpPdeiQ_-GU1wJ6mEJcHBhR1uG3YAh&usqp=CAI
Requested by
Host: 08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
URL: https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
00cf2ed50075360b5714ace0b7441948e11a6bae28d054ab4464e676b581a460
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Aug 2021 03:34:11 GMT
x-content-type-options
nosniff
last-modified
Thu, 11 Mar 2021 17:57:57 GMT
server
sffe
age
532891
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3355
x-xss-protection
0
expires
Wed, 10 Aug 2022 03:34:11 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame A34F 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRvMcAlxkSzbWm7Anhbgga4NO2A7ld494sLUCbgKB_97E24HUY&usqp=CAI
Requested by
Host: 08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
URL: https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
67ca185ea62d98ebb96ecf708e3d5d2a3283ed3e22665f98342cf58ef79fe412
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 06:13:14 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Mar 2021 02:23:31 GMT
server
sffe
age
4948
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4683
x-xss-protection
0
expires
Tue, 16 Aug 2022 06:13:14 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame A34F 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTn52UVI8UiN1FJ2WTLIpZb3jUHyuNqe4UozmORtWrCGc-toz0&usqp=CAI
Requested by
Host: 08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
URL: https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
4fff2742f0112b95283e6df2f2cfbdc53011328b0025f02bf729a2d5fa90090b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 05:34:55 GMT
x-content-type-options
nosniff
last-modified
Thu, 20 May 2021 00:52:53 GMT
server
sffe
age
266447
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14152
x-xss-protection
0
expires
Sat, 13 Aug 2022 05:34:55 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame A34F 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSSLEZncSBH2OAwDC-L7zqDDQhc2V1nDbo8lxjvtZ92BiNmdVdS&usqp=CAI
Requested by
Host: 08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
URL: https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
a4ecc9959cd239ec86b4c315d819b2a366f2ec2f022ab9265b4dd46aca06a140
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 20:10:17 GMT
x-content-type-options
nosniff
last-modified
Thu, 29 Oct 2020 07:24:33 GMT
server
sffe
age
213925
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6100
x-xss-protection
0
expires
Sat, 13 Aug 2022 20:10:17 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame A34F 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRwuSeBRpV5kTW8jqGeqVMHZIjkz24Vs4SJfCN_CM12avAoneRT&usqp=CAI
Requested by
Host: 08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
URL: https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
e1993496a75a97218231e6920ffd2025f0eea3532b4f2cc6b8a3662ed6f83e94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 22:49:26 GMT
x-content-type-options
nosniff
last-modified
Mon, 01 Jul 2019 08:58:11 GMT
server
sffe
age
549976
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35126
x-xss-protection
0
expires
Tue, 09 Aug 2022 22:49:26 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame E3B6 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Mon, 16 Aug 2021 07:35:42 GMT
css
fonts.googleapis.com/ Frame BEDD 		4 KB
648 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=35543200047231900719594011688014&a=c5897368
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
ESF /
Resource Hash
932060b34fe451f1cb994f3da257f6d2d0f281e1e286e9f3f0e2da63e862fec6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://hal900014.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 16 Aug 2021 05:52:14 GMT
server
ESF
date
Mon, 16 Aug 2021 07:35:42 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 16 Aug 2021 07:35:42 GMT
/
hal9000.redintelligence.net/scale/ Frame BEDD 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/53619/creativesup/img220807_banners_megekko_affiliate_image_v2-1597759923086-min%20(2).jpg
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=35543200047231900719594011688014&a=c5897368
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
01e6ccbbb66cfaaeba5d6164afd69635dbb6a0d81034c4b5a2d995b1457859cf

Request headers

Referer
https://hal900014.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 16 Aug 2021 07:35:42 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
11776
Vary
Accept-Encoding
Content-Type
image/png
e6244d1a4401c7fe26622998bffa5f86940922.png
static.tradetracker.net/nl/material_image/f1/ Frame F112
Redirect Chain
  • https://ti.tradetracker.net/?c=34211&m=1888189&a=70002&r=35543200047231900719594011688014&t=html
  • https://static.tradetracker.net/nl/material_image/f1/e6244d1a4401c7fe26622998bffa5f86940922.png
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.tradetracker.net/nl/material_image/f1/e6244d1a4401c7fe26622998bffa5f86940922.png
Requested by
Host: 08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
URL: https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:4e00:1a:7c92:efc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a82269bce61196e0aca1c36b304de3471e367a41179284996e6b06b2a3b3009a

Request headers

Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:30:45 GMT
via
1.1 03d509e8374e9f42668961b5e0201349.cloudfront.net (CloudFront)
last-modified
Fri, 23 Apr 2021 10:05:11 GMT
server
nginx
age
434
etag
"60829bd7-6cf"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
1743
x-amz-cf-id
ITkeqJ5Owb2MkTwlYBqnDoOB-vW-C0p4B0C4lMEkFR9NeijzA-sJWw==

Redirect headers

location
https://static.tradetracker.net/nl/material_image/f1/e6244d1a4401c7fe26622998bffa5f86940922.png
date
Mon, 16 Aug 2021 07:35:42 GMT
cache-control
no-cache, must-revalidate
server
nginx
content-type
text/html; charset=UTF-8
expires
Mon, 26 Jul 1997 05:00:00 GMT
truncated
/ Frame A34F 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b0e908b0ddb1164ecbc848a79b4c33a5a96d53c583d4fbc1f69429437a6f7b92

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame A34F 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%7CGoogle%20Sans%20Display%3A400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Aug 2021 16:30:42 GMT
x-content-type-options
nosniff
age
486300
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20900
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 22:53:16 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Aug 2022 16:30:42 GMT
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v35/ Frame A34F 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v35/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%7CGoogle%20Sans%20Display%3A400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 00:01:11 GMT
x-content-type-options
nosniff
age
459271
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21660
x-xss-protection
0
last-modified
Wed, 11 Aug 2021 00:01:04 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Aug 2022 00:01:11 GMT
viewability
hal900014.redintelligence.net/ Frame BEDD 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900014.redintelligence.net/viewability?s=35543200047231900719594011688014&a=c2404fc6&vb=m
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=35543200047231900719594011688014&a=c5897368
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.26.250 , Germany, ASN (),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hal900014.redintelligence.net/request_content.php?s=35543200047231900719594011688014&a=c5897368
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 16 Aug 2021 07:35:42 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
/
ti.tradetracker.net/ Frame BEDD 		434 B
700 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ti.tradetracker.net/?c=558&amp;m=24180&amp;a=70002&amp;r=35543200047231900719594011688014&amp;t=js&amp;wid=tt-784fde
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=35543200047231900719594011688014&a=c5897368
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.25.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-25-216.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ef2a2b0b6d302aaa18148ed36540d475c9d1987f486528cc4e4691efd2320228

Request headers

Referer
https://hal900014.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:42 GMT
cache-control
no-cache, must-revalidate
expires
Mon, 26 Jul 1997 05:00:00 GMT
server
nginx
content-type
text/javascript; charset=UTF-8
/
ti.tradetracker.net/ Frame BEDD 		457 B
723 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ti.tradetracker.net/?c=29026&amp;m=1463044&amp;a=70002&amp;r=&amp;r=35543200047231900719594011688014&t=js&amp;wid=tt-7710ab
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=35543200047231900719594011688014&a=c5897368
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.25.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-25-216.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
91919691d0218cdfd86802c06a1bd952cf2fa0757029262943fb300d27470563

Request headers

Referer
https://hal900014.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:42 GMT
cache-control
no-cache, must-revalidate
expires
Mon, 26 Jul 1997 05:00:00 GMT
server
nginx
content-type
text/javascript; charset=UTF-8
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ Frame BEDD 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://hal900014.redintelligence.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 17:54:23 GMT
x-content-type-options
nosniff
age
567679
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15948
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:32 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 Aug 2022 17:54:23 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ Frame BEDD 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://hal900014.redintelligence.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Aug 2021 13:27:21 GMT
x-content-type-options
nosniff
age
497301
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16112
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:09 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Aug 2022 13:27:21 GMT
cs
cs.lkqd.net/ Frame C24F 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.161 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:42 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame C24F 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.161 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:42 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame C24F 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.161 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:42 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame C24F 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.161 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:42 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame C24F
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8339154403167957530
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8339154403167957530
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.161 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:42 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8339154403167957530
pragma
no-cache
date
Mon, 16 Aug 2021 07:35:41 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
gNlTKBZ5R8AAOiwGb4ScEkJ-hJdRSD5i8Nb9VbYnj7U.js
pagead2.googlesyndication.com/bg/ Frame 858E 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gNlTKBZ5R8AAOiwGb4ScEkJ-hJdRSD5i8Nb9VbYnj7U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80d95328167947c0003a2c066f849c12427e849751483e62f0d6fd55b6278fb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 15:52:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
56620
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13306
x-xss-protection
0
last-modified
Tue, 03 Aug 2021 09:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 15 Aug 2022 15:52:02 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D2EC 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B01fKThUaYcHKDIDI7_UP_4i96AoAAAAAOAHgBAI&bg=!_f6l_rrNAAbOj6irzo87ACkAdvg8WmM1mUpXQoJSyI_q_AcYgWaR_Ewb5EZhe7em5aV4DJ7n46JeiAIAAAE-UgAAADRoAQeZAs-oediYBSqwb8U4XM2zYqE3btHOQrNEL9v4GAL-TV5YeLo8yqFfPYAqE_G-iDuwQhAt1WGQy-9TSVH7PjM7uyBJ0-7IGmji5o1k_AZamGvKDdMboUutp-fSpCVzogntMfnCeHYlXpwjW5YlDHZkYaon_xPjFs4b0j98z3mMJQcDf5DVP8zlCocPSn4k0Z6P8D3ViVGD4v5rgHaYjaDcXiHdn6Q2iEgkGutex6JCvp-o7In1WP0HSMDjmY3mrOoVSUI-602BtZ_W7IuW5UAaWQs2SdcPIZpFq1WpAb976cxEYoMpoi5ySdzchSzrcEFCT200OQQbwt9XNqVDsPZMTbrmEM2-biNgnb8JGqtBR-j2ECaXpvNVQtQwkB-QW5413ZUH_om3lPLSqoFYqxTCE7eyuN3vNEUzboDLAKAuJ1Gfht0LOTSZ84RHS8gE2Ry0Xcm0J8ZTTv-8OUybc9osLdZzPkjXIGR9Mdgqbop0Hfa2I-297_Klf40zg9QqmYGOU1TBmi7m1xJaDX2eYzMvlRIVyr_JhHJQ-fFLLsvlhHlZQ1YgEANgYOwwiQzwRDJs92RqA2ov8cHBsf8r737NzlYqbBol7vuZ13rD1JBJkAA3h_oYC22CYBpm8oq2uINCV_xPBmhOOYIz3p3Hcfzk5hpD9JIEtbw7o2fkxG5ZwRhYKRPXMnNMu6skxL82BZ5LuuwReyqM1RL4ryn_9wr-eWycOlil_3DPTiomJIfIVIAwcw9c4W5mtZbv8iORuKrWt4TYDZTRE3zwSPYW2JGy7kloPzJl_yZrK7iHleohWnkoLA3DrBIFE2_jpIZOsReIABq5UOSFsY61RVQtJylvlEtGgw4MXVbjGneT_1MudfM96hztndv-PcR8tH2hsEYivIZVWqAXZoeckX27SUHaZZb8Baay2dX1_FDMbUeWi4uAIo_zvPnHia4GzKU4PEkvIg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
t
t.lkqd.net/ Frame 2955 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.173 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://holiday.presslogic.com
date
Mon, 16 Aug 2021 07:35:43 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.173 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://holiday.presslogic.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Mon, 16 Aug 2021 07:35:42 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://holiday.presslogic.com
1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg
static.tradetracker.net/nl/material_image/49/ Frame BEDD
Redirect Chain
  • https://ti.tradetracker.net/?c=558&m=24180&a=70002&r=35543200047231900719594011688014&t=html
  • https://static.tradetracker.net/nl/material_image/49/1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg
13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.tradetracker.net/nl/material_image/49/1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=35543200047231900719594011688014&a=c5897368
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:4e00:1a:7c92:efc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6d731e6d3e38558377e2fa974639cabf5209d9cafa5f00e186b0e3faf0aea02b

Request headers

Referer
https://hal900014.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:39 GMT
via
1.1 03d509e8374e9f42668961b5e0201349.cloudfront.net (CloudFront)
last-modified
Thu, 16 Mar 2017 08:27:46 GMT
server
nginx
age
159
etag
"58ca4c82-335a"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
13146
x-amz-cf-id
8uo7dYRMjjguyma7Wnr-7AVc3eI9HkeicXk5MLBmsih-bSy4IjLgOw==

Redirect headers

location
https://static.tradetracker.net/nl/material_image/49/1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg
date
Mon, 16 Aug 2021 07:35:42 GMT
cache-control
no-cache, must-revalidate
server
nginx
content-type
text/html; charset=UTF-8
expires
Mon, 26 Jul 1997 05:00:00 GMT
d4fbe93890fb48767a755f66b5fd1571de5cf9.gif
static.tradetracker.net/nl/material_image/6b/ Frame BEDD
Redirect Chain
  • https://ti.tradetracker.net/?c=29026&m=1463044&a=70002&r=35543200047231900719594011688014&t=html
  • https://static.tradetracker.net/nl/material_image/6b/d4fbe93890fb48767a755f66b5fd1571de5cf9.gif
18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.tradetracker.net/nl/material_image/6b/d4fbe93890fb48767a755f66b5fd1571de5cf9.gif
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=35543200047231900719594011688014&a=c5897368
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:4e00:1a:7c92:efc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0dfdcc9934068e5000d8b906423558878e7cd1b9a6b7b1d566a30a6f969ee71f

Request headers

Referer
https://hal900014.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:34:26 GMT
via
1.1 03d509e8374e9f42668961b5e0201349.cloudfront.net (CloudFront)
last-modified
Mon, 26 Nov 2018 13:16:08 GMT
server
nginx
age
268
etag
"5bfbf218-4653"
x-cache
Hit from cloudfront
content-type
image/gif
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
18003
x-amz-cf-id
3-BcTwSV0O4d39iBwy9Ix84jjceM-gI86YaJOPaXf5SbBbUXiKOmZw==

Redirect headers

location
https://static.tradetracker.net/nl/material_image/6b/d4fbe93890fb48767a755f66b5fd1571de5cf9.gif
date
Mon, 16 Aug 2021 07:35:42 GMT
cache-control
no-cache, must-revalidate
server
nginx
content-type
text/html; charset=UTF-8
expires
Mon, 26 Jul 1997 05:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 651C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstSiTonwgoHgPN6RtIpfumzqngGk05y9X_gLHLCV6gyiPpQIkPT97nblx5s74ZVaLax4J1N8Yy1aeWyacHiYyJ6ww_Ax3cb8q8qkKiZwSQgUtRzq0cI&sig=Cg0ArKJSzEaJtr33eKOBEAE&id=lidar2&mcvt=1004&p=728,1027,978,1327&asp=728,1027,978,1327&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20210813&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=1613867078&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1629099342118&rpt=362&isd=0&lsd=0&msd=0&r=v&speed=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CA8E
Redirect Chain
  • https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=http%3A%2F%2Fholiday.presslogic.com%2F&cb=968740405&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C57736%2C1%2C45811821812051969511892246877,,
  • https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=http%3A%2F%2Fholiday.presslogic.com%2F&cb=968740405&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C57736%2C1%2C4581182181205196951189224...
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NGYwMDE1MzktYzk5Yy02MGZlLTc4MzUtMTE2ZGU3ZmJhNGJj
0
0
88k_nHSg_6XSp1263gyM+iSSVC+nZNMH
ads.adaptv.advertising.com/a/h/ Frame CA8E 		249 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=324776728&pet=preroll&pageUrl=http%3A%2F%2Fholiday.presslogic.com%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=57736&hp=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.42.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-42-157.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://holiday.presslogic.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
88k_nHSg_6XSp1263gyM+iSSVC+nZNMH
ads.adaptv.advertising.com/a/h/ Frame CA8E 		249 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1715759572&gdpr=&gdpr_consent=&pet=preroll&pageUrl=http%3A%2F%2Fholiday.presslogic.com%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=57736
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.42.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-42-157.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://holiday.presslogic.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
88k_nHSg_6XSp1263gyM+iSSVC+nZNMH
ads.adaptv.advertising.com/a/h/ Frame CA8E 		249 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1332163223&gdpr=&gdpr_consent=&pageUrl=http%3A%2F%2Fholiday.presslogic.com%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=57736
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.42.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-42-157.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://holiday.presslogic.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
88k_nHSg_6XSp1263gyM+iSSVC+nZNMH
ads.adaptv.advertising.com/a/h/ Frame CA8E 		249 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1939641294&gdpr=&gdpr_consent=&pet=preroll&pageUrl=http%3A%2F%2Fholiday.presslogic.com%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=57736&hp=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.42.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-42-157.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://holiday.presslogic.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=
ads.adaptv.advertising.com/a/h/ Frame CA8E 		249 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=1726214584&gdpr=&gdpr_consent=&pet=preroll&pageUrl=http%3A%2F%2Fholiday.presslogic.com%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=57736&hp=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.42.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-42-157.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://holiday.presslogic.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
tag
4cywq-eqnre.ads.tremorhub.com/ad/ Frame CA8E 		119 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://4cywq-eqnre.ads.tremorhub.com/ad/tag?adCode=4cywq-7ivfu&playerWidth=400&playerHeight=225&srcPageUrl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0%2C1%21vidoomy.com%2C57736%2C1%2C45811821812051969512056712023%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:72b:4784:49c3:fec8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
5616a6e1823b43919f7d1a33817cccfa1d9f30c9f10f2deb00d9c3671f91d5f0

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:44 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://holiday.presslogic.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tremorvideo-status
NO_AD
content-type
text/xml;charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame CA8E
Redirect Chain
  • https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=http%3A%2F%2Fholiday.presslogic.com%2F&cb=1273692327&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C57736%2C1%2C9863344934581182181205196951,,
  • https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=http%3A%2F%2Fholiday.presslogic.com%2F&cb=1273692327&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C57736%2C1%2C986334493458118218120519...
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NGYwMDE1MzktYzk5Yy02MGZlLTc4MzUtMTE2ZGU3ZmJhNGJj
0
0
pixel
cm.g.doubleclick.net/ Frame CA8E
Redirect Chain
  • https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=http%3A%2F%2Fholiday.presslogic.com%2F&cb=184201748&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C57736%2C1%2C11314920944581182181205196951,,
  • https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=http%3A%2F%2Fholiday.presslogic.com%2F&cb=184201748&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C57736%2C1%2C1131492094458118218120519...
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NGYwMDE1MzktYzk5Yy02MGZlLTc4MzUtMTE2ZGU3ZmJhNGJj
0
0
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame CA8E 		67 B
587 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=&_fw_gdpr=&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C57736%2C1%2C4581182181205196951299913826%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.21.112 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a184-30-21-112.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16 Aug 2021 07:35:43 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://holiday.presslogic.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1629099343433078-380
Expires
Mon, 16 Aug 2021 07:35:43 GMT
218947
search.spotxchange.com/vast/2.0/ Frame CA8E 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.0/218947?VPAID=JS&content_page_url=http%3A%2F%2Fholiday.presslogic.com%2F&cb=2131569702&player_width=400&player_height=225&media_transcoding=low&regs[gdpr]=&user[consent]=&device[geo][lat]=&device[geo][lon]=&schain=1.0%2C1%21vidoomy.com%2C57736%2C1%2C45811821812051969512065560347%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 16 Aug 2021 07:35:43 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000284
X-SpotX-Timing-SpotMarket
0.025765
X-SpotX-Timing-Page-Mux
0.001004
X-SpotX-Timing-Page-Require
0.000288
X-fe
091
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000002
Content-Length
77
X-SpotX-Timing-Page
0.029262
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000247
Last-Modified
Mon, 16 Aug 2021 07:35:43 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.010973
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://holiday.presslogic.com
X-SpotX-Timing-Page-Misc
0.001663
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.014792
X-SpotX-Timing-Page-URI
0.000009
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tag
4cywq-eqnre.ads.tremorhub.com/ad/ Frame CA8E 		119 B
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://4cywq-eqnre.ads.tremorhub.com/ad/tag?adCode=4cywq-7ivfu&playerWidth=400&playerHeight=225&srcPageUrl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0%2C1%21vidoomy.com%2C57736%2C1%2C45811821812051969512097200423%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:72b:4784:49c3:fec8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
5616a6e1823b43919f7d1a33817cccfa1d9f30c9f10f2deb00d9c3671f91d5f0

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:44 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://holiday.presslogic.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tremorvideo-status
NO_AD
content-type
text/xml;charset=UTF-8
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame CA8E 		67 B
586 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=&_fw_gdpr=&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C57736%2C1%2C19455879224581182181205196951%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.21.112 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a184-30-21-112.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16 Aug 2021 07:35:43 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://holiday.presslogic.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1629099343633008-383
Expires
Mon, 16 Aug 2021 07:35:43 GMT
ad_request
ads.aralego.com/ Frame CA8E 		0
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?host=presslogic.com&ver=UCX_WEB-20200113&adid=ad-627D73244EB63437F7BDD32D28A8D87&atype=2&u=%%REFERRER_URL_ESC%%&gdpr=&euconsent-v2=&je=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 Greenbelt, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 16 Aug 2021 07:35:44 GMT
X-Width
640
X-Height
360
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Origin
https://holiday.presslogic.com
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Access-Control-Allow-Credentials
true
X-Adtype
vast
Connection
close
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame CA8E 		67 B
587 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=&_fw_gdpr=&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C57736%2C1%2C45811821812051969512061556888%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.21.112 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a184-30-21-112.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16 Aug 2021 07:35:43 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://holiday.presslogic.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1629099343641022-575
Expires
Mon, 16 Aug 2021 07:35:43 GMT
218945
search.spotxchange.com/vast/2.0/ Frame CA8E 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=http%3A%2F%2Fholiday.presslogic.com%2F&cb=532106433&player_width=400&player_height=225&regs[gdpr]=&user[consent]=&device[geo][lat]=&device[geo][lon]=&schain=1.0%2C1%21vidoomy.com%2C57736%2C1%2C45811821812051969511741747548%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 16 Aug 2021 07:35:43 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000331
X-SpotX-Timing-SpotMarket
0.028968
X-SpotX-Timing-Page-Mux
0.001060
X-SpotX-Timing-Page-Require
0.000470
X-fe
085
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000003
Content-Length
77
X-SpotX-Timing-Page
0.033023
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000480
Last-Modified
Mon, 16 Aug 2021 07:35:43 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.014374
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://holiday.presslogic.com
X-SpotX-Timing-Page-Misc
0.001698
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.014594
X-SpotX-Timing-Page-URI
0.000013
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
218945
search.spotxchange.com/vast/2.0/ Frame CA8E 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=http%3A%2F%2Fholiday.presslogic.com%2F&cb=1887746420&player_width=400&player_height=225&regs[gdpr]=&user[consent]=&schain=1.0%2C1%21vidoomy.com%2C57736%2C1%2C20910218414581182181205196951%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 16 Aug 2021 07:35:43 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.001635
X-SpotX-Timing-SpotMarket
0.025360
X-SpotX-Timing-Page-Mux
0.000898
X-SpotX-Timing-Page-Require
0.000311
X-fe
025
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000004
Content-Length
77
X-SpotX-Timing-Page
0.030286
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000382
Last-Modified
Mon, 16 Aug 2021 07:35:43 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.011188
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://holiday.presslogic.com
X-SpotX-Timing-Page-Misc
0.001686
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.014172
X-SpotX-Timing-Page-URI
0.000009
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rtb
a.vidoomy.com/api/rtbserver/ Frame CA8E 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.vidoomy.com/api/rtbserver/rtb?id=465576718&w=400&h=225&skip=1&ip=&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&l=EN&dt=2&c=NL&pid=57736&sid=&sname=&d=presslogic.com&sp=http%3A%2F%2Fholiday.presslogic.com%2F&coppa=&gdpr=&gdprcs=&vpaid=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.86.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-86-56.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://holiday.presslogic.com
date
Mon, 16 Aug 2021 07:35:43 GMT
access-control-allow-credentials
true
vary
Origin
access-control-expose-headers
X-Vd-C
vadtag.html
px.vidoomy.com/pubmatic/ Frame CA8E 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.vidoomy.com/pubmatic/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0%2C1%21vidoomy.com%2C57736%2C1%2C4668694454581182181205196951%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.129.250.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-129-250-65.us-east-2.compute.amazonaws.com
Software
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash
e2ee7ee2de1234830a3d2be3f229437a9a8850ab976189ad25b96488c9f21a51

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16 Aug 2021 07:35:44 GMT
Server
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By
PHP/7.0.33
Content-Type
application/xml
Access-Control-Allow-Origin
https://holiday.presslogic.com
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Keep-Alive
timeout=2, max=300
Content-Length
1155
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame CA8E 		994 B
870 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0%2C1%21vidoomy.com%2C57736%2C1%2C45811821812051969511076291321%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
affaba932ef7bbfbe7ee80b2b07ffd219feaeb34c33293e1290d3e629b47d406

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:43 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5b1869b8fc7b9"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://holiday.presslogic.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
607
expires
Mon, 16 Aug 2021 07:35:43 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame CA8E 		994 B
870 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0%2C1%21vidoomy.com%2C57736%2C1%2C45811821812051969511811075382%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
318c9b4b107888849a0163153ea85489460ffbd3777be3378c160c82dc7d4336

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:43 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5b1869b8fc7b9"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://holiday.presslogic.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
607
expires
Mon, 16 Aug 2021 07:35:43 GMT
av
vidoomy-d.openx.net/v/1.0/ Frame CA8E
Redirect Chain
  • https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=http%3A%2F%2Fholiday.presslogic.com%2F&cb=968740405&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C57736%2C1%2C45811821812051969511892246877,,
  • https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=http%3A%2F%2Fholiday.presslogic.com%2F&cb=968740405&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C57736%2C1%2C4581182181205196951189224...
48 B
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=http%3A%2F%2Fholiday.presslogic.com%2F&cb=968740405&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C57736%2C1%2C45811821812051969511892246877,,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN (),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.213.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:43 GMT
content-encoding
gzip
server
OXGW/16.213.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://holiday.presslogic.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Mon, 16 Aug 2021 07:35:43 GMT
via
1.1 google
server
OXGW/16.213.0
location
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=http%3A%2F%2Fholiday.presslogic.com%2F&cb=968740405&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C57736%2C1%2C45811821812051969511892246877,,
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://holiday.presslogic.com
access-control-allow-credentials
true
alt-svc
clear
content-length
0
av
vidoomy-d.openx.net/v/1.0/ Frame CA8E
Redirect Chain
  • https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=http%3A%2F%2Fholiday.presslogic.com%2F&cb=1273692327&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C57736%2C1%2C9863344934581182181205196951,,
  • https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=http%3A%2F%2Fholiday.presslogic.com%2F&cb=1273692327&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C57736%2C1%2C986334493458118218120519...
48 B
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=http%3A%2F%2Fholiday.presslogic.com%2F&cb=1273692327&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C57736%2C1%2C9863344934581182181205196951,,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN (),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.213.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:43 GMT
content-encoding
gzip
server
OXGW/16.213.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://holiday.presslogic.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Mon, 16 Aug 2021 07:35:43 GMT
via
1.1 google
server
OXGW/16.213.0
location
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=http%3A%2F%2Fholiday.presslogic.com%2F&cb=1273692327&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C57736%2C1%2C9863344934581182181205196951,,
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://holiday.presslogic.com
access-control-allow-credentials
true
alt-svc
clear
content-length
0
av
vidoomy-d.openx.net/v/1.0/ Frame CA8E
Redirect Chain
  • https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=http%3A%2F%2Fholiday.presslogic.com%2F&cb=184201748&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C57736%2C1%2C11314920944581182181205196951,,
  • https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=http%3A%2F%2Fholiday.presslogic.com%2F&cb=184201748&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C57736%2C1%2C1131492094458118218120519...
48 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=http%3A%2F%2Fholiday.presslogic.com%2F&cb=184201748&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C57736%2C1%2C11314920944581182181205196951,,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN (),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.213.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:43 GMT
content-encoding
gzip
server
OXGW/16.213.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://holiday.presslogic.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Mon, 16 Aug 2021 07:35:43 GMT
via
1.1 google
server
OXGW/16.213.0
location
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=http%3A%2F%2Fholiday.presslogic.com%2F&cb=184201748&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C57736%2C1%2C11314920944581182181205196951,,
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://holiday.presslogic.com
access-control-allow-credentials
true
alt-svc
clear
content-length
0
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.173 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://holiday.presslogic.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Mon, 16 Aug 2021 07:35:44 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://holiday.presslogic.com
t
t.lkqd.net/ Frame 2955 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.173 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://holiday.presslogic.com
date
Mon, 16 Aug 2021 07:35:44 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
vpaid_5f161ae6.js
vpaid.springserve.com/production/ Frame EDDD 		487 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_5f161ae6.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:c600:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b879eea03bdff754eb9e1cc33c1cee2c94a8759f98c53129c3d816abd8af2585

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 16:21:35 GMT
content-encoding
br
last-modified
Thu, 05 Aug 2021 15:54:34 GMT
server
AmazonS3
age
918850
etag
W/"41729b59b07a422bc68886d7b6e2a43f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 3bf3e75bcb9a86b3eb343a1d4392a6df.cloudfront.net (CloudFront)
cache-control
max-age=2678400
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
Sx7cFzGjqJYGmH8eXW9FkoHyzMvYdLc0gtWAPjcLTNjgMJcXIMxfFg==
truncated
/ 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame EDDD 		965 B
852 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_5f161ae6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
911e0dbfe6af72410829c350aa3cddb5fd8d2f1242f7345b0ebfd8712d6f3543

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:44 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5b1869b8fc7b9"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://holiday.presslogic.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
589
expires
Mon, 16 Aug 2021 07:35:44 GMT
openrtb
ads.adaptv.advertising.com/rtb/ Frame EDDD 		0
223 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Vidoomy
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_5f161ae6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.42.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-42-157.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://holiday.presslogic.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
openrtb
ads.adaptv.advertising.com/rtb/ Frame EDDD 		0
223 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Vidoomy
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_5f161ae6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.42.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-42-157.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://holiday.presslogic.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
t
t.lkqd.net/ Frame 2955 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.173 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://holiday.presslogic.com
date
Mon, 16 Aug 2021 07:35:44 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.173 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://holiday.presslogic.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Mon, 16 Aug 2021 07:35:44 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://holiday.presslogic.com
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 4722 		152 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:44 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 05:02:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-25f9a-5c92d699d3c58"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36260
showad.js
ads.pubmatic.com/AdServer/js/ Frame FC5B 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=96971
expires
Tue, 17 Aug 2021 10:31:55 GMT
date
Mon, 16 Aug 2021 07:35:44 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 4722 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:44 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:07:52 GMT
server
Apache/2.2.15 (CentOS)
etag
"13006b6-974e-5c4c7cb53d8cb"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=96971
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13946
expires
Tue, 17 Aug 2021 10:31:55 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame FC5B 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=18403545&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN (),
Reverse DNS
Software
/
Resource Hash
1b280c07b1f229013b0b07166ae9d37bddac9c06bf25103681967ea1aba13d07

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:44 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame C5D7
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=89A3FAE2-63FC-4CCA-AA74-FA8BC092C8F6
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=89A3FAE2-63FC-4CCA-AA74-FA8BC092C8F6
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=89A3FAE2-63FC-4CCA-AA74-FA8BC092C8F6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?CC=1&party=14&cid=89A3FAE2-63FC-4CCA-AA74-FA8BC092C8F6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 16 Aug 2021 07:35:44 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=7960854993452851527; expires=Fri, 15 Oct 2021 07:35:44 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Mon, 16 Aug 2021 07:35:44 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=89A3FAE2-63FC-4CCA-AA74-FA8BC092C8F6
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
C=1; expires=Thu, 16 Sep 2021 07:35:44 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 1A00
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3449042233335088210
42 B
210 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3449042233335088210
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3449042233335088210
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=89A3FAE2-63FC-4CCA-AA74-FA8BC092C8F6; chkChromeAb67Sec=1; DPSync3=1630281600%3A201_197_219%7C1629158400%3A174; SyncRTB3=1630368000%3A35%7C1629676800%3A15_223_2_67%7C1629936000%3A63%7C1631664000%3A203%7C1630281600%3A13_204_230_81_55_176_165_21_71_99_189_222_3_234_161_56_8_22_54_220_7_166_88
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 16 Aug 2021 07:35:44 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_336=5844-3449042233335088210; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Sep-2021 07:35:44 GMT; path=/ PugT=1629099344; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Sep-2021 07:35:44 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 14-Nov-2021 07:35:44 GMT; path=/
x-lat
lhrpug018:0:471
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3449042233335088210
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 6B9F 		43 B
338 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Mon, 16 Aug 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1145
date
Mon, 16 Aug 2021 07:35:44 GMT
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame E09F
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6996928413008197774
42 B
367 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6996928413008197774
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6996928413008197774
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=89A3FAE2-63FC-4CCA-AA74-FA8BC092C8F6; chkChromeAb67Sec=1; DPSync3=1630281600%3A201_197_219%7C1629158400%3A174; SyncRTB3=1630368000%3A35%7C1629676800%3A15_223_2_67%7C1629936000%3A63%7C1631664000%3A203%7C1630281600%3A13_204_230_81_55_176_165_21_71_99_189_222_3_234_161_56_8_22_54_220_7_166_88; KRTBCOOKIE_57=22776-3238271451576390218; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEByhuC3OF2yFffCTYOkLz5E&KRTB&16514-CAESEByhuC3OF2yFffCTYOkLz5E&KRTB&23025-CAESEByhuC3OF2yFffCTYOkLz5E; KRTBCOOKIE_336=5844-3449042233335088210; KRTBCOOKIE_153=19420-EDZALhcyRH8LYxJ4FD9ceh9iRH8LZkV-R2OXHZ9C&KRTB&22979-EDZALhcyRH8LYxJ4FD9ceh9iRH8LZkV-R2OXHZ9C; KRTBCOOKIE_594=17105-RX-e760ac3e-19db-4119-93e4-7c02f5135c4d-003&KRTB&17107-RX-e760ac3e-19db-4119-93e4-7c02f5135c4d-003; KRTBCOOKIE_391=22924-5672549974542469245&KRTB&23263-5672549974542469245; PugT=1629099345; KRTBCOOKIE_377=6810-d0a0c727-0e85-4919-8a7f-f17f49e1daeb&KRTB&22918-d0a0c727-0e85-4919-8a7f-f17f49e1daeb&KRTB&23031-d0a0c727-0e85-4919-8a7f-f17f49e1daeb; KRTBCOOKIE_27=16735-uid:5325611a-1550-4c00-a0dd-2789e90c0c1b&KRTB&16736-uid:5325611a-1550-4c00-a0dd-2789e90c0c1b&KRTB&23019-uid:5325611a-1550-4c00-a0dd-2789e90c0c1b&KRTB&23114-uid:5325611a-1550-4c00-a0dd-2789e90c0c1b; KRTBCOOKIE_22=14911-3295687969489678874; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_466=16530-bef72ce8-86bd-4dc9-83b8-2277a7941761; pp=156498; _curtime=1629099345; PMDTSHR=cat:; KRTBCOOKIE_218=22978-YRoVUQADy41gtAA4&KRTB&23194-YRoVUQADy41gtAA4&KRTB&23209-YRoVUQADy41gtAA4&KRTB&23244-YRoVUQADy41gtAA4; SPugT=1629099344
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 16 Aug 2021 07:35:46 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_1101=23040-6996928413008197774; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Sep-2021 07:35:46 GMT; path=/ PugT=1629099346; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Sep-2021 07:35:46 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 14-Nov-2021 07:35:46 GMT; path=/
x-lat
lhrpug005:0:480
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Mon, 16 Aug 2021 07:35:46 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6996928413008197774; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6996928413008197774
adx
match.prod.bidr.io/cookie-sync/ Frame 5C19
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEQmMwN0NOQ3NBQUZ3dWN3YXZIQQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
43 B
430 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.68.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-68-151.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Host
match.prod.bidr.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
bito=AADBc07CNCsAAFwucwavHA; bitoIsSecure=ok
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache, must-revalidate
content-type
image/gif
Date
Mon, 16 Aug 2021 07:35:45 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma
no-cache
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
43
Connection
keep-alive

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date
Mon, 16 Aug 2021 07:35:45 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
content-length
355
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Pug
simage2.pubmatic.com/AdServer/ Frame 7992
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
0
107 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=89A3FAE2-63FC-4CCA-AA74-FA8BC092C8F6; chkChromeAb67Sec=1; DPSync3=1630281600%3A201_197_219%7C1629158400%3A174; SyncRTB3=1630368000%3A35%7C1629676800%3A15_223_2_67%7C1629936000%3A63%7C1631664000%3A203%7C1630281600%3A13_204_230_81_55_176_165_21_71_99_189_222_3_234_161_56_8_22_54_220_7_166_88
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 16 Aug 2021 07:35:44 GMT
content-type
text/html; charset=utf-8
x-lat
lhrpug016:2:267
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

set-cookie
viewer_token=28655333-eddb-4eda-985b-8fee1e91ecba; path=/; domain=csync.loopme.me; Expires=Thu, 16-Sep-2021 07:35:44 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
content-length
0
date
Mon, 16 Aug 2021 07:35:44 GMT
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame D05D
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6475517174
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6475517174
  • https://sync.1rx.io/usersync/tradedesk/d0a0c727-0e85-4919-8a7f-f17f49e1daeb
  • https://sync.targeting.unrulymedia.com/csync/RX-e760ac3e-19db-4119-93e4-7c02f5135c4d-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-e760ac3e-19db-4119-93e4-7c02f5135c4d-003
42 B
269 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-e760ac3e-19db-4119-93e4-7c02f5135c4d-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-e760ac3e-19db-4119-93e4-7c02f5135c4d-003
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=89A3FAE2-63FC-4CCA-AA74-FA8BC092C8F6; chkChromeAb67Sec=1; DPSync3=1630281600%3A201_197_219%7C1629158400%3A174; SyncRTB3=1630368000%3A35%7C1629676800%3A15_223_2_67%7C1629936000%3A63%7C1631664000%3A203%7C1630281600%3A13_204_230_81_55_176_165_21_71_99_189_222_3_234_161_56_8_22_54_220_7_166_88
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 16 Aug 2021 07:35:44 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_594=17105-RX-e760ac3e-19db-4119-93e4-7c02f5135c4d-003&KRTB&17107-RX-e760ac3e-19db-4119-93e4-7c02f5135c4d-003; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 14-Nov-2021 07:35:44 GMT; path=/ PugT=1629099344; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Sep-2021 07:35:44 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 14-Nov-2021 07:35:44 GMT; path=/
x-lat
lhrpug012:0:380
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Mon, 16 Aug 2021 07:35:45 GMT
content-type
text/html
set-cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-e760ac3e-19db-4119-93e4-7c02f5135c4d-003%22%7D; path=/; expires=Tue, 16 Aug 2022 07:35:45 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-e760ac3e-19db-4119-93e4-7c02f5135c4d-003
etag
RXe760ac3e19db411993e47c02f5135c4d003
Pug
image2.pubmatic.com/AdServer/ Frame 694D
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=X7DzUF9nYkvxcjYgw3ahXUfn
42 B
501 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=X7DzUF9nYkvxcjYgw3ahXUfn
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=X7DzUF9nYkvxcjYgw3ahXUfn
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 16 Aug 2021 07:35:47 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_409=22966-X7DzUF9nYkvxcjYgw3ahXUfn; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Sep-2021 07:35:47 GMT; path=/ PugT=1629099347; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Sep-2021 07:35:47 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 14-Nov-2021 07:35:47 GMT; path=/
x-lat
lhrpug015:0:440
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Mon, 16 Aug 2021 07:35:47 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=X7DzUF9nYkvxcjYgw3ahXUfn; Max-Age=31536000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=X7DzUF9nYkvxcjYgw3ahXUfn
strict-transport-security
max-age=0; includeSubDomains;
dpe
ad4m.at/ad/ Frame B482 		42 B
974 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c03b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Mon, 16 Aug 2021 07:35:44 GMT
content-type
image/gif
content-length
42
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-7b12
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
67f8fcd939e8145a-FRA
i.match
s.tribalfusion.com/z/ Frame AD89
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
451 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d05 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=aWnoeUujieUo7YxS4pSAtIvUMq1U7DYD04LmctRj
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Mon, 16 Aug 2021 07:35:45 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=a7nsIHwyEojpuMNpbIFtaELCv7SqkIwwjmLHMJQU1tFq1ZbWVhdYnmJMZasmZbUFlOZcaikwVtZap7nXPfCkq3xJLPdDv; path=/; domain=.tribalfusion.com; expires=Sun, 14-Nov-2021 07:35:45 GMT; SameSite=None; Secure; ANON_ID_old=a7nsIHwyEojpuMNpbIFtaELCv7SqkIwwjmLHMJQU1tFq1ZbWVhdYnmJMZasmZbUFlOZcaikwVtZap7nXPfCkq3xJLPdDv; path=/; domain=.tribalfusion.com; expires=Sun, 14-Nov-2021 07:35:45 GMT;
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
67f8fcda4a15176e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date
Mon, 16 Aug 2021 07:35:44 GMT
content-type
text/html
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
3233
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=aWnoeUujieUo7YxS4pSAtIvUMq1U7DYD04LmctRj; path=/; domain=.tribalfusion.com; expires=Sun, 14-Nov-2021 07:35:44 GMT; SameSite=None; Secure; ANON_ID_old=aWnoeUujieUo7YxS4pSAtIvUMq1U7DYD04LmctRj; path=/; domain=.tribalfusion.com; expires=Sun, 14-Nov-2021 07:35:44 GMT;
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
67f8fcd938a9176e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Pug
simage2.pubmatic.com/AdServer/ Frame C7F5
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=FetGAuX0XRvO&pid=557219
1 B
73 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=FetGAuX0XRvO&pid=557219
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=FetGAuX0XRvO&pid=557219
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=89A3FAE2-63FC-4CCA-AA74-FA8BC092C8F6; chkChromeAb67Sec=1; DPSync3=1630281600%3A201_197_219%7C1629158400%3A174; SyncRTB3=1630368000%3A35%7C1629676800%3A15_223_2_67%7C1629936000%3A63%7C1631664000%3A203%7C1630281600%3A13_204_230_81_55_176_165_21_71_99_189_222_3_234_161_56_8_22_54_220_7_166_88; KRTBCOOKIE_57=22776-3238271451576390218; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEByhuC3OF2yFffCTYOkLz5E&KRTB&16514-CAESEByhuC3OF2yFffCTYOkLz5E&KRTB&23025-CAESEByhuC3OF2yFffCTYOkLz5E; KRTBCOOKIE_336=5844-3449042233335088210; KRTBCOOKIE_153=19420-EDZALhcyRH8LYxJ4FD9ceh9iRH8LZkV-R2OXHZ9C&KRTB&22979-EDZALhcyRH8LYxJ4FD9ceh9iRH8LZkV-R2OXHZ9C; KRTBCOOKIE_594=17105-RX-e760ac3e-19db-4119-93e4-7c02f5135c4d-003&KRTB&17107-RX-e760ac3e-19db-4119-93e4-7c02f5135c4d-003; KRTBCOOKIE_391=22924-5672549974542469245&KRTB&23263-5672549974542469245; PugT=1629099345; KRTBCOOKIE_377=6810-d0a0c727-0e85-4919-8a7f-f17f49e1daeb&KRTB&22918-d0a0c727-0e85-4919-8a7f-f17f49e1daeb&KRTB&23031-d0a0c727-0e85-4919-8a7f-f17f49e1daeb; KRTBCOOKIE_27=16735-uid:5325611a-1550-4c00-a0dd-2789e90c0c1b&KRTB&16736-uid:5325611a-1550-4c00-a0dd-2789e90c0c1b&KRTB&23019-uid:5325611a-1550-4c00-a0dd-2789e90c0c1b&KRTB&23114-uid:5325611a-1550-4c00-a0dd-2789e90c0c1b; KRTBCOOKIE_22=14911-3295687969489678874; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_466=16530-bef72ce8-86bd-4dc9-83b8-2277a7941761; pp=156498; _curtime=1629099345; PMDTSHR=cat:; KRTBCOOKIE_218=22978-YRoVUQADy41gtAA4&KRTB&23194-YRoVUQADy41gtAA4&KRTB&23209-YRoVUQADy41gtAA4&KRTB&23244-YRoVUQADy41gtAA4; SPugT=1629099344
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 16 Aug 2021 07:35:46 GMT
content-type
text/html; charset=utf-8
content-length
1
set-cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 14-Nov-2021 07:35:46 GMT; path=/
x-lat
lhrpug011:0:438
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server
bh-deployment-stage-0
cache-control
private, max-age=0, no-cache, no-store
expires
-1
content-language
en-US
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=FetGAuX0XRvO&pid=557219
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
set-cookie
INGRESSCOOKIE=6733b70f9d4b4584; path=/; HttpOnly; Secure; SameSite=None
bridge
cm.adgrx.com/ Frame B8B2 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.204 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Mon, 16 Aug 2021 07:35:45 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-6
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 14A6
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=46037738-0a6c-4ea5-b7ac-96c7ac87ff81-tuct8139ad0&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
147 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=46037738-0a6c-4ea5-b7ac-96c7ac87ff81-tuct8139ad0&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.taboola.com
:scheme
https
:path
/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=46037738-0a6c-4ea5-b7ac-96c7ac87ff81-tuct8139ad0&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
t_gid=46037738-0a6c-4ea5-b7ac-96c7ac87ff81-tuct8139ad0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Mon, 16 Aug 2021 07:35:44 GMT
via
1.1 varnish
x-served-by
cache-fra19128-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1629099345.975088,VS0,VE8
content-length
0

Redirect headers

server
nginx
set-cookie
t_gid=46037738-0a6c-4ea5-b7ac-96c7ac87ff81-tuct8139ad0;Version=1;Path=/;Domain=.taboola.com;Expires=Tue, 16-Aug-2022 07:35:44 GMT;Max-Age=31536000;Secure;SameSite=None
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=46037738-0a6c-4ea5-b7ac-96c7ac87ff81-tuct8139ad0&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Mon, 16 Aug 2021 07:35:44 GMT
via
1.1 varnish
x-served-by
cache-fra19151-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1629099345.845077,VS0,VE8
x-vcl-time-ms
8
content-length
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FC5B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iaP64mP8TMqqdPqLwJLI9g%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:44 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=137938
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Tue, 17 Aug 2021 21:54:42 GMT

Redirect headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame FC5B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c338611a-1550-4b00-9e97-92ee98dbb235
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c338611a-1550-4b00-9e97-92ee98dbb235
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:44 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 16 Aug 2021 07:35:44 GMT
Server
MT3 3831 a91c15f master zrh-pixel-x1
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c338611a-1550-4b00-9e97-92ee98dbb235
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 16 Aug 2021 07:35:43 GMT
/
pixel.onaudience.com/ Frame FC5B
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=89A3FAE2-63FC-4CCA-AA74-FA8BC092C8F6
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=d0a0c727-0e85-4919-8a7f-f17f49e1daeb&icm
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=fcf393129a95d212108a3e0978f8f00b
35 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=fcf393129a95d212108a3e0978f8f00b
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.210.112.63 , France, ASN (),
Reverse DNS
ns3174889.ip-51-210-112.eu
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-length
35
content-type
image/gif

Redirect headers

date
Mon, 16 Aug 2021 07:35:46 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=fcf393129a95d212108a3e0978f8f00b
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame FC5B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODlBM0ZBRTItNjNGQy00Q0NBLUFBNzQtRkE4QkMwOTJDOEY2&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:44 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug015:0:354
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame FC5B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEByhuC3OF2yFffCTYOkLz5E&google_cver=1
42 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEByhuC3OF2yFffCTYOkLz5E&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:44 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug017:0:359
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEByhuC3OF2yFffCTYOkLz5E&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame FC5B 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:45 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 15 Aug 2021 07:35:45 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame FC5B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5672549974542469245
42 B
391 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5672549974542469245
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:45 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug005:0:935
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:44 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5672549974542469245
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame FC5B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:5325611a-1550-4c00-a0dd-2789e90c0c1b&gdpr=0&gdpr_consent=
42 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:5325611a-1550-4c00-a0dd-2789e90c0c1b&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:45 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug001:0:434
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 16 Aug 2021 07:35:44 GMT
Server
MT3 3831 a91c15f master zrh-pixel-x27
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:5325611a-1550-4c00-a0dd-2789e90c0c1b&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 16 Aug 2021 07:35:43 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame FC5B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d0a0c727-0e85-4919-8a7f-f17f49e1daeb
42 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d0a0c727-0e85-4919-8a7f-f17f49e1daeb
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:45 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug003:0:548
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:44 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d0a0c727-0e85-4919-8a7f-f17f49e1daeb
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame FC5B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3238271451576390218&gdpr=0&gdpr_consent=
42 B
520 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3238271451576390218&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:44 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug013:0:411
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Mon, 16 Aug 2021 07:35:44 GMT
X-Proxy-Origin
213.232.87.179; 213.232.87.179; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
521f4443-9a5b-4bb0-87e4-2af5d6d2bb2d
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3238271451576390218&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
89A3FAE2-63FC-4CCA-AA74-FA8BC092C8F6
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame FC5B 		43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/89A3FAE2-63FC-4CCA-AA74-FA8BC092C8F6?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 Dublin, Ireland, ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:44 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame FC5B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=89A3FAE2-63FC-4CCA-AA74-FA8BC092C8F6&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=89A3FAE2-63FC-4CCA-AA74-FA8BC092C8F6&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-pVfr7ttE2uWAAwst_x9QncLf_shv3EY-~A&gdpr=0&gdpr_consent=
0
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-pVfr7ttE2uWAAwst_x9QncLf_shv3EY-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN (),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cnection
close
date
Mon, 16 Aug 2021 07:35:44 GMT
content-encoding
gzip
server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache
content-type
text/plain; charset=utf-8

Redirect headers

Date
Mon, 16 Aug 2021 07:35:45 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-pVfr7ttE2uWAAwst_x9QncLf_shv3EY-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame FC5B
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=EDZALhcyRH8LYxJ4FD9ceh9iRH8LZkV-R2OXHZ9C
42 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=EDZALhcyRH8LYxJ4FD9ceh9iRH8LZkV-R2OXHZ9C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:44 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug014:0:508
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:44 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=EDZALhcyRH8LYxJ4FD9ceh9iRH8LZkV-R2OXHZ9C
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame FC5B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=bef72ce8-86bd-4dc9-83b8-2277a7941761&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=a7ea0b95-77cf-432a-bb16-4f4a139c2cee&expires=1&user_group=2&ssp=pubmatic&bsw_param=bef72ce8-86bd-4dc9-83b8-2277a7941761
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=bef72ce8-86bd-4dc9-83b8-2277a7941761&gdpr=&gdpr_consent=&gdpr_pd=
1 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=bef72ce8-86bd-4dc9-83b8-2277a7941761&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:45 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug020:0:551
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=bef72ce8-86bd-4dc9-83b8-2277a7941761&gdpr=&gdpr_consent=&gdpr_pd=
date
Mon, 16 Aug 2021 07:35:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame FC5B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YRoVUQADy41gtAA4&gdpr=0&gdpr_consent=&_test=YRoVUQADy41gtAA4
1 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YRoVUQADy41gtAA4&gdpr=0&gdpr_consent=&_test=YRoVUQADy41gtAA4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:45 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug014:0:731
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:45 GMT
via
1.1 varnish
server
Varnish
x-timer
S1629099346.511430,VS0,VE0
x-served-by
cache-fra19176-FRA
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YRoVUQADy41gtAA4&gdpr=0&gdpr_consent=&_test=YRoVUQADy41gtAA4
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
simage2.pubmatic.com/AdServer/ Frame FC5B
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3295687969489678874&gdpr=0&gdpr_consent=&us_privacy=
1 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3295687969489678874&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:45 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug003:0:522
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3295687969489678874&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 16 Aug 2021 07:35:44 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame FC5B 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=89A3FAE2-63FC-4CCA-AA74-FA8BC092C8F6&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1370 , United States, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:45 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame FC5B
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:d5ae4625-12c1-49cd-a274-bf7d47ff3375&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:d5ae4625-12c1-49cd-a274-bf7d47ff3375&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:46 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug010:0:373
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:d5ae4625-12c1-49cd-a274-bf7d47ff3375&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Mon, 16 Aug 2021 07:35:46 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
image2.pubmatic.com/AdServer/ Frame FC5B
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:45 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug001:0:582
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:44 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame FC5B
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3238271451576390218
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3238271451576390218
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:45 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug020:0:303
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Mon, 16 Aug 2021 07:35:45 GMT
X-Proxy-Origin
213.232.87.179; 213.232.87.179; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
00dcab56-6a70-4d3d-9070-947f8645b6ac
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3238271451576390218
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame FC5B
Redirect Chain
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_8c812a43-0d7c-4359-afd9-3be3b7df0db7
42 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_8c812a43-0d7c-4359-afd9-3be3b7df0db7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:46 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug013:0:394
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_8c812a43-0d7c-4359-afd9-3be3b7df0db7
date
Mon, 16 Aug 2021 07:35:46 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 4722 		9 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,&us_privacy=&cb=1629099344572&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fholiday.presslogic.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fholiday.presslogic.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-8-16%209:35:45&ranreq=0.20272461607681502&timezone=2&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
dcf0a9784cc39d354ebeb53edfdbe8de7c2b545e53077068dc9a4f384b68a685

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:45 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://holiday.presslogic.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
0:16514/243:0
content-type
application/xml; charset=utf-8
showad.js
ads.pubmatic.com/AdServer/js/ Frame E96B 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KCCH=YES; KADUSERCOOKIE=89A3FAE2-63FC-4CCA-AA74-FA8BC092C8F6; chkChromeAb67Sec=1; DPSync3=1630281600%3A201_197_219%7C1629158400%3A174; SyncRTB3=1630368000%3A35%7C1629676800%3A15_223_2_67%7C1629936000%3A63%7C1631664000%3A203%7C1630281600%3A13_204_230_81_55_176_165_21_71_99_189_222_3_234_161_56_8_22_54_220_7_166_88; KRTBCOOKIE_57=22776-3238271451576390218; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEByhuC3OF2yFffCTYOkLz5E&KRTB&16514-CAESEByhuC3OF2yFffCTYOkLz5E&KRTB&23025-CAESEByhuC3OF2yFffCTYOkLz5E; KRTBCOOKIE_336=5844-3449042233335088210; KRTBCOOKIE_153=19420-EDZALhcyRH8LYxJ4FD9ceh9iRH8LZkV-R2OXHZ9C&KRTB&22979-EDZALhcyRH8LYxJ4FD9ceh9iRH8LZkV-R2OXHZ9C; KRTBCOOKIE_594=17105-RX-e760ac3e-19db-4119-93e4-7c02f5135c4d-003&KRTB&17107-RX-e760ac3e-19db-4119-93e4-7c02f5135c4d-003; KRTBCOOKIE_391=22924-5672549974542469245&KRTB&23263-5672549974542469245; PugT=1629099345; KRTBCOOKIE_377=6810-d0a0c727-0e85-4919-8a7f-f17f49e1daeb&KRTB&22918-d0a0c727-0e85-4919-8a7f-f17f49e1daeb&KRTB&23031-d0a0c727-0e85-4919-8a7f-f17f49e1daeb; KRTBCOOKIE_27=16735-uid:5325611a-1550-4c00-a0dd-2789e90c0c1b&KRTB&16736-uid:5325611a-1550-4c00-a0dd-2789e90c0c1b&KRTB&23019-uid:5325611a-1550-4c00-a0dd-2789e90c0c1b&KRTB&23114-uid:5325611a-1550-4c00-a0dd-2789e90c0c1b; KRTBCOOKIE_22=14911-3295687969489678874; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_466=16530-bef72ce8-86bd-4dc9-83b8-2277a7941761; pp=156498; _curtime=1629099345; PMDTSHR=cat:
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=96970
expires
Tue, 17 Aug 2021 10:31:55 GMT
date
Mon, 16 Aug 2021 07:35:45 GMT
vary
Accept-Encoding
vast
bid.g.doubleclick.net/dbm/ Frame 4722 		26 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BKObzEMJAbbxzKG5FydlO6RVegIHlcxASy76ae0ghiNziNg2fF8GPsp5LrHw_FiQ-O8DyuEzq3HUqC3Cj6jS_CvvTLXw&dbm_d=AKAmf-A5Q09FC0FcjuQSZQtl7Ql3B_SVf6dbvobSCL9uIoHv02foleMiT4AlCeZ5NsvcFb1IcN0Hf3v3F01EAv-0vIxwHQdYjB9yTLZ0Ul560Jr5pwZTDCeUT_aLAcIxCK3HHW3Ru90U8wgzRL6ypHq6cplUMb13x_6AUbXNBT_cM4nigeyg0-5DUtgydHjk1cjJV9Jg1MND53O4tgqshkLrtzl1OSvQahp7ZBVEvM3wuZykAFxOntSmwQT-_BZsIgdsxYhTbQyZh69bLloNi3o0sh0rY620Qmw61-tzBLbb2KZU42ybPYY_i9loEBQQz15J8l3y9Y5iH9Rnj5XgF20USSQcEV8b0sK--flsW8xizPtzPqI823d7h9ayG2KwtIf2s-FIIoip2GM2hwHDT-qGDsu-m763oqJlUwRQFB_POCwSU_uByz3Em-Lnb78fGXiRYZIrUgep172eCW2F5lsVLdmPrBMpZZ_TWLjF70AmVzzLPZOueN4sIUQXdNXudQRyB_i9ZHJ_T4kUweaCwvMrjx0pvgMmClbXvn_RpJLy3n32xHhdiCQsARow8msH0q5DLEdhi4-n_CWAdDfub-NGiNQMPTIIHBK3kQbuW1SmEedcWyhPKH5BK2i_0dGSoY4vjhdwIsjRgg96C1rFjkIYVheobN1FbwT5I5Pf6hlDex5_FY8UBhybDjV04Szyeo7Qw0RFUQXimwGxV-qiIpYeDJ0FSs1_xtfiw3Bb477sA8R5Xby7yGRtYFbw3sxNHJ42aKZ9IlVWPgAcfTdUPenyLCw43_ZmhOHx-oZs7twhRf4WYEnciCov0QOod__iejncxJW1Ojenm-MwbZhoq_k5n-6ffqyHZy_DHN2PUt7wkTd10VUu9aXQDCIfD8EIAGYSNna7BlGeZukqmujkyVo8T5erW5tRE4iOUCILmosLhYRhbO0Vv9-ESVRkGFFog3FYMt0JZ6c3TZmtadIxrOaCD2AA3nWvu6c2ekFCOFQIlJoc6jGkvJBb2Yaxyxd-bFXTNEd8Gf_n7w2tzPb_4Rp9J7113_nmQiyQCE5P_Osorlfph5eQk9awA7Le8-ATAZPcZsojsbd-yfrNvhsrMa9Fl1NjvgITLpu3poPsQxAM7aOa4v93ahGpuv5Av2v9ExP2HdXFkgaXUOgnlVaNait_oJzYR1XWmoqPkMPGSVTEFKZquE5hTYWXpGBQeVLjKTAPX7W_m6hLX2OnVwakDiBi2xKyBmWMauP_NEo4f91d7r7ngb24Ztr98iDGDm123p_6orySjYz-cTXzDHIJ-zZQUL3ub7tqvjg9gG0kG68mh7jYQZ85w1rJWJMOThWVbTiVd4NEavLO_9V_jlF6PVq92L0aZm37f8MIxRl1BWrPJPLBpXt9wB9ts-oDanTyQL59FtY9ALN_cwsI5BmdVQUxvpdtf_J3EvLZLeh8_3Ldaza-e8ZsaNcQBPKihL98clsVqxZ1SwrnunFcDMm0JJN2paUrBmr7ISPGe4bjvohVkXuRZAyG6FRvBUHRBJBpDOauU9e5RpvTxQ1KJ2bNHRZvkbA3eZAF29qiR1XS-5Zqb2-0mS9zkDfKKS-y9Fk0J4E3beBKwfUNtBsnBZaX04JG5_ATcYHC-VShlh3JiTZ-Ld78S1TAfyuoxNFix9nrR0tiTAuPIYQPZAlRbuopuspY_gfbfPdYVpAMkOgKfLxTLeJnTL2oFJeWzUe5T2aiX5IsEcz3bJjfmEQ5ZC17h4WffbcSzFvS9iOrWv8-d7g5t1T4HiqO78pMZFYPKkWac4Y23gE6oNMSMnCDD3lRhSdRLHt5gU3uy7NOzEGV-678dIVWZDc729fCiuNmfmPbQF1_Fdwb_IEciWtUimsmjT2fVofOLwyQS0TS09HfzZ1lqyiHURFqNMSmAIN5O4ii1Nu5SVFY0TSzerueQ2t9Q_V3fJ9sbaH1Da-q0y_baN8_MSekfMQ3iy_BrAGS5gpnQRLXX-JQj2jJtuhHfz04D_2iCA8qCVP5ihxahvzaUkXO2WDxbE8SXjMReq15WScvc_FZTAmyMe0hdWFrdFtKB1bfBcG3k1mf9HbMH5wUzIZnLlOqkIIg4iLARGZkvZNk1PllvlBIFSf300KY5ySSy-cMWnz6Y8KNHOhaPUDqjBtutu2A8anIBZPbEDv0IDaNW_FatsxZD9jhJ_aO79JiuR2KHYGMCaeHeEKtm2nyNF0rM_d_yVQ3blBWhsXxBxJxGl7UFRTE-y9m7gu52urVw8yh5IE4lzJug5HBnRv0Av-2E2vHAg4x00K6NkDrLC2A2MoPfyrmFZPATVlNtXNODjk_CrgVPdlOOvT125Y6zrwLzMd4j6KTRWYzOrQJYQl13-k_e1fBKXFt8rByGauhvfMb7Iy9P-ioseEahY6zIiBA0v_5iSpvSIcGP3h_wRyh-PFkjhav6An2MZKaFQ0T41cnLWcwlH1YH3o7giox4IJyZEbkhWb0TX1Po5w4UGSCR8auG3z1-vZyu3j56wYw4eVhMS1fC5x4VkV-4XlTUBlPyx6D2B-GCBGsMfLeqSkkOXzhSadXYSh0dWCU9CRUtFIiyQisljbd1CTxrXrGw0SvneuFfZywA4gY1s0_Kev4DKoOANeXoo92dzIM_2qUm1ySkPmwB4tpUVwwgp6G-idqVovez3QPJ85-tyvRt1sIpzYiJNs4MC6viMnP9Z0SEoGSV7fNg5C_jAtX46r3wXt0vCi5PevGJt6FgwJvV83PwdVZgnM9iQLS2d872qHTTlPDSjdtdIcg3TiVMVD7ShwIQpZRFZrhPdciPFemRkzSkpz6yph0_cfm1Poiu36uw2pHdWvUO1S1d-Xt5cn_YvlEkcMtBbR20LmfOWejxUzFShejxruBQtGXT6NhQLqgilH02x0G7E1aiok6l-BsmKr2WXxqE-a9caLYysZ_X0GhB8f_3_V3GL8WN66i7ghw97aY8DzDxjZ8qPaRWgb_761xae2VwfyYhnS3IiN0dJXj9BNW53tia9BpdQwXWbXziHM70PD0fQFjO5kQ9EkbFTC5a3N61Kmhbyax-mILicRrqDT1fN5f1iWFVlgWeqorkHvylo1Jb0lnAh0fD0zFt_fruOSlSXVrQG8fJUCnEwGgN8mvgL1hos5X_SEGm6zM3ZU7v9T3b8cSXskJR5WPBSomjNeYNXU9wCedJMuVmtvIRRMLz5r0X4gi&cid=CAASEuRo6r0HgpHE54K6H0AgoFaXsw&pr=6:3.398421
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.76.156 , United States, ASN (),
Reverse DNS
ws-in-f156.1e100.net
Software
cafe /
Resource Hash
95712c779de410dc14ceda3546e985152773cef656dfdfd071fc9f2aadd5fff2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13592
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://holiday.presslogic.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
vpaid_adapter.js
imasdk.googleapis.com/js/sdkloader/ Frame 33FE 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
1e4d1f015574bc536fccb39fc52dd47c3b0eab1b99a45754ddcdc2f73e0c8368
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:32:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 09 Aug 2021 21:36:29 GMT
server
sffe
age
221
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16122
x-xss-protection
0
expires
Mon, 16 Aug 2021 07:47:04 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 33FE 		341 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
1d6d3b9f8e0313f53a32160e14ffb19c80aa84fc2534b3d4acdfe8880059d83f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120564
x-xss-protection
0
expires
Mon, 16 Aug 2021 07:35:45 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 33FE 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=vpaid_adapter_js&event=init&vps=0.2101180990812781&wt=1629099345689&sdkv=h.3.474.0&xai=AKAOjssKNkq3moRhejAWlXrmx4bWZqe_VjTAxqpQQa1hwV7GuBXpWjNFzcuSz27XQ3kMkA1pL9b2uVBJUN6JnPSyNCa7dir_wG66bCE&aid=502840068&len=00%3A00%3A06&url=3,https%3A%2F%2Fholiday.presslogic.com%2F$0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge3.474.0_en.html
imasdk.googleapis.com/js/core/ Frame C7FC 		579 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.474.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
d64b05fc43fc4c439d6d5f3b9e81f9bbb182b04c146dd8847f5723907600f79d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.474.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://holiday.presslogic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://holiday.presslogic.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
194966
date
Wed, 11 Aug 2021 09:18:39 GMT
expires
Thu, 11 Aug 2022 09:18:39 GMT
last-modified
Mon, 09 Aug 2021 21:33:13 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
425826
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 33FE 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Mon, 16 Aug 2021 07:35:45 GMT
integrator.js
adservice.google.com/adsid/ Frame 33FE 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 16 Aug 2021 07:35:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 0EE1 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 06:46:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2940
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 16 Aug 2021 07:46:45 GMT
56214926
unified.adsafeprotected.com/v2/781848/ Frame C7FC 		20 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://unified.adsafeprotected.com/v2/781848/56214926?mon=56214927&omidPartner=-1&apiframeworks=2&bundleId=[BUNDLEID]&originalVast=https://ad.doubleclick.net/ddm/pfadx/N7442.1972103DOUBLECLICKBIDMANAG/B26133829.308814164%3Bsz%3D0x0%3BAUCTIONID%3DABAjH0hgtp3AYtSj1Ir8tgLNAwz1%3BEXCHANGEID%3D6%3BSELLERID%3D152461410022%3Bord%3D%5Btimestamp%5D%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bdcmt%3Dtext/xml%3Bdc_ref%3Dhttps://holiday.presslogic.com/%3Bdc_ves%3DdGltZXN0YW1wOiAxNjI5MDk5MzQ1NjAyCg%3Bdc_cid%3D155237713%3Bdc_adid%3D502840068%3Bdc_vpaid%3D0%3B
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.474.0_en.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.99.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-99-241.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f3ec6bc37a53acf4691257db8ebf6e6e695fb6faeb22461e723d18ab6102a810

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 16 Aug 2021 07:35:47 GMT
Content-Encoding
gzip
Vary
Origin
Content-Type
text/xml; charset=UTF-8
Access-Control-Allow-Origin
https://imasdk.googleapis.com
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
4080
f332ebcb.jpg
image.presslogic.com/holiday.presslogic.com/wp-content/uploads/2021/08/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.presslogic.com/holiday.presslogic.com/wp-content/uploads/2021/08/f332ebcb.jpg?auto=format&w=830
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bceb1373e724848614507377201c8dbb09ebf06f16cc4850864ddb2acf8d261
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:46 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 13 Aug 2021 13:09:43 GMT
server
cloudflare
etag
"cfcs04KoOKn1XBhBlEuqFnTg:6445d0e1989bafd4671fde17ff5fa52d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000
content-length
77414
accept-ranges
bytes
cf-ray
67f8fce30f454e61-FRA
cf-resized
internal=ok/h q=0 n=68 c=127 v=2021.7.7
f332ebcb.jpg
image.presslogic.com/holiday.presslogic.com/wp-content/uploads/2021/08/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.presslogic.com/holiday.presslogic.com/wp-content/uploads/2021/08/f332ebcb.jpg?auto=format&w=830
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/a406b00.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bceb1373e724848614507377201c8dbb09ebf06f16cc4850864ddb2acf8d261
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:46 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 13 Aug 2021 13:09:43 GMT
server
cloudflare
etag
"cfcs04KoOKn1XBhBlEuqFnTg:6445d0e1989bafd4671fde17ff5fa52d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000
content-length
77414
accept-ranges
bytes
cf-ray
67f8fce34fe14e61-FRA
cf-resized
internal=ok/h q=0 n=68 c=127 v=2021.7.7
csi
csi.gstatic.com/ Frame C7FC 		0
348 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~ksebos8h&c=1438334553730&slotId=719167276865&fb=ima_html5-lima&sdkv=h.3.474.0%2Fvpaid_adapter&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&ghmsh_eids=44732023&vmfc=19&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.474.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4017:800::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:47 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
loader.js
imasdk.googleapis.com/js/sdkloader/ Frame 11E0 		52 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/loader.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
62eb7e9f8222fc79e3e3fab98deb28daa00054981cf350f0a4153b60db57ceb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:22:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 09 Aug 2021 21:36:29 GMT
server
sffe
age
818
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18973
x-xss-protection
0
expires
Mon, 16 Aug 2021 07:37:09 GMT
vpaid.2021.02.11-11.02-19676e0.js
static.adsafeprotected.com/ias/v1/ Frame 11E0 		176 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/ias/v1/vpaid.2021.02.11-11.02-19676e0.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
40ca98c145bf27de21e87e43748da8e926d8986e851f3e6747cafc4da373bca2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
ZsEmUm3s8P8exdmAU5RZZ00nN1LdAgYK
content-encoding
gzip
etag
W/"14bdef8489e0d98a23c89039d178011f"
age
181097
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 11 Feb 2021 16:29:40 GMT
server
AmazonS3
date
Sat, 14 Aug 2021 05:17:30 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 41b7bdf4fb536a6c72b9f49d9b6affe9.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
PRG50-C1
x-amz-cf-id
9r12yjrI9IC-fJ0DEK4aPnZC_1PhsDCmckv-NTKanHUZaDHVwLJA3Q==
skeleton.js
pixel.adsafeprotected.com/db2/video/781848/56214926/ 		40 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/db2/video/781848/56214926/skeleton.js?videoId=16b1f3871918fd8e00685de4e7f3c55b&adsafe_url=https%3A%2F%2Fholiday.presslogic.com%2F&adsafe_type=abdq&adsafe_jsinfo=br:u
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/ff27d5f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.132.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-132-88.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
2d853d5c205e6bc73c9928255af1ea931f948c6f46f607eeef92935f37f72f5a

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:47 GMT
content-encoding
gzip
x-server-name
app21.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://holiday.presslogic.com
access-control-expose-headers
X-Server-Name
cache-control
no-cache
access-control-allow-credentials
true
timing-allow-origin
*
server
nginx
skeleton.js
pixel.adsafeprotected.com/fwjsvid/st/781848/56214926/ 		223 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/fwjsvid/st/781848/56214926/skeleton.js?videoId=16b1f3871918fd8e00685de4e7f3c55b&apiframeworks=2&bundleId=[BUNDLEID]&mon=56214927&omidPartner=-1&xmapp=0&xmtp=v&xsId=df72c843-b00d-484c-9216-ce82707c3762&adsafe_par=&logTestResults=false
Requested by
Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/ias/v1/vpaid.2021.02.11-11.02-19676e0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.132.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-132-88.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ce9bf72d9a153e222337a2add32e99d0c65c60d2e4dd2759f25a03105056ad49

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:47 GMT
content-encoding
gzip
x-server-name
app24.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
file.mp4
r3---sn-4g5ednsr.c.2mdn.net/videoplayback/id/6b50fea60e1a1db7/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3772083129/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m...
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/6b50fea60e1a1db7/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3772083129/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sig...
  • https://r1---sn-4g5ednsr.c.2mdn.net/videoplayback/id/6b50fea60e1a1db7/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3772083129/sparams/acao,ctier,expire,id,ip,ipbits,i...
  • https://r3---sn-4g5ednsr.c.2mdn.net/videoplayback/id/6b50fea60e1a1db7/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3772083129/sparams/acao,ctier,expire,id,ip,ipbits,i...
0
0
i
vid-io-cle.springserve.com/vd/ Frame EDDD 		0
121 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=3c8b8566&ps_id=356921&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_5f161ae6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.243.179 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-141-243-179.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://holiday.presslogic.com
date
Mon, 16 Aug 2021 07:35:47 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
file.mp4
r3---sn-4g5ednsr.c.2mdn.net/videoplayback/id/6b50fea60e1a1db7/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3772083129/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m...
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/6b50fea60e1a1db7/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3772083129/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sig...
  • https://r1---sn-4g5ednsr.c.2mdn.net/videoplayback/id/6b50fea60e1a1db7/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3772083129/sparams/acao,ctier,expire,id,ip,ipbits,i...
  • https://r3---sn-4g5ednsr.c.2mdn.net/videoplayback/id/6b50fea60e1a1db7/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3772083129/sparams/acao,ctier,expire,id,ip,ipbits,i...
453 KB
454 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://r3---sn-4g5ednsr.c.2mdn.net/videoplayback/id/6b50fea60e1a1db7/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3772083129/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/05A8295D2F20FDD3089C929D31D39590FBB4E19E.21F551E9EC78438BDBEEAD1439FABCBF23B9BFE4/key/cms1/cms_redirect/yes/mh/5w/mip/2a01:4f8:121:131a::2/mm/42/mn/sn-4g5ednsr/ms/onc/mt/1629098751/mv/u/mvi/1/pl/52/ir/1/rr/12/file/file.mp4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:401e:28::8 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
94237d96b9dac608337fb47fbbe25d57ce172c26fc8a3af2b1ba573c10dee274
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 16 Aug 2021 07:35:47 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 30 Jul 2021 08:52:07 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-464286/464287
Cache-Control
private, max-age=86400
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
464287
Expires
Mon, 16 Aug 2021 07:35:47 GMT

Redirect headers

Date
Mon, 16 Aug 2021 07:35:47 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 02 May 2007 10:26:10 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
text/html
Location
https://r3---sn-4g5ednsr.c.2mdn.net/videoplayback/id/6b50fea60e1a1db7/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3772083129/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/05A8295D2F20FDD3089C929D31D39590FBB4E19E.21F551E9EC78438BDBEEAD1439FABCBF23B9BFE4/key/cms1/cms_redirect/yes/mh/5w/mip/2a01:4f8:121:131a::2/mm/42/mn/sn-4g5ednsr/ms/onc/mt/1629098751/mv/u/mvi/1/pl/52/ir/1/rr/12/file/file.mp4
Cache-Control
private, max-age=900
Connection
close
Content-Length
0
Expires
Mon, 16 Aug 2021 07:35:47 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame C7FC 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.474.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 18:46:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
305349
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Aug 2022 18:46:38 GMT
skeleton.js
pixel.adsafeprotected.com/db2/video/781848/56214926/ 		92 B
315 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/db2/video/781848/56214926/skeleton.js?ias_callback=__IntegralAS_8fb5b9a5c7a9770d6a593c85126a8275_1670&videoId=16b1f3871918fd8e00685de4e7f3c55b&apiframeworks=2&bundleId=[BUNDLEID]&mon=56214927&omidPartner=-1&xmapp=0&xmtp=v&xsId=df72c843-b00d-484c-9216-ce82707c3762&adsafe_par=&logTestResults=false&adsafe_url=https%3A%2F%2Fholiday.presslogic.com%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:8fb5b9a5-c7a9-770d-6a59-3c85126a8275,c:lrpa6B,sl:outOfView,em:false,fr:true,mn:app24ie,pt:2-5-15,wc:0.0.1600.1200,ac:1645.960.400.225,am:v,cc:1645.960.400.225,piv:0,obst:0,th:0,reas:l.v,br:u,abv:na,an:n,oam:0,vc:jv3,nbld:0,mtim:2,fm:sGeyQ8n+1*.781848-56214926%7C11%7C12%7C13%7C14%7C151%7C152%7C153%7C1611%7C1612%7C1621%7C1631%7C1632%7C17%7C18%7C191%7C192%7C193%7C1a%7C1b1%7C1b2%7C1b311%7C1c%7C1d%7C1e111%7C1e112%7C1e113%7C1e114%7C1e115%7C1e116%7C1e117%7C1e118%7C1e119%7C1e11a%7C1e11b%7C1e11c%7C1e11d%7C1e12%7C1e13%7C1f%7C1g1%7C1h,idMap:1*,pl:,rmeas:1,rend:1,renddet:env,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:fwjsvid,thd:1,et:35,oid:929adf43-fe64-11eb-b931-02cb850ca5c2,v:19.8.229,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/fwjsvid/st/781848/56214926/skeleton.js?videoId=16b1f3871918fd8e00685de4e7f3c55b&apiframeworks=2&bundleId=[BUNDLEID]&mon=56214927&omidPartner=-1&xmapp=0&xmtp=v&xsId=df72c843-b00d-484c-9216-ce82707c3762&adsafe_par=&logTestResults=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.132.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-132-88.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
329a3e9f0539abb006fc522b75d1defc37bf4915c9f6384bbeb19f20697e86ce

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:47 GMT
content-encoding
gzip
x-server-name
app04.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
application/javascript;charset=utf-8
server
nginx
sca.17.5.11.js
static.adsafeprotected.com/ Frame 62DA 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.11.js
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
adbef4afa89554194c148093f930fd05a39b55e8f54aabcf2a7b1cdff63c1178

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 20:32:55 GMT
content-encoding
gzip
age
903773
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 05 Aug 2021 18:40:41 GMT
server
AmazonS3
etag
W/"782cd36e8e0c0741abb536f0a12e983b"
vary
Accept-Encoding
x-amz-version-id
h.4fGnwylolgek07mBBHrpjeDZ4ZiSua
via
1.1 41b7bdf4fb536a6c72b9f49d9b6affe9.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
PRG50-C1
content-type
application/javascript
x-amz-cf-id
EFiIy-VjVRGO0MUeiiFMREu4aaF6fNGov5fKUSitBuSDl7ut3FtSdA==
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 08B4 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/H0ZEmIz7.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://imasdk.googleapis.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://imasdk.googleapis.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8727
date
Fri, 13 Aug 2021 10:43:47 GMT
expires
Sat, 13 Aug 2022 10:43:47 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
247920
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
dt
dt.adsafeprotected.com/ 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=781848&asId=8fb5b9a5-c7a9-770d-6a59-3c85126a8275&tv=%7Bc:lrpa7X,pingTime:-2,time:118,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:8246,beZ:8247,mfA:8248,cmA:8249,inA:8249,inZ:8252,prA:8252,prZ:8277,si:8281,poA:8282,poZ:8293,cmZ:8293,mfZ:8293,loA:8326,loZ:8340,ltA:8363,ltZ:8363%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l.v,w:400,h:225,t:34%7D%5D,ve:%7BvEventCount:2,vEvents:%5B%7Bt:-45,tp:adLoaded,sl:o,ad_duration:6,width:400,height:225,volume:0%7D,%7Bt:-43,tp:adStarted,sl:o,ad_duration:6,width:400,height:225,volume:0%7D%5D%7D,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:118,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:34,wc:0.0.1600.1200,ac:1645.960.400.225,am:v,cc:1645.960.400.225,piv:0,obst:0,th:0,reas:l.v,bkn:%7Bpiv:%5B114~0%5D,as:%5B114~400.225%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:fwjsvid,dtt:0,fm:sGeyQ8n+1*.781848-56214926%7C11%7C12%7C13%7C14%7C151%7C152%7C153%7C1611%7C1612%7C1621%7C1631%7C1632%7C17%7C18%7C191%7C192%7C193%7C1a%7C1b1%7C1b2%7C1b311%7C1c%7C1d%7C1e111%7C1e112%7C1e113%7C1e114%7C1e115%7C1e116%7C1e117%7C1e118%7C1e119%7C1e11a%7C1e11b%7C1e11c%7C1e11d%7C1e12%7C1e13%7C1f%7C1g1%7C1h,idMap:1*,rmeas:1,rend:1,renddet:env,slid:%5Blkqdad987701,162909934264773714237%5D,sinceFw:81,readyFired:true%7D&br=u
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN (),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16 Aug 2021 07:35:47 GMT
X-Server-Name
dt47.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
iRicVbaePdLi90mWh_i3qmjfYPepQ9h53Asz6zNDGI4.js
pagead2.googlesyndication.com/bg/ Frame 08B4 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/iRicVbaePdLi90mWh_i3qmjfYPepQ9h53Asz6zNDGI4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89189c55b69e3dd2e2f7499687f8b7aa68df60f7a943d879dc0b33eb3343188e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 10:16:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
422362
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13400
x-xss-protection
0
last-modified
Tue, 03 Aug 2021 09:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 11 Aug 2022 10:16:25 GMT
dt
dt.adsafeprotected.com/ 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=781848&asId=8fb5b9a5-c7a9-770d-6a59-3c85126a8275&tv=%7Bc:lrpadJ,pingTime:-10,time:476,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMXYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMXZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.11v220002022000220000022002220000022220200000222200022220002022022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1629099348034%7C%7C5b584ab1c7a6cf12be28b2351371362a%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7Cc8eda6657d2d7ff8686cbc6b51923b0b%7C%7C9551f95e617e4410883efc062fa9ad3c%7C%7C3b684978ef403b1ba162d39674aeee99%7C%7C56e4f936f668635d0166bc62a80d5e30%7C%7C74329133f613d4d084140da014675f6d%7C%7C1628188832%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN (),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16 Aug 2021 07:35:48 GMT
X-Server-Name
dt47.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
pixel.png
unified.adsafeprotected.com/ Frame 11E0 		35 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjozMDMsInNpdGVfdXVpZCI6ImFmZGRlZjVkLWMyMDQtNDBhOS1iNGZiLTk2NWExNDVkMDY5NiIsImJpZF9yZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vaG9saWRheS5wcmVzc2xvZ2ljLmNvbS8ifX0sImNiIjoxNjI5MDk5MzQ4MDM4LCJpYXNfc2luZ2xldGFnIjp0cnVlLCJpYXNfc2luZ2xldGFnX291dGNvbWUiOjE5LCJoZWFkZXJzIjp7ImhlYWRlcjgiOiJpYXNvIn0sImN1c3RvbSI6eyJjdXN0b203IjoiNzgxODQ4IiwiY3VzdG9tOCI6IjU2MjE0OTI2IiwiY3VzdG9tMTEiOiIyMDIxLjAyLjExLTExLjAyLTE5Njc2ZTAiLCJ4c2lkIjoiZGY3MmM4NDMtYjAwZC00ODRjLTkyMTYtY2U4MjcwN2MzNzYyIn19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.99.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-99-241.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 16 Aug 2021 07:35:48 GMT
Connection
keep-alive
Content-Length
35
Vary
Origin
Content-Type
image/gif
skeleton.js
static.adsafeprotected.com/
Redirect Chain
  • https://pixel.adsafeprotected.com/rfw/st/781848/56214926/skeleton.js?videoId=16b1f3871918fd8e00685de4e7f3c55b&apiframeworks=2&bundleId=[BUNDLEID]&mon=56214927&omidPartner=-1&xmapp=0&xmtp=v&xsId=df7...
  • https://static.adsafeprotected.com/skeleton.js?videoId=16b1f3871918fd8e00685de4e7f3c55b&apiframeworks=2&bundleId=[BUNDLEID]&mon=56214927&omidPartner=-1&xmapp=0&xmtp=v&xsId=df72c843-b00d-484c-9216-c...
17 B
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.js?videoId=16b1f3871918fd8e00685de4e7f3c55b&apiframeworks=2&bundleId=[BUNDLEID]&mon=56214927&omidPartner=-1&xmapp=0&xmtp=v&xsId=df72c843-b00d-484c-9216-ce82707c3762
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Jul 2021 08:35:57 GMT
via
1.1 41b7bdf4fb536a6c72b9f49d9b6affe9.cloudfront.net (CloudFront)
age
3452392
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control
max-age=315360000
x-amz-cf-pop
PRG50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
NnGINzkLJpUynamexzOedBL0AdRjfUh01kQEPqnmrNziuteApi3DXQ==

Redirect headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:48 GMT
x-server-name
app17.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js?videoId=16b1f3871918fd8e00685de4e7f3c55b&apiframeworks=2&bundleId=[BUNDLEID]&mon=56214927&omidPartner=-1&xmapp=0&xmtp=v&xsId=df72c843-b00d-484c-9216-ce82707c3762
cache-control
no-cache
content-length
0
server
nginx
gen_204
pagead2.googlesyndication.com/pagead/ Frame 08B4 		0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.3.474.0&bgai=Bwyb7URUaYb_0I_2H9fgPta6ZwAgAAAAAOAHgBAI&bg=!LyylLGjNAAbOj6irzo87ACkAdvg8WoCvUddyGLQq5Fcx6mhBzSigzRaqz5wjaj-uHbEkVIKBi1YXUwIAAACdUgAAACxoAQeZAp7YQbSG66O3U95WWS_QExQQfvyf_ct1hXHxHL2jij2ddnxA4M1lSebuQL9yf_3LvpzPwjLZQz_xFfk79lvtPWVD3nVXwTi7PO7llOnbPKZ09JCBq8iAQkGhWu_Ae4Trn9eFxzsOAV_CPrtkW1tuRBYnFSl4mnfSRK7sZHpFY0o7gLA7--vA0pOkMvEEcH2AkcSOAT2_ayNwC_ijHGvPRPw42kHuU9XcNG2lTo6y6C9KLpykJKZkip_ur6lxnvcwltIRUO4qeIUA_dLPtUAzDTm_QJlEBrV1h7zsm4_0qHPXQ3fymKhSEjFTjcZ_pw0VMx5NIp54PirWKXz-TBCP1a2iAAxkChWMXyunXFgwsMRfxV8Pa6MZsWQrgMDYBHHlRomoFqW1aEipFNpYp7waNF2YKE_EUsbaYdzGddO5lbClH2hmxexm8Qob9XRYUlpHmLE2VSBtDRfdRNKo5fjprA56OhV_SxDbFP1hWrWGtq1FeIL7gjSnczmr_JuCvVdn2co0FUxdIEjpo_btp9-Mu8ZmgxCu5VMUWV0lFTk9-qGm5XmBkgHTG6KiXe-5zGL61VRaL0cttINSuXaxcvyRH0er8tFq5pEnYUBw49_wbWUltXGQ6oCYBzjMBDOm9XKT3pS6livunbFChX7Ppf4OdfOVyjm6kaQFJHVjlABGdNrY1qwsA669gR1CvH7Nvd-oOqBtFPZ909dFw809zUGE5uV6PzxhDQH5dO8wfR50mNSD7G-R3oMZ6Fg1s8jJe22w9chKMwuUSBKt4ZAsFw5_yo5a7eOv5yR6Pb7EQ4_6qvUB1jVsN2Ai0UJY-8G_yQoObvDRDabzcZ9lM0HAVrTob_zrCDa_we0iL2RcmJKfrg0kdxcWl2DTkOPovID2a28U
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI_-Cw_oO18gIV_UMdCR01VwaIEAAYACDR-oJKQhMI5v-m_oO18gIVDMARCB1KlwsG;av=1;acvw=sv%3D902%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D960,1645,1185,2045%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26...
ade.googlesyndication.com/ddm/activity/ Frame C7FC 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI_-Cw_oO18gIV_UMdCR01VwaIEAAYACDR-oJKQhMI5v-m_oO18gIVDMARCB1KlwsG;av=1;acvw=sv%3D902%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D960,1645,1185,2045%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D1%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D1%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D6016%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D22%26i0%3D22%26ic%3D0%26cs%3D22%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D1%26nv%3D1%26lte%3D0%26ces%26femt%3D1361%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D804055037%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D-2147483648%26ptlt%3D1629099348063%26pngs%3D9,14,15s%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1629099347264;dc_rfl=3,https%253A%252F%252Fholiday.presslogic.com%252F%240;ecn1=0;etm1=0;eid1=210001;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN (),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dot.gif
s0.2mdn.net/ Frame C7FC 		43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 06:52:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
age
2610
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Tue, 17 Aug 2021 06:52:18 GMT
pixel.png
unified.adsafeprotected.com/ Frame C7FC 		35 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiU0VDT05EQVJZX0lNUFJFU1NJT04iLCJwdWJsaXNoZXJVdWlkIjoiYTVkYjAyYjAtMmI3OC00OWEzLTg0ZmYtMDA1NTlkNjk3Y2I5Iiwic2l0ZVV1aWQiOiJhZmRkZWY1ZC1jMjA0LTQwYTktYjRmYi05NjVhMTQ1ZDA2OTYiLCJiaWRSZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vaW1hc2RrLmdvb2dsZWFwaXMuY29tLyJ9fSwiY3VzdG9tIjp7ImN1c3RvbTEiOiIiLCJjdXN0b20yIjoiMi4wIiwiY3VzdG9tMyI6IjIuMCIsImN1c3RvbTciOiI3ODE4NDgiLCJjdXN0b204IjoiNTYyMTQ5MjYiLCJ4c2lkIjoiZGY3MmM4NDMtYjAwZC00ODRjLTkyMTYtY2U4MjcwN2MzNzYyIn0sImhlYWRlcnMiOnsiaGVhZGVyMTEiOiJEQ00iLCJoZWFkZXIxMiI6ImFkLmRvdWJsZWNsaWNrLm5ldCIsImhlYWRlcjMiOiItMSIsImhlYWRlcjQiOiIyIiwiaGVhZGVyNSI6IltCVU5ETEVJRF0iLCJoZWFkZXI4IjoiaWFzbyIsImhlYWRlcjkiOiIifSwiY2IiOiIxNjI5MDk5MzQ3MTQ3MDU5Nzk2IiwiaWFzU2luZ2xldGFnIjp0cnVlLCJpYXNTaW5nbGV0YWdPdXRjb21lIjoiT1VUQ09NRV9NX19WUEFJRF9fV0VCX1BYTCJ9&key1=ROKU_ADS_APP_ID&key2=$APP_STOREURL
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.99.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-99-241.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 16 Aug 2021 07:35:48 GMT
Connection
keep-alive
Content-Length
35
Vary
Origin
Content-Type
image/gif
skeleton.gif
static.adsafeprotected.com/ Frame C7FC
Redirect Chain
  • https://pixel.adsafeprotected.com/rfw/st/781848/56214927/skeleton.gif?xmtp=v&xmapp=0&xsId=df72c843-b00d-484c-9216-ce82707c3762
  • https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=df72c843-b00d-484c-9216-ce82707c3762
43 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=df72c843-b00d-484c-9216-ce82707c3762
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 16:14:35 GMT
via
1.1 41b7bdf4fb536a6c72b9f49d9b6affe9.cloudfront.net (CloudFront)
age
832874
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control
max-age=315360000
x-amz-cf-pop
PRG50-C1
accept-ranges
bytes
content-type
image/gif
x-amz-cf-id
BZg2bg6JowTYHqbt0dwAJytqsUMOdmcKw2az_fxAdKY4Hoj1Yd3-vQ==

Redirect headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:48 GMT
x-server-name
app18.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=df72c843-b00d-484c-9216-ce82707c3762
cache-control
no-cache
content-length
0
server
nginx
activeview
pagead2.googlesyndication.com/pcs/ Frame C7FC 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssKNkq3moRhejAWlXrmx4bWZqe_VjTAxqpQQa1hwV7GuBXpWjNFzcuSz27XQ3kMkA1pL9b2uVBJUN6JnPSyNCa7dir_wG66bCE&sig=Cg0ArKJSzH911RCU_SoKEAE&id=lidarv&acvw=sv%3D902%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D960,1645,1185,2045%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D1%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D1%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D6016%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D22%26ic%3D22%26cs%3D22%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D1%26nv%3D1%26lte%3D0%26ces%26femt%3D1361%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D804055037%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D-2147483648%26ptlt%3D1629099348061%26pngs%3D9,14,15%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1629099347264&avm=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI_-Cw_oO18gIV_UMdCR01VwaIEAAYACDR-oJKQhMI5v-m_oO18gIVDMARCB1KlwsG;av=1;acvw=sv%3D902%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D960,1645,1185,2045%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%2...
ade.googlesyndication.com/ddm/activity/ Frame C7FC 		42 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI_-Cw_oO18gIV_UMdCR01VwaIEAAYACDR-oJKQhMI5v-m_oO18gIVDMARCB1KlwsG;av=1;acvw=sv%3D902%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D960,1645,1185,2045%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D1%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D1%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D6016%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D22%26ic%3D22%26cs%3D22%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D1%26nv%3D1%26lte%3D0%26ces%26femt%3D1361%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D804055037%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D-2147483648%26ptlt%3D1629099348061%26pngs%3D9,14,15%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1629099347264;ecn1=0;etm1=0;eid1=200101;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN (),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
s.update.rose.pubmatic.com/2/925744/ Frame 4722 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.update.rose.pubmatic.com/2/925744/analytics.js?dt=9257441496860488980012&c3=1&pv=&pp=156498&si=399115&pi=1801592&ti=BD0CE95A-B4C5-4670-9F58-9AA6E2C6DA4A&ui=89A3FAE2-63FC-4CCA-AA74-FA8BC092C8F6&di=http%3A%2F%2Fholiday.presslogic.com%2F
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
b359903b67aa13345719ad1b7fafe44984e7ecc9f493c80d61dc97a23b40aa1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16 Aug 2021 07:35:47 GMT
Content-Encoding
gzip
Accept-Ch
Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
*
Content-Type
application/javascript
Cache-Control
no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Timing-Allow-Origin
*
Content-Length
3066
Expires
0
i
vid-io-cle.springserve.com/vd/ Frame EDDD 		0
120 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=3c8b8566&ps_id=356921&batch=2&imp=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_5f161ae6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.243.179 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-141-243-179.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://holiday.presslogic.com
date
Mon, 16 Aug 2021 07:35:48 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
i
vid-io-cle.springserve.com/vd/ Frame EDDD 		0
120 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=3c8b8566&ps_id=356921&batch=3
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_5f161ae6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.243.179 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-141-243-179.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://holiday.presslogic.com
date
Mon, 16 Aug 2021 07:35:48 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
track
aktrack.pubmatic.com/ Frame 4722 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&wa=243&ts=1629099345&wc=16514&crId=369010998&ucrid=16969066245009242452&impid=BD0CE95A-B4C5-4670-9F58-9AA6E2C6DA4A&advertiser_id=3410&ecpm=3.358440&e=1&vc=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:48 GMT
content-length
0
content-type
text/html
analytics.gif
s.update.rose.pubmatic.com/2/925744/ Frame 4722 		49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.update.rose.pubmatic.com/2/925744/analytics.gif?dt=9257441544206325357000&c3=1&pv=&pp=156498&si=399115&pi=1801592&ti=BD0CE95A-B4C5-4670-9F58-9AA6E2C6DA4A&ui=89A3FAE2-63FC-4CCA-AA74-FA8BC092C8F6&ap=&di=holiday.presslogic.com&ac=16514&cr=16969066245009242452
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d8eb0eea39a37b88dc5af05c475212e7a86814b77e9f9814e88ab458e3b7111a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16 Aug 2021 07:35:47 GMT
Accept-Ch
Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
*
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Timing-Allow-Origin
*
Content-Length
49
Expires
0
AdDisplayTrackerServlet
aktrack.pubmatic.com/AdServer/ Frame 4722 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156498&siteId=399115&adId=1801592&adType=13&adServerId=243&kefact=3.358440&kaxefact=3.358440&kadNetFrequecy=0&kadwidth=0&kadheight=0&kadsizeid=97&kltstamp=1629099345&indirectAdId=0&adServerOptimizerId=2&ranreq=0.20272461607681502&kpbmtpfact=3.398421&dcId=3&tldId=60977964&passback=0&svr=ADS23003U&adsver=_3573298210&adsabzcid=0&cls=ADS&ekefact=URUaYWqTBwAKt942fGNQi9P9BCVPe_zwbkItgPT7nsha0YUy&ekaxefact=URUaYYSTBwAn4_VB7GbIBeHPyNbBhKHcl73vKkRCF1KbxzrY&ekpbmtpfact=URUaYZqTBwAVnP0Nc9AsbFRDVy3yQ0XAa6C5KjxqzE5TDBkJ&enpp=URUaYbGTBwDq-AzqyjE1fsH8VUVi2d64CWfDNpD_l77k50LR&pfi=1&dc=lhr19&pubBuyId=8731&crID=369010998&lpu=cisco.com&ucrid=16969066245009242452&campaignId=16514&creativeId=0&pctr=0.000000&wDSPByrId=2381235&wDspId=80&wbId=9&wrId=0&wAdvID=3410&wDspCampId=43640462&isRTB=1&rtbId=116CE0D1-311C-483A-9C3E-6CC07B68CA5B&imprId=BD0CE95A-B4C5-4670-9F58-9AA6E2C6DA4A&oid=BD0CE95A-B4C5-4670-9F58-9AA6E2C6DA4A&cntryId=167&domain=holiday.presslogic.com&pageURL=http%3A%2F%2Fholiday.presslogic.com%2F&sec=1&pAuSt=2&tpb=2&vc=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:48 GMT
content-length
0
content-type
text/html
pubmatic
um.simpli.fi/ Frame 4722
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?&fp=1&mpc=10&p=156498&gdpr=0&gdpr_consent=&pmc=-1&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fpmc%3D-1%26partnerID%3D156498%26partnerUID%3D...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTgxOUVDREQtQkFDQi00RjYzLUI3NjAtNENCMEQzQjA0N0VC&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESED6WoiNMR6QWMPtqaypfF5I&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:48 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 15 Aug 2021 07:35:48 GMT

Redirect headers

location
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
date
Mon, 16 Aug 2021 07:35:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
207
content-type
text/html; charset=utf-8
view
googleads4.g.doubleclick.net/pcs/ Frame 4722 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuARIeBl7jnExRrdxsW4s20cdXjG20JBECxkesJyxB6aVudP29BC5TD5On9y693yIy3YaP_fJEktBfv90Csnp-qjSYUKtto-pwZ68TN6t8QfbXmrj39pTUFUjwPHeIfBNWFlPdQaiU0YawXuDen_0lWU6qCpQx-2KVQhrV3XtL3wtkV4MLgmeg2Gqmqm1vJS3Kwj2mwb3KMGgEgUdyPOpUbBsEHzEeyvF2c80uPASgeLMg2Ot_5JLSycosJOEM7LIaLs83OFx794lCifteVBI-3BLHNr_kujJci-LPltz1B6aSDQ4yTecRHvHkAAqVLDLf2FTVGCEwdYVL6lxWldkKLV1LetglqjXW1ExG_ZXUw0iQ_TF87MySZudXGmoCIZzuWYLdAF1NS6XbZfuGTfmXodlk24emLD_vDrShpSnLcmeIt0h7KsqAOr3SkicEhsUetWkpYtFw5Qod_kRIgV_MVG48M3bckSZxwuddCeXHL9svIm-OS5FpLOvz84NLEyBqcC4iPLqZ7swz4ZSzHWFogNg9cO2GyZRs4lRVo6lXIAvZuVdyzs6M30LGPKthi5pY6Bz9sokSZCqqdb8vvdDXTMEe8fo6FaYMv4x-Tn-aDAdVmZrZMeDYiA0R6733fI6mPbRw68L6A8hUGfY1gxX53hCqJgO-h8ldKm0NN6vb0at1WABCVLzSO3VZ8BHWsE9DparZ4SDyaGf-lRTHQBR7KX-_oIQ6tHv6e2_P5_Ht43u1ditW26dY5el9iYRS0e3X6i7wW0KPtUgABvXK4pCc45WgsqMwBbsIF2Pz4-EKKLIutV6cq9YYONax-sXZy0rViGfJrXm5KqeRxnQB8jIB7Skvbjeb9_m190KwLJ4-x0NdzU9Clx4I8aMwYqI92F4MrinuCsgm5pGd41N2CZ_mvge89i_pOWAio3olnqenpBMj1alpaiGUQCaHsRBHo2K5Jwiha_-bOOp-IMM3qbcTXTX6Hk474lUGx8yARDQyvqvI8AVI08eIfNCItNV1J5AcV9JNUu0Uz8WQhQoQyFIYwpLOL4lhFFs7Rd55HsUOvQPHa2WJ12DeOH9-eNpOG7Oa2YAEuE-7tClWSA54D09nMSQD_x3PfYyDh9yNRs1ZepOlQ-tK7MjHsEYLqu9KTIWYOX4b0PKoMRZ_7ManF3qdfSPepifPUiSJ48dE8P7s8nW9UL6ri4aIKRCjP5SjChvt4F6RS&sai=AMfl-YT6pMpVcxhRCZM7Z74jpTWW3FdFHmiPGH7ShPuEMBwN3-LnAuWhJU5thWVB4C542hRUcTAs4_eajQP0cnOMLH--oYkGyzORiLRNM5pIhPQ1imXaYKl5GfcPJlundtkfiM6yp17OOqJvrqx8pP-6QTScWKfFlfoTmBxMVPxocCi8hK4ToLHVIw&sig=Cg0ArKJSzP5Kvp5IN_QPEAE&pr=6:3.398421&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN (),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Mon, 16 Aug 2021 07:35:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 16 Aug 2021 07:35:48 GMT
img;adv=11002245653149;ec=11002245685555;adv.a=5809340;c.a=26133829;s.a=4497788;p.a=308814164;a.a=502840068;cache=1712436387;
ad.atdmt.com/i/ Frame 4722 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.atdmt.com/i/img;adv=11002245653149;ec=11002245685555;adv.a=5809340;c.a=26133829;s.a=4497788;p.a=308814164;a.a=502840068;cache=1712436387;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f045:f:face:b00c:0:8c Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
br
x-content-type-options
nosniff
x-xss-protection
0
pragma
no-cache
x-fb-debug
ZJ3o0KVYhAdCRdifEz6Zf8PE/i2sNHF195fJJ7QyJ1hb34QRY2Rdb1pf1B0U1bKfcusXgD9rHQdX3gLeavZ37w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
x-frame-options
DENY
date
Mon, 16 Aug 2021 07:35:48 GMT
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-fb-rlafr
0
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coep_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
events.mmi360.net/ Frame 4722 		68 B
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.mmi360.net/?cust=Cisco&type=img&plat=CM360&advid=5809340&siteid=4497788&cmpnid=26133829&pcmtid=308814164&crtvid=155237713&rndnum=1712436387&site=N7442.1972103DOUBLECLICKBIDMANAG&adid=502840068&aucid=ABAjH0hgtp3AYtSj1Ir8tgLNAwz1&exchid=6&sellid=152461410022
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.217.131.61 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-217-131-61.us-east-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:48 GMT
server
awselb/2.0
content-length
68
content-type
image/jpeg
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4722 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQ1rWYARi20vqvASABMAE&v=APEucNUUNQtvhUEmpdyrsTgxiRgco06aRCY2_I0NbJ8vivb5SzoZrGqQu0ieMnchYxQ5AMgDub94xB_SustNIUywCTUVNSDlXeWX7QI-e-xCFKJNNBGT3G8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
track
aktrack.pubmatic.com/ Frame 4722 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&wa=243&ts=1629099345&wc=16514&crId=369010998&ucrid=16969066245009242452&impid=BD0CE95A-B4C5-4670-9F58-9AA6E2C6DA4A&advertiser_id=3410&ecpm=3.358440&e=2&pfi=1&plmt=1&vps=1&ch=3&it=1&vadFmt=5&vapi=2&sURL=holiday.presslogic.com&vc=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:48 GMT
content-length
0
content-type
text/html
dc_oe=ChMI_-Cw_oO18gIV_UMdCR01VwaIEAAYACDR-oJKQhMI5v-m_oO18gIVDMARCB1KlwsG;met=1;ecn1=1;etm1=0;eid1=11;
ade.googlesyndication.com/ddm/activity/ Frame 4722 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI_-Cw_oO18gIV_UMdCR01VwaIEAAYACDR-oJKQhMI5v-m_oO18gIVDMARCB1KlwsG;met=1;ecn1=1;etm1=0;eid1=11;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN (),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI_-Cw_oO18gIV_UMdCR01VwaIEAAYACDR-oJKQhMI5v-m_oO18gIVDMARCB1KlwsG;av=1;acvw=sv%3D902%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D960,1645,1185,2045%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%2...
ade.googlesyndication.com/ddm/activity/ Frame C7FC 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI_-Cw_oO18gIV_UMdCR01VwaIEAAYACDR-oJKQhMI5v-m_oO18gIVDMARCB1KlwsG;av=1;acvw=sv%3D902%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D960,1645,1185,2045%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D79%26a%3D1%26ft%3D0%26dft%3D0%26at%3D79%26dat%3D79%26as%3D1%26vpt%3D79%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D79%26vpaid%26dur%3D6016%26vmtime%3D243%26dvs%3D0%26dfvs%3D0%26dvpt%3D79%26is%3D22%26i0%3D22%26ic%3D4096%26cs%3D4118%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D1%26nv%3D1%26lte%3D0%26ces%26femt%3D1361%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D804055037%26psm%3D-2147483647%26psv%3D0%26psfv%3D0%26psa%3D-2147483647%26ptlt%3D1629099348139%26pngs%3D9,14,15s%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1629099347264;ecn1=0;etm1=0;eid1=210006;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN (),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
postback
s.update.rose.pubmatic.com/2/2.21.0/925744/ALgDKOUZEAMrqFwE/ Frame 4722 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.rose.pubmatic.com/2/2.21.0/925744/ALgDKOUZEAMrqFwE/postback?oz_pl=1&c3=1&pv=&ui=89A3FAE2-63FC-4CCA-AA74-FA8BC092C8F6&dt=9257441496860488980012&pp=156498&si=399115&pi=1801592&ti=BD0CE95A-B4C5-4670-9F58-9AA6E2C6DA4A&di=http%3A%2F%2Fholiday.presslogic.com%2F&ci=925744&_x=1
Requested by
Host: s.update.rose.pubmatic.com
URL: https://s.update.rose.pubmatic.com/2/925744/analytics.js?dt=9257441496860488980012&c3=1&pv=&pp=156498&si=399115&pi=1801592&ti=BD0CE95A-B4C5-4670-9F58-9AA6E2C6DA4A&ui=89A3FAE2-63FC-4CCA-AA74-FA8BC092C8F6&di=http%3A%2F%2Fholiday.presslogic.com%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 16 Aug 2021 07:35:47 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
main.js
s.update.rose.pubmatic.com/2/2.21.0/ Frame 4722 		144 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.update.rose.pubmatic.com/2/2.21.0/main.js
Requested by
Host: s.update.rose.pubmatic.com
URL: https://s.update.rose.pubmatic.com/2/925744/analytics.js?dt=9257441496860488980012&c3=1&pv=&pp=156498&si=399115&pi=1801592&ti=BD0CE95A-B4C5-4670-9F58-9AA6E2C6DA4A&ui=89A3FAE2-63FC-4CCA-AA74-FA8BC092C8F6&di=http%3A%2F%2Fholiday.presslogic.com%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
0d3816f43e3249d9e0434283063173b7745c321b34576508731d048d8f80b430
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 16 Aug 2021 07:35:47 GMT
Content-Encoding
br
Accept-Ch
Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
Origin, Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, no-transform, immutable, max-age=999999999
Strict-Transport-Security
max-age=31536000; includeSubDomains
Timing-Allow-Origin
*
Content-Length
45090
Expires
Thu, 24 Apr 2053 07:01:40 GMT
postback
s.update.rose.pubmatic.com/2/2.21.0/925744/ALgDKOUZEAMrqFwE/ Frame 4722 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.rose.pubmatic.com/2/2.21.0/925744/ALgDKOUZEAMrqFwE/postback?oz_pl=1&c3=1&pv=&ui=89A3FAE2-63FC-4CCA-AA74-FA8BC092C8F6&dt=9257441496860488980012&pp=156498&si=399115&pi=1801592&ti=BD0CE95A-B4C5-4670-9F58-9AA6E2C6DA4A&di=http%3A%2F%2Fholiday.presslogic.com%2F&ci=925744&_x=1
Requested by
Host: s.update.rose.pubmatic.com
URL: https://s.update.rose.pubmatic.com/2/925744/analytics.js?dt=9257441496860488980012&c3=1&pv=&pp=156498&si=399115&pi=1801592&ti=BD0CE95A-B4C5-4670-9F58-9AA6E2C6DA4A&ui=89A3FAE2-63FC-4CCA-AA74-FA8BC092C8F6&di=http%3A%2F%2Fholiday.presslogic.com%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 16 Aug 2021 07:35:47 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.update.rose.pubmatic.com/2/2.21.0/925744/ALgDKOUZEAMrqFwE/ Frame 4722 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.rose.pubmatic.com/2/2.21.0/925744/ALgDKOUZEAMrqFwE/postback?c3=1&pv=&ui=89A3FAE2-63FC-4CCA-AA74-FA8BC092C8F6&dt=9257441496860488980012&pp=156498&si=399115&pi=1801592&ti=BD0CE95A-B4C5-4670-9F58-9AA6E2C6DA4A&di=http%3A%2F%2Fholiday.presslogic.com%2F&ci=925744&sid=ALgDKOUZEAMrqFwE&oz_sc=ad187ee7dbb7a18a88f6c779&oz_df=1629099348386&oz_l=116&cv=3
Requested by
Host: s.update.rose.pubmatic.com
URL: https://s.update.rose.pubmatic.com/2/2.21.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 16 Aug 2021 07:35:47 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
truncated
/ 		477 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f9a8536bd32bcd9ecba5f08463ea344cfbcf4a2e0c1af51ce14089dcd4dbac51

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
t
t.lkqd.net/ Frame 2955 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.173 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://holiday.presslogic.com
date
Mon, 16 Aug 2021 07:35:48 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.173 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://holiday.presslogic.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Mon, 16 Aug 2021 07:35:48 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://holiday.presslogic.com
p2
sb.scorecardresearch.com/ Frame 8750
Redirect Chain
  • https://sb.scorecardresearch.com/p?C1=1&C2=23229166&C3=platform&C5=01&C7=http://holiday.presslogic.com/
  • https://sb.scorecardresearch.com/p2?C1=1&C2=23229166&C3=platform&C5=01&C7=http%3A%2F%2Fholiday.presslogic.com%2F
64 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p2?C1=1&C2=23229166&C3=platform&C5=01&C7=http%3A%2F%2Fholiday.presslogic.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:48 GMT
via
1.1 a06d82f018833bef3e7f2e9fd230e5ee.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
D-FM0TfZZzaqqLeSTwoEaTbqzy_9Go2YMEZAWGquKq7Gc8McC-oxcA==

Redirect headers

date
Mon, 16 Aug 2021 07:35:48 GMT
via
1.1 a06d82f018833bef3e7f2e9fd230e5ee.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/p2?C1=1&C2=23229166&C3=platform&C5=01&C7=http%3A%2F%2Fholiday.presslogic.com%2F
content-length
134
x-amz-cf-id
TTnaRPqZmuUZ4Q_nTzfAmC9NjNr60aDDSlOgtTj9ApS-ldpGWPZ8GQ==
p2
sb.scorecardresearch.com/ Frame 8750
Redirect Chain
  • https://sb.scorecardresearch.com/p?c1=2&c2=23229166&c3=platform&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1629099343&ns_st_ec=1&ns_st_cn=1&ns_st_ev=...
  • https://sb.scorecardresearch.com/p2?c1=2&c2=23229166&c3=platform&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1629099343&ns_st_ec=1&ns_st_cn=1&ns_st_ev...
64 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p2?c1=2&c2=23229166&c3=platform&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1629099343&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va&ns_st_cl=30000&ns_st_pt=0&ns_ts=1629099343
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:48 GMT
via
1.1 a06d82f018833bef3e7f2e9fd230e5ee.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
q--SuWKao7niSz0ZrgqCkR4bciRCRQd-ZEBuhne__Iazg_AXxCBwvA==

Redirect headers

date
Mon, 16 Aug 2021 07:35:48 GMT
via
1.1 a06d82f018833bef3e7f2e9fd230e5ee.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/p2?c1=2&c2=23229166&c3=platform&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1629099343&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va&ns_st_cl=30000&ns_st_pt=0&ns_ts=1629099343
content-length
279
x-amz-cf-id
_Bw8s7glbi0Qem-q9GftZDg0bj2njUoiDLhLVLTXfC24_pJlmCyPdQ==
i
vid-io-cle.springserve.com/vd/ Frame 8750 		43 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-cle.springserve.com/vd/i?event=vast_flash_impression
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.243.179 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-141-243-179.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:48 GMT
server
nginx
content-length
43
content-type
image/gif
PugMaster
image6.pubmatic.com/AdServer/ Frame E96B 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=52623776&p=156498&s=399115&a=0&ptask=DSP&np=0&fp=1&mpc=10&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN (),
Reverse DNS
Software
/
Resource Hash
1414b0cd8e8d094ca6ca52b7b093c933f15dc37e5b645f8a94509b7fef4fd14a

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1826
content-type
text/html; charset=UTF-8
t
t.lkqd.net/ Frame 2955 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.173 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://holiday.presslogic.com
date
Mon, 16 Aug 2021 07:35:48 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.173 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://holiday.presslogic.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Mon, 16 Aug 2021 07:35:48 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://holiday.presslogic.com
SPug
image4.pubmatic.com/AdServer/ Frame D130
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8732223626832666502
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?pmc=-1&partnerID=156498&partnerUID=(null)
0
83 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image4.pubmatic.com/AdServer/SPug?pmc=-1&partnerID=156498&partnerUID=(null)
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN (),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
image4.pubmatic.com
:scheme
https
:path
/AdServer/SPug?pmc=-1&partnerID=156498&partnerUID=(null)
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KRTBCOOKIE_409=22966-X7DzUF9nYkvxcjYgw3ahXUfn; PUBMDCID=3; KADUSERCOOKIE=9819ECDD-BACB-4F63-B760-4CB0D3B047EB; KRTBCOOKIE_80=22987-CAESED6WoiNMR6QWMPtqaypfF5I&KRTB&16514-CAESED6WoiNMR6QWMPtqaypfF5I&KRTB&23025-CAESED6WoiNMR6QWMPtqaypfF5I; PugT=1629099348; KRTBCOOKIE_153=19420-2T-TXt47lwvCb5FajG-PBtg5mwnCbcQKimrfV_MF&KRTB&22979-2T-TXt47lwvCb5FajG-PBtg5mwnCbcQKimrfV_MF; SyncRTB3=1630281600%3A220_54_71_21_7_8_13_161_56_3_22%7C1630368000%3A35%7C1629676800%3A223%7C1629936000%3A63; KRTBCOOKIE_27=16735-uid:d1f9611a-1554-4100-8509-e224090033ab&KRTB&16736-uid:d1f9611a-1554-4100-8509-e224090033ab&KRTB&23019-uid:d1f9611a-1554-4100-8509-e224090033ab&KRTB&23114-uid:d1f9611a-1554-4100-8509-e224090033ab; SPugT=1629099347; KRTBCOOKIE_391=22924-7345683001871814248&KRTB&23263-7345683001871814248; KRTBCOOKIE_377=6810-eff4d2fc-de2a-4bda-9b7b-f4a9be5186f1&KRTB&22918-eff4d2fc-de2a-4bda-9b7b-f4a9be5186f1&KRTB&23031-eff4d2fc-de2a-4bda-9b7b-f4a9be5186f1; KRTBCOOKIE_336=5844-8732223626832666502; chkChromeAb67Sec=6
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Mon, 16 Aug 2021 07:35:47 GMT
server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
set-cookie
SPugT=1629099347; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Sep-2021 07:35:47 GMT; path=/
vary
Accept-Encoding
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache
x-cnection
close
content-type
text/plain; charset=utf-8

Redirect headers

content-type
text/html; charset=utf-8
location
https://image4.pubmatic.com/AdServer/SPug?pmc=-1&partnerID=156498&partnerUID=(null)
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
set-cookie
ipc=; domain=pubmatic.com; path=/; max-age=0; SameSite=None; secure; KADUSERCOOKIE=9819ECDD-BACB-4F63-B760-4CB0D3B047EB; domain=pubmatic.com; path=/; max-age=7776000; SameSite=None; secure; chkChromeAb67Sec=6; domain=pubmatic.com; path=/; max-age=7776000; SameSite=None; secure;
date
Mon, 16 Aug 2021 07:35:47 GMT
content-length
114
ImgSync
image8.pubmatic.com/AdServer/ Frame E96B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7345683001871814248
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.216 , United Kingdom, ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:47 GMT
content-length
0

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Mon, 16 Aug 2021 07:35:48 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug002:0:464
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
image4.pubmatic.com/AdServer/ Frame E96B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:d1f9611a-1554-4100-8509-e224090033ab&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?pmc=-1&partnerID=156498&partnerUID=(null)
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?pmc=-1&partnerID=156498&partnerUID=(null)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:47 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?pmc=-1&partnerID=156498&partnerUID=(null)
date
Mon, 16 Aug 2021 07:35:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
114
content-type
text/html; charset=utf-8
ImgSync
image8.pubmatic.com/AdServer/ Frame E96B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=eff4d2fc-de2a-4bda-9b7b-f4a9be5186f1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.216 , United Kingdom, ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:48 GMT
content-length
0

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Mon, 16 Aug 2021 07:35:48 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug009:0:311
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usersync.aspx
dis.criteo.com/dis/ Frame C488 		43 B
338 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Mon, 16 Aug 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1155
date
Mon, 16 Aug 2021 07:35:48 GMT
content-length
43
Pug
image2.pubmatic.com/AdServer/ Frame E96B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6889997221510224435&gdpr=0&gdpr_consent=
42 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6889997221510224435&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:48 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug002:0:495
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Mon, 16 Aug 2021 07:35:48 GMT
X-Proxy-Origin
213.232.87.179; 213.232.87.179; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
059df3cf-944a-4c41-aee0-28e0380f611e
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6889997221510224435&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame E96B
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=2T-TXt47lwvCb5FajG-PBtg5mwnCbcQKimrfV_MF
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YRoVVAADgVY0OQBg&gdpr=0&gdpr_consent=&_test=YRoVVAADgVY0OQBg
1 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YRoVVAADgVY0OQBg&gdpr=0&gdpr_consent=&_test=YRoVVAADgVY0OQBg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:48 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug007:0:2476
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:48 GMT
via
1.1 varnish
server
Varnish
x-timer
S1629099349.911985,VS0,VE0
x-served-by
cache-fra19176-FRA
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YRoVVAADgVY0OQBg&gdpr=0&gdpr_consent=&_test=YRoVVAADgVY0OQBg
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
9819ECDD-BACB-4F63-B760-4CB0D3B047EB
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame E96B 		43 B
579 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/9819ECDD-BACB-4F63-B760-4CB0D3B047EB?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 Dublin, Ireland, ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:48 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame E96B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=9819ECDD-BACB-4F63-B760-4CB0D3B047EB&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=9819ECDD-BACB-4F63-B760-4CB0D3B047EB&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-p8XZze5E2uXJPGwjiNVtZrya0F915YM-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-p8XZze5E2uXJPGwjiNVtZrya0F915YM-~A&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:47 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 16 Aug 2021 07:35:48 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-p8XZze5E2uXJPGwjiNVtZrya0F915YM-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame E96B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=d84321da-6a95-40f4-87d3-d9d52e9e514a
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=d84321da-6a95-40f4-87d3-d9d52e9e514a
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=045c9388-1f2f-4395-9b59-41bc712f08e5&user_group=1&ssp=pubmatic&bsw_param=d84321da-6a95-40f4-87d3-d9d52e9e514a
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d84321da-6a95-40f4-87d3-d9d52e9e514a&gdpr=&gdpr_consent=&gdpr_pd=
1 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d84321da-6a95-40f4-87d3-d9d52e9e514a&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:48 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug006:0:508
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d84321da-6a95-40f4-87d3-d9d52e9e514a&gdpr=&gdpr_consent=&gdpr_pd=
date
Mon, 16 Aug 2021 07:35:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
postback
s.update.rose.pubmatic.com/2/2.21.0/925744/ALgDKOUZEAMrqFwE/ Frame 4722 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.rose.pubmatic.com/2/2.21.0/925744/ALgDKOUZEAMrqFwE/postback?c3=1&pv=&ui=89A3FAE2-63FC-4CCA-AA74-FA8BC092C8F6&dt=9257441496860488980012&pp=156498&si=399115&pi=1801592&ti=BD0CE95A-B4C5-4670-9F58-9AA6E2C6DA4A&di=http%3A%2F%2Fholiday.presslogic.com%2F&ci=925744&sid=ALgDKOUZEAMrqFwE&oz_sc=ad187ee7dbb7a18a88f6c779&oz_df=1629099348746&oz_l=5087&cv=3
Requested by
Host: s.update.rose.pubmatic.com
URL: https://s.update.rose.pubmatic.com/2/2.21.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 16 Aug 2021 07:35:48 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
t
t.lkqd.net/ Frame 2955 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.173 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://holiday.presslogic.com
date
Mon, 16 Aug 2021 07:35:49 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.173 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://holiday.presslogic.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Mon, 16 Aug 2021 07:35:48 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://holiday.presslogic.com
truncated
/ Frame 3B39 		13 B
13 B 		Document
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
text/html;charset=utf-8
postback
s.update.rose.pubmatic.com/2/2.21.0/925744/ALgDKOUZEAMrqFwE/ Frame 4722 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.rose.pubmatic.com/2/2.21.0/925744/ALgDKOUZEAMrqFwE/postback?c3=1&pv=&ui=89A3FAE2-63FC-4CCA-AA74-FA8BC092C8F6&dt=9257441496860488980012&pp=156498&si=399115&pi=1801592&ti=BD0CE95A-B4C5-4670-9F58-9AA6E2C6DA4A&di=http%3A%2F%2Fholiday.presslogic.com%2F&ci=925744&sid=ALgDKOUZEAMrqFwE&oz_sc=ad187ee7dbb7a18a88f6c779&oz_df=1629099348905&oz_l=1684&cv=3
Requested by
Host: s.update.rose.pubmatic.com
URL: https://s.update.rose.pubmatic.com/2/2.21.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 16 Aug 2021 07:35:48 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.update.rose.pubmatic.com/2/2.21.0/925744/ALgDKOUZEAMrqFwE/ Frame 4722 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.rose.pubmatic.com/2/2.21.0/925744/ALgDKOUZEAMrqFwE/postback?c3=1&pv=&ui=89A3FAE2-63FC-4CCA-AA74-FA8BC092C8F6&dt=9257441496860488980012&pp=156498&si=399115&pi=1801592&ti=BD0CE95A-B4C5-4670-9F58-9AA6E2C6DA4A&di=http%3A%2F%2Fholiday.presslogic.com%2F&ci=925744&sid=ALgDKOUZEAMrqFwE&oz_sc=ad187ee7dbb7a18a88f6c779&oz_df=1629099349086&oz_l=28&cv=3
Requested by
Host: s.update.rose.pubmatic.com
URL: https://s.update.rose.pubmatic.com/2/2.21.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 16 Aug 2021 07:35:48 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.update.rose.pubmatic.com/2/2.21.0/925744/ALgDKOUZEAMrqFwE/ Frame 4722 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.rose.pubmatic.com/2/2.21.0/925744/ALgDKOUZEAMrqFwE/postback?c3=1&pv=&ui=89A3FAE2-63FC-4CCA-AA74-FA8BC092C8F6&dt=9257441496860488980012&pp=156498&si=399115&pi=1801592&ti=BD0CE95A-B4C5-4670-9F58-9AA6E2C6DA4A&di=http%3A%2F%2Fholiday.presslogic.com%2F&ci=925744&sid=ALgDKOUZEAMrqFwE&oz_sc=ad187ee7dbb7a18a88f6c779&oz_df=1629099349254&oz_l=424&cv=3
Requested by
Host: s.update.rose.pubmatic.com
URL: https://s.update.rose.pubmatic.com/2/2.21.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 16 Aug 2021 07:35:48 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.update.rose.pubmatic.com/2/2.21.0/925744/ALgDKOUZEAMrqFwE/ Frame 4722 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.rose.pubmatic.com/2/2.21.0/925744/ALgDKOUZEAMrqFwE/postback?c3=1&pv=&ui=89A3FAE2-63FC-4CCA-AA74-FA8BC092C8F6&dt=9257441496860488980012&pp=156498&si=399115&pi=1801592&ti=BD0CE95A-B4C5-4670-9F58-9AA6E2C6DA4A&di=http%3A%2F%2Fholiday.presslogic.com%2F&ci=925744&sid=ALgDKOUZEAMrqFwE&oz_sc=ad187ee7dbb7a18a88f6c779&oz_df=1629099349430&oz_l=1440&cv=3
Requested by
Host: s.update.rose.pubmatic.com
URL: https://s.update.rose.pubmatic.com/2/2.21.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 16 Aug 2021 07:35:48 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
pixel.png
unified.adsafeprotected.com/ Frame 11E0 		35 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjo0MDMsInNpdGVfdXVpZCI6ImFmZGRlZjVkLWMyMDQtNDBhOS1iNGZiLTk2NWExNDVkMDY5NiIsImJpZF9yZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vaG9saWRheS5wcmVzc2xvZ2ljLmNvbS8ifX0sImNiIjoxNjI5MDk5MzQ5NTM0LCJpYXNfc2luZ2xldGFnIjp0cnVlLCJpYXNfc2luZ2xldGFnX291dGNvbWUiOjE5LCJoZWFkZXJzIjp7ImhlYWRlcjgiOiJpYXNvIn0sImN1c3RvbSI6eyJjdXN0b203IjoiNzgxODQ4IiwiY3VzdG9tOCI6IjU2MjE0OTI2IiwiY3VzdG9tMTEiOiIyMDIxLjAyLjExLTExLjAyLTE5Njc2ZTAiLCJ4c2lkIjoiZGY3MmM4NDMtYjAwZC00ODRjLTkyMTYtY2U4MjcwN2MzNzYyIn19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.99.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-99-241.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 16 Aug 2021 07:35:49 GMT
Connection
keep-alive
Content-Length
35
Vary
Origin
Content-Type
image/gif
dt
dt.adsafeprotected.com/ 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=781848&asId=8fb5b9a5-c7a9-770d-6a59-3c85126a8275&tv=%7Bc:lrpaBW,pingTime:-4,time:1977,type:m,clog:%5B%7Bpiv:0,vs:o,r:l.v,w:400,h:225,t:34%7D,%7Bpiv:88,vs:i,r:,t:1289%7D,%7Bpiv:100,t:1509%7D%5D,ve:%7BvEventCount:17,vEvents:%5B%7Bt:-45,tp:adLoaded,sl:o,ad_duration:6,width:400,height:225,volume:0%7D,%7Bt:-43,tp:adStarted,sl:o,ad_duration:6,width:400,height:225,volume:0%7D,%7Bt:221,tp:adDurationChange,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:479,tp:adImpression,sl:o,ad_duration:6.016,width:400,height:225,volume:0,integral_timeToDecision:133,integral_didBlock:false,viewMode:normal,x_vv:3.7.0,x_vanstag:fw,x_xpc:iaso%7D,%7Bt:479,tp:adVideoStart,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:480,tp:adRemainingTimeChange,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:554,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:554,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:554,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:555,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:555,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:555,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:556,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:556,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1018,tp:resizeAd,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1728,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:1975,tp:adVideoFirstQuartile,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D%5D%7D,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:688,o:1289,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:34,wc:0.0.1600.1200,ac:1645.960.400.225,am:v,cc:1645.960.400.225,piv:0,obst:0,th:0,reas:l.v,bkn:%7Bpiv:%5B1285~0,1~75%5D,as:%5B1286~400.225%5D%7D%7D,%7Bsl:i,t:1289,wc:0.0.1600.1200,ac:1170.960.400.225,am:v,cc:1170.960.400.225,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B219~75,468~100%5D,as:%5B687~400.225%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:,tt:fwjsvid,dtt:123,fm:sGeyQ8n+1*.781848-56214926%7C11%7C12%7C13%7C14%7C151%7C152%7C153%7C1611%7C1612%7C1621%7C1631%7C1632%7C17%7C18%7C191%7C192%7C193%7C1a%7C1b1%7C1b2%7C1b311%7C1c%7C1d%7C1e111%7C1e112%7C1e113%7C1e114%7C1e115%7C1e116%7C1e117%7C1e118%7C1e119%7C1e11a%7C1e11b%7C1e11c%7C1e11d%7C1e12%7C1e13%7C1f%7C1g1%7C1h,idMap:1*,rmeas:1,rend:1,renddet:env%7D&br=u
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN (),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16 Aug 2021 07:35:49 GMT
X-Server-Name
dt47.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dc_oe=ChMI_-Cw_oO18gIV_UMdCR01VwaIEAAYACDR-oJKQhMI5v-m_oO18gIVDMARCB1KlwsG;av=1;acvw=sv%3D902%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D960,1170,1185,1570%26tos%3D553,0,0,230,0%26mtos%3D553,553,...
ade.googlesyndication.com/ddm/activity/ Frame C7FC 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI_-Cw_oO18gIV_UMdCR01VwaIEAAYACDR-oJKQhMI5v-m_oO18gIVDMARCB1KlwsG;av=1;acvw=sv%3D902%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D960,1170,1185,1570%26tos%3D553,0,0,230,0%26mtos%3D553,553,553,783,783%26amtos%3D0,0,0,0,0%26mcvt%3D553%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D79%26a%3D0%26ft%3D0%26dft%3D0%26at%3D79%26dat%3D0%26as%3D0%26vpt%3D1493%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1207%26pst%3D79%26vpaid%26dur%3D6016%26vmtime%3D1493%26dvs%3D553%26dfvs%3D553%26dvpt%3D1414%26is%3D275%26i0%3D22%26i1%3D275%26ic%3D256%26cs%3D4374%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D1%26nv%3D0%26qmt%3D553,553,553,783,783%26qnc%3D0%26qmv%3D1%26qnv%3D0%26lte%3D0%26ces%26femt%3D1361%26femvt%3D0%26emc%3D11%26emuc%3D0%26emb%3D3,0,0,1,0%26avms%3Dexc%26qi%3D804055037%26psm%3D-2147483645%26psv%3D2%26psfv%3D2%26psa%3D-2147483648%26ptlt%3D1629099349554%26pngs%3D9,14,15s%26ssb%3D0,0,0,0,0,0,0,0,0,0,783;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.04%26t%3D1629099347264;ecn1=0;etm1=0;eid1=210002;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN (),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i
vid-io-cle.springserve.com/vd/ Frame EDDD 		0
120 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=3c8b8566&ps_id=356921&batch=4
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_5f161ae6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.243.179 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-141-243-179.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://holiday.presslogic.com
date
Mon, 16 Aug 2021 07:35:49 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
track
aktrack.pubmatic.com/ Frame 4722 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&wa=243&ts=1629099345&wc=16514&crId=369010998&ucrid=16969066245009242452&impid=BD0CE95A-B4C5-4670-9F58-9AA6E2C6DA4A&advertiser_id=3410&ecpm=3.358440&e=4&pfi=1&plmt=1&vps=1&sURL=holiday.presslogic.com&vc=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:49 GMT
content-length
0
content-type
text/html
dc_oe=ChMI_-Cw_oO18gIV_UMdCR01VwaIEAAYACDR-oJKQhMI5v-m_oO18gIVDMARCB1KlwsG;met=1;ecn1=1;etm1=0;eid1=960584;
ade.googlesyndication.com/ddm/activity/ Frame 4722 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI_-Cw_oO18gIV_UMdCR01VwaIEAAYACDR-oJKQhMI5v-m_oO18gIVDMARCB1KlwsG;met=1;ecn1=1;etm1=0;eid1=960584;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN (),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
postback
s.update.rose.pubmatic.com/2/2.21.0/925744/ALgDKOUZEAMrqFwE/ Frame 4722 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.rose.pubmatic.com/2/2.21.0/925744/ALgDKOUZEAMrqFwE/postback?c3=1&pv=&ui=89A3FAE2-63FC-4CCA-AA74-FA8BC092C8F6&dt=9257441496860488980012&pp=156498&si=399115&pi=1801592&ti=BD0CE95A-B4C5-4670-9F58-9AA6E2C6DA4A&di=http%3A%2F%2Fholiday.presslogic.com%2F&ci=925744&sid=ALgDKOUZEAMrqFwE&oz_sc=ad187ee7dbb7a18a88f6c779&oz_df=1629099349627&oz_l=949&cv=3
Requested by
Host: s.update.rose.pubmatic.com
URL: https://s.update.rose.pubmatic.com/2/2.21.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 16 Aug 2021 07:35:49 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
t
t.lkqd.net/ Frame 2955 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.173 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://holiday.presslogic.com
date
Mon, 16 Aug 2021 07:35:49 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.173 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://holiday.presslogic.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Mon, 16 Aug 2021 07:35:49 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://holiday.presslogic.com
postback
s.update.rose.pubmatic.com/2/2.21.0/925744/ALgDKOUZEAMrqFwE/ Frame 4722 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.rose.pubmatic.com/2/2.21.0/925744/ALgDKOUZEAMrqFwE/postback?c3=1&pv=&ui=89A3FAE2-63FC-4CCA-AA74-FA8BC092C8F6&dt=9257441496860488980012&pp=156498&si=399115&pi=1801592&ti=BD0CE95A-B4C5-4670-9F58-9AA6E2C6DA4A&di=http%3A%2F%2Fholiday.presslogic.com%2F&ci=925744&sid=ALgDKOUZEAMrqFwE&oz_sc=ad187ee7dbb7a18a88f6c779&oz_df=1629099349803&oz_l=919&cv=3
Requested by
Host: s.update.rose.pubmatic.com
URL: https://s.update.rose.pubmatic.com/2/2.21.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 16 Aug 2021 07:35:49 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
t
t.lkqd.net/ Frame 2955 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.173 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://holiday.presslogic.com
date
Mon, 16 Aug 2021 07:35:51 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.173 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://holiday.presslogic.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Mon, 16 Aug 2021 07:35:50 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://holiday.presslogic.com
dt
dt.adsafeprotected.com/ 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=781848&asId=8fb5b9a5-c7a9-770d-6a59-3c85126a8275&tv=%7Bc:lrpaXa,pingTime:2,time:3293,type:p,clog:%5B%7Bpiv:0,vs:o,r:l.v,w:400,h:225,t:34%7D,%7Bpiv:88,vs:i,r:,t:1289%7D,%7Bpiv:100,t:1509%7D%5D,ve:%7BvEventCount:18,vEvents:%5B%7Bt:-45,tp:adLoaded,sl:o,ad_duration:6,width:400,height:225,volume:0%7D,%7Bt:-43,tp:adStarted,sl:o,ad_duration:6,width:400,height:225,volume:0%7D,%7Bt:221,tp:adDurationChange,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:479,tp:adImpression,sl:o,ad_duration:6.016,width:400,height:225,volume:0,integral_timeToDecision:133,integral_didBlock:false,viewMode:normal,x_vv:3.7.0,x_vanstag:fw,x_xpc:iaso%7D,%7Bt:479,tp:adVideoStart,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:480,tp:adRemainingTimeChange,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:554,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:554,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:554,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:555,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:555,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:555,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:556,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:556,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1018,tp:resizeAd,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1728,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:1975,tp:adVideoFirstQuartile,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:2978,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D%5D%7D,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:2005,o:1289,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:34,wc:0.0.1600.1200,ac:1645.960.400.225,am:v,cc:1645.960.400.225,piv:0,obst:0,th:0,reas:l.v,bkn:%7Bpiv:%5B1285~0,1~75%5D,as:%5B1286~400.225%5D%7D%7D,%7Bsl:i,t:1289,wc:0.0.1600.1200,ac:1170.960.400.225,am:v,cc:1170.960.400.225,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B219~75,1785~100%5D,as:%5B2004~400.225%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:,tt:fwjsvid,dtt:108,fm:sGeyQ8n+1*.781848-56214926%7C11%7C12%7C13%7C14%7C151%7C152%7C153%7C1611%7C1612%7C1621%7C1631%7C1632%7C17%7C18%7C191%7C192%7C193%7C1a%7C1b1%7C1b2%7C1b311%7C1c%7C1d%7C1e111%7C1e112%7C1e113%7C1e114%7C1e115%7C1e116%7C1e117%7C1e118%7C1e119%7C1e11a%7C1e11b%7C1e11c%7C1e11d%7C1e12%7C1e13%7C1f%7C1g1%7C1h,idMap:1*,rmeas:1,rend:1,renddet:env%7D&br=u
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN (),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16 Aug 2021 07:35:50 GMT
X-Server-Name
dt47.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
activeview
pagead2.googlesyndication.com/pcs/ Frame C7FC 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssKNkq3moRhejAWlXrmx4bWZqe_VjTAxqpQQa1hwV7GuBXpWjNFzcuSz27XQ3kMkA1pL9b2uVBJUN6JnPSyNCa7dir_wG66bCE&sig=Cg0ArKJSzH911RCU_SoKEAE&id=lidarv&acvw=sv%3D902%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D960,1170,1185,1570%26tos%3D2022,0,0,230,0%26mtos%3D2022,2022,2022,2252,2252%26amtos%3D0,0,0,0,0%26mcvt%3D2022%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D79%26a%3D0%26ft%3D0%26dft%3D0%26at%3D79%26dat%3D0%26as%3D0%26vpt%3D2962%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2473%26pst%3D79%26vpaid%26dur%3D6016%26vmtime%3D2743%26dtos%3D2022%26dtoss%3D1%26dvs%3D1469%26dfvs%3D1469%26dvpt%3D1469%26is%3D275%26i0%3D22%26i1%3D275%26ic%3D16777217%26cs%3D16781591%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D1%26nv%3D0%26lte%3D0%26ces%26femt%3D1361%26femvt%3D0%26emc%3D18%26emuc%3D0%26emb%3D10,0,0,1,0%26avms%3Dexc%26qi%3D804055037%26psm%3D-2147483641%26psv%3D6%26psfv%3D6%26psa%3D-2147483648%26ptlt%3D1629099351022%26pngs%3D9,14,15s%26ssb%3D0,0,0,0,0,0,0,0,0,0,2252&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1629099347264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI_-Cw_oO18gIV_UMdCR01VwaIEAAYACDR-oJKQhMI5v-m_oO18gIVDMARCB1KlwsG;av=1;acvw=sv%3D902%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D960,1170,1185,1570%26tos%3D2022,0,0,230,0%26mtos%3D2022,20...
ade.googlesyndication.com/ddm/activity/ Frame C7FC 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI_-Cw_oO18gIV_UMdCR01VwaIEAAYACDR-oJKQhMI5v-m_oO18gIVDMARCB1KlwsG;av=1;acvw=sv%3D902%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D960,1170,1185,1570%26tos%3D2022,0,0,230,0%26mtos%3D2022,2022,2022,2252,2252%26amtos%3D0,0,0,0,0%26mcvt%3D2022%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D79%26a%3D0%26ft%3D0%26dft%3D0%26at%3D79%26dat%3D0%26as%3D0%26vpt%3D2962%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2473%26pst%3D79%26vpaid%26dur%3D6016%26vmtime%3D2743%26dtos%3D2022%26dtoss%3D1%26dvs%3D1469%26dfvs%3D1469%26dvpt%3D1469%26is%3D275%26i0%3D22%26i1%3D275%26ic%3D16777217%26cs%3D16781591%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D1%26nv%3D0%26lte%3D0%26ces%26femt%3D1361%26femvt%3D0%26emc%3D18%26emuc%3D0%26emb%3D10,0,0,1,0%26avms%3Dexc%26qi%3D804055037%26psm%3D-2147483641%26psv%3D6%26psfv%3D6%26psa%3D-2147483648%26ptlt%3D1629099351022%26pngs%3D9,14,15s%26ssb%3D0,0,0,0,0,0,0,0,0,0,2252;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1629099347264;ecn1=0;etm1=0;eid1=200000;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN (),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=781848&asId=8fb5b9a5-c7a9-770d-6a59-3c85126a8275&tv=%7Bc:lrpb0d,pingTime:-4,time:3482,type:m,clog:%5B%7Bpiv:0,vs:o,r:l.v,w:400,h:225,t:34%7D,%7Bpiv:88,vs:i,r:,t:1289%7D,%7Bpiv:100,t:1509%7D%5D,ve:%7BvEventCount:19,vEvents:%5B%7Bt:-45,tp:adLoaded,sl:o,ad_duration:6,width:400,height:225,volume:0%7D,%7Bt:-43,tp:adStarted,sl:o,ad_duration:6,width:400,height:225,volume:0%7D,%7Bt:221,tp:adDurationChange,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:479,tp:adImpression,sl:o,ad_duration:6.016,width:400,height:225,volume:0,integral_timeToDecision:133,integral_didBlock:false,viewMode:normal,x_vv:3.7.0,x_vanstag:fw,x_xpc:iaso%7D,%7Bt:479,tp:adVideoStart,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:480,tp:adRemainingTimeChange,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:554,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:554,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:554,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:555,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:555,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:555,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:556,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:556,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1018,tp:resizeAd,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1728,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:1975,tp:adVideoFirstQuartile,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:2978,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:3482,tp:adVideoMidpoint,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D%5D%7D,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:2193,o:1289,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:34,wc:0.0.1600.1200,ac:1645.960.400.225,am:v,cc:1645.960.400.225,piv:0,obst:0,th:0,reas:l.v,bkn:%7Bpiv:%5B1285~0,1~75%5D,as:%5B1286~400.225%5D%7D%7D,%7Bsl:i,t:1289,wc:0.0.1600.1200,ac:1170.960.400.225,am:v,cc:1170.960.400.225,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B219~75,1973~100%5D,as:%5B2192~400.225%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:,tt:fwjsvid,dtt:105,fm:sGeyQ8n+1*.781848-56214926%7C11%7C12%7C13%7C14%7C151%7C152%7C153%7C1611%7C1612%7C1621%7C1631%7C1632%7C17%7C18%7C191%7C192%7C193%7C1a%7C1b1%7C1b2%7C1b311%7C1c%7C1d%7C1e111%7C1e112%7C1e113%7C1e114%7C1e115%7C1e116%7C1e117%7C1e118%7C1e119%7C1e11a%7C1e11b%7C1e11c%7C1e11d%7C1e12%7C1e13%7C1f%7C1g1%7C1h,idMap:1*,rmeas:1,rend:1,renddet:env%7D&br=u
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN (),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16 Aug 2021 07:35:51 GMT
X-Server-Name
dt47.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dc_oe=ChMI_-Cw_oO18gIV_UMdCR01VwaIEAAYACDR-oJKQhMI5v-m_oO18gIVDMARCB1KlwsG;av=1;acvw=sv%3D902%26cb%3Dima%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D960,1170,1185,1570%26tos%3D2044,0,0,230,0%26mtos%3D2044,20...
ade.googlesyndication.com/ddm/activity/ Frame C7FC 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI_-Cw_oO18gIV_UMdCR01VwaIEAAYACDR-oJKQhMI5v-m_oO18gIVDMARCB1KlwsG;av=1;acvw=sv%3D902%26cb%3Dima%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D960,1170,1185,1570%26tos%3D2044,0,0,230,0%26mtos%3D2044,2044,2044,2274,2274%26amtos%3D0,0,0,0,0%26mcvt%3D2044%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D79%26a%3D0%26ft%3D0%26dft%3D0%26at%3D79%26dat%3D0%26as%3D0%26vpt%3D2984%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2495%26pst%3D79%26vpaid%26dur%3D6016%26vmtime%3D2743%26dtos%3D22%26dtoss%3D2%26dvs%3D22%26dfvs%3D22%26dvpt%3D22%26is%3D275%26i0%3D22%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D16782103%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D1%26nv%3D0%26qmt%3D1491,1491,1491,1491,1491%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D1361%26femvt%3D0%26emc%3D19%26emuc%3D0%26emb%3D11,0,0,1,0%26avms%3Dexc%26qi%3D804055037%26psm%3D-2147483641%26psv%3D6%26psfv%3D6%26psa%3D-2147483648%26ptlt%3D1629099351044%26pngs%3D9s,14,15s%26ssb%3D0,0,0,0,0,0,0,0,0,0,2274;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1629099347264;ecn1=0;etm1=0;eid1=210003;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN (),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i
vid-io-cle.springserve.com/vd/ Frame EDDD 		0
120 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=3c8b8566&ps_id=356921&batch=5
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_5f161ae6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.243.179 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-141-243-179.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://holiday.presslogic.com
date
Mon, 16 Aug 2021 07:35:51 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
track
aktrack.pubmatic.com/ Frame 4722 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&wa=243&ts=1629099345&wc=16514&crId=369010998&ucrid=16969066245009242452&impid=BD0CE95A-B4C5-4670-9F58-9AA6E2C6DA4A&advertiser_id=3410&ecpm=3.358440&e=3&pfi=1&plmt=1&vps=1&sURL=holiday.presslogic.com&vc=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:51 GMT
content-length
0
content-type
text/html
dc_oe=ChMI_-Cw_oO18gIV_UMdCR01VwaIEAAYACDR-oJKQhMI5v-m_oO18gIVDMARCB1KlwsG;met=1;ecn1=1;etm1=0;eid1=18;
ade.googlesyndication.com/ddm/activity/ Frame 4722 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI_-Cw_oO18gIV_UMdCR01VwaIEAAYACDR-oJKQhMI5v-m_oO18gIVDMARCB1KlwsG;met=1;ecn1=1;etm1=0;eid1=18;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN (),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
t
t.lkqd.net/ Frame 2955 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.173 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://holiday.presslogic.com
date
Mon, 16 Aug 2021 07:35:51 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
dt
dt.adsafeprotected.com/ 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=781848&asId=8fb5b9a5-c7a9-770d-6a59-3c85126a8275&tv=%7Bc:lrpb3K,pingTime:2,time:3701,type:pf,clog:%5B%7Bpiv:0,vs:o,r:l.v,w:400,h:225,t:34%7D,%7Bpiv:88,vs:i,r:,t:1289%7D,%7Bpiv:100,t:1509%7D%5D,ve:%7BvEventCount:19,vEvents:%5B%7Bt:-45,tp:adLoaded,sl:o,ad_duration:6,width:400,height:225,volume:0%7D,%7Bt:-43,tp:adStarted,sl:o,ad_duration:6,width:400,height:225,volume:0%7D,%7Bt:221,tp:adDurationChange,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:479,tp:adImpression,sl:o,ad_duration:6.016,width:400,height:225,volume:0,integral_timeToDecision:133,integral_didBlock:false,viewMode:normal,x_vv:3.7.0,x_vanstag:fw,x_xpc:iaso%7D,%7Bt:479,tp:adVideoStart,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:480,tp:adRemainingTimeChange,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:554,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:554,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:554,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:555,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:555,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:555,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:556,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:556,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1018,tp:resizeAd,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1728,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:1975,tp:adVideoFirstQuartile,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:2978,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:3482,tp:adVideoMidpoint,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D%5D%7D,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:2412,o:1289,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:34,wc:0.0.1600.1200,ac:1645.960.400.225,am:v,cc:1645.960.400.225,piv:0,obst:0,th:0,reas:l.v,bkn:%7Bpiv:%5B1285~0,1~75%5D,as:%5B1286~400.225%5D%7D%7D,%7Bsl:i,t:1289,wc:0.0.1600.1200,ac:1170.960.400.225,am:v,cc:1170.960.400.225,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B219~75,2192~100%5D,as:%5B2411~400.225%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:,tt:fwjsvid,dtt:103,fm:sGeyQ8n+1*.781848-56214926%7C11%7C12%7C13%7C14%7C151%7C152%7C153%7C1611%7C1612%7C1621%7C1631%7C1632%7C17%7C18%7C191%7C192%7C193%7C1a%7C1b1%7C1b2%7C1b311%7C1c%7C1d%7C1e111%7C1e112%7C1e113%7C1e114%7C1e115%7C1e116%7C1e117%7C1e118%7C1e119%7C1e11a%7C1e11b%7C1e11c%7C1e11d%7C1e12%7C1e13%7C1f%7C1g1%7C1h,idMap:1*,rmeas:1,rend:1,renddet:env%7D&br=u
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN (),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16 Aug 2021 07:35:51 GMT
X-Server-Name
dt47.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
463c3c18.jpg
image.presslogic.com/holiday.presslogic.com/wp-content/uploads/2021/08/ 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.presslogic.com/holiday.presslogic.com/wp-content/uploads/2021/08/463c3c18.jpg?auto=format&w=830
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c88e9ca50700fe11d1ca8516d72f291a620a837dcddc2f00a76f647408446c7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:53 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Fri, 13 Aug 2021 12:16:31 GMT
server
cloudflare
etag
"cfnz7f3cZK0btZF1kRI2Avgw:eb11378ebbff1b99a011707bed0e5bff"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000
content-length
87128
accept-ranges
bytes
cf-ray
67f8fd044df74e61-FRA
cf-resized
internal=ok/m q=0 n=1860 c=134 v=2021.7.7
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.173 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://holiday.presslogic.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Mon, 16 Aug 2021 07:35:51 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://holiday.presslogic.com
dc_oe=ChMIhpe-_IO18gIVUOO7CB0ghwBnEAAYACDmxc1JQhMIvd-m_IO18gIV5FjlCh0GJgfg;met=1;&timestamp=1629099351968;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame EC05 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIhpe-_IO18gIVUOO7CB0ghwBnEAAYACDmxc1JQhMIvd-m_IO18gIV5FjlCh0GJgfg;met=1;&timestamp=1629099351968;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN (),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=781848&asId=8fb5b9a5-c7a9-770d-6a59-3c85126a8275&tv=%7Bc:lrpboi,pingTime:-4,time:4975,type:m,clog:%5B%7Bpiv:0,vs:o,r:l.v,w:400,h:225,t:34%7D,%7Bpiv:88,vs:i,r:,t:1289%7D,%7Bpiv:100,t:1509%7D%5D,ve:%7BvEventCount:21,vEvents:%5B%7Bt:-45,tp:adLoaded,sl:o,ad_duration:6,width:400,height:225,volume:0%7D,%7Bt:-43,tp:adStarted,sl:o,ad_duration:6,width:400,height:225,volume:0%7D,%7Bt:221,tp:adDurationChange,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:479,tp:adImpression,sl:o,ad_duration:6.016,width:400,height:225,volume:0,integral_timeToDecision:133,integral_didBlock:false,viewMode:normal,x_vv:3.7.0,x_vanstag:fw,x_xpc:iaso%7D,%7Bt:479,tp:adVideoStart,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:480,tp:adRemainingTimeChange,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:554,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:554,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:554,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:555,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:555,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:555,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:556,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:556,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1018,tp:resizeAd,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1728,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:1975,tp:adVideoFirstQuartile,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:2978,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:3482,tp:adVideoMidpoint,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:4247,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:4974,tp:adVideoThirdQuartile,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D%5D%7D,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:3686,o:1289,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:34,wc:0.0.1600.1200,ac:1645.960.400.225,am:v,cc:1645.960.400.225,piv:0,obst:0,th:0,reas:l.v,bkn:%7Bpiv:%5B1285~0,1~75%5D,as:%5B1286~400.225%5D%7D%7D,%7Bsl:i,t:1289,wc:0.0.1600.1200,ac:1170.960.400.225,am:v,cc:1170.960.400.225,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B219~75,3466~100%5D,as:%5B3685~400.225%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:,tt:fwjsvid,dtt:111,fm:sGeyQ8n+1*.781848-56214926%7C11%7C12%7C13%7C14%7C151%7C152%7C153%7C1611%7C1612%7C1621%7C1631%7C1632%7C17%7C18%7C191%7C192%7C193%7C1a%7C1b1%7C1b2%7C1b311%7C1c%7C1d%7C1e111%7C1e112%7C1e113%7C1e114%7C1e115%7C1e116%7C1e117%7C1e118%7C1e119%7C1e11a%7C1e11b%7C1e11c%7C1e11d%7C1e12%7C1e13%7C1f%7C1g1%7C1h,idMap:1*,rmeas:1,rend:1,renddet:env%7D&br=u
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN (),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16 Aug 2021 07:35:52 GMT
X-Server-Name
dt47.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dc_oe=ChMI_-Cw_oO18gIV_UMdCR01VwaIEAAYACDR-oJKQhMI5v-m_oO18gIVDMARCB1KlwsG;av=1;acvw=sv%3D902%26cb%3Dima%26e%3D3%26nas%3D1%26sdk%3Dh%26p%3D960,1170,1185,1570%26tos%3D3537,0,0,230,0%26mtos%3D3537,35...
ade.googlesyndication.com/ddm/activity/ Frame C7FC 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI_-Cw_oO18gIV_UMdCR01VwaIEAAYACDR-oJKQhMI5v-m_oO18gIVDMARCB1KlwsG;av=1;acvw=sv%3D902%26cb%3Dima%26e%3D3%26nas%3D1%26sdk%3Dh%26p%3D960,1170,1185,1570%26tos%3D3537,0,0,230,0%26mtos%3D3537,3537,3537,3767,3767%26amtos%3D0,0,0,0,0%26mcvt%3D3537%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D79%26a%3D0%26ft%3D0%26dft%3D0%26at%3D79%26dat%3D0%26as%3D0%26vpt%3D4477%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D3776%26pst%3D79%26vpaid%26dur%3D6016%26vmtime%3D4012%26dtos%3D1493%26dtoss%3D3%26dvs%3D1493%26dfvs%3D1493%26dvpt%3D1493%26is%3D275%26i0%3D22%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16782103%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D1%26nv%3D0%26qmt%3D1493,1493,1493,1493,1493%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D1361%26femvt%3D0%26emc%3D26%26emuc%3D0%26emb%3D18,0,0,1,0%26avms%3Dexc%26qi%3D804055037%26psm%3D-2147483625%26psv%3D22%26psfv%3D22%26psa%3D-2147483648%26ptlt%3D1629099352537%26pngs%3D9s,14,15s%26ssb%3D0,0,0,0,0,0,0,0,0,0,3767;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1629099347264;ecn1=0;etm1=0;eid1=210004;
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN (),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i
vid-io-cle.springserve.com/vd/ Frame EDDD 		0
120 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=3c8b8566&ps_id=356921&batch=6
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_5f161ae6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.243.179 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-141-243-179.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://holiday.presslogic.com
date
Mon, 16 Aug 2021 07:35:52 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
track
aktrack.pubmatic.com/ Frame 4722 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&wa=243&ts=1629099345&wc=16514&crId=369010998&ucrid=16969066245009242452&impid=BD0CE95A-B4C5-4670-9F58-9AA6E2C6DA4A&advertiser_id=3410&ecpm=3.358440&e=5&pfi=1&plmt=1&vps=1&sURL=holiday.presslogic.com&vc=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:52 GMT
content-length
0
content-type
text/html
dc_oe=ChMI_-Cw_oO18gIV_UMdCR01VwaIEAAYACDR-oJKQhMI5v-m_oO18gIVDMARCB1KlwsG;met=1;ecn1=1;etm1=0;eid1=960585;
ade.googlesyndication.com/ddm/activity/ Frame 4722 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI_-Cw_oO18gIV_UMdCR01VwaIEAAYACDR-oJKQhMI5v-m_oO18gIVDMARCB1KlwsG;met=1;ecn1=1;etm1=0;eid1=960585;
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN (),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
t
t.lkqd.net/ Frame 2955 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.173 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://holiday.presslogic.com
date
Mon, 16 Aug 2021 07:35:52 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.173 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://holiday.presslogic.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Mon, 16 Aug 2021 07:35:52 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://holiday.presslogic.com
dc_oe=ChMIwani_IO18gIVAOS7CB1_RA-tEAAYACC7n5VKQhMI0PHI_IO18gIVCdC7CB1j4AkO;met=1;&timestamp=1629099352670;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 8AEF 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIwani_IO18gIVAOS7CB1_RA-tEAAYACC7n5VKQhMI0PHI_IO18gIVCdC7CB1j4AkO;met=1;&timestamp=1629099352670;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN (),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
463c3c18.jpg
image.presslogic.com/holiday.presslogic.com/wp-content/uploads/2021/08/ 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.presslogic.com/holiday.presslogic.com/wp-content/uploads/2021/08/463c3c18.jpg?auto=format&w=830
Requested by
Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/a406b00.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c88e9ca50700fe11d1ca8516d72f291a620a837dcddc2f00a76f647408446c7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:53 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 13 Aug 2021 12:16:31 GMT
server
cloudflare
etag
"cfnz7f3cZK0btZF1kRI2Avgw:eb11378ebbff1b99a011707bed0e5bff"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000
content-length
87128
accept-ranges
bytes
cf-ray
67f8fd110ab04e61-FRA
cf-resized
internal=ok/m q=0 n=1860 c=134 v=2021.7.7
pixel.png
unified.adsafeprotected.com/ Frame 11E0 		35 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjo0MDYsInNpdGVfdXVpZCI6ImFmZGRlZjVkLWMyMDQtNDBhOS1iNGZiLTk2NWExNDVkMDY5NiIsImJpZF9yZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vaG9saWRheS5wcmVzc2xvZ2ljLmNvbS8ifX0sImNiIjoxNjI5MDk5MzUzODE2LCJpYXNfc2luZ2xldGFnIjp0cnVlLCJpYXNfc2luZ2xldGFnX291dGNvbWUiOjE5LCJoZWFkZXJzIjp7ImhlYWRlcjgiOiJpYXNvIn0sImN1c3RvbSI6eyJjdXN0b203IjoiNzgxODQ4IiwiY3VzdG9tOCI6IjU2MjE0OTI2IiwiY3VzdG9tMTEiOiIyMDIxLjAyLjExLTExLjAyLTE5Njc2ZTAiLCJ4c2lkIjoiZGY3MmM4NDMtYjAwZC00ODRjLTkyMTYtY2U4MjcwN2MzNzYyIn19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.99.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-99-241.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 16 Aug 2021 07:35:53 GMT
Connection
keep-alive
Content-Length
35
Vary
Origin
Content-Type
image/gif
dt
dt.adsafeprotected.com/ 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=781848&asId=8fb5b9a5-c7a9-770d-6a59-3c85126a8275&tv=%7Bc:lrpbIZ,pingTime:-4,time:6258,type:m,clog:%5B%7Bpiv:0,vs:o,r:l.v,w:400,h:225,t:34%7D,%7Bpiv:88,vs:i,r:,t:1289%7D,%7Bpiv:100,t:1509%7D%5D,ve:%7BvEventCount:23,vEvents:%5B%7Bt:-45,tp:adLoaded,sl:o,ad_duration:6,width:400,height:225,volume:0%7D,%7Bt:-43,tp:adStarted,sl:o,ad_duration:6,width:400,height:225,volume:0%7D,%7Bt:221,tp:adDurationChange,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:479,tp:adImpression,sl:o,ad_duration:6.016,width:400,height:225,volume:0,integral_timeToDecision:133,integral_didBlock:false,viewMode:normal,x_vv:3.7.0,x_vanstag:fw,x_xpc:iaso%7D,%7Bt:479,tp:adVideoStart,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:480,tp:adRemainingTimeChange,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:554,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:554,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:554,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:555,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:555,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:555,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:556,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:556,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1018,tp:resizeAd,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1728,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:1975,tp:adVideoFirstQuartile,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:2978,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:3482,tp:adVideoMidpoint,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:4247,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:4974,tp:adVideoThirdQuartile,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:5472,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:6257,tp:adVideoComplete,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D%5D%7D,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:4969,o:1289,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:34,wc:0.0.1600.1200,ac:1645.960.400.225,am:v,cc:1645.960.400.225,piv:0,obst:0,th:0,reas:l.v,bkn:%7Bpiv:%5B1285~0,1~75%5D,as:%5B1286~400.225%5D%7D%7D,%7Bsl:i,t:1289,wc:0.0.1600.1200,ac:1170.960.400.225,am:v,cc:1170.960.400.225,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B219~75,4749~100%5D,as:%5B4968~400.225%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:,tt:fwjsvid,dtt:105,fm:sGeyQ8n+1*.781848-56214926%7C11%7C12%7C13%7C14%7C151%7C152%7C153%7C1611%7C1612%7C1621%7C1631%7C1632%7C17%7C18%7C191%7C192%7C193%7C1a%7C1b1%7C1b2%7C1b311%7C1c%7C1d%7C1e111%7C1e112%7C1e113%7C1e114%7C1e115%7C1e116%7C1e117%7C1e118%7C1e119%7C1e11a%7C1e11b%7C1e11c%7C1e11d%7C1e12%7C1e13%7C1f%7C1g1%7C1h,idMap:1*,rmeas:1,rend:1,renddet:env%7D&br=u
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN (),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16 Aug 2021 07:35:53 GMT
X-Server-Name
dt47.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=781848&asId=8fb5b9a5-c7a9-770d-6a59-3c85126a8275&tv=%7Bc:lrpbJ0,pingTime:-1,time:6259,type:u,clog:%5B%7Bpiv:0,vs:o,r:l.v,w:400,h:225,t:34%7D,%7Bpiv:88,vs:i,r:,t:1289%7D,%7Bpiv:100,t:1509%7D%5D,ve:%7BvEventCount:23,vEvents:%5B%7Bt:-45,tp:adLoaded,sl:o,ad_duration:6,width:400,height:225,volume:0%7D,%7Bt:-43,tp:adStarted,sl:o,ad_duration:6,width:400,height:225,volume:0%7D,%7Bt:221,tp:adDurationChange,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:479,tp:adImpression,sl:o,ad_duration:6.016,width:400,height:225,volume:0,integral_timeToDecision:133,integral_didBlock:false,viewMode:normal,x_vv:3.7.0,x_vanstag:fw,x_xpc:iaso%7D,%7Bt:479,tp:adVideoStart,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:480,tp:adRemainingTimeChange,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:554,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:554,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:554,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:555,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:555,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:555,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:556,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:556,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1018,tp:resizeAd,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1728,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:1975,tp:adVideoFirstQuartile,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:2978,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:3482,tp:adVideoMidpoint,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:4247,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:4974,tp:adVideoThirdQuartile,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:5472,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:6257,tp:adVideoComplete,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D%5D%7D,ndt:7,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:4970,o:1289,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:34,wc:0.0.1600.1200,ac:1645.960.400.225,am:v,cc:1645.960.400.225,piv:0,obst:0,th:0,reas:l.v,bkn:%7Bpiv:%5B1285~0,1~75%5D,as:%5B1286~400.225%5D%7D%7D,%7Bsl:i,t:1289,wc:0.0.1600.1200,ac:1170.960.400.225,am:v,cc:1170.960.400.225,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B219~75,4750~100%5D,as:%5B4969~400.225%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:,tt:fwjsvid,dtt:105,fm:sGeyQ8n+1*.781848-56214926%7C11%7C12%7C13%7C14%7C151%7C152%7C153%7C1611%7C1612%7C1621%7C1631%7C1632%7C17%7C18%7C191%7C192%7C193%7C1a%7C1b1%7C1b2%7C1b311%7C1c%7C1d%7C1e111%7C1e112%7C1e113%7C1e114%7C1e115%7C1e116%7C1e117%7C1e118%7C1e119%7C1e11a%7C1e11b%7C1e11c%7C1e11d%7C1e12%7C1e13%7C1f%7C1g1%7C1h,idMap:1*,rmeas:1,rend:1,renddet:env,lt:1%7D&br=u
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN (),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://holiday.presslogic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16 Aug 2021 07:35:53 GMT
X-Server-Name
dt47.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dc_oe=ChMI_-Cw_oO18gIV_UMdCR01VwaIEAAYACDR-oJKQhMI5v-m_oO18gIVDMARCB1KlwsG;av=1;acvw=sv%3D902%26cb%3Dima%26e%3D4%26nas%3D1%26sdk%3Dh%26p%3D960,1170,1185,1570%26p0%3D960,1645,1185,2045%26p1%3D960,11...
ade.googlesyndication.com/ddm/activity/ Frame C7FC 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI_-Cw_oO18gIV_UMdCR01VwaIEAAYACDR-oJKQhMI5v-m_oO18gIVDMARCB1KlwsG;av=1;acvw=sv%3D902%26cb%3Dima%26e%3D4%26nas%3D1%26sdk%3Dh%26p%3D960,1170,1185,1570%26p0%3D960,1645,1185,2045%26p1%3D960,1170,1185,1570%26p2%3D960,1170,1185,1570%26p3%3D960,1170,1185,1570%26tos%3D4839,0,0,230,0%26mtos%3D4839,4839,4839,5069,5069%26amtos%3D0,0,0,0,0%26mtos1%3D553,0,230%26mtos2%3D1491,0,0%26mtos3%3D1493,0,0%26mcvt%3D4839%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D79%26a%3D0%26a0%3D1%26a1%3D0,0,1%26a2%3D0%26a3%3D0%26ft%3D0%26dft%3D0%26at%3D79%26dat%3D0%26as%3D0%26vpt%3D5779%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D4870%26pst%3D79%26vpaid%26dur%3D6016%26vmtime%3D5237%26dtos%3D1302%26dtoss%3D4%26dvs%3D1302%26dfvs%3D1302%26dvpt%3D1302%26is%3D275%26i0%3D22%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16782103%26c%3D1%26c0%3D0%26c1%3D0,1,1%26c2%3D1%26c3%3D1%26mc%3D1%26nc%3D0%26mv%3D1%26nv%3D0%26qmt%3D1302,1302,1302,1302,1302%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D1361%26femvt%3D0%26emc%3D32%26emuc%3D0%26emb%3D24,0,0,1,0%26avms%3Dexc%26qi%3D804055037%26psm%3D-2147483593%26psv%3D54%26psfv%3D54%26psa%3D-2147483648%26ptlt%3D1629099353839%26pngs%3D9s,14,15s%26ssb%3D0,0,0,0,0,0,0,0,0,0,5069%26ss0%3D0%26ss1%3D0,0.04,0.04%26ss2%3D0.04%26ss3%3D0.04;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1629099347264;ecn1=0;etm1=0;eid1=210005;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN (),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i
vid-io-cle.springserve.com/vd/ Frame EDDD 		0
120 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=3c8b8566&ps_id=356921&batch=7
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_5f161ae6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.243.179 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-141-243-179.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://holiday.presslogic.com
date
Mon, 16 Aug 2021 07:35:53 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
track
aktrack.pubmatic.com/ Frame 4722 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&wa=243&ts=1629099345&wc=16514&crId=369010998&ucrid=16969066245009242452&impid=BD0CE95A-B4C5-4670-9F58-9AA6E2C6DA4A&advertiser_id=3410&ecpm=3.358440&e=6&pfi=1&plmt=1&vps=1&sURL=holiday.presslogic.com&vc=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 07:35:53 GMT
content-length
0
content-type
text/html
dc_oe=ChMI_-Cw_oO18gIV_UMdCR01VwaIEAAYACDR-oJKQhMI5v-m_oO18gIVDMARCB1KlwsG;met=1;ecn1=1;etm1=0;eid1=13;
ade.googlesyndication.com/ddm/activity/ Frame 4722 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI_-Cw_oO18gIV_UMdCR01VwaIEAAYACDR-oJKQhMI5v-m_oO18gIVDMARCB1KlwsG;met=1;ecn1=1;etm1=0;eid1=13;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN (),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 07:35:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
t
t.lkqd.net/ Frame 2955 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.173 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://holiday.presslogic.com
date
Mon, 16 Aug 2021 07:35:54 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.173 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://holiday.presslogic.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Mon, 16 Aug 2021 07:35:53 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://holiday.presslogic.com
postback
s.update.rose.pubmatic.com/2/2.21.0/925744/ALgDKOUZEAMrqFwE/ Frame 4722 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.rose.pubmatic.com/2/2.21.0/925744/ALgDKOUZEAMrqFwE/postback?c3=1&pv=&ui=89A3FAE2-63FC-4CCA-AA74-FA8BC092C8F6&dt=9257441496860488980012&pp=156498&si=399115&pi=1801592&ti=BD0CE95A-B4C5-4670-9F58-9AA6E2C6DA4A&di=http%3A%2F%2Fholiday.presslogic.com%2F&ci=925744&sid=ALgDKOUZEAMrqFwE&oz_sc=ad187ee7dbb7a18a88f6c779&oz_df=1629099353907&oz_l=227&cv=3
Requested by
Host: s.update.rose.pubmatic.com
URL: https://s.update.rose.pubmatic.com/2/2.21.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 16 Aug 2021 07:35:53 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
csi
csi.gstatic.com/ Frame C7FC 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
t.lkqd.net
URL
https://t.lkqd.net/t
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NGYwMDE1MzktYzk5Yy02MGZlLTc4MzUtMTE2ZGU3ZmJhNGJj
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NGYwMDE1MzktYzk5Yy02MGZlLTc4MzUtMTE2ZGU3ZmJhNGJj
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NGYwMDE1MzktYzk5Yy02MGZlLTc4MzUtMTE2ZGU3ZmJhNGJj
Domain
r3---sn-4g5ednsr.c.2mdn.net
URL
https://r3---sn-4g5ednsr.c.2mdn.net/videoplayback/id/6b50fea60e1a1db7/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3772083129/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5CE824A588B9BFAC3748640BCE25CFDC01B93AE3.2732AEFE8CB3DCBFE15AE5E1DB09DB01476FA831/key/cms1/cms_redirect/yes/mh/5w/mip/2a01:4f8:121:131a::2/mm/42/mn/sn-4g5ednsr/ms/onc/mt/1629098751/mv/u/mvi/1/pl/52/ir/1/rr/12/file/file.mp4
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~ksebot8w&c=1438334553730&slotId=719167276865&fb=ima_html5-lima&sdkv=h.3.474.0%2Fvpaid_adapter&mrd=4&aab=1&itv=1&uet=2&rec=loaded-1%7Cshow_ad-1%7CcreativeView-1%7Cstart-1%7Cimpression-1%7Cmeasurable_impression-1%7Cmute-1%7CfirstQuartile-1%7Cviewable_impression-1%7Cmidpoint-1%7CthirdQuartile-1%7Ccomplete-1%7Cstop-1

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated number| _gtm_init number| doNotTrack object| _gtm_ids function| _gtm_inject object| dataLayer object| googletag object| ggeac object| google_js_reporting_queue object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| GoogleAnalyticsObject function| ga object| _atrk_opts function| fbq function| _fbq object| __NUXT__ function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| webpackJsonp object| __core-js_shared__ object| core object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady object| FontAwesomeConfig object| ___FONT_AWESOME___ object| __algolia object| __cfBeacon object| __s object| instgrm function| atrk boolean| _atrk_fired object| gaplugins object| gaGlobal object| gaData object| __SENTRY__ function| fbAsyncInit object| FB object| $nuxt object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| google_image_requests object| lkqd number| google_global_correlator object| closure_lm_696269 object| closure_lm_502522 object| closure_lm_957439 function| __IntegralASDiagnosticCall object| __IntegralASConfig object| __IASScope boolean| isDomless object| __IASOmidVerificationClient undefined| __IntegralAS_8fb5b9a5c7a9770d6a593c85126a8275_6987 undefined| __IntegralAS_8fb5b9a5c7a9770d6a593c85126a8275_1670

0 Cookies

79 Console Messages

Source Level URL
Text
console-api warning URL: https://holiday.presslogic.com/my/_nuxt/ff27d5f.js(Line 2)
Message:
<no-ssr> has been deprecated and will be removed in Nuxt 3, please use <client-only> instead
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Inside Logger.setDebugLevel to set the logger level.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Inside catch block, setting the value 1 received in the argument due to error:
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Finally, debug level set to 1
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:VPAIDMain:handshakeVersion() - PM AD MANAGER RELEASE VERSION: 1.2.0
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:VPAIDMain:handshakeVersion() - Player Version:2.0
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:into initPreConfiguration method
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Inside Logger.setDebugLevel to set the logger level.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Inside catch block, setting the value 2 received in the argument due to error:
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Finally, debug level set to 2
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:into initAd method
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Auotplay check: From Video Player environmentVars.videoSlotCanAutoPlay: true
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Player provided the volume level: 0
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Use mute(0) as a default value since we have received 2 or 6 in the vplay parameter.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Inside createQueryString() : QueryString created from adtag variables - adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,&us_privacy=&cb=1629099344572
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Inside createQueryString() : QueryString created from adtag variables - SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fholiday.presslogic.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fholiday.presslogic.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-8-16 9:35:45&ranreq=0.20272461607681502&timezone=2&depth=0
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:PM AdRequest Time: 0.947secs.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Third Party VPAID !!!
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Initializing PM VPAID player ...
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Timer is already stopped.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:TPV loaded successfully.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Inside PMVpaidPlayer:initVpaidAd()
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Calling TPV handshakeVersion().
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Calling TPV initAd().
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Inside PMVpaidPlayer - TPV dispatched Ad_Loaded event
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Done with PMPlayer initialization. Now dispatching AD_LOADED Event.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Inside PMVpaidPlayer:getAdVolume()
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Inside PMVpaidPlayer:changeVolume(): 1
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Inside PMVpaidPlayer:getAdVolume()
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Inside PMVpaidPlayer:changeVolume(): 1
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Inside PMVpaidPlayer:changeVolume(): 0
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Inside PMVpaidPlayer:getAdVolume()
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Inside VPAIDMain:startAd()
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Inside PMVpaidPlayer:start()
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:PMVpaidPlayer:start() - Calling TPV VPAID startAd()...
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Inside PMVpaidPlayer:changeVolume(): 0
console-api debug URL: https://static.adsafeprotected.com/sca.17.5.11.js(Line 32)
Message:
a: 0.0009765625 ms
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Inside PMVpaidPlayer - TPV dispatched Ad_Impression event
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Executing Tracking Event: creativeView
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Inside PMVpaidPlayer:getAdVolume()
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Inside PMVpaidPlayer:changeVolume(): 0
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Inside PMVpaidPlayer:getAdVolume()
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Inside PMVpaidPlayer:changeVolume(): 0
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Inside PMVpaidPlayer:changeVolume(): 0
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Inside PMVpaidPlayer:getAdVolume()
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Impression Time:3.515secs.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Total Component Time since player call: 3.599secs.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Executing IMPRESSION event
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Inside PMVpaidPlayer:getAdVolume()
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Inside PMVpaidPlayer:changeVolume(): 0
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Inside PMVpaidPlayer:changeVolume(): 0
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Inside PMVpaidPlayer:getAdVolume()
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Executing Tracking Event: start
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Inside PMVpaidPlayer:getAdVolume()
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Inside PMVpaidPlayer:changeVolume(): 0
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Inside PMVpaidPlayer:getAdVolume()
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Inside PMVpaidPlayer:changeVolume(): 0
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Inside PMVpaidPlayer:changeVolume(): 0
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Inside PMVpaidPlayer:getAdVolume()
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Timer is already stopped.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Inside PMVpaidPlayer - TPV dispatched Ad_Started event
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Inside PMVpaidPlayer - TPV dispatched AD_VIDEO_START event
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Executing Tracking Event: start
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Inside PMVpaidPlayer:getAdVolume()
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Inside PMVpaidPlayer:getAdVolume()
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Inside PMVpaidPlayer:resize()
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Inside PMVpaidPlayer - TPV dispatched Ad_size_change event
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Inside PMVpaidPlayer - TPV dispatched AD_VIDEO_FIRST_QUARTILE event
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Executing Tracking Event: firstQuartile
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Inside PMVpaidPlayer - TPV dispatched AD_VIDEO_MIDPOINT event
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Executing Tracking Event: midpoint
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Inside PMVpaidPlayer - TPV dispatched THIRD_QUARTILE event
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Executing Tracking Event: thirdQuartile
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Inside PMVpaidPlayer - TPV dispatched AD_VIDEO_COMPLETE event
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Executing Tracking Event: complete
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Timer is already stopped.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Inside PMVpaidPlayer - TPV dispatched AD_STOPPED event
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Timer is already stopped.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Fholiday.presslogic.com%2F&schain=1.0,1!vidoomy.com,57736,1,1629099343062,,(Line 181)
Message:
pm-info:Done with TPV VPAID cleaned up

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

08be860f3b086271ab82f878724c8a95.safeframe.googlesyndication.com
4cywq-eqnre.ads.tremorhub.com
a.tribalfusion.com
a.vidoomy.com
ad.atdmt.com
ad.lkqd.net
ad.turn.com
ad4m.at
ade.googlesyndication.com
ads.adaptv.advertising.com
ads.aralego.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
ads.vidoomy.com
adservice.google.com
adservice.google.de
aktrack.pubmatic.com
assets.presslogic.com
bh.contextweb.com
bid.g.doubleclick.net
bit.ly
c1.adform.net
certify-js.alexametrics.com
certify.alexametrics.com
cm.adgrx.com
cm.g.doubleclick.net
connect.facebook.net
cs.lkqd.net
csi.gstatic.com
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsp.nrich.ai
dsum-sec.casalemedia.com
dt.adsafeprotected.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
events.mmi360.net
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
hal9000.redintelligence.net
hal900014.redintelligence.net
holiday.presslogic.com
ib.adnxs.com
image.presslogic.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
loada.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.taboola.com
opt.objectiveportal.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.adsafeprotected.com
pixel.onaudience.com
pixel.quantserve.com
platform.instagram.com
pool.admedo.com
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
px.vidoomy.com
r1---sn-4g5ednsr.c.2mdn.net
r3---sn-4g5ednsr.c.2mdn.net
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
rtb.gumgum.com
s.tribalfusion.com
s.update.rose.pubmatic.com
s0.2mdn.net
sb.scorecardresearch.com
search.spotxchange.com
secure.adnxs.com
securepubads.g.doubleclick.net
sentry.io
simage2.pubmatic.com
static.adsafeprotected.com
static.cloudflareinsights.com
static.tradetracker.net
stats.g.doubleclick.net
storage.googleapis.com
sync-tm.everesttech.net
sync.1rx.io
sync.mathtag.com
sync.targeting.unrulymedia.com
sync.teads.tv
t.lkqd.net
ti.tradetracker.net
tinyurl.com
tpc.googlesyndication.com
trc.taboola.com
um.simpli.fi
unified.adsafeprotected.com
ups.analytics.yahoo.com
us-u.openx.net
v.lkqd.net
vid-io-cle.springserve.com
vid.pubmatic.com
vidoomy-d.openx.net
vpaid.pubmatic.com
vpaid.springserve.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.instagram.com
x.bidswitch.net
cm.g.doubleclick.net
csi.gstatic.com
r3---sn-4g5ednsr.c.2mdn.net
t.lkqd.net
104.244.36.20
108.128.25.216
142.250.184.194
142.250.185.98
142.250.186.66
146.20.132.108
146.20.132.161
146.20.132.173
151.101.13.44
151.101.14.49
151.139.128.11
159.65.197.210
162.55.6.212
169.50.137.190
173.194.76.156
176.9.26.250
178.250.0.163
18.156.0.31
18.158.86.56
18.193.42.157
18.198.69.109
18.203.131.238
18.217.131.61
184.30.20.198
184.30.21.112
184.31.88.106
185.29.132.241
185.33.220.242
185.64.189.114
185.64.189.115
185.64.189.216
185.64.190.75
185.64.190.80
185.94.180.123
188.165.4.142
192.96.200.41
195.201.152.90
198.148.27.139
2.18.233.180
2.18.234.21
2001:678:cb4:bbbb::11
213.155.156.181
213.19.147.44
2600:1f18:612b:4216:72b:4784:49c3:fec8
2600:9000:20eb:c600:15:6f6c:b180:93a1
2600:9000:2127:c00:8:48e:53c0:93a1
2600:9000:21f3:4e00:1a:7c92:efc0:93a1
2606:4700:10::6814:8b41
2606:4700:3039::6815:c03b
2606:4700::6810:5e41
2606:4700::6812:1749
2606:4700::6812:d05
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1288:110:c305::8000
2a00:1450:4001:801::2010
2a00:1450:4001:803::200e
2a00:1450:4001:808::200e
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2003
2a00:1450:4001:811::2001
2a00:1450:4001:812::2002
2a00:1450:4001:813::2001
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::2008
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2006
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2002
2a00:1450:4001:830::200a
2a00:1450:4001:830::200e
2a00:1450:4001:831::2004
2a00:1450:400c:c04::9d
2a00:1450:4017:800::2003
2a00:1450:401e:28::6
2a00:1450:401e:28::8
2a02:fa8:8806:16::1370
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f045:f:face:b00c:0:8c
2a03:2880:f145:82:face:b00c:0:25de
2a03:2880:f21c:81c4:face:b00c:0:43fe
2a03:2880:f245:e0:face:b00c:0:4420
2a04:4e42:3::300
3.129.250.65
3.141.243.179
34.98.107.212
35.157.197.70
35.188.42.15
35.210.53.219
35.244.159.8
37.157.4.24
37.252.172.38
51.210.112.63
51.255.68.171
52.15.171.234
52.16.99.241
52.215.68.151
54.229.132.88
54.77.47.243
65.9.73.17
65.9.73.74
65.9.96.11
66.155.71.150
67.199.248.11
72.251.241.204
76.223.111.131
85.114.159.93
94.130.102.164
002f30f9530ff18be5fef9bc2dccac6f7982a2e5ca5f9eeef662f4a354fc2426
00cf2ed50075360b5714ace0b7441948e11a6bae28d054ab4464e676b581a460
01e6ccbbb66cfaaeba5d6164afd69635dbb6a0d81034c4b5a2d995b1457859cf
04e304e4d4e9573263793d7534afef67d42568427eebd978e54e523c8f3a6035
0795a9add8aaabcf9fc428586bf8e7e73038c95798adeb038a287ff2a586dbb7
08d4b1ac1610a9457a6e1fa77efde7ce1b99a41880b73a9e2c74b46b6de8a9a7
090b0d5b9c6fcad898bf80088a9b08666736e32872bfd4329fc14f28dbdd9a5d
0ac089360b766a0fc35fb684600efa83d84b9017341e56c5116150664979d99d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c1853209c0da53570fbeca97a7ad5a2e2623875abd6395bab3409d2bdc7ea69
0c88e9ca50700fe11d1ca8516d72f291a620a837dcddc2f00a76f647408446c7
0d3816f43e3249d9e0434283063173b7745c321b34576508731d048d8f80b430
0df1bd9b2088fe2894fd904600c7475cede0fa8f546b6274cd1ca40f9e1a4055
0dfdcc9934068e5000d8b906423558878e7cd1b9a6b7b1d566a30a6f969ee71f
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299
10451b01ead5e286ee4dd7fba2a18aeae2a0ecc31035fa9eeed6130865bd514a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1108f1916ae7a8c7298e032eeb7a87fb86f0aa24b3883f62911b6206d5107c2b
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13b8277e949ea93ffc1b329a1f95b2775593340d17fe828ed40f2b3f9e125f9a
1414b0cd8e8d094ca6ca52b7b093c933f15dc37e5b645f8a94509b7fef4fd14a
17c6eb54c5592ee6adaa73f0cc0b84f74b980b29e101698ebb365ee5b051cd39
182eef66015deee87a9e972aae3d3a87bf95c2a4bf3cc9572d73f794750280dd
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
192ce45115302bb7202d16fb8eac17a5cfcb359e0f9a6348b316774991348ba8
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1ad462c24b7db7dd8b19893f55f6101838f756bbf9473c8ed172389f61ecf1c8
1b280c07b1f229013b0b07166ae9d37bddac9c06bf25103681967ea1aba13d07
1b2d5e88c36ab8efc1347d619bff25b503bed8c97e9431fb5053bf61ba297426
1d6d3b9f8e0313f53a32160e14ffb19c80aa84fc2534b3d4acdfe8880059d83f
1da3ac76216232275cfc3ac537a7fbab9bbaa8624058ba797425f2ed2afd414a
1dbdb430a025a536468a22e7a93984413d120c1e973c62afc780feb85632163b
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e4d1f015574bc536fccb39fc52dd47c3b0eab1b99a45754ddcdc2f73e0c8368
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1f83c6e3eac9d41d51bc8e3b63f353ea889cc70b9938e2f701719aef80bf8528
1f9780310201d73ac014370dae4d09cc57028d72974aa71b114afea6f4cf4b8f
1fc439cefd3df15d3a55ec84c735eeb7ec3422f4803534624ba2e5dd44936482
21c5cdf88a9219f623264dd4d24e3e0692f58c5618617030fb634b11f8a6116c
2405bd02584cae91a0a4c434fec3e72f392d07e1bedc993c3b16baa7800bbdfd
24e7a872e97ddca5fc2cacc625c2a147bde894a764ba51300214781560368116
26a59f5cd2e558222d7fe0c2883f7e3926c15534d1ea4b846ce1aa2ea79c4adf
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2a7695bf1c26b3250de42c8ad42bc4e3abf7418876f76ad67bb58092c9244478
2bbba340d2f452e7c662f1e486a08477ae6aa7c10093dfe09f6636674df8a720
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
2ca6497a42e24612a860882911fa235b3a1b94620da002b84af1fead572a282b
2cff7ab03cb4e476b49ea05511c6cfcc71af6d5ed20d40e9b40ee31062149e77
2d853d5c205e6bc73c9928255af1ea931f948c6f46f607eeef92935f37f72f5a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
30b3c1d1b754d0d7fe1e26f574554e56d9eef5e8b9b65a4c21a7680b540b3e76
313980e71cc69f18608b91680d9ed20c5b888629ee2d8904c168f01a3a21a6eb
314620316b791996fa0238a4ec9ec6fdfe87e76f66e7023b8057b713521be828
318c9b4b107888849a0163153ea85489460ffbd3777be3378c160c82dc7d4336
320bdb63f5150f35fa6b9f3de2f204ed2caea8d6207cdb82ebfafb1ee136f818
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
329a3e9f0539abb006fc522b75d1defc37bf4915c9f6384bbeb19f20697e86ce
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
34f4765beef1963a50e6f26df1523b3b0d0db5fcb77331eb5f5a71243e0ac461
357839b656a38b688c109822362a471abf0cfa1c50b94f913e8c141fba7f59bf
358fc1efac6ebe684f843d91d508f0291f9689c1dd64ed34b63502148973e685
35adff49f4f7c4fa7112da10261ed1abecd865549fadc40690a4cc1f2e6bf832
36764ad99858aeabc8630ce12a731d82ec32feb371c88b2572e7f848159127d3
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37fbc56848d8a6f47f63521ede0688ab5769b28faecbd34e9fecbfc9e1dcd029
3ae447f22175635e4c9b6e89b1efa8b5bef4c04757b26c1486ba8428fb14f800
3b838024f7eb1457a19caad1dc9fe45ed130118c7e34da184105f3ae40887898
3c1c45be16cdc4c3f937571eaae7577a412b968be501ee267f450a696058951e
3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7
3c4176795e7304f2d0373d2c3edad1600cab1a1a0e8b202c6cfe3e06c7466172
3ccb72da607eda9c351eb0dea0e87cd7456d63e0c4723c75060d79c6d8975781
40ca98c145bf27de21e87e43748da8e926d8986e851f3e6747cafc4da373bca2
4103ccf167d53c0b9a5fdd5df1d05e935bc69a579d103f61854bfa3091bf5cc2
41f9cd0839a2a56085d916434db0241b19cb55d3d1cc317a718b6625813fc16f
425050ba5cddd6da2e5c8ca0f0e2b49f4b842c425767dbb1e984861fd64f21f7
429359266b178dc66a512ca84aec255558c9916a41f3fc8c0ceeea0421b4899d
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
43a96715349ca6acfd5f08d90d5af4c11b8a0d7976faf938d99119ce0aa45c42
445f0d762cbfbc40b6fcc7587a67b36a25d2f3f91215f83283e077d2e03c2ab3
44fb13854aa442c76f3a69420e5ac500ebef070f9c3796e43115dd1ce851a166
456c75a094a65d46a9b65bd6e0a59c3498e304d595055216a477045c99f2df1c
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac
4645e41595da9c672140b15610528c886785a6fa90b17a8ce8458786139c9932
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
482630e04e56e186b6821c33288f0a5be8ee31638cd5f1dfbb33169b5dd6a204
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48b587363801affa439a25c88c4df2baffa4ee1e7aa8f7cd0995a23af0087c95
4a6ac4fb37c41c4170ff785ba5051af72ef9ff0043895cbaee23cb70890bf566
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ea16dee42780c7632193ecbd813d5dfb775e881448219a0bb98694a176e80fd
4f0f73603fc825165a86d3f8cea2192f39822851516608324fc3bc0c69f694d5
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fff2742f0112b95283e6df2f2cfbdc53011328b0025f02bf729a2d5fa90090b
503fdf21c73cbd004617290290875aae1c12e70ea356b10206112cb41bc023e0
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
514b89b0fe7489acf030d8e607218f6473c0ead7488a01447c8cdb2d86ed5350
5472cbce3d59802ab140c5b8eecfca4d357343c47a1c9ea601ccf1d50145955b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55e4952be9599ffd0c411a904a954ac984ed919d612ac2c044545a373aebd1f8
5616a6e1823b43919f7d1a33817cccfa1d9f30c9f10f2deb00d9c3671f91d5f0
57094f413279468aec48e27575d858ea7979a867788ed1120f6192e2fe7140ba
57e7135d32625d7e1d8117a0571033a7564dc662dfe18bafdefd6633633858b9
59cc7fa40540cc164a9c69d98d697f14010ff99f62cb8afe97610cacd2d32c04
5bceb1373e724848614507377201c8dbb09ebf06f16cc4850864ddb2acf8d261
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
5d52ba9d1eaa9f0e44d54860455271a4c409b0535dda3430c2fe9856d3bfa5cb
5d5ad4161562b6ba4bc9e6a0932600b410753be316b9a1015f731e657ce16a8d
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
5fa27f35fb69e04575f2b6a30221f1c1641d23346e8587295c6630238d9c9bae
60c5faf531c04e9a0436fcf0c1365934af930380a45e1900e59ac70f4742ca2b
61fb409fcea7eda0419035ff2d75faea6742fcccdf5ff99fa44eb783f5053bb3
620d2496ce892dbfea08cde89081ccc445f49c1155faa3fd431f09b0152e3ec1
62eb7e9f8222fc79e3e3fab98deb28daa00054981cf350f0a4153b60db57ceb6
63a218801054b8267a86e48b10025b463f4fc573ad1c58ea95ccbb69627e9905
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6545222b04476f1895fdc73c3411e0a525609ae3e070250c007a3175d69fb0ff
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b
66703b9abb25d3f3e8209351e79e43bb40720de5d0d32fbc83ca4b29af1bcc09
67ca185ea62d98ebb96ecf708e3d5d2a3283ed3e22665f98342cf58ef79fe412
6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b89adada767e0cb60e6b0437dd797ee859757430a13cd3d7d9c4544627d593e
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
6c1ce9c9a9b386bde0f0788bcf893c32952042c6b409d5a86c184f0cfc967727
6d731e6d3e38558377e2fa974639cabf5209d9cafa5f00e186b0e3faf0aea02b
7030d1bfd4c94e51a0d21f6b267fb7986a1f482528eb25a4be6a0f2892feee27
717de30a4e041b92e5d3aa230aeede4e08434647e627279477a2f642ac2861eb
720540fdf6be1b3d2aee9c54172a0b328457b3e6860da752f37c88a0860607cb
727dc8fdc7e925a8557fff31749df1ae2b0ba759fa4bb3e052978c09ac1be735
747de4f700fc38ad6aec697eca9a96c31b522213c90f3b50211c869a5d7f0464
74e0a79ef6d63e8502a4efc5db37400f4da1facea09eec134af5db57ebd0f84c
7761979199bf20d25fe4726392f9e6c268295e5d179b2bb5a683cb10fb6ad0d2
77c3d215298f95357de947f102cc00bded45bdb71ab3c20f9dfdc64e490729c6
787a420648dba63de75fd3ae2a52e5deffa2534f99a68039548c5f32d5023c6e
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d
79a23dca95e4bb730b33af450264d22633e9c68cfb5a0fe118466f7bcd0dd919
79cc39ab51de99510d98e22dfc56bd456b3ffbb29671e3d2e61719ee50792565
7a785e674d7e0a971efb769521d506914d875c0cbb461fbf0ee92885725ef03d
7c83d3b2626e5c7be290676f31d079ab4a3c1013458e1748494cbe3e05145b27
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5
80d95328167947c0003a2c066f849c12427e849751483e62f0d6fd55b6278fb5
812f8be8df3e614cc2c0c83f37b4448e0c7d9cbcee2d7f87e8dd83344c4e72d1
82f7485255164ff17c3a7c718d8893f5633192de5fc3f0951b7416bd5feda2be
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
858c67a87c1e3521cb7ed90b52eb2815b41ce7f27b21160d8a0941da25ea38d2
87560b6cb91106ba45195d2dc30a0409e162747d056d8e0ed4ee85af36df26f9
87f89557eebee9305eeda94f705ea5155509685cb4a274f042e9b3bb43f43ae0
881d7ee9c548267e8868c706be137e571769363579475059b680777d2f8ad88d
89189c55b69e3dd2e2f7499687f8b7aa68df60f7a943d879dc0b33eb3343188e
891b590b7c68d10805cba9374cd11d711d160e92466c23759590ed50039aa585
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c9f2f7036ef7b1e4a9efe172c079cc136c1a2babffb00add9895c8c4f72bfa6
8d9a25d34669b677255bd55ac3095c0ca88ad5ffe0879bb89df9ce2053380cd2
8da0c3872beb7b2262f0405bef8d4f6a35b74cfd167d443ba4d2ecd0caf3c9e0
8e65f82f6a83a9037b41abe38e84b5095104efa3c0a1a7c086240644c0b0d6c4
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
908655ae4a844e806e5542be8b86a5b748bf79a8b8a911c36239420e0fe4f098
911e0dbfe6af72410829c350aa3cddb5fd8d2f1242f7345b0ebfd8712d6f3543
918ba0dc0f0ad5e21feceaa8882c3377f777dfc684f8238b9866cb9b8e70a30f
91919691d0218cdfd86802c06a1bd952cf2fa0757029262943fb300d27470563
91bb6446e110aaf95fb682807decc8c52b133df863cd5fffa07f3eb1f9ef47e1
932060b34fe451f1cb994f3da257f6d2d0f281e1e286e9f3f0e2da63e862fec6
94237d96b9dac608337fb47fbbe25d57ce172c26fc8a3af2b1ba573c10dee274
95712c779de410dc14ceda3546e985152773cef656dfdfd071fc9f2aadd5fff2
95e572491860557badd4d4d1d3e37f1f3c602cc3d163a0cdac6b6523fbee67c3
9625dd5f36e9196b741bfb4558fb8809318495207eb6213427f4ee42b7baa57e
96503e04ada430a3ec5cb6b037fdb924008f7b89154a977fe9a455bc2e4bfced
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
9a43607be29f655abb526294f1c784c828dc78d6d39786a5f1bb400ac0c13725
9b080c98b82f314631aeab1af76926dba063440ac1e9e8dddafeb956a02453a9
9b715ce2f21edf6de07065ad01134a91663a20229064d3c8f25fd365aeb22ee0
9f2b4365d34a3674dca8130a0ad100fb822c288485faac1afed2eca07af7acb9
9fa10c61eb18b3a4cadfeb44cb0e7d1dec2e300f5157cb1966acfae8b7d0d8fb
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a1e6db17beead6421070bed74c889ccf58b7b28dea2cb631d1341297bdaa2da9
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f
a3918f5549f6a86dadacaa9ac21d53eaec20f6f88e45c3575051d6d7a3999143
a47151678a73e538750e03c7b21bfad10f41b69dfde40588b6652982da65d762
a4921546c0a359575d12e5e7c7990a501872a1bd67f91b7bc4f95003bdf6f84d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4ecc9959cd239ec86b4c315d819b2a366f2ec2f022ab9265b4dd46aca06a140
a5b14c6fe6d0f6c3949f54bc90c2e2c8261d7fefdcd03252ed84dff4a8d6acb2
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a641367cdd5f0d6e0e26fb9a3f3c418160182c7b8c7ccc95fda01841acc3c27e
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a82269bce61196e0aca1c36b304de3471e367a41179284996e6b06b2a3b3009a
a98506768a2f465c8ba6c1bc10f22668ca40f3ccecc27b6c7412c267dabc041c
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
aa2b19d2cb958f55d6700e64c751c1a8010ea3ed9824ac54a510b7d80c090683
aac79529a8c3f553f89f439b86d32a07fd3973327817352a2846b699a94f9d60
aadec4c72d6732dfc94c76c94e38be18b3e817c0607ce864f6a3ca5a4b26601a
adbef4afa89554194c148093f930fd05a39b55e8f54aabcf2a7b1cdff63c1178
ae6dadd0b9fb16a8194e26f078bf454bc09719380d50f3d50021c71c12551e7b
af7f50885294a42692ed5f322ba2ee5fd104962d8cbe573e7297b3698d1a41db
affaba932ef7bbfbe7ee80b2b07ffd219feaeb34c33293e1290d3e629b47d406
b0e908b0ddb1164ecbc848a79b4c33a5a96d53c583d4fbc1f69429437a6f7b92
b12be8ea0b99ddff6a37e0b868de5a4b7f8cf1c8b9d13de72e675d13b46bc83c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1a4276cc356a6b35abd1932607bfe1fbdaacd3ea50c6c465cb636b63c9b80d1
b359903b67aa13345719ad1b7fafe44984e7ecc9f493c80d61dc97a23b40aa1f
b412dce026277f46cd58514e383a5ddb188496de7a675d410d9b8d245760959c
b553ff5b6a9ee1030c38227841672191ac02da3a546d2587347b76c8d27c1a9b
b58ee3d7b8cf7715cb2efcc2910ced1fbeeac027b23a5f5b600cd8c07c100b1f
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b741ecd7a4536cf1090389c411c21aacf10e1793cae5051849ebe211aef453ea
b879eea03bdff754eb9e1cc33c1cee2c94a8759f98c53129c3d816abd8af2585
ba0b79d245022145fc11027797e0229f0a056a842d0aa507999363e6d7e2a500
ba3c0ebd66e3d3c419c666539c3afbcafbd0114fa8727ed3be89241d1961c938
bb25bbb91427026f6b2b8e4c2f0ffe7d41ae35f54e147b6c48a416bd2daff98a
bba16626e801e6583dd3bd02659f05871382323a003d68257f4f67ddb980e8d8
c26388169a1c9a5ad9a24d13308ac4ee4c708a2a91f54b186f7ff32a0b3428c3
c2abab588ed1aa226fff507bb12cc00b354738c203f4b6cd202f40352cdc6591
c38e0daca00b89a7abd05c03405d75e8c23b5c341754fdfce5663f0f36e1d845
c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b
c69739431e5aff1b7174a81209cbd0658da6c4d1b6527580f9f2f070df848290
c863026af0aca0b6e8067015b05c5be855682e861c8cb376075ad8e7b313f06f
c9f94f957c781ac27e4257c276659d678b1cd9dcd5931b6c0b068da46198378e
cc4858f93b8a1aa64b45c9b7bcf4b74e39a818a27fb9c50b397b92ee83f1f5c0
cd0de16f52f2d467a82f934e2648ac80a0c8b0a005af7aef860562e44a81fb6c
cd52c122328222aa09da5268422e69f9cd61111fbcd7b125cfcf5a7f03a22384
ce9bf72d9a153e222337a2add32e99d0c65c60d2e4dd2759f25a03105056ad49
cef5bfad4ba0ea5b896f810f67e6c872f5fa317ca792cd927ac6497540e5030f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d18b7a795610e8257cff2e8299216d7ab0993c97374546320e2e17637385204a
d5a369d3d8be69eaf6a54f958015e687947252be07dbb197750fa8147caea4dc
d606561d55e92471ea7d36f2924827dd1ea0483d6039a3791c4219ab05da2cc1
d64b05fc43fc4c439d6d5f3b9e81f9bbb182b04c146dd8847f5723907600f79d
d68ec72b228d808280de4f74bb74f3db12e9baf5915feddfeed57c007efdd5d6
d7115b000d09e26c8d4acddcdc655544309634c73189e9dbdd7160b5e2cb9582
d7d8388031f5fdf89c50b8a437841156016b65640cf9a19ed0b663aea62c2e6d
d810d62c27c55c915feaca97af37fac9580073e4c1482b7f1665912d74627ac1
d8eb0eea39a37b88dc5af05c475212e7a86814b77e9f9814e88ab458e3b7111a
da38b17bcd33d8afdfb2ba334966431117fd9717ef7bd752c0102e5340243d15
db8e982e9d4aee00d8b7052edd851e00a8cf4ae33ca811272b67c6e048d93a25
dc8ddaa583bfcc0ab71cf6824ca3b6d58aa3b0432f72f875289c0a66ae77a860
dcc2f457f01dbf232ce54bd2a3fdb5b1af63acd152b1dd8046b89f3e50030ba2
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dcf0a9784cc39d354ebeb53edfdbe8de7c2b545e53077068dc9a4f384b68a685
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0583d749537c347d42a4ca3c939933db2d7c2b2cf87ef6206f8525de99aba10
e1993496a75a97218231e6920ffd2025f0eea3532b4f2cc6b8a3662ed6f83e94
e2ee7ee2de1234830a3d2be3f229437a9a8850ab976189ad25b96488c9f21a51
e39706fbc73a8d1e5000aa07fac46ccd733ee66ddfe6a8da014871bf350a73a8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5ab65d9bc23ec6f0a9aa0777bcedb0b5c81722ca1baeb73070fed2421bcbd0c
e605a33d737b143267491094222614ed38991e31096d3169108c8ebee516f8e5
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e647c5d18350402817098a6f79853790ace79be9a1bf94cc3c8797addc5cdd34
e6d9014a237b2b9ad7c03a94d1f7ff0534ea0f9b941ee9df4a73f6d440f84fe1
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
e88efe32efdb6348bf7e652f94fe2ac0b4fc2de4e372d2a9fe436db686e0a99d
e9bc60b625ef89de00f22bc264e3f085526b4bd0fed14e2f5ebf3b8ab7ac8b95
eb8c12f38c58542a19e9bc876eea0078159aa560794bc0244608946d0f7ec64b
ed05afea1d3578981db83b3d1732720ccf15dd91054ca328207ac7f0fb7c7b5b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2a2b0b6d302aaa18148ed36540d475c9d1987f486528cc4e4691efd2320228
ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f
ef7ddeaf31d487bf07b79b1aeb4f9cad24ffa35c280e0702c276dd5cf709cf67
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8
f32e5a054bca9ebc3601a7a908ca341f2de553f2a18b83b61e8f1c040cb936bc
f3ec6bc37a53acf4691257db8ebf6e6e695fb6faeb22461e723d18ab6102a810
f49ea908d24834fc61cf2b1b0aeade33ef295a569252bd27606ebe1636fc832b
f52daf4d69d6ae951be55c38f428d13917ae955f72fee89c7460428a3f390c55
f79c4cf2b5494dac51a38f8c149d66042f46e6a3bb07510fb5d64f296895ea75
f992a3471511cc92b4d7a8a249c809c31edc7c242ebe26ed274543c98cb7fe3b
f9a8536bd32bcd9ecba5f08463ea344cfbcf4a2e0c1af51ce14089dcd4dbac51
f9da31cabd7ad9f32c9a2c18ce1838a6eaeeca9fbf55995a3e5a2abb2aface6b
fa21139e68e8398007aa02e976493467cc6699ef57f9a1e54919b5cda680f2f1
fcba340c9bc5486c71ff1141807a0fcfc21e3492981f0a78c69b33a6e3a572cc
fdd3e502fbd1bda1da8283465cb8fe741ed9543e851e645711d9383280fbe3b3
fe28a9452943fb95a3cb0efd9f31e982bdaf3075472d19ebc3b09bf58c35e63f
ffce136a8f1516b57b0a4c1ad896246c5fc44dfdf513d8f5f0768881fefb71a4