www.lesvospost.com Open in urlscan Pro
2a00:1450:400d:802::2013 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://lesvospost.com/
Effective URL:
https://www.lesvospost.com/
Submission: On April 16 via api (April 16th 2021, 3:14:02 pm UTC) from GR

Summary HTTP 497 Redirects Links 34 Behaviour Indicators

Summary

This website contacted 98 IPs in 13 countries across 92 domains to perform 497 HTTP transactions. The main IP is 2a00:1450:400d:802::2013, located in Ireland and belongs to GOOGLE, US. The main domain is www.lesvospost.com.
TLS certificate: Issued by GTS CA 1D2 on March 20th 2021. Valid for: 3 months.

This is the only time www.lesvospost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	216.239.32.21 216.239.32.21	15169 (GOOGLE) (GOOGLE)
1 19	2a00:1450:400... 2a00:1450:400d:802::2013	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80f::2009	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3032::6815:4ae4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
45	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
12	2606:4700:20:... 2606:4700:20::681a:fee	13335 (CLOUDFLAR...) (CLOUDFLARENET)
70	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba19	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	144.76.151.218 144.76.151.218	24940 (HETZNER-AS) (HETZNER-AS)
3	5.135.83.165 5.135.83.165	16276 (OVH) (OVH)
3	172.93.106.42 172.93.106.42	23470 (RELIABLESITE) (RELIABLESITE)
2	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
3	212.124.125.232 212.124.125.232	47328 (TRI-AS Tr...) (TRI-AS True Records Inc.)
1 6	62.138.3.139 62.138.3.139	8972 (GD-EMEA-D...) (GD-EMEA-DC-SXB1)
9	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:303... 2606:4700:3030::6815:1b4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3032::ac43:9028	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 10	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
57	199.232.137.44 199.232.137.44	54113 (FASTLY) (FASTLY)
6 12	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:36a9:ecb:e518:b308	16509 (AMAZON-02) (AMAZON-02)
1	44.238.171.100 44.238.171.100	16509 (AMAZON-02) (AMAZON-02)
1	213.19.162.61 213.19.162.61	3356 (LEVEL3) (LEVEL3)
1	185.86.138.122 185.86.138.122	201081 (SMARTADSE...) (SMARTADSERVER)
1 5	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
3 9	37.252.173.62 37.252.173.62	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
1	2600:9000:215... 2600:9000:215d:2600:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:e6:... 2606:4700:e6::ac40:ce03	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.129.18.26 108.129.18.26	16509 (AMAZON-02) (AMAZON-02)
1 3	5.178.65.246 5.178.65.246	50673 (SERVERIUS-AS) (SERVERIUS-AS)
1 12	2606:4700:20:... 2606:4700:20::ac43:47f1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 5	136.144.59.88 136.144.59.88	54825 (PACKET) (PACKET)
1	52.28.203.152 52.28.203.152	16509 (AMAZON-02) (AMAZON-02)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700:20:... 2606:4700:20::681a:b75	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2 44	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	148.69.64.109 148.69.64.109	12353 (VODAFONE-...) (VODAFONE-PT Vodafone Portugal)
2	2606:4700:e4:... 2606:4700:e4::ac40:a817	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 15	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
6 10	54.72.59.228 54.72.59.228	16509 (AMAZON-02) (AMAZON-02)
3	2600:1f18:612... 2600:1f18:612b:4216:d315:ab3a:faf3:d624	14618 (AMAZON-AES) (AMAZON-AES)
2 5	52.57.10.248 52.57.10.248	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2c0f:fb50:400... 2c0f:fb50:4002:804::2003	15169 (GOOGLE) (GOOGLE)
3 3	18.156.12.32 18.156.12.32	16509 (AMAZON-02) (AMAZON-02)
2	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 4	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
2	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 6	216.52.2.30 216.52.2.30	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
2	185.86.138.144 185.86.138.144	201081 (SMARTADSE...) (SMARTADSERVER)
2	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
2 2	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	139.162.78.222 139.162.78.222	63949 (LINODE-AP...) (LINODE-AP Linode)
2	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
2	3.124.165.65 3.124.165.65	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	185.64.189.216 185.64.189.216	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	151.101.13.108 151.101.13.108	54113 (FASTLY) (FASTLY)
17	2606:4700:10:... 2606:4700:10::6816:1957	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	213.19.147.151 213.19.147.151	26120 (RHYTHMONE) (RHYTHMONE)
1	46.249.52.248 46.249.52.248	50673 (SERVERIUS-AS) (SERVERIUS-AS)
3 4	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	37.157.6.241 37.157.6.241	198622 (ADFORM) (ADFORM)
1	154.57.158.51 154.57.158.51	26558 (FREEWHEEL) (FREEWHEEL)
2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	2a05:d018:24:... 2a05:d018:24:b002:28a5:2c7e:9fea:57ab	16509 (AMAZON-02) (AMAZON-02)
2 2	52.18.91.199 52.18.91.199	16509 (AMAZON-02) (AMAZON-02)
1	18.198.69.109 18.198.69.109	16509 (AMAZON-02) (AMAZON-02)
1 1	151.1.205.165 151.1.205.165	3242 (ASN-ITNET) (ASN-ITNET)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	35.201.81.244 35.201.81.244	15169 (GOOGLE) (GOOGLE)
1	89.163.159.103 89.163.159.103	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	52.48.137.92 52.48.137.92	16509 (AMAZON-02) (AMAZON-02)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	52.56.207.211 52.56.207.211	16509 (AMAZON-02) (AMAZON-02)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
2	3.248.155.244 3.248.155.244	16509 (AMAZON-02) (AMAZON-02)
1	168.119.149.178 168.119.149.178	24940 (HETZNER-AS) (HETZNER-AS)
2 2	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
1 1	184.30.20.207 184.30.20.207	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	34.205.120.60 34.205.120.60	14618 (AMAZON-AES) (AMAZON-AES)
1 2	52.95.118.60 52.95.118.60	16509 (AMAZON-02) (AMAZON-02)
1 1	23.79.152.128 23.79.152.128	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.210.236.221 52.210.236.221	16509 (AMAZON-02) (AMAZON-02)
3 8	184.30.24.241 184.30.24.241	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	188.42.191.196 188.42.191.196	7979 (SERVERS-COM) (SERVERS-COM)
3 3	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	208.100.17.184 208.100.17.184	32748 (STEADFAST) (STEADFAST)
1	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
2	184.30.24.198 184.30.24.198	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	72.21.206.140 72.21.206.140	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	2a02:fa8:8806... 2a02:fa8:8806:16::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	3.91.110.183 3.91.110.183	14618 (AMAZON-AES) (AMAZON-AES)
1	54.236.141.192 54.236.141.192	14618 (AMAZON-AES) (AMAZON-AES)
497	98

1 216.239.32.21 (San Mateo, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: any-in-2015.1e100.net

lesvospost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:400d:802::2013 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

www.lesvospost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:4ae4 (United States)

ASN13335 (CLOUDFLARENET, US)

agorahtag.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::681a:fee (United States)

ASN13335 (CLOUDFLARENET, US)

services.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tag.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stats.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

70 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:ba19 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ads.projectagoraservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 144.76.151.218 (Remscheid, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.218.151.76.144.clients.your-server.de

go.linkwi.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 5.135.83.165 (France)

ASN16276 (OVH, FR)
PTR: i.postimg.cc

s20.postimg.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.93.106.42 (United States)

ASN23470 (RELIABLESITE, US)

i.postimg.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

imagizer.imageshack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 212.124.125.232 (Reston, United States)

ASN47328 (TRI-AS True Records Inc., ES)

asrv.dalecta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 62.138.3.139 (Strasbourg, France) 1 redirects

ASN8972 (GD-EMEA-DC-SXB1, DE)
PTR: astra4385.startdedicated.net

www.weather.gr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gr.k24.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a03:2880:f12d:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:1b4 (United States)

ASN13335 (CLOUDFLARENET, US)

aghtag.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:9028 (United States)

ASN13335 (CLOUDFLARENET, US)

projectagora.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

57 199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
15.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c3.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.74.194 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:216:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

scontent-frt3-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

scontent-frx5-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:36a9:ecb:e518:b308 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.238.171.100 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-171-100.us-west-2.compute.amazonaws.com

aboutads.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.162.61 (United Kingdom)

ASN3356 (LEVEL3, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.122 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

projectagora-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 37.252.173.62 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:215d:2600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e6::ac40:ce03 (United States)

ASN13335 (CLOUDFLARENET, US)

projectagoralibs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.129.18.26 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-129-18-26.eu-west-1.compute.amazonaws.com

projectagora-483829-hdb.adomik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 5.178.65.246 (Woerden, Netherlands) 1 redirects

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

ads.us.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u-ams02.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::ac43:47f1 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

useast.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ms.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 136.144.59.88 (Secaucus, United States) 4 redirects

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:b75 (United States)

ASN13335 (CLOUDFLARENET, US)

clevernt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.69.64.109 (Porto, Portugal)

ASN12353 (VODAFONE-PT Vodafone Portugal, PT)
PTR: host-109.clevernetwork.pt

ui.clevernt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e4::ac40:a817 (United States)

ASN13335 (CLOUDFLARENET, US)

worldstatistics.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 141.226.228.48 (Netherlands) 4 redirects

ASN200478 (TABOOLA-AS, IL)

am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 54.72.59.228 (Dublin, Ireland) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-59-228.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1f18:612b:4216:d315:ab3a:faf3:d624 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

taboola-supply-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.57.10.248 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-10-248.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2c0f:fb50:4002:804::2003 (Kenya)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.156.12.32 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 198.148.27.140 (New York, United States) 2 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.52.2.30 (United States) 4 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.138.144 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.151 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.162.78.222 (Tokyo, Japan) 2 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1558-222.members.linode.com

s.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.124.165.65 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.216 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.151 (United Kingdom) 3 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.249.52.248 (Netherlands)

ASN50673 (SERVERIUS-AS, NL)

sync.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.227.248.159 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.241 (Denmark)

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.57.158.51 (United States)

ASN26558 (FREEWHEEL, US)
PTR: amsadvip2.fwmrm.net

dmp.v.fwmrm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:24:b002:28a5:2c7e:9fea:57ab (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

sync.tidaltv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.18.91.199 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-91-199.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

loadeu.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.1.205.165 (Erba, Italy) 1 redirects

ASN3242 (ASN-ITNET, IT)

bn01.er.bemail.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.81.244 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 244.81.201.35.bc.googleusercontent.com

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.163.159.103 (Düsseldorf, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

dmp.theadex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.137.92 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-137-92.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (United Kingdom) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.56.207.211 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.248.155.244 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-155-244.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.119.149.178 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.178.149.119.168.clients.your-server.de

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.20.207 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-207.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.205.120.60 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.118.60 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.79.152.128 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-152-128.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.236.221 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 184.30.24.241 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-241.deploy.static.akamaitechnologies.com

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.191.196 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.156.0.31 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.184 (United States)

ASN32748 (STEADFAST, US)

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.24.198 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.21.206.140 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: 206-140.amazon.com

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1400 (United States) 1 redirects

ASN41041 (VCLK-EU-SE, US)

casale-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.91.110.183 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

beacon.lynx.cognitivlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.236.141.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

vast.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
73	blogspot.com 4.bp.blogspot.com 2.bp.blogspot.com 3.bp.blogspot.com 1.bp.blogspot.com	4 MB
72	taboola.com 4 redirects cdn.taboola.com trc.taboola.com 15.taboola.com images.taboola.com vidstat.taboola.com imprammp.taboola.com am-match.taboola.com wf.taboola.com am-vid-events.taboola.com c3.taboola.com sync.taboola.com match.taboola.com sync-t1.taboola.com am-wf.taboola.com	2 MB
62	googlesyndication.com 2 redirects pagead2.googlesyndication.com tpc.googlesyndication.com	766 KB
36	doubleclick.net 6 redirects googleads.g.doubleclick.net stats.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net	313 KB
23	gstatic.com fonts.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn0.gstatic.com www.gstatic.com csi.gstatic.com	569 KB
20	lesvospost.com 2 redirects lesvospost.com www.lesvospost.com	375 KB
17	zeotap.com spl.zeotap.com mwzeom.zeotap.com	6 KB
13	google.com 4 redirects www.google.com adservice.google.com	988 B
12	quantumdex.io 1 redirects useast.quantumdex.io sync.quantumdex.io ms.quantumdex.io	6 KB
12	vlitag.com services.vlitag.com tag.vlitag.com assets.vlitag.com stats.vlitag.com	430 KB
10	adsrvr.org 6 redirects match.adsrvr.org	4 KB
10	adnxs.com 3 redirects ib.adnxs.com acdn.adnxs.com	23 KB
10	googletagservices.com www.googletagservices.com	327 KB
9	facebook.com www.facebook.com	174 KB
8	casalemedia.com 3 redirects ssum.casalemedia.com ssum-sec.casalemedia.com dsum-sec.casalemedia.com dsum.casalemedia.com	8 KB
8	pubmatic.com hbopenbid.pubmatic.com simage2.pubmatic.com image8.pubmatic.com image6.pubmatic.com ads.pubmatic.com	20 KB
8	google-analytics.com www.google-analytics.com	57 KB
7	googleapis.com ajax.googleapis.com fonts.googleapis.com imasdk.googleapis.com	242 KB
6	lijit.com 4 redirects ce.lijit.com ap.lijit.com	3 KB
6	yahoo.com 4 redirects c2shb.ssp.yahoo.com cms.analytics.yahoo.com ups.analytics.yahoo.com pr-bh.ybp.yahoo.com	5 KB
6	postimg.cc s20.postimg.cc i.postimg.cc	406 KB
5	advertising.com 2 redirects pixel.advertising.com	1 KB
5	a-mo.net 4 redirects prebid.a-mo.net	1 KB
5	openx.net 1 redirects projectagora-d.openx.net u.openx.net eu-u.openx.net us-u.openx.net	1 KB
5	google.de www.google.de adservice.google.de	727 B
5	k24.net gr.k24.net	22 KB
5	blogger.com www.blogger.com	96 KB
5	googletagmanager.com www.googletagmanager.com	183 KB
4	amazon-adsystem.com 2 redirects aax-eu.amazon-adsystem.com s.amazon-adsystem.com	2 KB
4	tapad.com 3 redirects pixel.tapad.com	2 KB
4	contextweb.com 2 redirects bh.contextweb.com	2 KB
4	criteo.com 2 redirects bidder.criteo.com dis.criteo.com gum.criteo.com	1 KB
4	e-planning.net 1 redirects ads.us.e-planning.net u-ams02.e-planning.net sync.e-planning.net	2 KB
3	krxd.net 1 redirects beacon.krxd.net usermatch.krxd.net	943 B
3	emxdgt.com e1.emxdgt.com vast.emxdgt.com	415 B
3	mfadsrvr.com 3 redirects rtb.mfadsrvr.com	2 KB
3	tremorhub.com taboola-supply-partners.tremorhub.com	547 B
3	smartadserver.com prg.smartadserver.com rtb-csync.smartadserver.com	1 KB
3	rubiconproject.com fastlane.rubiconproject.com pixel.rubiconproject.com	2 KB
3	dalecta.com asrv.dalecta.com	15 KB
3	linkwi.se go.linkwi.se	7 KB
2	betweendigital.com 2 redirects ads.betweendigital.com	925 B
2	everesttech.net 2 redirects sync-tm.everesttech.net	856 B
2	weborama.fr 2 redirects idsync.frontend.weborama.fr	844 B
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	tidaltv.com 2 redirects sync.tidaltv.com	791 B
2	1rx.io 2 redirects sync.1rx.io	1 KB
2	bidswitch.net x.bidswitch.net	291 B
2	bttrack.com bttrack.com	760 B
2	appier.net 2 redirects s.c.appier.net	723 B
2	criteo.net static.criteo.net	51 KB
2	worldstatistics.live worldstatistics.live	113 KB
2	clevernt.com clevernt.com ui.clevernt.com	49 KB
2	facebook.net connect.facebook.net	66 KB
2	fbcdn.net scontent-frt3-1.xx.fbcdn.net scontent-frx5-1.xx.fbcdn.net	14 KB
2	googleadservices.com partner.googleadservices.com	696 B
2	imageshack.com imagizer.imageshack.com	98 KB
2	projectagoraservices.com ads.projectagoraservices.com	12 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	76 KB
1	cognitivlabs.com 1 redirects beacon.lynx.cognitivlabs.com	385 B
1	dotomi.com 1 redirects casale-match.dotomi.com	187 B
1	onetag-sys.com onetag-sys.com	818 B
1	tynt.com ic.tynt.com
1	imrworldwide.com obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com	38 B
1	bluekai.com 1 redirects tags.bluekai.com	346 B
1	mathtag.com 1 redirects pixel.mathtag.com	724 B
1	richaudience.com sync.richaudience.com	360 B
1	mookie1.com odr.mookie1.com	324 B
1	agkn.com 1 redirects aa.agkn.com	377 B
1	crwdcntrl.net 1 redirects bcp.crwdcntrl.net	318 B
1	theadex.com dmp.theadex.com	378 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	596 B
1	bemail.it 1 redirects bn01.er.bemail.it	659 B
1	fwmrm.net dmp.v.fwmrm.net	361 B
1	adform.net dmp.adform.net	331 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	606 B
1	exelator.com loadus.exelator.com Failed loadeu.exelator.com	608 B
1	2mdn.net s0.2mdn.net	23 KB
1	youtube.com img.youtube.com	7 KB
1	adomik.com projectagora-483829-hdb.adomik.com	103 B
1	projectagoralibs.com projectagoralibs.com	2 KB
1	quantcount.com rules.quantcount.com	358 B
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	quantcast.com aboutads.quantcast.com	588 B
1	quantserve.com secure.quantserve.com	9 KB
1	projectagora.net projectagora.net	98 KB
1	aghtag.tech aghtag.tech	111 KB
1	weather.gr 1 redirects www.weather.gr	207 B
1	blogblog.com resources.blogblog.com	612 B
1	onesignal.com cdn.onesignal.com	3 KB
1	agorahtag.tech agorahtag.tech	3 KB
0	id5-sync.com Failed id5-sync.com Failed
497	92

	Domain	Requested by
64	1.bp.blogspot.com	www.lesvospost.com
44	tpc.googlesyndication.com	2 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
24	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
20	images.taboola.com	www.lesvospost.com
19	www.lesvospost.com	1 redirects www.lesvospost.com ajax.googleapis.com
18	pagead2.googlesyndication.com	www.lesvospost.com pagead2.googlesyndication.com ads.projectagoraservices.com googleads.g.doubleclick.net tpc.googlesyndication.com
14	mwzeom.zeotap.com	spl.zeotap.com
10	sync.quantumdex.io	assets.vlitag.com sync.quantumdex.io ssum-sec.casalemedia.com
10	match.adsrvr.org	6 redirects imprammp.taboola.com am-match.taboola.com ssum-sec.casalemedia.com
10	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
10	www.googletagservices.com	pagead2.googlesyndication.com tag.vlitag.com googleads.g.doubleclick.net
10	cdn.taboola.com	aghtag.tech cdn.taboola.com www.lesvospost.com
10	www.google.com	4 redirects www.lesvospost.com googleads.g.doubleclick.net
9	ib.adnxs.com	3 redirects projectagora.net assets.vlitag.com www.lesvospost.com spl.zeotap.com ssum-sec.casalemedia.com
9	www.facebook.com	www.lesvospost.com www.facebook.com
8	cm.g.doubleclick.net	6 redirects www.lesvospost.com
8	sync.taboola.com	4 redirects
8	trc.taboola.com	cdn.taboola.com www.lesvospost.com spl.zeotap.com
8	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.lesvospost.com
7	fonts.gstatic.com	fonts.googleapis.com
6	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
5	pixel.advertising.com	2 redirects imprammp.taboola.com am-match.taboola.com
5	prebid.a-mo.net	4 redirects assets.vlitag.com
5	gr.k24.net	www.lesvospost.com gr.k24.net
5	www.blogger.com	www.lesvospost.com
5	www.googletagmanager.com	www.lesvospost.com www.googletagmanager.com gr.k24.net tag.vlitag.com
4	pixel.tapad.com	3 redirects spl.zeotap.com
4	bh.contextweb.com	2 redirects www.lesvospost.com
4	assets.vlitag.com	tag.vlitag.com
4	4.bp.blogspot.com	www.lesvospost.com
4	services.vlitag.com	www.lesvospost.com services.vlitag.com
4	fonts.googleapis.com	www.lesvospost.com googleads.g.doubleclick.net tpc.googlesyndication.com
3	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
3	ssum-sec.casalemedia.com	1 redirects sync.quantumdex.io ssum-sec.casalemedia.com
3	ups.analytics.yahoo.com	3 redirects
3	ap.lijit.com	3 redirects
3	spl.zeotap.com	assets.vlitag.com spl.zeotap.com
3	ce.lijit.com	1 redirects www.lesvospost.com
3	rtb.mfadsrvr.com	3 redirects
3	taboola-supply-partners.tremorhub.com	imprammp.taboola.com am-match.taboola.com
3	www.gstatic.com	googleads.g.doubleclick.net
3	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
3	tag.vlitag.com	services.vlitag.com tag.vlitag.com
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
3	asrv.dalecta.com	www.lesvospost.com asrv.dalecta.com
3	i.postimg.cc	www.lesvospost.com
3	s20.postimg.cc	www.lesvospost.com
3	go.linkwi.se	www.lesvospost.com go.linkwi.se
3	2.bp.blogspot.com	www.lesvospost.com
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	ads.pubmatic.com	sync.quantumdex.io ads.pubmatic.com
2	ads.betweendigital.com	2 redirects
2	aax-eu.amazon-adsystem.com	1 redirects
2	sync-tm.everesttech.net	2 redirects
2	beacon.krxd.net	spl.zeotap.com
2	idsync.frontend.weborama.fr	2 redirects
2	dpm.demdex.net	2 redirects
2	sync.tidaltv.com	2 redirects
2	image6.pubmatic.com	spl.zeotap.com ads.pubmatic.com
2	sync.1rx.io	2 redirects
2	x.bidswitch.net	www.lesvospost.com
2	bttrack.com	www.lesvospost.com
2	s.c.appier.net	2 redirects
2	sync-t1.taboola.com
2	dis.criteo.com	2 redirects
2	e1.emxdgt.com	www.lesvospost.com
2	rtb-csync.smartadserver.com	www.lesvospost.com
2	simage2.pubmatic.com	www.lesvospost.com
2	pixel.rubiconproject.com	www.lesvospost.com
2	u.openx.net	www.lesvospost.com
2	match.taboola.com
2	static.criteo.net	assets.vlitag.com static.criteo.net
2	am-vid-events.taboola.com	www.lesvospost.com vidstat.taboola.com
2	wf.taboola.com	vidstat.taboola.com
2	am-match.taboola.com	vidstat.taboola.com
2	imprammp.taboola.com	www.lesvospost.com vidstat.taboola.com
2	worldstatistics.live	tag.vlitag.com worldstatistics.live
2	15.taboola.com	cdn.taboola.com
2	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
2	connect.facebook.net	www.lesvospost.com connect.facebook.net
2	ads.us.e-planning.net	1 redirects www.lesvospost.com
2	securepubads.g.doubleclick.net	www.googletagservices.com googleads.g.doubleclick.net
2	partner.googleadservices.com	pagead2.googlesyndication.com
2	www.google.de	www.lesvospost.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	imagizer.imageshack.com	www.lesvospost.com
2	ads.projectagoraservices.com	www.lesvospost.com
2	3.bp.blogspot.com	www.lesvospost.com
2	maxcdn.bootstrapcdn.com	www.lesvospost.com maxcdn.bootstrapcdn.com
2	ajax.googleapis.com	www.lesvospost.com
1	am-wf.taboola.com	vidstat.taboola.com
1	vast.emxdgt.com	vidstat.taboola.com
1	beacon.lynx.cognitivlabs.com	1 redirects
1	dsum.casalemedia.com	ssum-sec.casalemedia.com
1	casale-match.dotomi.com	1 redirects
1	pr-bh.ybp.yahoo.com	ssum-sec.casalemedia.com
1	onetag-sys.com	sync.quantumdex.io
1	ic.tynt.com	sync.quantumdex.io
1	ms.quantumdex.io	1 redirects
1	ssum.casalemedia.com	1 redirects
1	obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com	spl.zeotap.com
1	tags.bluekai.com	1 redirects
1	usermatch.krxd.net	1 redirects
1	pixel.mathtag.com	1 redirects
1	sync.richaudience.com	spl.zeotap.com
1	odr.mookie1.com	spl.zeotap.com
1	aa.agkn.com	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	bcp.crwdcntrl.net	1 redirects
1	dmp.theadex.com	spl.zeotap.com
1	dsp.adfarm1.adition.com	1 redirects
1	bn01.er.bemail.it	1 redirects
1	loadeu.exelator.com	spl.zeotap.com
1	dmp.v.fwmrm.net	spl.zeotap.com
1	dmp.adform.net	spl.zeotap.com
1	sync.e-planning.net
1	sync.targeting.unrulymedia.com	1 redirects
1	u-ams02.e-planning.net
1	acdn.adnxs.com	assets.vlitag.com
1	us-u.openx.net
1	eu-u.openx.net	1 redirects
1	image8.pubmatic.com
1	gum.criteo.com	static.criteo.net
1	csi.gstatic.com	securepubads.g.doubleclick.net
1	s0.2mdn.net	tpc.googlesyndication.com
1	c3.taboola.com	www.lesvospost.com
1	stats.vlitag.com	www.lesvospost.com
1	ui.clevernt.com	www.lesvospost.com
1	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
1	img.youtube.com	www.lesvospost.com
1	clevernt.com	www.lesvospost.com
1	bidder.criteo.com	assets.vlitag.com
1	c2shb.ssp.yahoo.com	assets.vlitag.com
1	useast.quantumdex.io	assets.vlitag.com
1	projectagora-483829-hdb.adomik.com	www.lesvospost.com
1	projectagoralibs.com	ads.projectagoraservices.com
1	rules.quantcount.com	secure.quantserve.com
1	cdn.jsdelivr.net	assets.vlitag.com
1	hbopenbid.pubmatic.com	projectagora.net
1	projectagora-d.openx.net	projectagora.net
1	prg.smartadserver.com	projectagora.net
1	fastlane.rubiconproject.com	projectagora.net
1	aboutads.quantcast.com	www.lesvospost.com
1	secure.quantserve.com	www.lesvospost.com
1	imasdk.googleapis.com	tag.vlitag.com
1	scontent-frx5-1.xx.fbcdn.net	www.facebook.com
1	scontent-frt3-1.xx.fbcdn.net	www.facebook.com
1	projectagora.net	ads.projectagoraservices.com
1	aghtag.tech	agorahtag.tech
1	www.weather.gr	1 redirects
1	resources.blogblog.com	www.lesvospost.com
1	cdn.onesignal.com	www.lesvospost.com
1	agorahtag.tech	www.lesvospost.com
1	lesvospost.com	1 redirects
0	loadus.exelator.com Failed
0	id5-sync.com Failed
497	157

This site contains links to these domains. Also see Links.

Domain
www.fsl.gr
mytilini.meteoclub.gr
www.facebook.com
twitter.com
plus.google.com
www.instagram.com
www.e-mam.gr
apprize-focanancy.com
www.desired.de
next.primeweekly.com
www.datingtestsieger.de
popup.taboola.com
www.euantallaktika.gr
www.weather.gr
bravosustainabilityawards.com
loveradio882.gr
www.astika-mitilinis.gr
live24.gr
emedia.media.gov.gr
www.quantcast.com
www.blogger.com

Subject Issuer	Validity	Valid
www.lesvospost.com GTS CA 1D2	`2021-03-20` - `2021-06-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.blogger.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-09-04` - `2021-09-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
paadserver.projectagora.info R3	`2021-02-25` - `2021-05-26`	3 months	crt.sh
*.linkwi.se Sectigo RSA Domain Validation Secure Server CA	`2019-05-02` - `2021-05-10`	2 years	crt.sh
postimg.cc R3	`2021-03-25` - `2021-06-23`	3 months	crt.sh
*.imageshack.com Go Daddy Secure Certificate Authority - G2	`2021-02-03` - `2022-03-07`	a year	crt.sh
asrv.dalecta.com R3	`2021-02-28` - `2021-05-29`	3 months	crt.sh
www.k24.net R3	`2021-04-08` - `2021-07-07`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
quantcast.com DigiCert SHA2 High Assurance Server CA	`2020-10-05` - `2021-10-13`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-04-13` - `2022-03-26`	a year	crt.sh
*.adomik.com Amazon	`2021-03-03` - `2022-04-01`	a year	crt.sh
ads.us.e-planning.net R3	`2021-03-15` - `2021-06-13`	3 months	crt.sh
*.a-mo.net R3	`2021-03-12` - `2021-06-10`	3 months	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-18` - `2021-09-08`	6 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.clevernt.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-23` - `2022-02-23`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.tremorhub.com Amazon	`2020-07-25` - `2021-08-25`	a year	crt.sh
pixel.advertising.com DigiCert SHA2 High Assurance Server CA	`2021-03-01` - `2021-08-24`	6 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2020-03-11` - `2021-05-10`	a year	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2020-05-07` - `2022-05-12`	2 years	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2020-05-18` - `2021-07-17`	a year	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-29` - `2022-03-29`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2021-03-16` - `2022-03-17`	a year	crt.sh
*.e-planning.net R3	`2021-03-26` - `2021-06-24`	3 months	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.v.fwmrm.net DigiCert TLS RSA SHA256 2020 CA1	`2020-11-17` - `2021-12-18`	a year	crt.sh
*.exelator.com Go Daddy Secure Certificate Authority - G2	`2019-05-17` - `2021-06-25`	2 years	crt.sh
*.tapad.com DigiCert SHA2 Secure Server CA	`2020-10-05` - `2021-11-06`	a year	crt.sh
*.theadex.com GeoTrust RSA CA 2018	`2019-10-11` - `2021-10-10`	2 years	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh
*.richaudience.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-17` - `2022-03-16`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2021-04-09` - `2022-03-20`	a year	crt.sh
*.redinuid.imrworldwide.com Amazon	`2020-07-24` - `2021-08-24`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
onetag-sys.com R3	`2021-03-16` - `2021-06-14`	3 months	crt.sh
s.amazon-adsystem.com Amazon	`2020-08-28` - `2021-08-20`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-10-30` - `2021-04-27`	6 months	crt.sh

This page contains 45 frames:

Primary Page: https://www.lesvospost.com/
Frame ID: 276B795D43BA7E2A26A271912E027156
Requests: 244 HTTP requests in this frame

Frame: https://gr.k24.net/widgets/weather_w10.aspx?points=45,3078,3076,5510,11176,5509
Frame ID: 0253FE92BAB92EB41BAA30717380ED2A
Requests: 7 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FLesvosPost%3Fref%3Dhl&width=320&height=250&colorscheme=light&show_faces=true&header=true&stream=false&show_border=true&appId=363716503722377
Frame ID: 63B4C12B345D07B3C7A13E92717CFDE7
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210414/r20190131/zrt_lookup.html
Frame ID: 3534E4D3732B3F23827E9AF73E9D77EA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4266922878443074&output=html&adk=1812271804&adf=3025194257&lmt=1618583784&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.lesvospost.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586020381&bpp=15&bdt=155&idt=210&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3455979296148&frm=20&pv=2&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=235
Frame ID: 5B71DB949A3481EFA15F89459D377CB6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4266922878443074&output=html&h=90&slotname=8718405398&adk=2296079777&adf=3377851091&pi=t.ma~as.8718405398&w=728&lmt=1618583784&psa=0&format=728x90&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586020398&bpp=4&bdt=173&idt=253&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=259&ady=235&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=SD6eaxaiae&p=https%3A//www.lesvospost.com&dtd=269
Frame ID: 52828A397DDE44270B7C132DBCD1AC06
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4266922878443074&output=html&h=50&slotname=2071283390&adk=4034667973&adf=2889198705&pi=t.ma~as.2071283390&w=450&lmt=1618583784&psa=0&format=450x50&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586020402&bpp=1&bdt=177&idt=287&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=259&ady=457&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=7ZwteUMrTZ&p=https%3A//www.lesvospost.com&dtd=292
Frame ID: EE41287F250B910E1A21E4D33B5656CF
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4266922878443074&output=html&h=60&slotname=2071283390&adk=3236735827&adf=1913544732&pi=t.ma~as.2071283390&w=468&lmt=1618583784&psa=0&format=468x60&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586020403&bpp=1&bdt=177&idt=336&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C450x50&nras=1&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=259&ady=3203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=UTX7ip3RWV&p=https%3A//www.lesvospost.com&dtd=340
Frame ID: A206F7CBA8A63A724DCABC0BF983FFF8
Requests: 9 HTTP requests in this frame

Frame: https://projectagoralibs.com/libs/pa_backupads_lib.js
Frame ID: D74CBF2F0D61F3D2BFC0DA94930C4B0E
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&gdpr=1&client=ca-pub-4266922878443074&output=html&h=250&adk=1798448534&adf=2767709707&pi=t.aa~a.2294275233~rp.4&w=325&fwrn=4&fwrnh=100&lmt=1618583784&rafmt=1&to=qs&pwprc=3593517408&psa=0&format=325x250&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021021&bpp=2&bdt=795&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&prev_fmts=0x0%2C728x90%2C450x50%2C468x60&nras=2&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=1994&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=tfgJaXE0pz&p=https%3A//www.lesvospost.com&dtd=658
Frame ID: E54655F543CA46AB2BD778BFA878E6CB
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&gdpr=1&client=ca-pub-4266922878443074&output=html&h=250&adk=2043369985&adf=1612897656&pi=t.aa~a.3541100581~rp.4&w=325&fwrn=4&fwrnh=100&lmt=1618583784&rafmt=1&to=qs&pwprc=3593517408&psa=0&format=325x250&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021021&bpp=1&bdt=795&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&prev_fmts=0x0%2C728x90%2C450x50%2C468x60%2C325x250&nras=3&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=2868&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=zK3o8JBnO6&p=https%3A//www.lesvospost.com&dtd=669
Frame ID: 8C030D79E91EE7C341FD68F4F863761B
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&gdpr=1&client=ca-pub-4266922878443074&output=html&h=250&adk=2326970725&adf=2827123698&pi=t.aa~a.748759278~rp.4&w=325&fwrn=4&fwrnh=100&lmt=1618583784&rafmt=1&to=qs&pwprc=3593517408&psa=0&format=325x250&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021021&bpp=1&bdt=796&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&prev_fmts=0x0%2C728x90%2C450x50%2C468x60%2C325x250%2C325x250&nras=4&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=3742&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=qO4wlJG25i&p=https%3A//www.lesvospost.com&dtd=678
Frame ID: F9A59582B1D2318FA44E3569BC62C9BB
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&gdpr=1&client=ca-pub-4266922878443074&output=html&h=250&adk=2398528108&adf=3389349890&pi=t.aa~a.1098341321~rp.4&w=325&fwrn=4&fwrnh=100&lmt=1618583784&rafmt=1&to=qs&pwprc=3593517408&psa=0&format=325x250&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021021&bpp=1&bdt=795&idt=1&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&prev_fmts=0x0%2C728x90%2C450x50%2C468x60%2C325x250%2C325x250%2C325x250&nras=5&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=4057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=1&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=UuEOv4NAXb&p=https%3A//www.lesvospost.com&dtd=688
Frame ID: E74EC0D0F4DCB6B1148480BCF0F7AAF8
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 1EF18A0166BF9F310D24982620D75908
Requests: 2 HTTP requests in this frame

Frame: https://tag.vlitag.com/passbacktarget/1618576037/?t=iframe&pbID=7&d=14096&z=55196&divID=vi_1409655196_121&w=300&h=250
Frame ID: 35DE6C5E8D3F77B12B02EA2D8FE16BF6
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=UA-128776493-28
Frame ID: 9B9DC9B340A23F468FA476C8136D5F16
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js
Frame ID: 041243DA84A39F5035A4ED82E7C491F8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-2500372977609723&output=html&h=600&slotname=PA_GR_SotirisOikonomou%2Flesvospost.com%2F20567447_lesvospost.com_ros_300x600&adk=3326736904&adf=946937704&pi=t.ma~as.PA_GR_SotirisOikono_&w=300&url=https%3A%2F%2Fwww.lesvospost.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021553&bpp=12&bdt=678&idt=514&shv=r20210414&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&correlator=3455979296148&frm=23&ife=1&pv=2&ga_vid=178636599.1618586020&ga_sid=1618586022&ga_hid=856319401&ga_fc=1&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=6245&biw=1600&bih=1200&isw=300&ish=600&ifk=1836693372&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C44736525%2C44740079&oid=3&pvsid=2612572080098448&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w96yl9i833u5&btvi=1&fsb=1&dtd=607
Frame ID: 4A0BD9BFB6DE139320A3341C08930074
Requests: 8 HTTP requests in this frame

Frame: https://worldstatistics.live/bn.php
Frame ID: B50FE7933BBD79799E1551319CA0C8E6
Requests: 2 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=7B929869AA213246216844969299&cicmp=1337627&cijs=1&dast=V7E-UCFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHHTdhTpbD2XLBoCw2k9FsslgtVsPNcLcbzgZLmJjFYjEarlajsWaxWIwms9VwCgZb-Jzu7jZsoOl0-Fz3et3vdxe7PLe_5_D3nO4av9svBwAAAIAHAKKWaIgd34b2CAAAAAAJnpFrBYqAin8LgQsAAAAADAACsXANACgOhnPdrS-70eH6vOz-AAB4KAABABDACAHg8agTAQAAABgBAAAAIAEQSCwsAXC4WzQBAAjA2_aB1TsBAAA4qJN52mb5____jwHIe2-SAaBI27gx6AF48AF4EAIAALgYgvvVvOOR-gAnKlAsYgQAAAAAydTmcTSpEyqLqv___38rgCsAgAC8bR_Y6Kybk2LWMAAAAICxBXpY_H6zw67xu132_________2_2fwaAJkRkZpYWxAIAoMYzcq2w9gsIAMD2bgAAbwFwMQdgBwAAAHD3____nwcAAACzR8n2Wo1nj7LeZ7CFz-nurt-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RAPqs6l83l1PjbEaDTXzeaKwXKuGawSAAAAAAAAAMASpsybAAAAAJwGMZtNdrsVN97smSDWarWsAQAAALh1Iwc!&excid=22&tst=1&docw=0&cs=false
Frame ID: DD6B56F73132FA4501AD3BA0099D5E91
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js
Frame ID: A89C8018672E9033358E937D0000A679
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 800E0C8A9219346163F869ECC14ACA8F
Requests: 2 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66475635&crid=6148915&dast=V7DVMCFgN0Dan7hUxe7wR0Dan7hUxe7wUAAAAGBuIHHbVbUVaMzYqymCwGw9Vut1wtdqPlbLKaDQdD6KjdirJibFaUxWQxGK52u-VoMZkNNqPlZLeaAsgU_nbP3_IyGSQss993UFBOT4_Z5S_y3S7Dw-dywwaaTofPda_X_X53sctz-3sOf8_prvG7_XIAAAAAeADomp6B-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAUDgY1QCA4mA41936shsdrs_L7g8AgIcCEAAAAQwSgAOa6RIAE7WeEwAAAAAAAAAAlv____-YAXurOZkBfdLgHoAHH4AHooLUIkYAAAAAkExtHkeTOqGyqAIAIEi3ArgCAAjA2_aBpQgDAAAAGFugh8XvNzvsGr_bZQAAAAAAAAAAZv9n_2hCRGZmaUEsAABqv4AAAGu_gAAAbOoGAPAWABd0BK0YDFYXELMDAAAAuPv____XA8mRYeIybny7jXMxc41sho1jM9x4VquVwzkbeQzb2zhC0x0v2QbuA5nC3-75W14mg4Rl9vsOCsrp6TG7_EW-22V4-Fz2m7DFaDWZbJbD2XIxGQxHw9FofwK4HOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEJ2Q42kxWo91qN1kOJ6PRbDPZIEWrVrPRZjBczSaz3W41HAyXoxFStGYxm0wWs9FytxksJ6PBcDIcIkzsVsbZyjBYK0wWw1q0WnnWysVuuJY4l5PdarfZGHaDtej1Mf12m8nMstqiYIDFXgQX6UTs8tz-nsPfc_pZ3jLLYDUaLWaziViiOVmkE9ll3xwZJi7jxrfbOBcz18hm2Dg2w41ntVo5nLORx7Bv7FbG2cowWCtMFsNatFp51srFbriWOJeT3Wq32Rh2g7Xo9TH9dpvJzLLaN2aL4Wo4G0wW-8ZsMVwNZ4PJYt-hM3xXn7PRlpkuPUJv4Ra97WTmg8JlsHh_EtNi2p0dPL_f0WlTv5RFnVF4-R69BoXn4DGNl7fasbx9NtPHYUIRSwSni3QiehlPF7FE8rRIJxrnajMcWUajhXE2W7gsE5tztBsuJq7ZbDPYWFwTsURpukgneon6jw0xGs11s7lisJxrBqsEAAAAAAAAALCEOfMmAAAAAKcB7SaT3Wq5ABR9-brAIAAAAAAAALutoK7UNJqHiscW7PLc_p7D33P6Wd4yy2A1Gi1msykDTLg0MG_2TBBrtVrWAAAAAtgAAAAB3Lp5Cwiz4gAAAALjAAAAAOQA!&cmcv=&pix=undefined&cb=1618586022518&uv=2953&tms=1618586022518&abt=adh5c-1_vA!insc_vA!nrlc_vA!spa2_vB!sre_vB!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=57E2E13E212108577951749625680&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: B0753D52EB985B9DA7827E5893186158
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7DVMCFgN0Dan7hUxe7wR0Dan7hUxe7wUAAAAGBuIHHbVbUVaMzYqymCwGw9Vut1wtdqPlbLKaDQdD6KjdirJibFaUxWQxGK52u-VoMZkNNqPlZLeaAsgU_nbP3_IyGSQss993UFBOT4_Z5S_y3S7Dw-dywwaaTofPda_X_X53sctz-3sOf8_prvG7_XIAAAAAeADomp6B-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAUDgY1QCA4mA41936shsdrs_L7g8AgIcCEAAAAQwSgAOa6RIAE7WeEwAAAAAAAAAAlv____-YAXurOZkBfdLgHoAHH4AHooLUIkYAAAAAkExtHkeTOqGyqAIAIEi3ArgCAAjA2_aBpQgDAAAAGFugh8XvNzvsGr_bZQAAAAAAAAAAZv9n_2hCRGZmaUEsAABqv4AAAGu_gAAAbOoGAPAWABd0BK0YDFYXELMDAAAAuPv____XA8mRYeIybny7jXMxc41sho1jM9x4VquVwzkbeQzb2zhC0x0v2QbuA5nC3-75W14mg4Rl9vsOCsrp6TG7_EW-22V4-Fz2m7DFaDWZbJbD2XIxGQxHw9FofwK4HOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEJ2Q42kxWo91qN1kOJ6PRbDPZIEWrVrPRZjBczSaz3W41HAyXoxFStGYxm0wWs9FytxksJ6PBcDIcIkzsVsbZyjBYK0wWw1q0WnnWysVuuJY4l5PdarfZGHaDtej1Mf12m8nMstqiYIDFXgQX6UTs8tz-nsPfc_pZ3jLLYDUaLWaziViiOVmkE9ll3xwZJi7jxrfbOBcz18hm2Dg2w41ntVo5nLORx7Bv7FbG2cowWCtMFsNatFp51srFbriWOJeT3Wq32Rh2g7Xo9TH9dpvJzLLaN2aL4Wo4G0wW-8ZsMVwNZ4PJYt-hM3xXn7PRlpkuPUJv4Ra97WTmg8JlsHh_EtNi2p0dPL_f0WlTv5RFnVF4-R69BoXn4DGNl7fasbx9NtPHYUIRSwSni3QiehlPF7FE8rRIJxrnajMcWUajhXE2W7gsE5tztBsuJq7ZbDPYWFwTsURpukgneon6jw0xGs11s7lisJxrBqsEAAAAAAAAALCEOfMmAAAAAKcB7SaT3Wq5ABR9-brAIAAAAAAAALutoK7UNJqHiscW7PLc_p7D33P6Wd4yy2A1Gi1msykDTLg0MG_2TBBrtVrWAAAAAtgAAAAB3Lp5Cwiz4gAAAALjAAAAAOQA!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 46F92FB664ACA8DD3F1DF80DFAFFD74A
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js
Frame ID: A3B924AC566C1A6FFBAA4C870455F0AB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5099600406695979504/index.html
Frame ID: 4B00E49C4D567DAF522EF473F46119F4
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 3F3E932DA1F77E175DBA58276DF0F14C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: BCC97535D90FFA16C6A37126FABB12F5
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js
Frame ID: AB507B990E78A5F914D24294B4526116
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 0275CCC2A0B1DF7712312978A43AB7B1
Requests: 2 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7DVMCFgN0Dan7hUxe7wR0Dan7hUxe7wUAAAAGBuIHHbVbUVaMzYqymCwGw9Vut1wtdqPlbLKaDQdD6KjdirJibFaUxWQxGK52u-VoMZkNNqPlZLeaAsgU_nbP3_IyGSQss993UFBOT4_Z5S_y3S7Dw-dywwaaTofPda_X_X53sctz-3sOf8_prvG7_XIAAAAAeADomp6B-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAUDgY1QCA4mA41936shsdrs_L7g8AgIcCEAAAAQwSgAOa6RIAE7WeEwAAAAAAAAAAlv____-YAXurOZkBfdLgHoAHH4AHooLUIkYAAAAAkExtHkeTOqGyqAIAIEi3ArgCAAjA2_aBpQgDAAAAGFugh8XvNzvsGr_bZQAAAAAAAAAAZv9n_2hCRGZmaUEsAABqv4AAAGu_gAAAbOoGAPAWABd0BK0YDFYXELMDAAAAuPv____XA8mRYeIybny7jXMxc41sho1jM9x4VquVwzkbeQzb2zhC0x0v2QbuA5nC3-75W14mg4Rl9vsOCsrp6TG7_EW-22V4-Fz2m7DFaDWZbJbD2XIxGQxHw9FofwK4HOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEJ2Q42kxWo91qN1kOJ6PRbDPZIEWrVrPRZjBczSaz3W41HAyXoxFStGYxm0wWs9FytxksJ6PBcDIcIkzsVsbZyjBYK0wWw1q0WnnWysVuuJY4l5PdarfZGHaDtej1Mf12m8nMstqiYIDFXgQX6UTs8tz-nsPfc_pZ3jLLYDUaLWaziViiOVmkE9ll3xwZJi7jxrfbOBcz18hm2Dg2w41ntVo5nLORx7Bv7FbG2cowWCtMFsNatFp51srFbriWOJeT3Wq32Rh2g7Xo9TH9dpvJzLLaN2aL4Wo4G0wW-8ZsMVwNZ4PJYt-hM3xXn7PRlpkuPUJv4Ra97WTmg8JlsHh_EtNi2p0dPL_f0WlTv5RFnVF4-R69BoXn4DGNl7fasbx9NtPHYUIRSwSni3QiehlPF7FE8rRIJxrnajMcWUajhXE2W7gsE5tztBsuJq7ZbDPYWFwTsURpukgneon6jw0xGs11s7lisJxrBqsEAAAAAAAAALCEOfMmAAAAAKcB7SaT3Wq5ABR9-brAIAAAAAAAALutoK7UNJqHiscW7PLc_p7D33P6Wd4yy2A1Gi1msykDTLg0MG_2TBBrtVrWAAAAAtgAAAAB3Lp5Cwiz4gAAAALjAAAAAOQA!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: A9C307FE6BDBF4CC30CD87C760966157
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js
Frame ID: BB1A571C485DFF8FA505F78F66A623CC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js
Frame ID: 0D6701D7AA5E634D93F4E16DF00B67BF
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=238dfffd-ebbf-4620-b44f-d3923d61c7e4&tbid=a50a3f05-b281-4395-b88b-f7289e5a7605-tuct7732f27&query=taboola_hm%3D238dfffd-ebbf-4620-b44f-d3923d61c7e4&isDirect=0
Frame ID: C566B1BD5E0C438FBC285345B143EF51
Requests: 18 HTTP requests in this frame

Frame: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=238dfffd-ebbf-4620-b44f-d3923d61c7e4&tbid=a50a3f05-b281-4395-b88b-f7289e5a7605-tuct7732f27&query=taboola_hm%3D238dfffd-ebbf-4620-b44f-d3923d61c7e4&isDirect=0
Frame ID: E1C2431DCC012C4CC86C07A55600891F
Requests: 18 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.lesvospost.com&gdpr=1&gdpr_consent=
Frame ID: 98DA1236CA316D86D4AD18E9D65BBF1A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: A71DEFA730F79D806C28D1A93A86E2A0
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: 1C1156C0CB354EB885F597195E9BAAE4
Requests: 9 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F7DB2F245D468E8E223319DC98E23FE6
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zdid=1361&cmp=0
Frame ID: 6CFEAD432C3BFA75172FCDB92859511C
Requests: 31 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Frame ID: 303B51F8A03E31037563D30BF1442C0A
Requests: 10 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&id=zzz000000000002zzz&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: D0BE13DF9812ACF5D95154BE0D411CC0
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 1734689FF51EF2F9D34A8649E218B3A3
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 2357E5D782D993F77DD051ABBF8E77A3
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: D6F8F0F36B10A6263000600844AF03EF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://lesvospost.com/ HTTP 301
http://www.lesvospost.com/ HTTP 301
https://www.lesvospost.com/ Page URL

Detected technologies

Java (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /GSE/i

OpenGSE (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /GSE/i

Page Statistics

497
Requests

99 %
HTTPS

41 %
IPv6

92
Domains

157
Subdomains

98
IPs

13
Countries

10458 kB
Transfer

20031 kB
Size

15
Cookies

34 Outgoing links

These are links going to different origins than the main page.

URL: https://www.fsl.gr/efimeries/
Title: ΕΦΗΜΕΡΕΥΟΝΤΑ ΦΑΡΜΑΚΕΙΑ

Search URL Search Domain Scan URL

URL: http://mytilini.meteoclub.gr/webcam/index.html
Title: WEB CAM ΜΥΤΙΛΗΝΗ

Search URL Search Domain Scan URL

URL: https://www.facebook.com/LesvosPost/

Search URL Search Domain Scan URL

URL: https://twitter.com/LesvosPost

Search URL Search Domain Scan URL

URL: https://plus.google.com/109822036229170631216

Search URL Search Domain Scan URL

URL: https://www.instagram.com/lesvospost_official/

Search URL Search Domain Scan URL

URL: https://www.e-mam.gr/
Title:

Search URL Search Domain Scan URL

URL: https://apprize-focanancy.com/579e1305-bcf2-4562-9f87-91dd2b5e975f?site=lesvospostgr-f20544166&title=Wer+eine+Immobilie+besitzt%2C+sollte+diesen+genialen+Rechner+kennen&thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fef84fc293d41224c184dbdcfd8c83181.jpg&campaign=DE_McMakler_Clean_Desktop3&utm_content=2982266411&conversionname=6H_Lead&click_id=GiB7t5MrxAfoERBdrgL7Sg_gpw4zib7_7vLyb80OUNjiZCCD0VMo3OrTl6aqk6Yq&tblci=GiB7t5MrxAfoERBdrgL7Sg_gpw4zib7_7vLyb80OUNjiZCCD0VMo3OrTl6aqk6Yq#tblciGiB7t5MrxAfoERBdrgL7Sg_gpw4zib7_7vLyb80OUNjiZCCD0VMo3OrTl6aqk6Yq
Title: McMakler

Search URL Search Domain Scan URL

URL: https://www.desired.de/stars/bilderstrecke/bikini-stars/?utm_source=taboola&utm_campaign=2091545&utm_content=138_Desired_Desktop_bikini-stars%2F&utm_medium=reco_widgets&utm_term=1342969_lesvospostgr-f20544166#tblciGiB7t5MrxAfoERBdrgL7Sg_gpw4zib7_7vLyb80OUNjiZCCOlkYo0bufxKSf-bJC
Title: Desired

Search URL Search Domain Scan URL

URL: https://next.primeweekly.com/go.php?key=rngxtdd&clickid=GiB7t5MrxAfoERBdrgL7Sg_gpw4zib7_7vLyb80OUNjiZCD7wUgoq9eS_d3OjotH&site=lesvospostgr-f20544166&campaign={campaign}&thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fc388f67ebe8a2732ebed88b2419da7bc.jpg&title=WLAN-Verst%C3%A4rker%2C+den+Internetkonzerne+gerne+verbieten+m%C3%B6chten&adid=2973271131&tblci=GiB7t5MrxAfoERBdrgL7Sg_gpw4zib7_7vLyb80OUNjiZCD7wUgoq9eS_d3OjotH#tblciGiB7t5MrxAfoERBdrgL7Sg_gpw4zib7_7vLyb80OUNjiZCD7wUgoq9eS_d3OjotH
Title: RangeXTD

Search URL Search Domain Scan URL

URL: https://www.datingtestsieger.de/top?ga=tab_1&ci=1496465&utm_medium=native&utm_source=taboola&ca=2893270077&utm_campaign=tab_1_dat_de_de_desk_7&utm_content=Finde+jetzt+einen+Partner+aus+Gunzenhausen_2893270077&utm_term=lesvospostgr-f20544166&taboolaclickid=GiB7t5MrxAfoERBdrgL7Sg_gpw4zib7_7vLyb80OUNjiZCCqsD8ojojktoCI8OdM&adtitle=Finde+jetzt+einen+Partner+aus+Gunzenhausen&tblci=GiB7t5MrxAfoERBdrgL7Sg_gpw4zib7_7vLyb80OUNjiZCCqsD8ojojktoCI8OdM#tblciGiB7t5MrxAfoERBdrgL7Sg_gpw4zib7_7vLyb80OUNjiZCCqsD8ojojktoCI8OdM
Title: DatingTestsieger.de

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/el/?template=colorbox&utm_source=lesvospostgr-f20544166&utm_medium=referral&utm_content=sc-lesvospost-homepage:Sponsored%20Below%20Article_Homepage:
Title: by Taboola

Search URL Search Domain Scan URL

URL: https://www.euantallaktika.gr/
Title: euantallaktika.gr

Search URL Search Domain Scan URL

URL: https://www.weather.gr/
Title: πρόγνωση καιρού από το weather.gr

Search URL Search Domain Scan URL

URL: https://www.facebook.com/lesvosmarket/
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/anthopolio.palaiologoub
Title:

Search URL Search Domain Scan URL

URL: https://bravosustainabilityawards.com/%cf%83%cf%85%ce%bc%ce%bc%ce%b5%cf%84%ce%bf%cf%87%ce%ae/
Title:

Search URL Search Domain Scan URL

URL: https://loveradio882.gr/
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/%CE%96%CE%B1%CF%87%CE%B1%CF%81%CE%BF%CF%80%CE%BB%CE%B1%CF%83%CF%84%CE%B5%CE%AF%CE%BF-%CE%A0%CE%B1%CE%BD%CF%84%CE%B1%CE%B6%CE%AE-529678103737483/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Funky-Fish-789534347761665=ts/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Accountant-Center-268372853232009/

Search URL Search Domain Scan URL

URL: http://www.astika-mitilinis.gr/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Handmade-in-Plomari-906631936121493/?ref=py_c

Search URL Search Domain Scan URL

URL: http://live24.gr/radio/generic.jsp?sid=2846/

Search URL Search Domain Scan URL

URL: http://live24.gr/radio/generic.jsp?sid=2519/

Search URL Search Domain Scan URL

URL: http://emedia.media.gov.gr/certified-enterprises?sort=&sort_dir=&id=&site=lesvospost.com&blocksize=15&page=1
Title:

Search URL Search Domain Scan URL

URL: https://www.quantcast.com/adchoices-pub?pub=F4PgLCjWloafzv6UsVhTsQ
Title: AdChoices

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

URL: https://apprize-focanancy.com/579e1305-bcf2-4562-9f87-91dd2b5e975f?site=lesvospostgr-f20544166&title=Wer+eine+Immobilie+besitzt%2C+sollte+diesen+genialen+Rechner+kennen&thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fef84fc293d41224c184dbdcfd8c83181.jpg&campaign=DE_McMakler_Clean_Desktop3&utm_content=2982266411&conversionname=6H_Lead&click_id=GiB7t5MrxAfoERBdrgL7Sg_gpw4zib7_7vLyb80OUNjiZCCD0VMo-cGKm-Ohkr_sAQ&tblci=GiB7t5MrxAfoERBdrgL7Sg_gpw4zib7_7vLyb80OUNjiZCCD0VMo-cGKm-Ohkr_sAQ#tblciGiB7t5MrxAfoERBdrgL7Sg_gpw4zib7_7vLyb80OUNjiZCCD0VMo-cGKm-Ohkr_sAQ
Title: McMakler

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/el/?template=colorbox&utm_source=lesvospostgr-f20544166&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%203:
Title: Διαφήμιση

Search URL Search Domain Scan URL

URL: https://next.primeweekly.com/go.php?key=rngxtdd&clickid=GiB7t5MrxAfoERBdrgL7Sg_gpw4zib7_7vLyb80OUNjiZCD7wUgogfLAxIyE5Ac&site=lesvospostgr-f20544166&campaign={campaign}&thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fc388f67ebe8a2732ebed88b2419da7bc.jpg&title=WLAN-Verst%C3%A4rker%2C+den+Internetkonzerne+gerne+verbieten+m%C3%B6chten&adid=2973271131&tblci=GiB7t5MrxAfoERBdrgL7Sg_gpw4zib7_7vLyb80OUNjiZCD7wUgogfLAxIyE5Ac#tblciGiB7t5MrxAfoERBdrgL7Sg_gpw4zib7_7vLyb80OUNjiZCD7wUgogfLAxIyE5Ac
Title: RangeXTD

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/el/?template=colorbox&utm_source=lesvospostgr-f20544166&utm_medium=referral&utm_content=thumbs-feed-01-y-em-delta:Explore%20More%20|%20Card%205:
Title: Διαφήμιση

Search URL Search Domain Scan URL

URL: https://www.datingtestsieger.de/top?ga=tab_1&ci=1496465&utm_medium=native&utm_source=taboola&ca=2893270077&utm_campaign=tab_1_dat_de_de_desk_7&utm_content=Finde+jetzt+einen+Partner+aus+Gunzenhausen_2893270077&utm_term=lesvospostgr-f20544166&taboolaclickid=GiB7t5MrxAfoERBdrgL7Sg_gpw4zib7_7vLyb80OUNjiZCCqsD8ohPWmqYLj0NHfAQ&adtitle=Finde+jetzt+einen+Partner+aus+Gunzenhausen&tblci=GiB7t5MrxAfoERBdrgL7Sg_gpw4zib7_7vLyb80OUNjiZCCqsD8ohPWmqYLj0NHfAQ#tblciGiB7t5MrxAfoERBdrgL7Sg_gpw4zib7_7vLyb80OUNjiZCCqsD8ohPWmqYLj0NHfAQ
Title: DatingTestsieger.deAdvertisement

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://lesvospost.com/ HTTP 301
http://www.lesvospost.com/ HTTP 301
https://www.lesvospost.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://www.weather.gr/widgets/weather_w10.aspx?points=45,3078,3076,5510,11176,5509 HTTP 301
https://gr.k24.net/widgets/weather_w10.aspx?points=45,3078,3076,5510,11176,5509

Request Chain 176

https://ads.us.e-planning.net/hb/1/2c995/1/www.lesvospost.com/ROS?rnd=0.2739562396015751&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Fwww.lesvospost.com%2F&r=pbjs&pbv=4.28.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.lesvospost.com%2F&gdpr=1&gdprcs= HTTP 302
https://ads.us.e-planning.net/hb/1/2c995/1/www.lesvospost.com/ROS?ct=1&rnd=0.2739562396015751&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Fwww.lesvospost.com%2F&r=pbjs&pbv=4.28.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.lesvospost.com%2F&gdpr=1&gdprcs=

Request Chain 222

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr64iePBCwCRiwCTIINoIjV4alR1E HTTP 301
https://tpc.googlesyndication.com/simgad/12292211746583241485

Request Chain 285

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 303

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr64iePBCwCRiwCTIINoIjV4alR1E HTTP 301
https://tpc.googlesyndication.com/simgad/12292211746583241485

Request Chain 379

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 387

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 392

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 393

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=238dfffd-ebbf-4620-b44f-d3923d61c7e4 HTTP 302
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=238dfffd-ebbf-4620-b44f-d3923d61c7e4&tbid=a50a3f05-b281-4395-b88b-f7289e5a7605-tuct7732f27&query=taboola_hm%3D238dfffd-ebbf-4620-b44f-d3923d61c7e4&isDirect=0

Request Chain 396

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=xvmguBMl3UC8&ev=1&orig=trc&pid=562107

Request Chain 398

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEBELKl6VzQMlzduKSBE4-mQ&google_cver=1

Request Chain 400

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D1%26gdpr_consent%3D&orig=trc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=1&gdpr_consent=&google_hm=a50a3f05-b281-4395-b88b-f7289e5a7605-tuct7732f27

Request Chain 401

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=c7b44c42-0dc0-4f60-aee4-58d1fe2111ed

Request Chain 402

https://ce.lijit.com/merge?pid=42&3pid=17e86e00-adb0-45e3-9178-b9927573c070-tuct7732f25&us_privacy=&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=42&3pid=17e86e00-adb0-45e3-9178-b9927573c070-tuct7732f25&us_privacy=&gdpr=1&gdpr_consent=&dnr=1

Request Chain 406

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=38299ff9-a339-4d43-bdda-6aa70a2ee761

Request Chain 407

https://id5-sync.com/s/464/9.gif?puid=17e86e00-adb0-45e3-9178-b9927573c070-tuct7732f25&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/c/464/464/7/1.gif?puid=17e86e00-adb0-45e3-9178-b9927573c070-tuct7732f25&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOOixkwAqbioBG3ttv63lQkV6zXy_mfpKrD9Y0WA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOOixkwAqbioBG3ttv63lQkV6zXy_mfpKrD9Y0WA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/464/124/6/2.gif?puid=3b014ffa-acc9-4c66-becf-bf2ffc1f9bc4&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F5%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/441/5/3.gif?puid=e_725087b5-18a8-4637-aba8-e9dbec8ba594&gdpr=1&gdpr_consent= HTTP 302
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 303
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESELSuoLcNlqVvC6AhY9In4nc&google_cver=1 HTTP 303
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESELSuoLcNlqVvC6AhY9In4nc&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcookie-matching.mediarithmics.com%2Finput%3Fkey%3DAPX%26apx_uid%3D%24UID%26opid%3Dapx%26ops%3D%26utidl%3Dtech%3Agoo%3ACAESELSuoLcNlqVvC6AhY9In4nc%26sd%3DY2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY%26action%3DGET_ID%26etid%3D%26domid%3D1033 HTTP 302
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=6870985880746624017&opid=apx&ops=&utidl=tech:goo:CAESELSuoLcNlqVvC6AhY9In4nc&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
https://id5-sync.com/qp/18.gif?puid=vec%3A16947198268&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 302
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/3/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/3/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/19/3/5.gif?puid=3cf91f79db337ee7e7ec8ad90a4f470e&gdpr=1&gdpr_consent= HTTP 302
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/464/101/2/6.gif?puid=f00341ca-f3ea-49d4-bed6-4b6996632f7e&gdpr=1&gdpr_consent=

Request Chain 408

https://s.c.appier.net/taboola HTTP 302
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=dYGPkGqVA_OYRemaqKl5YA

Request Chain 411

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=238dfffd-ebbf-4620-b44f-d3923d61c7e4 HTTP 302
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=238dfffd-ebbf-4620-b44f-d3923d61c7e4&tbid=a50a3f05-b281-4395-b88b-f7289e5a7605-tuct7732f27&query=taboola_hm%3D238dfffd-ebbf-4620-b44f-d3923d61c7e4&isDirect=0

Request Chain 414

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=BZoO8kRz6m22&ev=1&orig=trc&pid=562107

Request Chain 416

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEBELKl6VzQMlzduKSBE4-mQ&google_cver=1

Request Chain 418

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D1%26gdpr_consent%3D&orig=trc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=1&gdpr_consent=&google_hm=a50a3f05-b281-4395-b88b-f7289e5a7605-tuct7732f27

Request Chain 419

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=c7b44c42-0dc0-4f60-aee4-58d1fe2111ed

Request Chain 424

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=38299ff9-a339-4d43-bdda-6aa70a2ee761

Request Chain 425

https://id5-sync.com/s/464/9.gif?puid=17e86e00-adb0-45e3-9178-b9927573c070-tuct7732f25&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOOixkwAqbioBG3ttv63lQkV6zXy_mfpKrD9Y0WA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOOixkwAqbioBG3ttv63lQkV6zXy_mfpKrD9Y0WA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/464/124/6/2.gif?puid=3b014ffa-acc9-4c66-becf-bf2ffc1f9bc4&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F5%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/441/5/3.gif?puid=e_91301c49-7ff4-43bb-ba3e-0fb6187b0b1c&gdpr=1&gdpr_consent= HTTP 302
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 303
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESELSuoLcNlqVvC6AhY9In4nc&google_cver=1 HTTP 303
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESELSuoLcNlqVvC6AhY9In4nc&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcookie-matching.mediarithmics.com%2Finput%3Fkey%3DAPX%26apx_uid%3D%24UID%26opid%3Dapx%26ops%3D%26utidl%3Dtech%3Agoo%3ACAESELSuoLcNlqVvC6AhY9In4nc%26sd%3DY2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY%26action%3DGET_ID%26etid%3D%26domid%3D1033 HTTP 302
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=8557192939574286957&opid=apx&ops=&utidl=tech:goo:CAESELSuoLcNlqVvC6AhY9In4nc&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
https://id5-sync.com/qp/18.gif?puid=vec%3A16947478757&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 302
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/3/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/3/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/19/3/5.gif?puid=3cf91f79db337ee7e7ec8ad90a4f470e&gdpr=1&gdpr_consent= HTTP 302
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/464/101/2/6.gif?puid=1ef01894-7836-46ee-a461-7d5a1f1b4efa&gdpr=1&gdpr_consent= HTTP 302
https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F103%2F1%2F7.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D

Request Chain 426

https://s.c.appier.net/taboola HTTP 302
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=xrkIOLkGCM60frcUqKl5YA

Request Chain 439

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=aab12007-56b9-4b7e-b570-1ed0b579538e&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELZ65v2W6LCSiB3_Kk-Q3WQ&google_cver=1

Request Chain 443

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3Df8c2be3be15bf66f%26uid%3D%24UID HTTP 307
https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=f8c2be3be15bf66f&uid=b8c9529c4e410f234956ecf3

Request Chain 444

https://sync.1rx.io/usersync2/eplanning HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1725787304 HTTP 302
https://sync.1rx.io/usersync/tradedesk/c7b44c42-0dc0-4f60-aee4-58d1fe2111ed HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-7ad6275b-de39-4dad-bbce-57c0af398fbf-003?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3DRX-7ad6275b-de39-4dad-bbce-57c0af398fbf-003%26dc%3D1079cc634ca638f8%26iss%3D1 HTTP 302
https://sync.e-planning.net/um?uid=RX-7ad6275b-de39-4dad-bbce-57c0af398fbf-003&dc=1079cc634ca638f8&iss=1

Request Chain 446

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEJWpeaOxXlqByutWiIEsxyk&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zdid=1361

Request Chain 447

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0665d433-7ea7-4e7e-76a7-d961871cf8c6%26reqId%3D33c62c76-e358-4f54-4474-21449698e52e%26zdid%3D1361 HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0665d433-7ea7-4e7e-76a7-d961871cf8c6%26reqId%3D33c62c76-e358-4f54-4474-21449698e52e%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=5613bf21-9ec6-11eb-88cf-7ead74e47c78&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zdid=1361

Request Chain 449

https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0665d433-7ea7-4e7e-76a7-d961871cf8c6%26reqId%3D33c62c76-e358-4f54-4474-21449698e52e%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=c7b44c42-0dc0-4f60-aee4-58d1fe2111ed&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zdid=1361

Request Chain 453

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zdid=1361 HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zdid=1361&s_h=1 HTTP 302
https://mwzeom.zeotap.com/mw?cid=a40cdc85-cd44-4dea-a0ca-ced3610433ff&zpartnerid=317&gdpr=1&gdpr_consent=

Request Chain 454

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=0665d433-7ea7-4e7e-76a7-d961871cf8c6&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0665d433-7ea7-4e7e-76a7-d961871cf8c6%26reqId%3D33c62c76-e358-4f54-4474-21449698e52e%26zdid%3D1361 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=0665d433-7ea7-4e7e-76a7-d961871cf8c6&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0665d433-7ea7-4e7e-76a7-d961871cf8c6%26reqId%3D33c62c76-e358-4f54-4474-21449698e52e%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=69214828943758635161664202064406352624&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zdid=1361

Request Chain 456

https://bn01.er.bemail.it/zeotap.php?_bid=0665d433-7ea7-4e7e-76a7-d961871cf8c6&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=BE1-2021041617-78023-0.959468001618586024-a8f6154513a83536a7d88971a25b1794&zdid=533&env=mWeb

Request Chain 457

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0665d433-7ea7-4e7e-76a7-d961871cf8c6%26reqId%3D33c62c76-e358-4f54-4474-21449698e52e%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=6951774043137898649&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zdid=1361

Request Chain 458

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=0665d433-7ea7-4e7e-76a7-d961871cf8c6 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=0665d433-7ea7-4e7e-76a7-d961871cf8c6

Request Chain 459

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=0665d433-7ea7-4e7e-76a7-d961871cf8c6&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0665d433-7ea7-4e7e-76a7-d961871cf8c6%26reqId%3D33c62c76-e358-4f54-4474-21449698e52e%26zdid%3D1361 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=0665d433-7ea7-4e7e-76a7-d961871cf8c6&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0665d433-7ea7-4e7e-76a7-d961871cf8c6%26reqId%3D33c62c76-e358-4f54-4474-21449698e52e%26zdid%3D1361&bounce=1&random=1798496375 HTTP 302
https://mwzeom.zeotap.com/mw?webouuid=Y/AVScLVs/BMaDEsymyv.e&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zdid=1361

Request Chain 461

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=0665d433-7ea7-4e7e-76a7-d961871cf8c6?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?pid=3cf91f79db337ee7e7ec8ad90a4f470e&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zdid=1361

Request Chain 462

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
https://mwzeom.zeotap.com/mw?cid=y-aTsxxoxE2opyco3M_OsZqjkz6nBuNmYfYQ--~A&zpartnerid=570&env=mWeb

Request Chain 463

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=T4GVYPfMHYCdHyqamsw5vg98AWB2HcqU%2BS41iYitP1U%3D

Request Chain 467

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0665d433-7ea7-4e7e-76a7-d961871cf8c6%26reqId%3D33c62c76-e358-4f54-4474-21449698e52e%26zdid%3D1361 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0665d433-7ea7-4e7e-76a7-d961871cf8c6%26reqId%3D33c62c76-e358-4f54-4474-21449698e52e%26zdid%3D1361&_test=YHmpqQAAJzHoBwAC HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YHmpqQAAJzHoBwAC&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zdid=1361&_test=YHmpqQAAJzHoBwAC

Request Chain 468

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0665d433-7ea7-4e7e-76a7-d961871cf8c6%26reqId%3D33c62c76-e358-4f54-4474-21449698e52e%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=472b6079-a9a9-4f00-a1dd-34d7ff3af5d3&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zdid=1361

Request Chain 469

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zdid=1361 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zdid=1361

Request Chain 470

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=0665d433-7ea7-4e7e-76a7-d961871cf8c6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zdid=1361 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=0665d433-7ea7-4e7e-76a7-d961871cf8c6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zdid=1361&dcc=t

Request Chain 471

https://tags.bluekai.com/site/87734?id=0665d433-7ea7-4e7e-76a7-d961871cf8c6&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734

Request Chain 475

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8557192939574286957

Request Chain 476

https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Damx-rtb%26uid%3D HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%3FA%3D693c2491-3703-42c4-8734-305a4cb3b6d0%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%253D%26uid%3D$UID HTTP 302
https://prebid.a-mo.net/cchain/0?A=693c2491-3703-42c4-8734-305a4cb3b6d0&bidder=appnexus&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%3D&uid=8557192939574286957 HTTP 302
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%3FA%3D693c2491-3703-42c4-8734-305a4cb3b6d0%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%253D%26uid%3D$UID HTTP 307
https://prebid.a-mo.net/cchain/1?A=693c2491-3703-42c4-8734-305a4cb3b6d0&bidder=sovrn&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0=&uid=b8c9529c4e410f234956ecf3 HTTP 302
https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%3FA%3D693c2491-3703-42c4-8734-305a4cb3b6d0%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%253D%26uid%3D HTTP 302
https://prebid.a-mo.net/cchain/2?A=693c2491-3703-42c4-8734-305a4cb3b6d0&bidder=index_rtb&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%3D&uid=YHmpqailla-DpNX6bC9o8QAA%261177 HTTP 302
https://sync.quantumdex.io/setuid?bidder=amx-rtb&uid=693c2491-3703-42c4-8734-305a4cb3b6d0

Request Chain 477

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://sync.quantumdex.io/setuid?bidder=between&uid=b9174655-a9ba-526a-928d-8cb7f2f4251e

Request Chain 478

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=8557192939574286957

Request Chain 479

https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=5e55cab3-750d-4145-b73d-2e403ecdd163

Request Chain 480

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP5621f05b-9ec6-11eb-806c-02dd2047314c HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP5621f05b-9ec6-11eb-806c-02dd2047314c

Request Chain 481

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-dgNO9b9E2uGAfC0SCWugV66XO2WWcN9jyTczBv8-~A

Request Chain 482

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=b8c9529c4e410f234956ecf3

Request Chain 483

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1

Request Chain 489

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YHmpqailla_DpNX6bC9o8QAABJkAAAIB HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEFx2ej_JDE3qeC2_8oHVnuA&google_cver=1

Request Chain 490

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YHmpqailla_DpNX6bC9o8QAABJkAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YHmpqailla_DpNX6bC9o8QAABJkAAAIB&dcc=t

Request Chain 491

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YHmpqailla-DpNX6bC9o8QAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEE9d-oQSu9w6Bhm_zKsLOUA&google_cver=1

Request Chain 493

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YHmpqailla_DpNX6bC9o8QAABJkAAAIB HTTP 302
https://pr-bh.ybp.yahoo.com/sync/casale/YHmpqailla_DpNX6bC9o8QAABJkAAAIB

Request Chain 494

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1618672425&gdpr=1

Request Chain 495

https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=91be952d-bb99-4d4d-8153-9c75f57e3cb5&expiration=1650122025

497 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.lesvospost.com/
Redirect Chain

http://lesvospost.com/
http://www.lesvospost.com/
https://www.lesvospost.com/

261 KB
52 KB

260ms
175ms

Document
text/html

2a00:1450:400d:802::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lesvospost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2013 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fb6f66254eeec009f4f2bb2bbacc848ae9afa12bbfcce06b0120f22ba4144d05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.lesvospost.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
expires: Fri, 16 Apr 2021 15:13:40 GMT
date: Fri, 16 Apr 2021 15:13:40 GMT
cache-control: private, max-age=0
last-modified: Fri, 16 Apr 2021 14:36:24 GMT
etag: W/"6dcc564c876b89a9b904426dcc93a177880b8c8fbff4042ac5a1da2effdb7a0a"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 52969
server: GSE

Redirect headers

Location: https://www.lesvospost.com/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Fri, 16 Apr 2021 15:13:39 GMT
Expires: Fri, 16 Apr 2021 15:13:39 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 174
Server: GSE

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 93 KB
37 KB 18ms
18ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-162918491-1

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9c1e39e1e86b810dc7d7e06e37b70bbbfcb5ed5a1d2a78ceddb014239cdecfe9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:40 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37440
x-xss-protection: 0
expires: Fri, 16 Apr 2021 15:13:40 GMT

GET
H2 200 115981500-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 36 KB
37 KB 28ms
6ms Stylesheet
text/css 2a00:1450:4001:80f::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/115981500-css_bundle_v2.css

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22ca5e3dcd26fa66a4af4b4a5d47a6a3a17f4cb9abdd03707901758b28f5c1d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 01:52:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 14 Apr 2021 00:13:19 GMT
server: sffe
age: 220899
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36990
x-xss-protection: 0
expires: Thu, 14 Apr 2022 01:52:01 GMT

GET
H2 200 lesvospost.com.js Show response
agorahtag.tech/c/ 8 KB
3 KB 41ms
18ms Script
application/javascript 2606:4700:3032::6815:4ae4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://agorahtag.tech/c/lesvospost.com.js
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4ae4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3033e61cf89b83c12f2f39e698935be2ffe83671f5833c78687b52569a93292a

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:40 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3837
cf-ray: 640e5be2da6a6413-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2410
x-amz-id-2: 1ZvP4pj2dOMO0eS3I7oKvFXH8t//IBlazuD0DwUJQeks5RxiCizmFKdKFNhyWIS7J+RtrxX6GmA=
last-modified: Mon, 28 Dec 2020 11:44:49 GMT
server: cloudflare
etag: "bdc21ac8a62d869d9f65c2f4ce7d6ab5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4rrms2H16HzRecvv8bNkEUcKZOcHWnEWb1mAm9ejO55RO5qC3H9yIWmvkis%2BrI%2BgzU3Te9DwK7p6pclNJxBiDZYssootrsSn4XRkapSsHMuOwWA7CwAlAvjaEg%3D%3D"}],"group":"cf-nel"}
x-amz-request-id: FZBZATCGBXEN6S9P
cache-control: max-age=14400
cf-request-id: 097cd7c1c70000641344368000000001
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 134 KB
48 KB 42ms
22ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fbf862e5bba81178f9115e527f2482c8b37b938caa2a8c0e87ccdcbb68945fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48639
x-xss-protection: 0
server: cafe
etag: 9412357587671050539
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 15:13:40 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 43ms
21ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04b24cc75d726600ecd77219c27bcba8a1e4d100c3dd411a2ea30e0167b414ee

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:40 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 3400
etag: W/"1462b90a76cb55e61497af0c736a3b3a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 640e5be30cd49742-FRA
cf-request-id: 097cd7c1e70000974242943000000001
expires: Mon, 19 Apr 2021 15:13:40 GMT

GET
H2 200 254310735-widget_css_bundle.css
www.blogger.com/static/v1/widgets/ 33 KB
7 KB 35ms
13ms Stylesheet
text/css 2a00:1450:4001:80f::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/254310735-widget_css_bundle.css

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d7b50b44b0b035afe34a18fb604f9776861b8060a3fa6d1e1e59648ee81f1e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 23:27:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Mar 2019 03:12:59 GMT
server: sffe
age: 315944
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7524
x-xss-protection: 0
expires: Tue, 12 Apr 2022 23:27:56 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.1/ 92 KB
92 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 03:42:37 GMT
x-content-type-options: nosniff
age: 127863
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93868
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Apr 2022 03:42:37 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
760 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500,700&subset=greek,greek-ext

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

53a25ec3114fb90ff5b7c82f36b6ed226932ea0f96ecbe82b682fffe4db1ac1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 16 Apr 2021 14:59:43 GMT
server: ESF
date: Fri, 16 Apr 2021 15:13:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 16 Apr 2021 15:13:40 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/ 28 KB
6 KB 14ms
14ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5d7707ea8fc00aae40bf500ac7498d7f32f6b1bbff7b4fde976a40345eb5f9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 722, 617
age: 3181566
cdn-cachedat: 2021-03-10 20:26:25
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 097cd7c18b000005e923b0c000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 9ea34949095d43cdb6f22ce94bc7b665
cf-ray: 640e5be27d8105e9-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 93 KB
37 KB 35ms
25ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-33165999-1

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d603cc6d4801aa6808c773003c71522b6a1f935bc9328519fa81bfe871c6a09c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:40 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37476
x-xss-protection: 0
expires: Fri, 16 Apr 2021 15:13:40 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 13ms
4ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-162918491-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 4811
date: Fri, 16 Apr 2021 13:53:29 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Fri, 16 Apr 2021 15:53:29 GMT

GET
H3-29 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 94 KB
33 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 17:06:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 166016
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33576
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Apr 2022 17:06:44 GMT

GET
H2 200 / Show response
services.vlitag.com/adv1/ 933 B
1 KB 177ms
147ms Script
application/javascript 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://services.vlitag.com/adv1/?q=f0defa81791596697fbb49dfbf792bf2

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a9ee0d7919721366efcf13a3ccec37c59c9b445ae750f0df1a721ff8995b1dd

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 097cd7c1f100004e496c110000000001
pragma: no-cache
last-modified: Fri, 16 Apr 2021 15:13:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BeMFP%2FBOmgdEfMSX8NpVgqzZDSFA5rJP8iIcAEdogo3CCV1pu6pubsqJt827uuA8ijrx1O93qhABuSeByqrNS%2BAieib9%2B%2F7ddDqBRRTVBZt26JO6RFcEd8IwGO08%2Fqp9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray: 640e5be31a314e49-FRA
expires: on, 01 Jan 1970 00:00:00 GMT

GET
H2 200 logo335x72_1.png
4.bp.blogspot.com/-Ewh2F-NI0oo/X_jfiqSX18I/AAAAAAAD8As/t3A8tTxMRjQqibVYjNFXXAc-S7dexptZgCK4BGAYYCw/s1600/ 12 KB
12 KB 37ms
6ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-Ewh2F-NI0oo/X_jfiqSX18I/AAAAAAAD8As/t3A8tTxMRjQqibVYjNFXXAc-S7dexptZgCK4BGAYYCw/s1600/logo335x72_1.png

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

175493a651edf46ab1e23534dad05def10110f6c6f438902d48455adb28325a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:08:27 GMT
x-content-type-options: nosniff
age: 313
content-disposition: inline;filename="logo335x72_1.png"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12382
x-xss-protection: 0
server: fife
etag: "v3f00c"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 16 Apr 2021 18:57:49 GMT

GET
H2 200 emammpaner.jpg
4.bp.blogspot.com/-RytUZKbQ_9g/X9u67M_WYgI/AAAAAAAD5pk/pStCXnFSFkckb709JL4WNTcR6P-zlSHcACK4BGAYYCw/s1600/ 35 KB
35 KB 43ms
13ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-RytUZKbQ_9g/X9u67M_WYgI/AAAAAAAD5pk/pStCXnFSFkckb709JL4WNTcR6P-zlSHcACK4BGAYYCw/s1600/emammpaner.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f487a829418d1768e30d6026435768bf9bf366e6ee029bd7967f5243641f861c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 11:17:15 GMT
x-content-type-options: nosniff
age: 14185
content-disposition: inline;filename="emammpaner.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35775
x-xss-protection: 0
server: fife
etag: "v3e69a"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 17 Apr 2021 03:17:01 GMT

GET
H2 200 icon18_wrench_allbkg.png
resources.blogblog.com/img/ 475 B
612 B 8ms
6ms Image
image/png 2a00:1450:4001:80f::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon18_wrench_allbkg.png

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 14:42:56 GMT
x-content-type-options: nosniff
last-modified: Wed, 14 Apr 2021 13:09:30 GMT
server: sffe
age: 174644
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 475
x-xss-protection: 0
expires: Wed, 21 Apr 2021 14:42:56 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 93 KB
37 KB 31ms
22ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-33165999-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-162918491-1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8fe95ed82316f41fc254976a669bbd733c4e868a444b3efe41dcad06ecc3b068

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:40 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37499
x-xss-protection: 0
expires: Fri, 16 Apr 2021 15:13:40 GMT

GET
H2 200 diafimistiko-banner.jpg
2.bp.blogspot.com/-aKXa7drEgD4/XHZIQ-pWCQI/AAAAAAADHyQ/4sEFzhEff-wAyfyRsAcBDuxXd0pViWiRACK4BGAYYCw/s1600/ 12 KB
12 KB 32ms
7ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-aKXa7drEgD4/XHZIQ-pWCQI/AAAAAAADHyQ/4sEFzhEff-wAyfyRsAcBDuxXd0pViWiRACK4BGAYYCw/s1600/diafimistiko-banner.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

856e7166e8ea9008f32335f2af3876070d610d3d26c8dda9859a331802906c6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 12:20:25 GMT
x-content-type-options: nosniff
age: 10395
content-disposition: inline;filename="diafimistiko-banner.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11819
x-xss-protection: 0
server: fife
etag: "v31f25"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 13 Apr 2021 15:20:20 GMT

GET
H2 200 bar2p.png
2.bp.blogspot.com/-6KmfQqb0YMk/VBvppeXujuI/AAAAAAADSW8/JeZ7YePw-Gw/s1600/ 6 KB
6 KB 31ms
9ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-6KmfQqb0YMk/VBvppeXujuI/AAAAAAADSW8/JeZ7YePw-Gw/s1600/bar2p.png

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ad71faa702baaac4c60abd3df4b3b16bb9e251140d6678b277f0b123f0dd6bdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 12:20:25 GMT
x-content-type-options: nosniff
age: 10395
content-disposition: inline;filename="bar2p.png"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5989
x-xss-protection: 0
server: fife
etag: "v34978"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 13 Apr 2021 15:20:20 GMT

GET
H2 200 %25CE%25BC%25CF%2580%25CE%25B1%25CE%25BD%25CE%25B5%25CF%2581336280%25CE%25BB%25CE%25B5%25CF%2583%25CF%2589%25CE%25BF%25CF%2583.png
3.bp.blogspot.com/-I4dX3g55TgM/X_jb0fwjn7I/AAAAAAAD8AU/P7l7slYTlEc-CeguMlD5wkXnppi9IFfDwCK4BGAYYCw/s1600/ 25 KB
25 KB 41ms
6ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-I4dX3g55TgM/X_jb0fwjn7I/AAAAAAAD8AU/P7l7slYTlEc-CeguMlD5wkXnppi9IFfDwCK4BGAYYCw/s1600/%25CE%25BC%25CF%2580%25CE%25B1%25CE%25BD%25CE%25B5%25CF%2581336280%25CE%25BB%25CE%25B5%25CF%2583%25CF%2589%25CE%25BF%25CF%2583.png

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1d1b3ecc80188e431bcd2242fd0169fd3df8dcaf617e830c9a9a882428a603c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 14:27:41 GMT
x-content-type-options: nosniff
age: 2759
content-disposition: inline;filename="______336280______.png";filename*=UTF-8''%CE%BC%CF%80%CE%B1%CE%BD%CE%B5%CF%81336280%CE%BB%CE%B5%CF%83%CF%89%CE%BF%CF%83.png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25472
x-xss-protection: 0
server: fife
etag: "v3f006"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 17 Apr 2021 10:27:13 GMT

GET
H2 200 paliolsite.jpg
1.bp.blogspot.com/-iMYgi_d-eCk/YHN1wqoh4gI/AAAAAAAEENc/oCmZJD_qBgQzUWvRSYUQ8gg7gJ9MFylKwCK4BGAYYCw/s1600/ 42 KB
42 KB 36ms
6ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-iMYgi_d-eCk/YHN1wqoh4gI/AAAAAAAEENc/oCmZJD_qBgQzUWvRSYUQ8gg7gJ9MFylKwCK4BGAYYCw/s1600/paliolsite.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

32b230d01303b7b1763352a90256948c744e4f90e60a5ae1c76db9bca9721c67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:12:55 GMT
x-content-type-options: nosniff
age: 45
content-disposition: inline;filename="paliolsite.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42702
x-xss-protection: 0
server: fife
etag: "v410d8"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 17 Apr 2021 15:12:55 GMT

GET
H2 200 Bravo-dialogue-and-awards-2021_300x250_b%2B%25284%2529.gif
4.bp.blogspot.com/-LPgbtXEnC7M/YHYUPmfliEI/AAAAAAAEEV4/mEPbgmMyzeYpC8SAB2Xkgw3_nZKR0K2ZgCK4BGAYYCw/s1600/ 19 KB
19 KB 17ms
8ms Image
image/gif 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-LPgbtXEnC7M/YHYUPmfliEI/AAAAAAAEEV4/mEPbgmMyzeYpC8SAB2Xkgw3_nZKR0K2ZgCK4BGAYYCw/s1600/Bravo-dialogue-and-awards-2021_300x250_b%2B%25284%2529.gif

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d5ef592059912a574227dc788690420fdcf315af5ddc1375ab531ebddc5628ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 14:35:36 GMT
x-content-type-options: nosniff
age: 2284
content-disposition: inline;filename="Bravo-dialogue-and-awards-2021_300x250_b (4).gif"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19694
x-xss-protection: 0
server: fife
etag: "v4115f"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 15 Apr 2021 02:13:49 GMT

GET
H2 200 Document-page-001.jpg
4.bp.blogspot.com/-FNc3EnPoQjI/XDZKGeveLhI/AAAAAAADEdM/OYhS-GlCyoAsTCerIBHoz3vNXAas0gw2ACK4BGAYYCw/s1600/ 19 KB
19 KB 16ms
11ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-FNc3EnPoQjI/XDZKGeveLhI/AAAAAAADEdM/OYhS-GlCyoAsTCerIBHoz3vNXAas0gw2ACK4BGAYYCw/s1600/Document-page-001.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9bab745b2e102c688fe770454824ee61afe0ba505716540e92bd136db6a7fd68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 12:43:06 GMT
x-content-type-options: nosniff
age: 9034
content-disposition: inline;filename="Document-page-001.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19196
x-xss-protection: 0
server: fife
etag: "v311d4"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 16 Apr 2021 20:32:25 GMT

GET
H2 200 LoveRadio882.jpg
2.bp.blogspot.com/-mWuG5tTDq3k/X_jcEcbCXaI/AAAAAAAD8Ag/nDZmS3iFHJspBLUn9zJ46nN3nTABFKzPQCK4BGAYYCw/s1600/ 91 KB
91 KB 18ms
12ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-mWuG5tTDq3k/X_jcEcbCXaI/AAAAAAAD8Ag/nDZmS3iFHJspBLUn9zJ46nN3nTABFKzPQCK4BGAYYCw/s1600/LoveRadio882.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

cd488888454da96b9f3cc9629f20e99d3be07e2cc069973d46fe35e65cfc4e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 12:07:52 GMT
x-content-type-options: nosniff
age: 11148
content-disposition: inline;filename="LoveRadio882.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92739
x-xss-protection: 0
server: fife
etag: "v3f009"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 15 Apr 2021 07:26:10 GMT

GET
H2 200 / Show response
ads.projectagoraservices.com/ 28 KB
7 KB 87ms
36ms Script
application/javascript 2a02:26f0:6c00::210:ba19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.projectagoraservices.com/?id=12615
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 640baa85cb7f6335e644e7be870bdd65cdd6218fc2c41c53b0c96fc4b8e756cb

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 15:13:40 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, no-store, must-revalidate
content-length: 7115
expires: Fri, 16 Apr 2021 15:13:40 GMT

GET
H/1.1 200
OK crl.js Show response
go.linkwi.se/delivery/js/ 6 KB
6 KB 13ms
1ms Script
application/javascript 144.76.151.218
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://go.linkwi.se/delivery/js/crl.js
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 144.76.151.218 Remscheid, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.218.151.76.144.clients.your-server.de
Software: nginx /
Resource Hash: 15928aa05f60c793d4dfcdc4ed2ffad125b78face4c755cb5c2bec4d381e935e

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Apr 2021 15:13:40 GMT
Last-Modified: Thu, 25 Feb 2021 15:01:26 GMT
Server: nginx
ETag: "6037bbc6-1789"
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: max-age=60
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Access-Control-Allow-Headers: X-Requested-With
Content-Length: 6025
Expires: Fri, 16 Apr 2021 15:14:40 GMT

GET
H2 200 saloabos.jpg
s20.postimg.cc/9oke0cgrx/ 83 KB
83 KB 80ms
14ms Image
image/jpeg 5.135.83.165
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s20.postimg.cc/9oke0cgrx/saloabos.jpg
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.83.165 , France, ASN16276 (OVH, FR),
Reverse DNS: i.postimg.cc
Software: nginx /
Resource Hash: ac09583c3281ce2c2489e77f6c0a63988a731449a9ddf4927144c137a98d5fd0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:40 GMT
last-modified: Thu, 16 Mar 2017 09:55:45 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 85040
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ZAXAROLPASTEIOPANTAZH.jpg
i.postimg.cc/Xq45KV8m/ 137 KB
138 KB 280ms
88ms Image
image/jpeg 172.93.106.42
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/Xq45KV8m/ZAXAROLPASTEIOPANTAZH.jpg
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.93.106.42 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: 118ef4b8b0868d3add637750755925e49f9dcba912970b3844d49c0b66023f25

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:40 GMT
last-modified: Wed, 19 Jun 2019 21:56:08 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 140670
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 funky1.jpg
s20.postimg.cc/pm5fur8ml/ 37 KB
37 KB 79ms
14ms Image
image/jpeg 5.135.83.165
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s20.postimg.cc/pm5fur8ml/funky1.jpg
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.83.165 , France, ASN16276 (OVH, FR),
Reverse DNS: i.postimg.cc
Software: nginx /
Resource Hash: c2fa0e79389ec8b51915a9e8b2a4496d07e33533926ab6a042a8b3231c124fe1

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:40 GMT
last-modified: Fri, 02 Dec 2016 16:06:53 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 37513
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logistiko-2.jpg
i.postimg.cc/TYWV8PNZ/ 66 KB
66 KB 275ms
88ms Image
image/jpeg 172.93.106.42
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/TYWV8PNZ/logistiko-2.jpg
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.93.106.42 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: 6c9b3337ebf2d05f8889104f56dbcd3502f1019ff124c62a8e20267a84256d0d

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:40 GMT
last-modified: Tue, 20 Nov 2018 21:40:00 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 67344
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 paris.jpg
s20.postimg.cc/qi63s438t/ 47 KB
47 KB 69ms
14ms Image
image/jpeg 5.135.83.165
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s20.postimg.cc/qi63s438t/paris.jpg
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.83.165 , France, ASN16276 (OVH, FR),
Reverse DNS: i.postimg.cc
Software: nginx /
Resource Hash: 4e5b79f48d701b1282f8ebf77b51e70b6e22ae8fc0b87c2bcf344d354e606040

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:40 GMT
last-modified: Thu, 05 Jan 2017 19:17:20 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 48204
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bn180920.jpg
i.postimg.cc/zv8t3Wnk/ 34 KB
34 KB 262ms
88ms Image
image/jpeg 172.93.106.42
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/zv8t3Wnk/bn180920.jpg
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.93.106.42 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: ecdc9018319b4c5dd1275190313ad73a92b4bc6610eaddb9ad8fff8d6556dbba

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:40 GMT
last-modified: Mon, 21 Sep 2020 20:09:31 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 34706
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 qxAvRG.jpg
imagizer.imageshack.com/img923/683/ 51 KB
52 KB 28ms
11ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagizer.imageshack.com/img923/683/qxAvRG.jpg
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.2.8 /
Resource Hash: 10f7af8eb8c08ccd0deca5deb8570b830c0c4a1ad5972c9e6a1ab2b35c85e9d7

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ops: {"quality":80,"dpr":1}
date: Fri, 16 Apr 2021 15:13:40 GMT
via: 1.1 varnish
xkey: imageshack.imagizer.com
age: 156
accept-ranges: bytes
x-varnish-port: 17001
x-original-filesize: 102606
x-original-quality: 99
x-original-response-code: 200
access-control-allow-methods: GET, POST, OPTIONS, HEAD, GET, POST, OPTIONS
content-length: 51748
x-varnish-ip: 38.99.77.71
x-varnish: 1458377734 1458374834
s3-cache-processed: MISS:imageshack.imagizer.com/processed/1fd8110d115ab122cd4869746f78cebe
server: nginx/1.2.8
x-origin-fetch-time: 83
etag: c4ca4238a0b923820dcc509a6f75849b
x-hw: 1618586020.cds103.fr8.hn,1618586020.cds102.fr8.c
x-imagizer-host: imageshack.imagizer.com
access-control-allow-origin: *, imageshack.com, *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN
cache-control: max-age=2592000, public
access-control-allow-credentials: true
x-original-resolution: 400x300
x-varnish-hits: 2
content-type: image/jpeg
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN, Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
x-cache-hits: 0

GET
H2 200 jinzxf.jpg
imagizer.imageshack.com/img924/1484/ 46 KB
47 KB 17ms
12ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagizer.imageshack.com/img924/1484/jinzxf.jpg
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.2.8 /
Resource Hash: 8bceff48ae2e2eb5f5a3a7dc1b4a2f90c366c8a658f6b7fb4e7c5f78376af1dd

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ops: {"quality":80,"dpr":1}
date: Fri, 16 Apr 2021 15:13:40 GMT
via: 1.1 varnish
xkey: imageshack.imagizer.com
age: 157
accept-ranges: bytes
x-varnish-port: 17001
x-original-filesize: 109523
x-original-quality: 99
x-original-response-code: 200
access-control-allow-methods: GET, POST, OPTIONS, HEAD, GET, POST, OPTIONS
content-length: 47541
x-varnish-ip: 38.99.77.38
x-varnish: 2516287128 2516284343
s3-cache-processed: MISS:imageshack.imagizer.com/processed/aa040023a42c20188e4442f22b0458f1
server: nginx/1.2.8
x-origin-fetch-time: 85
etag: c4ca4238a0b923820dcc509a6f75849b
x-hw: 1618586020.cds103.fr8.hn,1618586020.cds257.fr8.c
x-imagizer-host: imageshack.imagizer.com
access-control-allow-origin: *, imageshack.com, *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN
cache-control: max-age=2592000, public
access-control-allow-credentials: true
x-original-resolution: 400x300
x-varnish-hits: 2
content-type: image/jpeg
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN, Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
x-cache-hits: 0

GET
H2 200 / Show response
ads.projectagoraservices.com/ 16 KB
4 KB 79ms
27ms Script
application/javascript 2a02:26f0:6c00::210:ba19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.projectagoraservices.com/?id=12616
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 0e2a08220f75e632e283d4e5017317ec1ae0110d434e482bf49f274327af7771

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 15:13:40 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, no-store, must-revalidate
content-length: 4343
expires: Fri, 16 Apr 2021 15:13:40 GMT

GET
H3-29 200 media.png
1.bp.blogspot.com/-7pKmuve9zSI/W_CX4KuGofI/AAAAAAADBGo/gOJwxZOptNUcSzpsZpIfPx3lque672mtwCK4BGAYYCw/s1600/ 20 KB
20 KB 25ms
9ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-7pKmuve9zSI/W_CX4KuGofI/AAAAAAADBGo/gOJwxZOptNUcSzpsZpIfPx3lque672mtwCK4BGAYYCw/s1600/media.png

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c7b2c7e96305d2c4e5652d080f8f474c704794ceaeca567d6ad4feaa8b67c79b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 13:12:05 GMT
x-content-type-options: nosniff
age: 7295
content-disposition: inline;filename="media.png"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20275
x-xss-protection: 0
server: fife
etag: "v3046b"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 17 Apr 2021 01:08:47 GMT

GET
H3-29 200 IMG_20210323_202144.jpg
1.bp.blogspot.com/-PbBp5kiXKDY/YFox878KxvI/AAAAAAAECyA/lB41aviWu-clg4XTrnXBZYdpnnSHVQc3wCLcBGAsYHQ/s72-w470-c-h640/ 3 KB
3 KB 27ms
12ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-PbBp5kiXKDY/YFox878KxvI/AAAAAAAECyA/lB41aviWu-clg4XTrnXBZYdpnnSHVQc3wCLcBGAsYHQ/s72-w470-c-h640/IMG_20210323_202144.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

52dfbd3ec677b9d1c994c06fd3efe95824f388702a6948b86fcf710d7f041fec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 13:10:05 GMT
x-content-type-options: nosniff
age: 7415
content-disposition: inline;filename="IMG_20210323_202144.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2770
x-xss-protection: 0
server: fife
etag: "v40b22"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 17 Apr 2021 01:08:47 GMT

GET
H3-29 200 deddie-diakopi-refmatos.jpg
1.bp.blogspot.com/-nShC-WslSAA/YFoaXZ6QwVI/AAAAAAAECxY/jk-L0w7lU4ImHyK6J7dDFG5Qh05XZiuoQCLcBGAsYHQ/s72-w640-c-h384/ 2 KB
2 KB 28ms
12ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-nShC-WslSAA/YFoaXZ6QwVI/AAAAAAAECxY/jk-L0w7lU4ImHyK6J7dDFG5Qh05XZiuoQCLcBGAsYHQ/s72-w640-c-h384/deddie-diakopi-refmatos.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

90d9ef8c1c8b1ff449ca2517b22a3e66e471e9a2ca9030db9a8c4a2b4c63fcd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 13:10:05 GMT
x-content-type-options: nosniff
age: 7415
content-disposition: inline;filename="deddie-diakopi-refmatos.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2187
x-xss-protection: 0
server: fife
etag: "v40b17"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 17 Apr 2021 01:08:47 GMT

GET
H3-29 200 210411095410_P1270046-1024x683.jpg
1.bp.blogspot.com/-Jg4nVfeSBUs/YHONfYJnokI/AAAAAAAEEOg/xTlqG6N5cT07w4xMz6VWA6b4c95bMPKPgCLcBGAsYHQ/s72-w640-c-h426/ 3 KB
3 KB 23ms
7ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-Jg4nVfeSBUs/YHONfYJnokI/AAAAAAAEEOg/xTlqG6N5cT07w4xMz6VWA6b4c95bMPKPgCLcBGAsYHQ/s72-w640-c-h426/210411095410_P1270046-1024x683.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0515eaffee9906a354265eee7b6f7c91f82eab546802a559ef0d018a04a211d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 14:49:43 GMT
x-content-type-options: nosniff
age: 1437
content-disposition: inline;filename="210411095410_P1270046-1024x683.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3394
x-xss-protection: 0
server: fife
etag: "v410e9"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 17 Apr 2021 14:49:43 GMT

GET
H3-29 200 %25CE%2592%25CE%2591%25CE%25A4%25CE%2597.jpg
1.bp.blogspot.com/-m4UJhTeUUQ0/YF05AiF6zvI/AAAAAAAEC_o/LFAJ7jo23fsJTy1hxP7n8z97eNEgn1IYgCLcBGAsYHQ/s72-w640-c-h384/ 4 KB
4 KB 23ms
8ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-m4UJhTeUUQ0/YF05AiF6zvI/AAAAAAAEC_o/LFAJ7jo23fsJTy1hxP7n8z97eNEgn1IYgCLcBGAsYHQ/s72-w640-c-h384/%25CE%2592%25CE%2591%25CE%25A4%25CE%2597.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

16605e492d3addd06caaa8baf36cc5a356d8b4abfd833a052818e0bea04602ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 11:17:15 GMT
x-content-type-options: nosniff
age: 14185
content-disposition: inline;filename="____.jpg";filename*=UTF-8''%CE%92%CE%91%CE%A4%CE%97.jpg
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4211
x-xss-protection: 0
server: fife
etag: "v40bfb"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 17 Apr 2021 07:17:12 GMT

GET
H3-29 200 %25CE%25BB%25CE%25BF.jpg
1.bp.blogspot.com/-ueYHPm_VZTQ/YFTjwU_kJjI/AAAAAAAECh0/2DyxL7sG1vAp9cDP4KaVvPrMY59uwLRPQCLcBGAsYHQ/s72-w640-c-h320/ 4 KB
4 KB 28ms
12ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-ueYHPm_VZTQ/YFTjwU_kJjI/AAAAAAAECh0/2DyxL7sG1vAp9cDP4KaVvPrMY59uwLRPQCLcBGAsYHQ/s72-w640-c-h320/%25CE%25BB%25CE%25BF.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

91b22851c0d52521114606346f08cf00767ea9762670852c3228155937d83d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 13:10:05 GMT
x-content-type-options: nosniff
age: 7415
content-disposition: inline;filename="__.jpg";filename*=UTF-8''%CE%BB%CE%BF.jpg
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3776
x-xss-protection: 0
server: fife
etag: "v40a1f"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 17 Apr 2021 01:08:47 GMT

GET
H/1.1 200 0e697b03.js Show response
asrv.dalecta.com/ 36 KB
13 KB 481ms
188ms Script
application/javascript 212.124.125.232
TRI-AS True Recor...

General

Check archive.org

Show headers Download Go to

Full URL: https://asrv.dalecta.com/0e697b03.js
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.125.232 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software: /
Resource Hash: d2315903f9fb90d18a5134cf4f60eb43d224b80c0c0c84c70dd679097bd42a96

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:40 GMT
content-encoding: gzip
transfer-encoding: chunked
accept-ranges: bytes
etag: "03afbc60d0a0ef1b3e2fa3cf6cab0fad6"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 cookienotice.js Show response
www.lesvospost.com/js/ 6 KB
2 KB 47ms
41ms Script
text/javascript 2a00:1450:400d:802::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lesvospost.com/js/cookienotice.js

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2013 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:path: /js/cookienotice.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.lesvospost.com
referer: https://www.lesvospost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 16 Apr 2021 14:18:43 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 2026
x-xss-protection: 0
expires: Fri, 23 Apr 2021 15:13:40 GMT

GET
H3-29 200 1893845785-widgets.js Show response
www.blogger.com/static/v1/widgets/ 143 KB
52 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:80f::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/1893845785-widgets.js

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74f7a661dfad6247cc977f7042ee2e3db5d5f78d1d0b7987569821dfd445da25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 14:45:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Apr 2021 05:53:33 GMT
server: sffe
age: 1694
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53165
x-xss-protection: 0
expires: Sat, 16 Apr 2022 14:45:26 GMT

GET
H3-29 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 121ms
105ms Stylesheet
text/css 2a00:1450:4001:80f::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=9195335458056664843&zx=0ef767a3-668b-4bef-834f-844a61cd1f4a

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 16 Apr 2021 15:13:40 GMT
server: GSE
date: Fri, 16 Apr 2021 15:13:40 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 404 /
www.lesvospost.com/*https://preview.ibb.co/jx1WkL/lesvospostbg4.png*/ 53 KB
53 KB 204ms
199ms Image
text/html 2a00:1450:400d:802::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lesvospost.com/*https://preview.ibb.co/jx1WkL/lesvospostbg4.png*/

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2013 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e8a032bf16d01ff45fade0d210f93016e22f1db752d4f4974c45f68f72602170

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /*https://preview.ibb.co/jx1WkL/lesvospostbg4.png*/
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.lesvospost.com
referer: https://www.lesvospost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 15:13:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 48686
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.6.1/fonts/ 69 KB
70 KB 23ms
20ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/fonts/fontawesome-webfont.woff2?v=4.6.1

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.lesvospost.com
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:40 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617
age: 3181499
cdn-cachedat: 2021-03-10 20:26:26
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 70728
cf-request-id: 097cd7c1da0000d721bd11f000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 681e4791d992b619f8b296dcfbec5083
accept-ranges: bytes
cf-ray: 640e5be2fbced721-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2

200

weather_w10.aspx Show response
gr.k24.net/widgets/ Frame 0253
Redirect Chain

https://www.weather.gr/widgets/weather_w10.aspx?points=45,3078,3076,5510,11176,5509
https://gr.k24.net/widgets/weather_w10.aspx?points=45,3078,3076,5510,11176,5509

33 KB
11 KB

24ms
21ms

Document
text/html

62.138.3.139
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL: https://gr.k24.net/widgets/weather_w10.aspx?points=45,3078,3076,5510,11176,5509
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.138.3.139 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: astra4385.startdedicated.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: befc7b427a145283d6380d5fb0bbb3611b1ef7a759261bb284dc25c46587bdb5

Request headers

:method: GET
:authority: gr.k24.net
:scheme: https
:path: /widgets/weather_w10.aspx?points=45,3078,3076,5510,11176,5509
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.lesvospost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.lesvospost.com/

Response headers

cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
set-cookie: ASP.NET_SessionId=bihgezbkyt00hukyaetfyotg; path=/; HttpOnly; SameSite=Lax realref=https://www.lesvospost.com/; expires=Fri, 16-Apr-2021 19:13:40 GMT; path=/; secure
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
date: Fri, 16 Apr 2021 15:13:39 GMT
content-length: 11481

Redirect headers

content-type: text/html; charset=utf-8
location: https://gr.k24.net/widgets/weather_w10.aspx?points=45,3078,3076,5510,11176,5509
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
date: Fri, 16 Apr 2021 15:13:39 GMT
content-length: 196

GET
H2 200 likebox.php Show response
www.facebook.com/plugins/ Frame 63B4 49 KB
15 KB 80ms
79ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FLesvosPost%3Fref%3Dhl&width=320&height=250&colorscheme=light&show_faces=true&header=true&stream=false&show_border=true&appId=363716503722377

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

634d997e3d40e6b42551c231d7a68a57a730de073fbd7c0b4f97a3ebfe94d162

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FLesvosPost%3Fref%3Dhl&width=320&height=250&colorscheme=light&show_faces=true&header=true&stream=false&show_border=true&appId=363716503722377
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.lesvospost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.lesvospost.com/

Response headers

vary: Accept-Encoding
x-fb-rlafr: 0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-encoding: br
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
x-fb-debug: pHeoBTeNkp79i5pEnJZDKhbwMeRNf7IMphG/80F9CPYPpTSdWFjaX2UREXdZVrW5l1EnP5h38l7xsXymii6dYg==
date: Fri, 16 Apr 2021 15:13:40 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 projectagora.min.js Show response
aghtag.tech/libs/ 375 KB
111 KB 37ms
13ms Script
application/javascript 2606:4700:3030::6815:1b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aghtag.tech/libs/projectagora.min.js
Requested by: Host: agorahtag.tech
URL: https://agorahtag.tech/c/lesvospost.com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf2757527a305899906518510dd36fb962fa787542e6a525aa883ac54754288e

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:40 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 601
cf-ray: 640e5be3acea4de2-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 112257
x-amz-id-2: SIUxTTdBfqmo1/imS0S+WxYpC9anXQsOiI29rD/9o4K4/mmJM2ieWqvmJ4ZYZjHrxvDEiMVzFaw=
last-modified: Wed, 14 Apr 2021 13:00:54 GMT
server: cloudflare
etag: "cf0f2962106867bc15d142bc1824d541"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aO9hICJj8yynwmDPpSzf957XQqFCEwCd6j9h9%2B%2B%2B1dEp0OKKZSfnPsVWwOem8hpa1DFwWnfK%2FfJS%2FVpUmWLSPBe4htgNst%2B20TcboMMKSHPetIaPzjC6cQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: 9JF88RZ21KP03MBD
cache-control: max-age=14400
cf-request-id: 097cd7c24800004de27f257000000001
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 %25CE%25BA%25CE%25BF%25CE%25B2%25CE%25B9%25CE%25BD%25CF%2584lesvospost.jpg
1.bp.blogspot.com/-a7EUYfgkXHc/YHjTIAQbrVI/AAAAAAAEElA/mEbHPI9ab3IGn3lKHRzKOakxsxdZDvUVgCLcBGAsYHQ/s72-w640-c-h384/ 5 KB
6 KB 15ms
13ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-a7EUYfgkXHc/YHjTIAQbrVI/AAAAAAAEElA/mEbHPI9ab3IGn3lKHRzKOakxsxdZDvUVgCLcBGAsYHQ/s72-w640-c-h384/%25CE%25BA%25CE%25BF%25CE%25B2%25CE%25B9%25CE%25BD%25CF%2584lesvospost.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

29b35d6a7b3b5156da11a74721596f096eefae472539f6fe06241ce5a3fd302d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 14:39:06 GMT
x-content-type-options: nosniff
age: 2074
content-disposition: inline;filename="______lesvospost.jpg";filename*=UTF-8''%CE%BA%CE%BF%CE%B2%CE%B9%CE%BD%CF%84lesvospost.jpg
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5558
x-xss-protection: 0
server: fife
etag: "v41251"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 17 Apr 2021 14:39:06 GMT

GET
H2 200 %25CE%25A3%25CF%2587%25CE%25BF%25CE%25BB%25CE%25B5%25CE%25AF%25CE%25B1%2B%25CE%2591%25CF%2584%25CF%2584%25CE%25B9%25CE%25BA%25CE%25AE%25CF%2582-%25CE%25A0%25CE%25AC%25CF%2581%25CE%25BA%25CE%25BF%2B...
1.bp.blogspot.com/-7XxpjAfG5Zc/YHlaAVQb2vI/AAAAAAAEEl8/xClH76OZX9QHpVmvWIOvgJrxUX64mQEJACLcBGAsYHQ/s72-w640-c-h480/ 4 KB
4 KB 14ms
12ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-7XxpjAfG5Zc/YHlaAVQb2vI/AAAAAAAEEl8/xClH76OZX9QHpVmvWIOvgJrxUX64mQEJACLcBGAsYHQ/s72-w640-c-h480/%25CE%25A3%25CF%2587%25CE%25BF%25CE%25BB%25CE%25B5%25CE%25AF%25CE%25B1%2B%25CE%2591%25CF%2584%25CF%2584%25CE%25B9%25CE%25BA%25CE%25AE%25CF%2582-%25CE%25A0%25CE%25AC%25CF%2581%25CE%25BA%25CE%25BF%2B%25CE%2591%25CF%2580%25CE%25BF%25CE%25BB%25CE%25B9%25CE%25B8%25CF%2589%25CE%25BC%25CE%25AD%25CE%25BD%25CE%25BF%25CF%2585%2B%25CE%2594%25CE%25AC%25CF%2583%25CE%25BF%25CF%2585%25CF%2582.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b0584eda330990d96e24a3ce45213508cf035adf65610ea1b94ab29106e6a82d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 14:01:02 GMT
x-content-type-options: nosniff
age: 4358
content-disposition: inline;filename="_______ _______-_____ ____________ ______.jpg";filename*=UTF-8''%CE%A3%CF%87%CE%BF%CE%BB%CE%B5%CE%AF%CE%B1%20%CE%91%CF%84%CF%84%CE%B9%CE%BA%CE%AE%CF%82-%CE%A0%CE%AC%CF%81%CE%BA%CE%BF%20%CE%91%CF%80%CE%BF%CE%BB%CE%B9%CE%B8%CF%89%CE%BC%CE%AD%CE%BD%CE%BF%CF%85%20%CE%94%CE%AC%CF%83%CE%BF%CF%85%CF%82.jpg
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3924
x-xss-protection: 0
server: fife
etag: "v41260"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 17 Apr 2021 14:01:02 GMT

GET
H2 200 fox.jpg
1.bp.blogspot.com/-QqlGri5ipU0/YHlUAtbYCHI/AAAAAAAEEls/a-VrdwxHqVE5J4CcZj0q7v1AMp9_lRSowCLcBGAsYHQ/s72-w640-c-h336/ 3 KB
3 KB 16ms
15ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-QqlGri5ipU0/YHlUAtbYCHI/AAAAAAAEEls/a-VrdwxHqVE5J4CcZj0q7v1AMp9_lRSowCLcBGAsYHQ/s72-w640-c-h336/fox.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d2c75110209654664dce2025452826501a6aacaa6a438e9390839927389813e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 11:33:52 GMT
x-content-type-options: nosniff
age: 13188
content-disposition: inline;filename="fox.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2822
x-xss-protection: 0
server: fife
etag: "v4125c"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 17 Apr 2021 11:33:52 GMT

GET
H3-29 200 TOYR.jpg
1.bp.blogspot.com/-AwP9bHZdNmQ/YHjMytzwMEI/AAAAAAAEEk0/cHOklcybHkQwT0UirKAvL5T6sHlZq5IkgCLcBGAsYHQ/s72-w640-c-h360/ 4 KB
4 KB 15ms
13ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-AwP9bHZdNmQ/YHjMytzwMEI/AAAAAAAEEk0/cHOklcybHkQwT0UirKAvL5T6sHlZq5IkgCLcBGAsYHQ/s72-w640-c-h360/TOYR.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

942ae0caaeaeec2723babec056b0dbea180b49252a4883230336284e1c26bf64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:00:31 GMT
x-content-type-options: nosniff
age: 789
content-disposition: inline;filename="TOYR.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3739
x-xss-protection: 0
server: fife
etag: "v4124e"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 17 Apr 2021 11:00:30 GMT

GET
H3-29 200 kairos.jpg
1.bp.blogspot.com/-lNznkHRP8PM/YHjMTIQolUI/AAAAAAAEEks/sja16XPkmtQqiN95vgjhMISdfsyFzMp1gCLcBGAsYHQ/s72-w640-c-h314/ 4 KB
4 KB 14ms
13ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-lNznkHRP8PM/YHjMTIQolUI/AAAAAAAEEks/sja16XPkmtQqiN95vgjhMISdfsyFzMp1gCLcBGAsYHQ/s72-w640-c-h314/kairos.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

67e672d03a71e70b7ad6c8e15bb763d2c183add9afd117f6a3392c6cdf57f250

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 14:31:35 GMT
x-content-type-options: nosniff
age: 2525
content-disposition: inline;filename="kairos.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3642
x-xss-protection: 0
server: fife
etag: "v4124c"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 17 Apr 2021 10:30:30 GMT

GET
H3-29 200 %25CE%25A0%25CF%2581%25CE%25BF%25CF%2583%25CF%2586%25CE%25BF%25CF%2581%25CE%25AC%2B%25CF%2583%25CF%2584%25CE%25BF%2B%25CE%259B.%2B%25CE%259C%25CF%2585%25CF%2584%25CE%25B9%25CE%25BB%25CE%25AE%25CE%2...
1.bp.blogspot.com/-rxJaM2MuZPU/YHjLlqQWz7I/AAAAAAAEEkc/hOWFoNtilIobITn--R-sWx_rh7Dq0pZyACLcBGAsYHQ/s72-w640-c-h258/ 4 KB
4 KB 13ms
12ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-rxJaM2MuZPU/YHjLlqQWz7I/AAAAAAAEEkc/hOWFoNtilIobITn--R-sWx_rh7Dq0pZyACLcBGAsYHQ/s72-w640-c-h258/%25CE%25A0%25CF%2581%25CE%25BF%25CF%2583%25CF%2586%25CE%25BF%25CF%2581%25CE%25AC%2B%25CF%2583%25CF%2584%25CE%25BF%2B%25CE%259B.%2B%25CE%259C%25CF%2585%25CF%2584%25CE%25B9%25CE%25BB%25CE%25AE%25CE%25BD%25CE%25B7%25CF%2582-page-001.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

79e442cf2a8991d16e820ccbf828d1311b801a9bf79668ad7ca691787fcbcb8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 14:31:35 GMT
x-content-type-options: nosniff
age: 2525
content-disposition: inline;filename="________ ___ _. _________-page-001.jpg";filename*=UTF-8''%CE%A0%CF%81%CE%BF%CF%83%CF%86%CE%BF%CF%81%CE%AC%20%CF%83%CF%84%CE%BF%20%CE%9B.%20%CE%9C%CF%85%CF%84%CE%B9%CE%BB%CE%AE%CE%BD%CE%B7%CF%82-page-001.jpg
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3939
x-xss-protection: 0
server: fife
etag: "v41249"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 17 Apr 2021 10:30:30 GMT

GET
H3-29 200 dhmos.jpg
1.bp.blogspot.com/-Nq4r9mukgkk/YHjLTLH_jLI/AAAAAAAEEkU/QsMOGWj0f3kqQqKtBXoqutLj4FK4da-5QCLcBGAsYHQ/s72-w640-c-h304/ 3 KB
3 KB 12ms
10ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-Nq4r9mukgkk/YHjLTLH_jLI/AAAAAAAEEkU/QsMOGWj0f3kqQqKtBXoqutLj4FK4da-5QCLcBGAsYHQ/s72-w640-c-h304/dhmos.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d9f443d0d6d75daae15b6fcae01674823809f098353c4c3b6a82578581f8f8be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 14:10:41 GMT
x-content-type-options: nosniff
age: 3779
content-disposition: inline;filename="dhmos.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3538
x-xss-protection: 0
server: fife
etag: "v41246"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 17 Apr 2021 10:08:25 GMT

GET
H3-29 200 173739473_814937222447574_809760647667241398_n.jpg
1.bp.blogspot.com/-WCIglLfsOlI/YHjK89E6RiI/AAAAAAAEEkM/0asq90-3ahkprmdeFXgTmYC3w1ptJBO4wCLcBGAsYHQ/s72-w640-c-h426/ 4 KB
4 KB 15ms
13ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-WCIglLfsOlI/YHjK89E6RiI/AAAAAAAEEkM/0asq90-3ahkprmdeFXgTmYC3w1ptJBO4wCLcBGAsYHQ/s72-w640-c-h426/173739473_814937222447574_809760647667241398_n.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f1706524f839a1c3f97ba644ce838fa4138bcfd2e062ef898cdca31eef692fce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 13:32:04 GMT
x-content-type-options: nosniff
age: 6096
content-disposition: inline;filename="173739473_814937222447574_809760647667241398_n.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3637
x-xss-protection: 0
server: fife
etag: "v41244"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 17 Apr 2021 09:32:04 GMT

GET
H3-29 200 %25CF%2580%25CF%2581%25CE%25BF.jpg
1.bp.blogspot.com/-HtajjGGcgNY/YHlVjIvaTjI/AAAAAAAEEl0/2pwhH0votH8ZFurDCrO6qGu4q6iafkpVACLcBGAsYHQ/s72-w640-c-h410/ 4 KB
4 KB 16ms
15ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-HtajjGGcgNY/YHlVjIvaTjI/AAAAAAAEEl0/2pwhH0votH8ZFurDCrO6qGu4q6iafkpVACLcBGAsYHQ/s72-w640-c-h410/%25CF%2580%25CF%2581%25CE%25BF.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

27acf60a8f511dd22fa1fc50df42fd6c7971e791355f5dbb86862cde0fa229cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 13:19:57 GMT
x-content-type-options: nosniff
age: 6823
content-disposition: inline;filename="___.jpg";filename*=UTF-8''%CF%80%CF%81%CE%BF.jpg
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3648
x-xss-protection: 0
server: fife
etag: "v4125e"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 17 Apr 2021 09:16:59 GMT

GET
H3-29 200 antis.jpg
1.bp.blogspot.com/-YYIBWIv3Cz8/YHjJ86pNR8I/AAAAAAAEEjc/BxYlid9LaUwzNzDVqpnUoUKOWjuhan9igCLcBGAsYHQ/s72-w640-c-h426/ 3 KB
3 KB 17ms
15ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-YYIBWIv3Cz8/YHjJ86pNR8I/AAAAAAAEEjc/BxYlid9LaUwzNzDVqpnUoUKOWjuhan9igCLcBGAsYHQ/s72-w640-c-h426/antis.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6849914dd6d3c5ae1f3a482daddf2970252be53e7a5e075022addcd7250e319b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 12:35:13 GMT
x-content-type-options: nosniff
age: 9507
content-disposition: inline;filename="antis.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3359
x-xss-protection: 0
server: fife
etag: "v41238"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 17 Apr 2021 08:35:13 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 27ms
13ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&a=1085585887&t=pageview&_s=1&dl=https%3A%2F%2Fwww.lesvospost.com%2F&ul=en-us&de=UTF-8&dt=LesvosPost.com%20%7C%20%CE%95%CE%99%CE%94%CE%97%CE%A3%CE%95%CE%99%CE%A3%20%26%20%CE%9D%CE%95%CE%91%20%CE%A4%CE%97%CE%A3%20%CE%9B%CE%95%CE%A3%CE%92%CE%9F%CE%A5&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=963090848&gjid=824879250&cid=178636599.1618586020&tid=UA-162918491-1&_gid=630202238.1618586020&_r=1&gtm=2ou472&z=1013664726

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 15:13:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.lesvospost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 23ms
13ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&a=1085585887&t=pageview&_s=1&dl=https%3A%2F%2Fwww.lesvospost.com%2F&ul=en-us&de=UTF-8&dt=LesvosPost.com%20%7C%20%CE%95%CE%99%CE%94%CE%97%CE%A3%CE%95%CE%99%CE%A3%20%26%20%CE%9D%CE%95%CE%91%20%CE%A4%CE%97%CE%A3%20%CE%9B%CE%95%CE%A3%CE%92%CE%9F%CE%A5&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAUABAAAAAC~&jid=291197725&gjid=194596829&cid=178636599.1618586020&tid=UA-33165999-1&_gid=630202238.1618586020&_r=1&_slc=1&z=1331991681

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 15:13:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.lesvospost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210414/r20190131/ 222 KB
83 KB 48ms
46ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210414/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4266922878443074&plah=www.lesvospost.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11d5cc5bb3db6c56fb91f9068e7f4741f6212c8e2e5546b17039c1c58720fb83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84747
x-xss-protection: 0
server: cafe
etag: 7950800710615234990
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 15:13:40 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210414/r20190131/ Frame 3534 10 KB
5 KB 9ms
6ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210414/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210414/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.lesvospost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.lesvospost.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 16 Apr 2021 14:17:06 GMT
expires: Fri, 30 Apr 2021 14:17:06 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 3394
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
90 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-33165999-1&cid=178636599.1618586020&jid=291197725&gjid=194596829&_gid=630202238.1618586020&_u=IEDAAUABAAAAAC~&z=2053580736

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 16 Apr 2021 15:13:40 GMT
content-type: text/plain
access-control-allow-origin: https://www.lesvospost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 prebid.js Show response
projectagora.net/libs/prebidv3/ 340 KB
98 KB 53ms
36ms Script
application/javascript 2606:4700:3032::ac43:9028
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectagora.net/libs/prebidv3/prebid.js
Requested by: Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=12615
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:9028 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95724c93f5c328900b9d677071d142073c3cfdd732f1e123a5a063c26d7a6ed1

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 366
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 4R0R8M3RFX1K3M6J
x-amz-id-2: cY+LYUGA0UVz2xCUwuXl8aH/SeZRIakgAX2yJJyDaxmCJveMpP9rXPl55xgIa56U5uPt4ydlQ90=
last-modified: Mon, 25 Jan 2021 09:50:38 GMT
server: cloudflare
etag: W/"38d394b5cb15b8a0418e659303132aeb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=85YmJ%2B0SkrSdqOwGBUfqJy8urmcOEoWeJvh5VpJ9g2b7TS68jbq4pYQdlW2oOirivnYtFzKinY8Aay2z5bBIENGEx1N55yJ7r9umYxWE7ndZUW9CMlmD8tkUtSaz"}],"max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-request-id: 097cd7c2ab00000ebb9db3c000000001
cf-ray: 640e5be44f700ebb-FRA

GET
H/1.1 200
OK r.php Show response
go.linkwi.se/delivery/ 48 B
494 B 3ms
3ms Script
application/x-javascript 144.76.151.218
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://go.linkwi.se/delivery/r.php?r=16664&a=1191&target=_blank&w=1
Requested by: Host: go.linkwi.se
URL: https://go.linkwi.se/delivery/js/crl.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 144.76.151.218 Remscheid, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.218.151.76.144.clients.your-server.de
Software: nginx /
Resource Hash: dc2eff1a5631c967c9ade832f1c4411b737b8aa858d8930fa52cb1488fbb83af

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Fri, 16 Apr 2021 15:13:40 GMT
Content-Encoding: gzip
Server: nginx
Linkwise-Redirect: Random
Vary: Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=10
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/x-javascript
Access-Control-Allow-Headers: X-Requested-With

GET
H3-29 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 377ms
376ms Stylesheet
text/css 2a00:1450:4001:80f::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=9195335458056664843&zx=0ef767a3-668b-4bef-834f-844a61cd1f4a

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 16 Apr 2021 15:13:40 GMT
server: GSE
date: Fri, 16 Apr 2021 15:13:40 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
296 B 31ms
29ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-33165999-1&cid=178636599.1618586020&jid=291197725&_u=IEDAAUABAAAAAC~&z=2000984077

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 15:13:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 32ms
30ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-33165999-1&cid=178636599.1618586020&jid=291197725&_u=IEDAAUABAAAAAC~&z=2000984077

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 15:13:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
13ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&a=1085585887&t=pageview&_s=1&dl=https%3A%2F%2Fwww.lesvospost.com%2F&ul=en-us&de=UTF-8&dt=LesvosPost.com%20%7C%20%CE%95%CE%99%CE%94%CE%97%CE%A3%CE%95%CE%99%CE%A3%20%26%20%CE%9D%CE%95%CE%91%20%CE%A4%CE%97%CE%A3%20%CE%9B%CE%95%CE%A3%CE%92%CE%9F%CE%A5&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEDAAUABAAAAAC~&jid=1830802514&gjid=676388819&cid=178636599.1618586020&tid=UA-33165999-1&_gid=630202238.1618586020&_r=1&gtm=2ou472&z=391847420

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 15:13:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.lesvospost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j89&a=1085585887&t=pageview&_s=2&dl=https%3A%2F%2Fwww.lesvospost.com%2F&ul=en-us&de=UTF-8&dt=LesvosPost.com%20%7C%20%CE%95%CE%99%CE%94%CE%97%CE%A3%CE%95%CE%99%CE%A3%20%26%20%CE%9D%CE%95%CE%91%20%CE%A4%CE%97%CE%A3%20%CE%9B%CE%95%CE%A3%CE%92%CE%9F%CE%A5&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEDAAUABAAAAAC~&jid=&gjid=&cid=178636599.1618586020&tid=UA-33165999-1&_gid=630202238.1618586020&gtm=2ou472&z=1190817485

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 18602
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/lesvospostgr-f20544166/ 211 KB
24 KB 152ms
136ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/lesvospostgr-f20544166/loader.js
Requested by: Host: aghtag.tech
URL: https://aghtag.tech/libs/projectagora.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a91dc6d20f073f121fd45c14faf35257d2c34bed5059b7284482b011b63165bd

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: y0KISZBWyyYugu_MmhQerygOUnl_nDsz
content-encoding: gzip
etag: "9064cd0ec46d117996e07627a26a938a"
age: 0
x-cache: HIT
content-length: 24576
x-amz-id-2: i+yFwe9eJPjV8/z24Tst8X6SHEl+Wb3zZ0hpItUpz1T8/0DpXdyb8z1tQQJnZU7gk2UoZf8MdIU=
x-served-by: cache-hhn11542-HHN
last-modified: Wed, 14 Apr 2021 09:16:11 GMT
server: AmazonS3
x-timer: S1618586021.599963,VS0,VE131
date: Fri, 16 Apr 2021 15:13:40 GMT
vary: Accept-Encoding
x-amz-request-id: 9CTRPTV9W4H6DHGX
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 47
x-cache-hits: 1

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 30ms
16ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-33165999-1&cid=178636599.1618586020&jid=1830802514&gjid=676388819&_gid=630202238.1618586020&_u=KEDAAUABAAAAAC~&z=1936934508

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 16 Apr 2021 15:13:40 GMT
content-type: text/plain
access-control-allow-origin: https://www.lesvospost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 204 B
643 B 35ms
15ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.lesvospost.com&callback=_gfp_s_&client=ca-pub-4266922878443074

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210414/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4266922878443074&plah=www.lesvospost.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

a197610cd4b5d62dbbba6035d66f389eb8b79c078de7aefee4d64bb086b53963

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
313 B 15ms
14ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.lesvospost.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 16 Apr 2021 15:13:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
313 B 15ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.lesvospost.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 16 Apr 2021 15:13:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5B71 14 KB
1 KB 91ms
91ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4266922878443074&output=html&adk=1812271804&adf=3025194257&lmt=1618583784&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.lesvospost.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586020381&bpp=15&bdt=155&idt=210&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3455979296148&frm=20&pv=2&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=235

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5a6257af7e1933c81565bc8bac9632a01b7966aadfc68e52f1468aa22a369e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?npa=1&client=ca-pub-4266922878443074&output=html&adk=1812271804&adf=3025194257&lmt=1618583784&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.lesvospost.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586020381&bpp=15&bdt=155&idt=210&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3455979296148&frm=20&pv=2&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=235
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.lesvospost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.lesvospost.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 16 Apr 2021 15:13:40 GMT
server: cafe
content-length: 1141
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 16-Apr-2021 15:28:40 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 16 Apr 2021 15:13:40 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74e1cf077493c33fe895c7ce5732cda76b195e2d357d928f094bc3367cc7a75f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618423639646658"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28266
x-xss-protection: 0
expires: Fri, 16 Apr 2021 15:13:40 GMT

GET
H3-29 200 / Show response
services.vlitag.com/uv/ 13 B
792 B 150ms
138ms XHR
application/json 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://services.vlitag.com/uv/?page_url=https%3A%2F%2Fwww.lesvospost.com%2F&mtk=14096

Requested by

Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=f0defa81791596697fbb49dfbf792bf2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:40 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13
cf-request-id: 097cd7c31c000006293d13e000000001
pragma: no-cache
last-modified: Fri, 16 Apr 2021 15:13:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zhqJqsI8U3J%2B%2FZPCDuRycqUFBQUv5nbWUo6zruk1QsDSy%2FKwWCYlBzz3ahS2%2B6LgvCKVUQAIm5g7cCCB0XfSufvrt4trNsNLmcFxvRH%2F7yP5A3ZtXDBLRPue0vBeTiHr"}],"max_age":604800,"group":"cf-nel"}
content-type: application/json
access-control-allow-origin: https://www.lesvospost.com
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray: 640e5be4fe690629-FRA
expires: on, 01 Jan 1970 00:00:00 GMT

GET
H2 200 f0defa81791596697fbb49dfbf792bf2.js Show response
tag.vlitag.com/v1/1618576037/ 542 KB
111 KB 32ms
29ms Script
application/javascript 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.vlitag.com/v1/1618576037/f0defa81791596697fbb49dfbf792bf2.js

Requested by

Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=f0defa81791596697fbb49dfbf792bf2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a3b640207b648723376e64fcc33cc8c6de02633d1ef4ff017123b1068c8257b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 9975
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 097cd7c31300004e499cb91000000001
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4iXbEuEe9ZsMg%2FM4Mh8vnKglqtnj432z%2FjvzmDuphmY%2FyiBBfKIBw%2Bfm3sP1u0kKVO1gFfa5gI334auRUi2H9LSJDgdCK27Qz613Hpx3awnCkqGf8Pc9lBIQwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000, immutable
cf-ray: 640e5be4ef0e4e49-FRA

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ Frame 0253 93 KB
37 KB 19ms
17ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-32566011-4

Requested by

Host: gr.k24.net
URL: https://gr.k24.net/widgets/weather_w10.aspx?points=45,3078,3076,5510,11176,5509

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2376c40adbaa139441759e36747e36d8d95026d9b311a9f9afde9f607c147b1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://gr.k24.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:40 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37474
x-xss-protection: 0
expires: Fri, 16 Apr 2021 15:13:40 GMT

GET
H2 200 Cloudy.png
gr.k24.net/images/icons/medium/ Frame 0253 1 KB
1 KB 10ms
9ms Image
image/png 62.138.3.139
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gr.k24.net/images/icons/medium/Cloudy.png
Requested by: Host: gr.k24.net
URL: https://gr.k24.net/widgets/weather_w10.aspx?points=45,3078,3076,5510,11176,5509
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.138.3.139 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: astra4385.startdedicated.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 53e311f0874d2b4a544b744f817ebbb4e4d074974e347ab14d18f13bf3cce1ac

Request headers

Referer: https://gr.k24.net/widgets/weather_w10.aspx?points=45,3078,3076,5510,11176,5509
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:39 GMT
last-modified: Sat, 06 Apr 2019 07:53:20 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "50cf53cd4decd41:0"
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
cache-control: max-age=2592000
accept-ranges: bytes
content-type: image/png
content-length: 1419

GET
H2 200 Rain.png
gr.k24.net/images/icons/medium/ Frame 0253 2 KB
2 KB 10ms
9ms Image
image/png 62.138.3.139
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gr.k24.net/images/icons/medium/Rain.png
Requested by: Host: gr.k24.net
URL: https://gr.k24.net/widgets/weather_w10.aspx?points=45,3078,3076,5510,11176,5509
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.138.3.139 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: astra4385.startdedicated.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 84c4abb64955e84e02e985168f426c4890d2baf1a1ce3eef71b70d67f7a0ac97

Request headers

Referer: https://gr.k24.net/widgets/weather_w10.aspx?points=45,3078,3076,5510,11176,5509
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:39 GMT
last-modified: Sat, 06 Apr 2019 07:53:21 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "decfdecd4decd41:0"
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
cache-control: max-age=2592000
accept-ranges: bytes
content-type: image/png
content-length: 1795

GET
H2 200 PartlyCloudy.png
gr.k24.net/images/icons/ Frame 0253 1 KB
1 KB 10ms
9ms Image
image/png 62.138.3.139
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gr.k24.net/images/icons/PartlyCloudy.png
Requested by: Host: gr.k24.net
URL: https://gr.k24.net/widgets/weather_w10.aspx?points=45,3078,3076,5510,11176,5509
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.138.3.139 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: astra4385.startdedicated.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7a91bab37802bad93fbfd8836d11f2621246b53ced7f7bb8103d118ab8a7df93

Request headers

Referer: https://gr.k24.net/widgets/weather_w10.aspx?points=45,3078,3076,5510,11176,5509
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:39 GMT
last-modified: Sat, 06 Apr 2019 07:53:10 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "69a7c2c74decd41:0"
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
cache-control: max-age=2592000
accept-ranges: bytes
content-type: image/png
content-length: 1386

GET
H3-29 200 sSUppTT8x2r.css
www.facebook.com/rsrc.php/v3/yW/l/0,cross/ Frame 63B4 26 KB
6 KB 8ms
7ms Stylesheet
text/css 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yW/l/0,cross/sSUppTT8x2r.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FLesvosPost%3Fref%3Dhl&width=320&height=250&colorscheme=light&show_faces=true&header=true&stream=false&show_border=true&appId=363716503722377

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

63dcc4ba7cdaf9808806eb018a10cdb871bb17e0dc45e172a8b7c8d31db5ad07

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FLesvosPost%3Fref%3Dhl&width=320&height=250&colorscheme=light&show_faces=true&header=true&stream=false&show_border=true&appId=363716503722377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 18:17:44 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: jGmpBzh0NuHyTYgT2UQ1Ow==
cross-origin-resource-policy: cross-origin
content-length: 6094
x-fb-rlafr: 0
x-fb-debug: jF6/w0klnwB6lrcfK+/Img7hcw8fqT7Nt0AnA+U6JY3a90akuebsivhn3veLbrf3TBUyx0gc3HDZZRuS35IAfw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 07 Apr 2022 18:17:44 GMT

GET
H3-29 200 gE_HYjdYxDu.js Show response
www.facebook.com/rsrc.php/v3/yu/r/ Frame 63B4 273 KB
73 KB 9ms
7ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yu/r/gE_HYjdYxDu.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7237f9cf9ebbb0d3d59948a1f6c9951f89b9e2cca391c1e1ead79579709ce826

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FLesvosPost%3Fref%3Dhl&width=320&height=250&colorscheme=light&show_faces=true&header=true&stream=false&show_border=true&appId=363716503722377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 02:37:26 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: MQDllNF8b3Jlx5vCXVZnOg==
cross-origin-resource-policy: cross-origin
content-length: 74201
x-fb-rlafr: 0
x-fb-debug: 3c9GmReXGd2r7CLaoMoOe21aAILQfSbUO668GqX0HZ3wayfIsiu8kGY2m/oeM5OE9ar2u1JdS0TqpGaDoqMo0A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 16 Apr 2022 02:37:26 GMT

GET
H3-29 200 A1MJ22n9DQK.js Show response
www.facebook.com/rsrc.php/v3/yb/r/ Frame 63B4 61 KB
19 KB 10ms
8ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yb/r/A1MJ22n9DQK.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b1c07b9f6ebe826cfee9806cc3bb4aa452c8ddc8b7044be3469039efe1708950

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FLesvosPost%3Fref%3Dhl&width=320&height=250&colorscheme=light&show_faces=true&header=true&stream=false&show_border=true&appId=363716503722377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 02:36:58 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: D2GbXH3+TPUoywjSDw2kIA==
cross-origin-resource-policy: cross-origin
content-length: 19204
x-fb-rlafr: 0
x-fb-debug: Hb7Sr5UvLyv25OwTkGVwP5I2qTqftdZ87oKJcgWQ8EHeattsCtHS5M0XJRXfDUTE8W2TP1hpIEB1aKz/Vr3gPw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 16 Apr 2022 02:36:58 GMT

GET
H3-29 200 xXhDX2DQ6Js.js Show response
www.facebook.com/rsrc.php/v3iEpO4/yN/l/en_US/ Frame 63B4 127 KB
35 KB 11ms
9ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iEpO4/yN/l/en_US/xXhDX2DQ6Js.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a2916bfb49135f53adcd1d1cdcf777a5bfdee73aeaaaa5e3424dd94babfce84e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FLesvosPost%3Fref%3Dhl&width=320&height=250&colorscheme=light&show_faces=true&header=true&stream=false&show_border=true&appId=363716503722377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 19:30:20 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: qpatGvGtHwxnzo10uqhvVw==
cross-origin-resource-policy: cross-origin
content-length: 36187
x-fb-rlafr: 0
x-fb-debug: TJFZhriyANJ820mhSiQquLa6KbnFrXnyV6AI04Chuy6dRVo8N2LOHjrpdIzq5tdtjegXe63pWN+Kw+v8ysYJSA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 14 Apr 2022 19:30:20 GMT

GET
H3-29 200 hV58uaXQUyt.js Show response
www.facebook.com/rsrc.php/v3/yK/r/ Frame 63B4 5 KB
2 KB 11ms
9ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yK/r/hV58uaXQUyt.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fb15c45f6a1d5aae6fd72fcfcc697b906fd1d759d8cda9dbb488265f0aff3bce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FLesvosPost%3Fref%3Dhl&width=320&height=250&colorscheme=light&show_faces=true&header=true&stream=false&show_border=true&appId=363716503722377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 17:33:18 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: o1Rsd6ZuN1opowVtriUXjQ==
cross-origin-resource-policy: cross-origin
content-length: 1745
x-fb-rlafr: 0
x-fb-debug: EcwmXjTex/IryzKJJNdwsb71ewBAuicmjr3rIIodgqN+tLA6ADitix+TckG8wVqWhT8+rMwU/A73z1ptuvKnJA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 15 Apr 2022 17:33:18 GMT

GET
H3-29 200 Xt4d0vKyj2A.js Show response
www.facebook.com/rsrc.php/v3/yd/r/ Frame 63B4 5 KB
2 KB 11ms
10ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yd/r/Xt4d0vKyj2A.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

03edaa40fd1e88b0f0bb6f5bca45869085be41864d322923bbc43171d8bc9da8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FLesvosPost%3Fref%3Dhl&width=320&height=250&colorscheme=light&show_faces=true&header=true&stream=false&show_border=true&appId=363716503722377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 19:52:05 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: o++Sl7AYM4TRB5/L4UHh3Q==
cross-origin-resource-policy: cross-origin
content-length: 1669
x-fb-rlafr: 0
x-fb-debug: h88fes6PSEz40vsUFaLBBvRhA8i7ToAtDoOael+okrXa9Vx+I74koIc2OqnL+qYBBA0Tc8Bm0q37+V3t3hpBlA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 14 Apr 2022 19:52:05 GMT

GET
H3-29 200 0g2NvHjI6Rx.js Show response
www.facebook.com/rsrc.php/v3/yT/r/ Frame 63B4 81 KB
22 KB 11ms
10ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yT/r/0g2NvHjI6Rx.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

455c01f1fff28b043ffaca56767be56b110f78ffb266c5cec7f0410d81e32216

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FLesvosPost%3Fref%3Dhl&width=320&height=250&colorscheme=light&show_faces=true&header=true&stream=false&show_border=true&appId=363716503722377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 17:11:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: ATcY/zw3N70TzXlYNrHJOw==
cross-origin-resource-policy: cross-origin
content-length: 22897
x-fb-rlafr: 0
x-fb-debug: wqds7dfh+Ct12LeVRKx/cSTYA1FG+TNTXHMgRo/up1YuHGaohIYA+/UPhVXujJ/so1qaEsuHdP+shAnKxs51Rg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 14 Apr 2022 17:11:43 GMT

GET
H2 200 164841180_4256336337754989_2421111608704050050_n.jpg
scontent-frt3-1.xx.fbcdn.net/v/t1.6435-0/p130x130/ Frame 63B4 12 KB
12 KB 19ms
6ms Image
image/jpeg 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frt3-1.xx.fbcdn.net/v/t1.6435-0/p130x130/164841180_4256336337754989_2421111608704050050_n.jpg?_nc_cat=108&ccb=1-3&_nc_sid=dd9801&_nc_ohc=guyim8ydfxsAX8mTeSQ&_nc_ht=scontent-frt3-1.xx&tp=6&oh=7001f9d5acd0b4f9019b3e6db3653486&oe=609D8AA0
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FLesvosPost%3Fref%3Dhl&width=320&height=250&colorscheme=light&show_faces=true&header=true&stream=false&show_border=true&appId=363716503722377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:216:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: fc2e7f76a869333d2cafa51346648fcaaa7e70e901a330580a9fb0ddd744d94d

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 76041943
date: Fri, 16 Apr 2021 15:13:40 GMT
x-fb-trip-id: 686109401
last-modified: Fri, 26 Mar 2021 00:53:04 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1527779906
x-fb-config-version-olb-prod: 1071
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 12108

GET
H2 200 11903763_977508562304466_2325686063530057386_n.jpg
scontent-frx5-1.xx.fbcdn.net/v/t1.18169-1/cp0/c1.0.50.50a/p50x50/ Frame 63B4 2 KB
2 KB 7ms
6ms Image
image/jpeg 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frx5-1.xx.fbcdn.net/v/t1.18169-1/cp0/c1.0.50.50a/p50x50/11903763_977508562304466_2325686063530057386_n.jpg?_nc_cat=110&ccb=1-3&_nc_sid=dbb9e7&_nc_ohc=dK7FmvALaowAX8aURac&_nc_ht=scontent-frx5-1.xx&tp=27&oh=8db2dc97612940aabd5a2fbb7e10fd07&oe=609D6C53
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FLesvosPost%3Fref%3Dhl&width=320&height=250&colorscheme=light&show_faces=true&header=true&stream=false&show_border=true&appId=363716503722377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: bd8bb06175d47d9ed8059051fa9c7b8157187c74f6d4af8eb25bbcfb14035b48

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 3780610669
date: Fri, 16 Apr 2021 15:13:40 GMT
x-fb-trip-id: 917726464
last-modified: Fri, 28 Aug 2015 15:42:45 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1307394248
x-fb-config-version-olb-prod: 1066
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1630

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 46ms
36ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-33165999-1&cid=178636599.1618586020&jid=1830802514&_u=KEDAAUABAAAAAC~&z=1907209812

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 15:13:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 43ms
36ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-33165999-1&cid=178636599.1618586020&jid=1830802514&_u=KEDAAUABAAAAAC~&z=1907209812

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 15:13:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5282 405 B
229 B 259ms
259ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4266922878443074&output=html&h=90&slotname=8718405398&adk=2296079777&adf=3377851091&pi=t.ma~as.8718405398&w=728&lmt=1618583784&psa=0&format=728x90&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586020398&bpp=4&bdt=173&idt=253&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=259&ady=235&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=SD6eaxaiae&p=https%3A//www.lesvospost.com&dtd=269

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf0c8bdcbaafb1702fd4cd12c26ff3e2694965c2810d84912ee5f67777dcdf16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?npa=1&client=ca-pub-4266922878443074&output=html&h=90&slotname=8718405398&adk=2296079777&adf=3377851091&pi=t.ma~as.8718405398&w=728&lmt=1618583784&psa=0&format=728x90&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586020398&bpp=4&bdt=173&idt=253&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=259&ady=235&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=SD6eaxaiae&p=https%3A//www.lesvospost.com&dtd=269
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.lesvospost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.lesvospost.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 16 Apr 2021 15:13:40 GMT
server: cafe
content-length: 206
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 16-Apr-2021 15:28:40 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 16 Apr 2021 15:13:40 GMT
cache-control: private

GET
H2 200 w10-bg-1.png
gr.k24.net/images/widgets/ Frame 0253 6 KB
6 KB 9ms
9ms Image
image/png 62.138.3.139
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gr.k24.net/images/widgets/w10-bg-1.png
Requested by: Host: gr.k24.net
URL: https://gr.k24.net/widgets/weather_w10.aspx?points=45,3078,3076,5510,11176,5509
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.138.3.139 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: astra4385.startdedicated.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 78a4cb01e307cd106b8cad0036aa78ff2bbb02d35c3b0f6b4a167fdf95aca97c

Request headers

Referer: https://gr.k24.net/widgets/weather_w10.aspx?points=45,3078,3076,5510,11176,5509
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:39 GMT
last-modified: Wed, 11 Sep 2019 09:44:38 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "eee932878568d51:0"
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
cache-control: max-age=2592000
accept-ranges: bytes
content-type: image/png
content-length: 6267

GET
H/1.1 200
OK r.php Show response
go.linkwi.se/delivery/ 48 B
494 B 4ms
3ms Script
application/x-javascript 144.76.151.218
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://go.linkwi.se/delivery/r.php?r=17047&a=1191&target=_blank&w=1
Requested by: Host: go.linkwi.se
URL: https://go.linkwi.se/delivery/js/crl.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 144.76.151.218 Remscheid, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.218.151.76.144.clients.your-server.de
Software: nginx /
Resource Hash: dc2eff1a5631c967c9ade832f1c4411b737b8aa858d8930fa52cb1488fbb83af

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Fri, 16 Apr 2021 15:13:40 GMT
Content-Encoding: gzip
Server: nginx
Linkwise-Redirect: Random
Vary: Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=10
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/x-javascript
Access-Control-Allow-Headers: X-Requested-With

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EE41 128 KB
28 KB 325ms
323ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4266922878443074&output=html&h=50&slotname=2071283390&adk=4034667973&adf=2889198705&pi=t.ma~as.2071283390&w=450&lmt=1618583784&psa=0&format=450x50&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586020402&bpp=1&bdt=177&idt=287&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=259&ady=457&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=7ZwteUMrTZ&p=https%3A//www.lesvospost.com&dtd=292

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e5ea97e63f72883f2164652a906fb09137146f98cbe60a4412d24d5bd614260

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?npa=1&client=ca-pub-4266922878443074&output=html&h=50&slotname=2071283390&adk=4034667973&adf=2889198705&pi=t.ma~as.2071283390&w=450&lmt=1618583784&psa=0&format=450x50&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586020402&bpp=1&bdt=177&idt=287&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=259&ady=457&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=7ZwteUMrTZ&p=https%3A//www.lesvospost.com&dtd=292
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.lesvospost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.lesvospost.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 16 Apr 2021 15:13:41 GMT
server: cafe
content-length: 28410
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 16-Apr-2021 15:28:40 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 16 Apr 2021 15:13:41 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A206 62 KB
23 KB 297ms
297ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4266922878443074&output=html&h=60&slotname=2071283390&adk=3236735827&adf=1913544732&pi=t.ma~as.2071283390&w=468&lmt=1618583784&psa=0&format=468x60&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586020403&bpp=1&bdt=177&idt=336&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C450x50&nras=1&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=259&ady=3203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=UTX7ip3RWV&p=https%3A//www.lesvospost.com&dtd=340

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71ff8d97d0931376ea79e119463c520f59dedae4603a719bc6d6dc2af628dbaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?npa=1&client=ca-pub-4266922878443074&output=html&h=60&slotname=2071283390&adk=3236735827&adf=1913544732&pi=t.ma~as.2071283390&w=468&lmt=1618583784&psa=0&format=468x60&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586020403&bpp=1&bdt=177&idt=336&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C450x50&nras=1&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=259&ady=3203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=UTX7ip3RWV&p=https%3A//www.lesvospost.com&dtd=340
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.lesvospost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.lesvospost.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 16 Apr 2021 15:13:41 GMT
server: cafe
content-length: 23382
x-xss-protection: 0
set-cookie: IDE=AHWqTUnaFtvl-usS89_Dwem0OJxcgX82zk1PD6Ca6ujk0eYnCCxzn5zZ_w9cvI1ONFs; expires=Wed, 11-May-2022 15:13:40 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 16 Apr 2021 15:13:41 GMT
cache-control: private

GET
H3-29 200 ApcBOUT5FoS.png
www.facebook.com/rsrc.php/v3/y_/r/ Frame 63B4 573 B
624 B 6ms
6ms Image
image/png 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y_/r/ApcBOUT5FoS.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yW/l/0,cross/sSUppTT8x2r.css?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

641e03dfeee60c05e0794bace5fc58d2fba409fee529a114459e44cee0d9d069

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/rsrc.php/v3/yW/l/0,cross/sSUppTT8x2r.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: rr2h4CyKxf4k3sJ83h1JwKLcWhUeEBmxijvJ4y7ZWrgcSSHkWvqIoBctYnv9ygmSI5p3dK7zusbIswdrcDyfjg==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: Y/eW3MWFNJnkcpEqoXzG3Q==
date: Thu, 15 Apr 2021 19:18:56 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
priority: u=3,i
timing-allow-origin: *
content-length: 573
x-fb-rlafr: 0
expires: Fri, 15 Apr 2022 19:18:56 GMT

GET
H2 200 cmp-v2.0.1.js Show response
assets.vlitag.com/plugins/cmptcf2/ 267 KB
68 KB 26ms
23ms Script
application/javascript 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1618576037/f0defa81791596697fbb49dfbf792bf2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1340000
cf-polished: origSize=489839
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 097cd7c40e00004e49932c9000000001
x-robots-tag: noindex, nofollow
last-modified: Tue, 29 Dec 2020 02:18:12 GMT
server: cloudflare
etag: W/"5fea91e4-7796f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2UswfWOWF4YEKOkMF8doKLMNJgn3Dm5yfQKdeKnTFcD%2F8Sq6zto%2FKEl%2BwKQr9AALIEPgn1u1aNUAAlcWYU%2FlAgSWNo44rLRNT%2BIuosEcHTzwAGTQCjYLEcVId9mu7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=16070400
cf-ray: 640e5be67a4b4e49-FRA
expires: Thu, 01 Apr 2021 03:30:20 GMT

GET
H2 200 prebid-v4.28.4.js Show response
assets.vlitag.com/prebid/default/ 399 KB
114 KB 37ms
35ms Script
application/javascript 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/prebid/default/prebid-v4.28.4.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1618576037/f0defa81791596697fbb49dfbf792bf2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

303fcac4d8aa919d458b2637bd478efeb0ea24d612ff44ab37e7fa712ae05db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2443549
cf-polished: origSize=409186
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 097cd7c41200004e49048f6000000001
x-robots-tag: noindex, nofollow
last-modified: Fri, 19 Mar 2021 08:27:45 GMT
server: cloudflare
etag: W/"60546081-63e62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wL4DKapQD8hUGbrfay2joZPd5YnNEeuZu3Di7p4w2DFnbIqPlISyTc%2BOy14YeC4em0JnFPBlVjX3KekRoLXqFiL8xYVN7HYxbXws%2FD1KVf3p8nvGRd1lTGOfqYavrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=16070400
cf-ray: 640e5be67a4f4e49-FRA
expires: Fri, 19 Mar 2021 08:57:51 GMT

GET
H3-29 200 gpt.js Show response
www.googletagservices.com/tag/js/ 63 KB
21 KB 25ms
22ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1618576037/f0defa81791596697fbb49dfbf792bf2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ad2b7a09587300eec580303a45f75396d489cf9d2e005fe832946b41f3cbe1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "844 / 606 of 1000 / last-modified: 1618571343"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21121
x-xss-protection: 0
expires: Fri, 16 Apr 2021 15:13:40 GMT

GET
H2 200 viPlayer_v42.min.js Show response
assets.vlitag.com/plugins/vlPlayer/ 13 KB
5 KB 18ms
16ms Script
application/javascript 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/plugins/vlPlayer/viPlayer_v42.min.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1618576037/f0defa81791596697fbb49dfbf792bf2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbeb241324f4c3e889518c86ec74c1f6f634fff0c6f23f8c5af28273b8f31112

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2442105
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 097cd7c40f00004e49fb13c000000001
x-robots-tag: noindex, nofollow
last-modified: Thu, 26 Nov 2020 03:46:23 GMT
server: cloudflare
etag: W/"5fbf250f-33d4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=95J7Vvg%2BJyGUyd1R6pQXa%2FG684m4bd4CM36atMGAY1V1Mvb6r5TiLqkJwLuxKxHnBlRsGUkuy2BSgTgxxW5DyT9L8j1ntUe8SaeyE2ECmydeej7rNL35oFcZi%2FrrOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=16070400
cf-ray: 640e5be67a534e49-FRA
expires: Fri, 19 Mar 2021 09:21:55 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 334 KB
115 KB 37ms
15ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1618576037/f0defa81791596697fbb49dfbf792bf2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3e7e84a9247e2cbb12fcb52dd0afe3232325a13e01fc59652ad7fb3c8d5d664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117037
x-xss-protection: 0
expires: Fri, 16 Apr 2021 15:13:40 GMT

GET
H2 200 sf_host.min.js Show response
assets.vlitag.com/plugins/safeframe/src/js/ 38 KB
16 KB 19ms
18ms Script
application/javascript 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1618576037/f0defa81791596697fbb49dfbf792bf2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2442105
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 097cd7c40d00004e497b3dd000000001
x-robots-tag: noindex, nofollow
last-modified: Fri, 01 Nov 2019 05:04:50 GMT
server: cloudflare
etag: W/"5dbbbcf2-9806"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=I5ylhxLA9K%2F81ELuBct3E%2BkH4mOlyPeI2HvCX6yKvmvXEwfkzpo56xx%2FdSt9%2Bp6gn%2F%2B9r5kt5vZ8dw%2FRdFlZCJDVPNtXKw97Lh2PgkwBytJHcWrbnOUTlCNPrOqpIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=16070400
cf-ray: 640e5be67a474e49-FRA
expires: Fri, 19 Mar 2021 09:21:55 GMT

GET
H3-29 200 / Show response
services.vlitag.com/adv1/ 933 B
1 KB 160ms
136ms Script
application/javascript 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://services.vlitag.com/adv1/?q=f0defa81791596697fbb49dfbf792bf2

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a9ee0d7919721366efcf13a3ccec37c59c9b445ae750f0df1a721ff8995b1dd

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:41 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 097cd7c42800000eb30112f000000001
pragma: no-cache
last-modified: Fri, 16 Apr 2021 15:13:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=H%2FetYG%2BkZ1UdqRP985xQiw%2FgAfY7qDirQ2qBOsDVEN6LaFzCFQMEdGJt1lMZ0MbN2gwiHwKGWYqWQZwsA293lGtUOQsWRTAijwTtqZveR2IbpqrdQrHFe%2FImoqPwWSs2"}],"max_age":604800}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray: 640e5be6aaad0eb3-FRA
expires: on, 01 Jan 1970 00:00:00 GMT

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ Frame 0253 48 KB
19 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-32566011-4

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gr.k24.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 1226
date: Fri, 16 Apr 2021 14:53:14 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Fri, 16 Apr 2021 16:53:14 GMT

GET
H2 200 impl.20210414-6-RELEASE.js Show response
cdn.taboola.com/libtrc/ 480 KB
110 KB 6ms
6ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20210414-6-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/lesvospostgr-f20544166/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 5c1c30811521e2a8e3f1f66d6e550b2d48a250cd11b81223180c9b3fb2f29c3b

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: vs9zfjmj52qQCvZeDRMgkTHl2EUEsIHE
content-encoding: br
etag: "e2aa74824e227f919caf68a3ad379b8a"
age: 22648
x-cache: HIT
content-length: 112566
x-amz-id-2: 8sX7ROG8Ywr4W/GQb+5O7U2IaUiPl2BzaJapdsLBu9dHudwfjbB9E0zysf16Cc4pz3TEYGLX824=
x-served-by: cache-hhn11542-HHN
last-modified: Wed, 14 Apr 2021 08:54:43 GMT
server: AmazonS3-br
x-timer: S1618586021.945456,VS0,VE0
date: Fri, 16 Apr 2021 15:13:40 GMT
vary: Accept-Encoding
x-amz-request-id: 5N55FMRHEZ39CMVJ
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 79
x-cache-hits: 138375

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 23ms
6ms Script
application/javascript 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 1574e89f09d15f5c0b502e03318bf8e42f6993bc76761f01d4189d9c7cac1a2f

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:40 GMT
content-encoding: gzip
etag: "9BXR5o2ektbbjpKQZDKFMQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Fri, 23 Apr 2021 15:13:40 GMT

GET
H2 200 /
aboutads.quantcast.com/ 292 B
588 B 533ms
168ms Image
image/png 44.238.171.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aboutads.quantcast.com/?icon=F4PgLCjWloafzv6UsVhTsQ
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.238.171.100 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-238-171-100.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 8d3b9e1ac7e5c6d9d971546c23ade5667688baf326915c5254b2168a6e44121d

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:41 GMT
server: istio-envoy
add_strict_transport: Strict-Transport-Security: max-age=31536000
x-url-param: https://aboutads.quantcast.com/?icon=F4PgLCjWloafzv6UsVhTsQ
content-type: image/png
x-envoy-upstream-service-time: 0
x-server: adchoices_backend_server3
content-length: 292

GET
H2 200 default Show response
www.lesvospost.com/feeds/posts/ 228 KB
39 KB 240ms
240ms XHR
text/javascript 2a00:1450:400d:802::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lesvospost.com/feeds/posts/default?alt=json-in-script&callback=jQuery111005502978995330774_1618586020301&_=1618586020302

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2013 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

f4abe8ed89d52c5605bfc39c969c9c22191d3648e07266713d4f234d556a0ac1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _ga=GA1.2.178636599.1618586020; _gid=GA1.2.630202238.1618586020; _gat_gtag_UA_162918491_1=1; _gat_blogger=1; _gat_gtag_UA_33165999_1=1; __gads=ID=ed55da207a2c072f-2220556a93a7000f:T=1618586020:RT=1618586020:S=ALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw; __vliIPL={"value":["2a01:4f8:192:5414::2"],"expiredAt":1618593220852}
:path: /feeds/posts/default?alt=json-in-script&callback=jQuery111005502978995330774_1618586020301&_=1618586020302
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control: no-cache
:authority: www.lesvospost.com
referer: https://www.lesvospost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.lesvospost.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 16 Apr 2021 14:36:24 GMT
server: blogger-renderd
etag: W/"10696a8e425180229d5df4c9946b893b71c5d5a9609cb3046d54d21368e73f57"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 39370
x-xss-protection: 0
expires: Fri, 16 Apr 2021 15:13:42 GMT

GET
H2 200 default Show response
www.lesvospost.com/feeds/posts/ 228 KB
39 KB 233ms
233ms XHR
text/javascript 2a00:1450:400d:802::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lesvospost.com/feeds/posts/default?alt=json-in-script&callback=jQuery111005502978995330774_1618586020303&_=1618586020304

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2013 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

3716361a23e636468cc0af4b9fdd1e55b31755e30929f206e4b02848c2adf877

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _ga=GA1.2.178636599.1618586020; _gid=GA1.2.630202238.1618586020; _gat_gtag_UA_162918491_1=1; _gat_blogger=1; _gat_gtag_UA_33165999_1=1; __gads=ID=ed55da207a2c072f-2220556a93a7000f:T=1618586020:RT=1618586020:S=ALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw; __vliIPL={"value":["2a01:4f8:192:5414::2"],"expiredAt":1618593220852}
:path: /feeds/posts/default?alt=json-in-script&callback=jQuery111005502978995330774_1618586020303&_=1618586020304
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control: no-cache
:authority: www.lesvospost.com
referer: https://www.lesvospost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.lesvospost.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 16 Apr 2021 14:36:24 GMT
server: blogger-renderd
etag: W/"10696a8e425180229d5df4c9946b893b71c5d5a9609cb3046d54d21368e73f57"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 39370
x-xss-protection: 0
expires: Fri, 16 Apr 2021 15:13:42 GMT

GET
H2 200 %CE%9A%CE%BF%CF%81%CE%BF%CE%BD%CE%BF%CF%8A%CE%BF%CF%82 Show response
www.lesvospost.com/feeds/posts/default/-/ 36 KB
7 KB 209ms
209ms XHR
text/javascript 2a00:1450:400d:802::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lesvospost.com/feeds/posts/default/-/%CE%9A%CE%BF%CF%81%CE%BF%CE%BD%CE%BF%CF%8A%CE%BF%CF%82?alt=json-in-script&max-results=4&callback=jQuery111005502978995330774_1618586020305&_=1618586020306

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2013 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

e336344e654c2a3bd8281e95f6c59616f094be194d74ed5f56470884e6f7698d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _ga=GA1.2.178636599.1618586020; _gid=GA1.2.630202238.1618586020; _gat_gtag_UA_162918491_1=1; _gat_blogger=1; _gat_gtag_UA_33165999_1=1; __gads=ID=ed55da207a2c072f-2220556a93a7000f:T=1618586020:RT=1618586020:S=ALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw; __vliIPL={"value":["2a01:4f8:192:5414::2"],"expiredAt":1618593220852}
:path: /feeds/posts/default/-/%CE%9A%CE%BF%CF%81%CE%BF%CE%BD%CE%BF%CF%8A%CE%BF%CF%82?alt=json-in-script&max-results=4&callback=jQuery111005502978995330774_1618586020305&_=1618586020306
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control: no-cache
:authority: www.lesvospost.com
referer: https://www.lesvospost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.lesvospost.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 16 Apr 2021 14:36:24 GMT
server: blogger-renderd
etag: W/"e24b03de6493c1a30a16d83ffe65d228f79b68e7fca60642e1d4cd007a53dfd1"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 6560
x-xss-protection: 0
expires: Fri, 16 Apr 2021 15:13:42 GMT

GET
H2 200 %CE%94%CE%AE%CE%BC%CE%BF%CF%82%20%CE%9C%CF%85%CF%84%CE%B9%CE%BB%CE%AE%CE%BD%CE%B7%CF%82 Show response
www.lesvospost.com/feeds/posts/default/-/ 31 KB
7 KB 210ms
210ms XHR
text/javascript 2a00:1450:400d:802::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lesvospost.com/feeds/posts/default/-/%CE%94%CE%AE%CE%BC%CE%BF%CF%82%20%CE%9C%CF%85%CF%84%CE%B9%CE%BB%CE%AE%CE%BD%CE%B7%CF%82?alt=json-in-script&max-results=4&callback=jQuery111005502978995330774_1618586020307&_=1618586020308

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2013 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

cc7fe287d717079384d94a1efb30eb76ea57e427b352c31f2a0249fc98ed66a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _ga=GA1.2.178636599.1618586020; _gid=GA1.2.630202238.1618586020; _gat_gtag_UA_162918491_1=1; _gat_blogger=1; _gat_gtag_UA_33165999_1=1; __gads=ID=ed55da207a2c072f-2220556a93a7000f:T=1618586020:RT=1618586020:S=ALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw; __vliIPL={"value":["2a01:4f8:192:5414::2"],"expiredAt":1618593220852}
:path: /feeds/posts/default/-/%CE%94%CE%AE%CE%BC%CE%BF%CF%82%20%CE%9C%CF%85%CF%84%CE%B9%CE%BB%CE%AE%CE%BD%CE%B7%CF%82?alt=json-in-script&max-results=4&callback=jQuery111005502978995330774_1618586020307&_=1618586020308
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control: no-cache
:authority: www.lesvospost.com
referer: https://www.lesvospost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.lesvospost.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 16 Apr 2021 14:36:24 GMT
server: blogger-renderd
etag: W/"4e7003dbacf05a06cc554c687bf2c19f7d4b7868c00df3541491aa972a209a28"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 6902
x-xss-protection: 0
expires: Fri, 16 Apr 2021 15:13:42 GMT

GET
H2 200 %CE%94%CE%AE%CE%BC%CE%BF%CF%82%20%CE%94%CF%85%CF%84%CE%B9%CE%BA%CE%AE%CF%82%20%CE%9B%CE%AD%CF%83%CE%B2%CE%BF%CF%85 Show response
www.lesvospost.com/feeds/posts/default/-/ 42 KB
10 KB 205ms
205ms XHR
text/javascript 2a00:1450:400d:802::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lesvospost.com/feeds/posts/default/-/%CE%94%CE%AE%CE%BC%CE%BF%CF%82%20%CE%94%CF%85%CF%84%CE%B9%CE%BA%CE%AE%CF%82%20%CE%9B%CE%AD%CF%83%CE%B2%CE%BF%CF%85?alt=json-in-script&max-results=4&callback=jQuery111005502978995330774_1618586020309&_=1618586020310

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2013 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

00048eb167da1b28c814a97ac7cd34a076fda2da88e598957ed959342eaf1f88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _ga=GA1.2.178636599.1618586020; _gid=GA1.2.630202238.1618586020; _gat_gtag_UA_162918491_1=1; _gat_blogger=1; _gat_gtag_UA_33165999_1=1; __gads=ID=ed55da207a2c072f-2220556a93a7000f:T=1618586020:RT=1618586020:S=ALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw; __vliIPL={"value":["2a01:4f8:192:5414::2"],"expiredAt":1618593220852}
:path: /feeds/posts/default/-/%CE%94%CE%AE%CE%BC%CE%BF%CF%82%20%CE%94%CF%85%CF%84%CE%B9%CE%BA%CE%AE%CF%82%20%CE%9B%CE%AD%CF%83%CE%B2%CE%BF%CF%85?alt=json-in-script&max-results=4&callback=jQuery111005502978995330774_1618586020309&_=1618586020310
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control: no-cache
:authority: www.lesvospost.com
referer: https://www.lesvospost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.lesvospost.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 16 Apr 2021 14:36:24 GMT
server: blogger-renderd
etag: W/"ba19cb0eb5c221afbaf121290fe1fdbafaad7188b337a808f9a88a13f3269891"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 9972
x-xss-protection: 0
expires: Fri, 16 Apr 2021 15:13:42 GMT

GET
H2 200 %CE%A0%CE%B5%CF%81%CE%B9%CF%86%CE%AD%CF%81%CE%B5%CE%B9%CE%B1 Show response
www.lesvospost.com/feeds/posts/default/-/ 40 KB
9 KB 217ms
217ms XHR
text/javascript 2a00:1450:400d:802::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lesvospost.com/feeds/posts/default/-/%CE%A0%CE%B5%CF%81%CE%B9%CF%86%CE%AD%CF%81%CE%B5%CE%B9%CE%B1?alt=json-in-script&max-results=4&callback=jQuery111005502978995330774_1618586020311&_=1618586020312

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2013 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

f4cbd223a6696df35733d838a354811a1ffa1d2d7c27c5de21a14b4a6f6b9917

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _ga=GA1.2.178636599.1618586020; _gid=GA1.2.630202238.1618586020; _gat_gtag_UA_162918491_1=1; _gat_blogger=1; _gat_gtag_UA_33165999_1=1; __gads=ID=ed55da207a2c072f-2220556a93a7000f:T=1618586020:RT=1618586020:S=ALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw; __vliIPL={"value":["2a01:4f8:192:5414::2"],"expiredAt":1618593220852}
:path: /feeds/posts/default/-/%CE%A0%CE%B5%CF%81%CE%B9%CF%86%CE%AD%CF%81%CE%B5%CE%B9%CE%B1?alt=json-in-script&max-results=4&callback=jQuery111005502978995330774_1618586020311&_=1618586020312
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control: no-cache
:authority: www.lesvospost.com
referer: https://www.lesvospost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.lesvospost.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 16 Apr 2021 14:36:24 GMT
server: blogger-renderd
etag: W/"dff5604b5c7a95c4a754ed20d1b48cc619c9da27d260785be52ea7448734fe9a"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 8987
x-xss-protection: 0
expires: Fri, 16 Apr 2021 15:13:42 GMT

GET
H2 200 %CE%91%CF%83%CF%84%CF%85%CE%BD%CE%BF%CE%BC%CE%B9%CE%BA%CE%AC Show response
www.lesvospost.com/feeds/posts/default/-/ 28 KB
6 KB 203ms
201ms XHR
text/javascript 2a00:1450:400d:802::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lesvospost.com/feeds/posts/default/-/%CE%91%CF%83%CF%84%CF%85%CE%BD%CE%BF%CE%BC%CE%B9%CE%BA%CE%AC?alt=json-in-script&max-results=4&callback=jQuery111005502978995330774_1618586020313&_=1618586020314

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2013 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

576912d0643a9d6e706008e998a946afb1724f927a3279ddae5eae1ca442254d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _ga=GA1.2.178636599.1618586020; _gid=GA1.2.630202238.1618586020; _gat_gtag_UA_162918491_1=1; _gat_blogger=1; _gat_gtag_UA_33165999_1=1; __gads=ID=ed55da207a2c072f-2220556a93a7000f:T=1618586020:RT=1618586020:S=ALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw; __vliIPL={"value":["2a01:4f8:192:5414::2"],"expiredAt":1618593220852}
:path: /feeds/posts/default/-/%CE%91%CF%83%CF%84%CF%85%CE%BD%CE%BF%CE%BC%CE%B9%CE%BA%CE%AC?alt=json-in-script&max-results=4&callback=jQuery111005502978995330774_1618586020313&_=1618586020314
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control: no-cache
:authority: www.lesvospost.com
referer: https://www.lesvospost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.lesvospost.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 16 Apr 2021 14:36:24 GMT
server: blogger-renderd
etag: W/"1f4108499ee66c87253e35ccf2024eae7d61593e47749ea631c6547c6e9702a9"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 6170
x-xss-protection: 0
expires: Fri, 16 Apr 2021 15:13:42 GMT

GET
H2 200 %CE%91%CE%B8%CE%BB%CE%B7%CF%84%CE%B9%CF%83%CE%BC%CF%8C%CF%82 Show response
www.lesvospost.com/feeds/posts/default/-/ 79 KB
11 KB 210ms
209ms XHR
text/javascript 2a00:1450:400d:802::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lesvospost.com/feeds/posts/default/-/%CE%91%CE%B8%CE%BB%CE%B7%CF%84%CE%B9%CF%83%CE%BC%CF%8C%CF%82?alt=json-in-script&max-results=4&callback=jQuery111005502978995330774_1618586020315&_=1618586020316

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2013 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

4a2688c788cffbc1b255da8c1548382d75366dc36ff6cf23361f88c6124da58d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _ga=GA1.2.178636599.1618586020; _gid=GA1.2.630202238.1618586020; _gat_gtag_UA_162918491_1=1; _gat_blogger=1; _gat_gtag_UA_33165999_1=1; __gads=ID=ed55da207a2c072f-2220556a93a7000f:T=1618586020:RT=1618586020:S=ALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw; __vliIPL={"value":["2a01:4f8:192:5414::2"],"expiredAt":1618593220852}
:path: /feeds/posts/default/-/%CE%91%CE%B8%CE%BB%CE%B7%CF%84%CE%B9%CF%83%CE%BC%CF%8C%CF%82?alt=json-in-script&max-results=4&callback=jQuery111005502978995330774_1618586020315&_=1618586020316
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control: no-cache
:authority: www.lesvospost.com
referer: https://www.lesvospost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.lesvospost.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 16 Apr 2021 14:36:24 GMT
server: blogger-renderd
etag: W/"c7c871584efd08c20a563583ae9a138efc6b95e8601d92844b2f431423e1169c"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 11042
x-xss-protection: 0
expires: Fri, 16 Apr 2021 15:13:42 GMT

GET
H2 200 %CE%95%CF%80%CE%B9%CF%87%CE%B5%CE%B9%CF%81%CE%AE%CF%83%CE%B5%CE%B9%CF%82 Show response
www.lesvospost.com/feeds/posts/default/-/ 40 KB
9 KB 213ms
212ms XHR
text/javascript 2a00:1450:400d:802::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lesvospost.com/feeds/posts/default/-/%CE%95%CF%80%CE%B9%CF%87%CE%B5%CE%B9%CF%81%CE%AE%CF%83%CE%B5%CE%B9%CF%82?alt=json-in-script&max-results=4&callback=jQuery111005502978995330774_1618586020317&_=1618586020318

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2013 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

81b22760cce8dd062a425d14f6da60ddcb0bcdd50e3d7c54275ce261eae2bb40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _ga=GA1.2.178636599.1618586020; _gid=GA1.2.630202238.1618586020; _gat_gtag_UA_162918491_1=1; _gat_blogger=1; _gat_gtag_UA_33165999_1=1; __gads=ID=ed55da207a2c072f-2220556a93a7000f:T=1618586020:RT=1618586020:S=ALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw; __vliIPL={"value":["2a01:4f8:192:5414::2"],"expiredAt":1618593220852}
:path: /feeds/posts/default/-/%CE%95%CF%80%CE%B9%CF%87%CE%B5%CE%B9%CF%81%CE%AE%CF%83%CE%B5%CE%B9%CF%82?alt=json-in-script&max-results=4&callback=jQuery111005502978995330774_1618586020317&_=1618586020318
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control: no-cache
:authority: www.lesvospost.com
referer: https://www.lesvospost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.lesvospost.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 16 Apr 2021 14:36:24 GMT
server: blogger-renderd
etag: W/"0cdfbb76b57684a59f3e1381426ebde0b8a13fd3d8af29b8bff96bb4eabc7110"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 8691
x-xss-protection: 0
expires: Fri, 16 Apr 2021 15:13:42 GMT

GET
H2 200 %CE%9B%CE%B5%CF%83%CE%B2%CE%BF%CF%82 Show response
www.lesvospost.com/feeds/posts/default/-/ 65 KB
10 KB 216ms
215ms XHR
text/javascript 2a00:1450:400d:802::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lesvospost.com/feeds/posts/default/-/%CE%9B%CE%B5%CF%83%CE%B2%CE%BF%CF%82?alt=json-in-script&max-results=5&callback=jQuery111005502978995330774_1618586020319&_=1618586020320

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2013 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

77e2d8059be3a0e9e44e010a36c3d71a6d82338005af65412305819209d77e78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _ga=GA1.2.178636599.1618586020; _gid=GA1.2.630202238.1618586020; _gat_gtag_UA_162918491_1=1; _gat_blogger=1; _gat_gtag_UA_33165999_1=1; __gads=ID=ed55da207a2c072f-2220556a93a7000f:T=1618586020:RT=1618586020:S=ALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw; __vliIPL={"value":["2a01:4f8:192:5414::2"],"expiredAt":1618593220852}
:path: /feeds/posts/default/-/%CE%9B%CE%B5%CF%83%CE%B2%CE%BF%CF%82?alt=json-in-script&max-results=5&callback=jQuery111005502978995330774_1618586020319&_=1618586020320
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control: no-cache
:authority: www.lesvospost.com
referer: https://www.lesvospost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.lesvospost.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 16 Apr 2021 14:36:24 GMT
server: blogger-renderd
etag: W/"14db504f4fe18364eb1dd4d31ce76f8944f8694d65180b7e06c5e85fd1eaa66e"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 9898
x-xss-protection: 0
expires: Fri, 16 Apr 2021 15:13:42 GMT

GET
H2 200 summary Show response
www.lesvospost.com/feeds/posts/ 9 KB
3 KB 197ms
196ms Script
text/javascript 2a00:1450:400d:802::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lesvospost.com/feeds/posts/summary?max-results=1&alt=json-in-script&callback=hitungtotaldata

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2013 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

a9a538a14d116961e3ca69233333c9532a9d11d5d0325ce2458b284f726330bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:path: /feeds/posts/summary?max-results=1&alt=json-in-script&callback=hitungtotaldata
pragma: no-cache
cookie: _ga=GA1.2.178636599.1618586020; _gid=GA1.2.630202238.1618586020; _gat_gtag_UA_162918491_1=1; _gat_blogger=1; _gat_gtag_UA_33165999_1=1; __gads=ID=ed55da207a2c072f-2220556a93a7000f:T=1618586020:RT=1618586020:S=ALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw; __vliIPL={"value":["2a01:4f8:192:5414::2"],"expiredAt":1618593220852}
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.lesvospost.com
referer: https://www.lesvospost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 16 Apr 2021 14:36:24 GMT
server: blogger-renderd
etag: W/"31a2bc0ece7aab5208ba45f3b02386396df386b230d6c32f01ef92352d48c40e"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 3067
x-xss-protection: 0
expires: Fri, 16 Apr 2021 15:13:42 GMT

GET
H2 200 pubads_impl_2021041401.js Show response
securepubads.g.doubleclick.net/gpt/ 298 KB
105 KB 36ms
16ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041401.js?31060835

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

80d0a278e7a208ae2bd234aafcbdece69e63c9bf11e800d0ab5fa3c82176cf2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 14 Apr 2021 08:43:31 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107268
x-xss-protection: 0
expires: Fri, 16 Apr 2021 15:13:41 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
2 KB 99ms
42ms XHR
application/json 213.19.162.61
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21034&site_id=280950&zone_id=1887950&size_id=10&gdpr=1&rp_schain=1.0,1!projectagora.com,106191,1,,,&rf=https%3A%2F%2Fwww.lesvospost.com%2F&tk_flint=pbjs_lite_v4.10.0&x_source.tid=0d9eab29-65bf-4670-8234-f4e5639424d6&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.037399230713439646
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.61 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 1b351fa9d77775c9d6dae4fff748bd8d48aa5b8739a91ac8d88b303543b58c20

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 16 Apr 2021 15:13:41 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.lesvospost.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
326 B 116ms
81ms XHR
application/json 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 15:13:40 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.lesvospost.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

GET
H2 200 arj Show response
projectagora-d.openx.net/w/1.0/ 172 B
561 B 48ms
27ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://projectagora-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.lesvospost.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=0d9eab29-65bf-4670-8234-f4e5639424d6&nocache=1618586021092&gdpr_consent=&gdpr=1&schain=1.0%2C1!projectagora.com%2C106191%2C1%2C%2C%2C&aus=300x600&divIds=20567447_lesvospost.com_ros_300x600&auid=543536997
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.205.4 /
Resource Hash: 9dad959b2d401cfcb10dc6643290c98b61306c756ed036158b65ecf8223c033e

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 15:13:41 GMT
content-encoding: gzip
server: OXGW/16.205.4
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.lesvospost.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 163
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
713 B 80ms
63ms XHR
application/json 37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 16 Apr 2021 15:13:41 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 535.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.41:80
AN-X-Request-Uuid: b7316650-3165-4c14-91c3-1a7e1e6d70ff
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.lesvospost.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
118 B 42ms
16ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.lesvospost.com
date: Fri, 16 Apr 2021 15:13:40 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 20ms
6ms XHR
application/json 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210416

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.28.4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

00dd73eea0213d99a6ab3f5dd9e7674e0900f1256dbae7763d79be52e0975a26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 25621
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 910
etag: W/"66c-5Zif9qe9meIqtKcu0IPpq6JXQBU"
x-served-by: cache-fra19142-FRA, cache-hhn4053-HHN
date: Fri, 16 Apr 2021 15:13:41 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H3-29 200 %25CE%25BA%25CF%2585%25CF%25841.jpg
1.bp.blogspot.com/-g_gCAAuKmaw/YHjIxjPHiBI/AAAAAAAEEjM/EYmAC6lg7GoTbXBTF5YpMgkn1-x_6FyNACLcBGAsYHQ/w640-h426/ 87 KB
87 KB 15ms
15ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-g_gCAAuKmaw/YHjIxjPHiBI/AAAAAAAEEjM/EYmAC6lg7GoTbXBTF5YpMgkn1-x_6FyNACLcBGAsYHQ/w640-h426/%25CE%25BA%25CF%2585%25CF%25841.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

71c53a6dc52c85c1e951b4adaca85ad5edafd885c9458fadb264cec9820937ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 11:32:15 GMT
x-content-type-options: nosniff
age: 13286
content-disposition: inline;filename="___1.jpg";filename*=UTF-8''%CE%BA%CF%85%CF%841.jpg
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88627
x-xss-protection: 0
server: fife
etag: "v41234"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 17 Apr 2021 07:31:10 GMT

GET
H3-29 200 mplokoi.jpg
1.bp.blogspot.com/-kEndFWGtCMQ/YHjIf_zUb3I/AAAAAAAEEjE/aLle4d8ebvsHvc7RZv-NQMVn-VUnNbbyACLcBGAsYHQ/w640-h360/ 44 KB
44 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-kEndFWGtCMQ/YHjIf_zUb3I/AAAAAAAEEjE/aLle4d8ebvsHvc7RZv-NQMVn-VUnNbbyACLcBGAsYHQ/w640-h360/mplokoi.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

55ce686f9256bf07e0d155afac1ce00f254e31fa1b0042bb3afa2bafbe5a92ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:00:33 GMT
x-content-type-options: nosniff
age: 788
content-disposition: inline;filename="mplokoi.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45481
x-xss-protection: 0
server: fife
etag: "v41232"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 17 Apr 2021 07:00:05 GMT

GET
H3-29 200 %25CE%25BF%25CF%2580%25CE%25BB%25CE%25BF.jpg
1.bp.blogspot.com/-Sy4XRlSZ0fg/YHjD2ZSysHI/AAAAAAAEEiU/s9xre0htsXwHsikWah960xXkUV9Y7RqjgCLcBGAsYHQ/w640-h338/ 44 KB
44 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-Sy4XRlSZ0fg/YHjD2ZSysHI/AAAAAAAEEiU/s9xre0htsXwHsikWah960xXkUV9Y7RqjgCLcBGAsYHQ/w640-h338/%25CE%25BF%25CF%2580%25CE%25BB%25CE%25BF.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

011c465c920ceddeb661878d9ad7490a95fd97fd6794b11299d381a6fdd12bf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 13:01:43 GMT
x-content-type-options: nosniff
age: 7918
content-disposition: inline;filename="____.jpg";filename*=UTF-8''%CE%BF%CF%80%CE%BB%CE%BF.jpg
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44829
x-xss-protection: 0
server: fife
etag: "v41226"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 17 Apr 2021 05:00:14 GMT

GET
H3-29 200 15-04-2021%2B%25CE%2594%25CE%25B5%25CE%25BD%25CE%25B4%25CF%2581%25CF%258D%25CE%25BB%25CE%25BB%25CE%25B9%25CE%25B1%2B%25CE%25BA%25CE%25AC%25CE%25BD%25CE%25BD%25CE%25B1%25CE%25B2%25CE%25B7%25CF%2582%...
1.bp.blogspot.com/-MW2--M-5dEQ/YHiX_ZV11XI/AAAAAAAEEh0/pGgpNNG2iyIeZvfVqkD7fnujgRSvwBDHQCLcBGAsYHQ/w640-h212/ 70 KB
70 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-MW2--M-5dEQ/YHiX_ZV11XI/AAAAAAAEEh0/pGgpNNG2iyIeZvfVqkD7fnujgRSvwBDHQCLcBGAsYHQ/w640-h212/15-04-2021%2B%25CE%2594%25CE%25B5%25CE%25BD%25CE%25B4%25CF%2581%25CF%258D%25CE%25BB%25CE%25BB%25CE%25B9%25CE%25B1%2B%25CE%25BA%25CE%25AC%25CE%25BD%25CE%25BD%25CE%25B1%25CE%25B2%25CE%25B7%25CF%2582%2B%25CE%259B%25CE%25AD%25CF%2583%25CE%25B2%25CE%25BF%25CF%2582.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ff874444f9b4d8ecbf95e7a1f8b97782e7d2719d315bc62c23e6cd8012a2bbbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 11:58:17 GMT
x-content-type-options: nosniff
age: 11724
content-disposition: inline;filename="15-04-2021 __________ ________ ______.jpg";filename*=UTF-8''15-04-2021%20%CE%94%CE%B5%CE%BD%CE%B4%CF%81%CF%8D%CE%BB%CE%BB%CE%B9%CE%B1%20%CE%BA%CE%AC%CE%BD%CE%BD%CE%B1%CE%B2%CE%B7%CF%82%20%CE%9B%CE%AD%CF%83%CE%B2%CE%BF%CF%82.jpg
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72129
x-xss-protection: 0
server: fife
etag: "v4121f"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 16 Apr 2021 19:47:39 GMT

GET
H3-29 200 15-04-2021%2B%25CE%2594%25CE%25B5%25CE%25BD%25CE%25B4%25CF%2581%25CF%258D%25CE%25BB%25CE%25BB%25CE%25B9%25CE%25B1%2B%25CE%25BA%25CE%25AC%25CE%25BD%25CE%25BD%25CE%25B1%25CE%25B2%25CE%25B7%25CF%2582%...
1.bp.blogspot.com/-Ze83etpviKg/YHiYGizsCJI/AAAAAAAEEh4/DJOLcus5UugCeb9Bf80gZ4izrVI4S7adQCLcBGAsYHQ/w400-h133/ 29 KB
29 KB 13ms
13ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-Ze83etpviKg/YHiYGizsCJI/AAAAAAAEEh4/DJOLcus5UugCeb9Bf80gZ4izrVI4S7adQCLcBGAsYHQ/w400-h133/15-04-2021%2B%25CE%2594%25CE%25B5%25CE%25BD%25CE%25B4%25CF%2581%25CF%258D%25CE%25BB%25CE%25BB%25CE%25B9%25CE%25B1%2B%25CE%25BA%25CE%25AC%25CE%25BD%25CE%25BD%25CE%25B1%25CE%25B2%25CE%25B7%25CF%2582%2B%25CE%259B%25CE%25AD%25CF%2583%25CE%25B2%25CE%25BF%25CF%2582.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ef396978bdcb6cf292b7b97c1785d61478eb3282d99aa937f2994c80afc1c230

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 11:58:17 GMT
x-content-type-options: nosniff
age: 11724
content-disposition: inline;filename="15-04-2021 __________ ________ ______.jpg";filename*=UTF-8''15-04-2021%20%CE%94%CE%B5%CE%BD%CE%B4%CF%81%CF%8D%CE%BB%CE%BB%CE%B9%CE%B1%20%CE%BA%CE%AC%CE%BD%CE%BD%CE%B1%CE%B2%CE%B7%CF%82%20%CE%9B%CE%AD%CF%83%CE%B2%CE%BF%CF%82.jpg
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30107
x-xss-protection: 0
server: fife
etag: "v41220"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 16 Apr 2021 19:47:39 GMT

GET
H3-29 200 patm.jpg
1.bp.blogspot.com/-AXiF1xUBSso/YHgPDVbBGkI/AAAAAAAEEgE/iCA2b5kyKzMkwYnFjpC8ubiHgX9yQKTGQCLcBGAsYHQ/w640-h396/ 52 KB
52 KB 14ms
14ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-AXiF1xUBSso/YHgPDVbBGkI/AAAAAAAEEgE/iCA2b5kyKzMkwYnFjpC8ubiHgX9yQKTGQCLcBGAsYHQ/w640-h396/patm.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f06d3f996f14d9eafe4948d8008cebd9cdba0c85cf71cdc09b46fa74cc68d52b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 11:35:06 GMT
x-content-type-options: nosniff
age: 13115
content-disposition: inline;filename="patm.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53622
x-xss-protection: 0
server: fife
etag: "v41202"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 16 Apr 2021 10:50:12 GMT

GET
H3-29 200 173656096_165150412155198_3898788479057742434_n.jpg
1.bp.blogspot.com/-1RwCNsRdnuQ/YHf1rZsBUzI/AAAAAAAEEdQ/Y9iCwcRBPCo28EpDqG6XHapRWkVIGxHPgCLcBGAsYHQ/w640-h426/ 96 KB
96 KB 18ms
17ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-1RwCNsRdnuQ/YHf1rZsBUzI/AAAAAAAEEdQ/Y9iCwcRBPCo28EpDqG6XHapRWkVIGxHPgCLcBGAsYHQ/w640-h426/173656096_165150412155198_3898788479057742434_n.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

29fc5b9a94f839cef13dd75ff9ed5e5a9c5c7a3bb0e7c980f6f24cef8363a06b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 13:43:06 GMT
x-content-type-options: nosniff
age: 5435
content-disposition: inline;filename="173656096_165150412155198_3898788479057742434_n.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98025
x-xss-protection: 0
server: fife
etag: "v411d5"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 17 Apr 2021 13:43:06 GMT

GET
H3-29 200 %25CE%25B4%25CE%25B7%25CE%25BC%25CE%25BF%25CF%2583%25CE%25B4%25CF%2585%25CF%2584.jpg
1.bp.blogspot.com/-tD16sG_Jgy8/YHdlhqPdazI/AAAAAAAEEak/MVcGBuqwBi8qG0wR6bUiqftfLmRKFa1sACLcBGAsYHQ/w640-h336/ 64 KB
64 KB 18ms
17ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-tD16sG_Jgy8/YHdlhqPdazI/AAAAAAAEEak/MVcGBuqwBi8qG0wR6bUiqftfLmRKFa1sACLcBGAsYHQ/w640-h336/%25CE%25B4%25CE%25B7%25CE%25BC%25CE%25BF%25CF%2583%25CE%25B4%25CF%2585%25CF%2584.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

23634b9b80a566829011d0b066f6078b85fe3e93315ab29c140ffd0f8e5b8cb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 12:13:34 GMT
x-content-type-options: nosniff
age: 10807
content-disposition: inline;filename="________.jpg";filename*=UTF-8''%CE%B4%CE%B7%CE%BC%CE%BF%CF%83%CE%B4%CF%85%CF%84.jpg
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65428
x-xss-protection: 0
server: fife
etag: "v411aa"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 16 Apr 2021 08:00:17 GMT

GET
H3-29 200 %25CE%25A3%25CE%25A5%25CE%259C%25CE%2592%25CE%2591%25CE%25A3%25CE%2597%2B%25CE%259C%25CE%2595%2B%25CE%2594%25CE%2597%25CE%259C%25CE%259F%2B%25CE%259B%25CE%2595%25CE%25A3%25CE%2592%25CE%259F%25CE%25...
1.bp.blogspot.com/-k5A-bx8N-1E/YHdl4xYoniI/AAAAAAAEEas/KcxbODgiYxkvJrmrm39v2p794o7-5LFtwCLcBGAsYHQ/w398-h640/ 78 KB
78 KB 17ms
16ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-k5A-bx8N-1E/YHdl4xYoniI/AAAAAAAEEas/KcxbODgiYxkvJrmrm39v2p794o7-5LFtwCLcBGAsYHQ/w398-h640/%25CE%25A3%25CE%25A5%25CE%259C%25CE%2592%25CE%2591%25CE%25A3%25CE%2597%2B%25CE%259C%25CE%2595%2B%25CE%2594%25CE%2597%25CE%259C%25CE%259F%2B%25CE%259B%25CE%2595%25CE%25A3%25CE%2592%25CE%259F%25CE%25A5.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

04fc05ff456138a15ce9396621206f508d5df68c54e19a81d8208c7387e3f66d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 12:13:34 GMT
x-content-type-options: nosniff
age: 10807
content-disposition: inline;filename="_______ __ ____ ______.jpg";filename*=UTF-8''%CE%A3%CE%A5%CE%9C%CE%92%CE%91%CE%A3%CE%97%20%CE%9C%CE%95%20%CE%94%CE%97%CE%9C%CE%9F%20%CE%9B%CE%95%CE%A3%CE%92%CE%9F%CE%A5.jpg
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79608
x-xss-protection: 0
server: fife
etag: "v411ae"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 16 Apr 2021 08:00:17 GMT

GET
H3-29 200 %25CE%25A0%25CE%25A1%25CE%2591%25CE%259A%25CE%25A4%25CE%2599%25CE%259A%25CE%259F.jpg
1.bp.blogspot.com/-mtR7t9ufGJM/YHdl_I5Z5JI/AAAAAAAEEaw/aH00oDcKdvU3HUZQj089QX2C6GlEW3wjACLcBGAsYHQ/w480-h640/ 91 KB
91 KB 15ms
14ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-mtR7t9ufGJM/YHdl_I5Z5JI/AAAAAAAEEaw/aH00oDcKdvU3HUZQj089QX2C6GlEW3wjACLcBGAsYHQ/w480-h640/%25CE%25A0%25CE%25A1%25CE%2591%25CE%259A%25CE%25A4%25CE%2599%25CE%259A%25CE%259F.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0c7a1dc6469a054cbf9c0323ec711201c7044a39d2fbed8a9284b5e16b8a1f2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 12:13:34 GMT
x-content-type-options: nosniff
age: 10807
content-disposition: inline;filename="________.jpg";filename*=UTF-8''%CE%A0%CE%A1%CE%91%CE%9A%CE%A4%CE%99%CE%9A%CE%9F.jpg
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93085
x-xss-protection: 0
server: fife
etag: "v411af"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 16 Apr 2021 08:00:17 GMT

GET
H3-29 200 %25CE%25A0%25CE%25A1%25CE%2591%25CE%259A%25CE%25A4%25CE%2599%25CE%259A%25CE%259F%2B2.jpg
1.bp.blogspot.com/-yhdMjNaPfo0/YHdl_anf6II/AAAAAAAEEa0/4Bz6kCza2qsMWspghOYEn5NdN-cN_KyXwCLcBGAsYHQ/w480-h640/ 103 KB
103 KB 16ms
15ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-yhdMjNaPfo0/YHdl_anf6II/AAAAAAAEEa0/4Bz6kCza2qsMWspghOYEn5NdN-cN_KyXwCLcBGAsYHQ/w480-h640/%25CE%25A0%25CE%25A1%25CE%2591%25CE%259A%25CE%25A4%25CE%2599%25CE%259A%25CE%259F%2B2.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7ea2085cac3ba0f9b236009e07b3f904924d59538a74c907d4dc061eb34890fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 13:43:06 GMT
x-content-type-options: nosniff
age: 5435
content-disposition: inline;filename="________ 2.jpg";filename*=UTF-8''%CE%A0%CE%A1%CE%91%CE%9A%CE%A4%CE%99%CE%9A%CE%9F%202.jpg
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 105727
x-xss-protection: 0
server: fife
etag: "v411b0"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 16 Apr 2021 13:31:31 GMT

GET
H3-29 200 %25CF%2580%25CF%2583%25CE%25B1.jpg
1.bp.blogspot.com/-tUDAbnb-Rjc/YHYriHdWAEI/AAAAAAAEEXg/TTXhpIHaHrQl6BndBPfOlQFEiT7sd4vVgCLcBGAsYHQ/w640-h356/ 59 KB
59 KB 18ms
17ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-tUDAbnb-Rjc/YHYriHdWAEI/AAAAAAAEEXg/TTXhpIHaHrQl6BndBPfOlQFEiT7sd4vVgCLcBGAsYHQ/w640-h356/%25CF%2580%25CF%2583%25CE%25B1.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

70b68a598dd39dbb1c8a33a37984e1ff89f66ed748cab2a600a219f0e988f588

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 11:48:07 GMT
x-content-type-options: nosniff
age: 12334
content-disposition: inline;filename="___.jpg";filename*=UTF-8''%CF%80%CF%83%CE%B1.jpg
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60450
x-xss-protection: 0
server: fife
etag: "v41179"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 16 Apr 2021 23:37:53 GMT

GET
H3-29 200 metabg.png
3.bp.blogspot.com/-LnvazGBvKh8/VskckSkmzxI/AAAAAAAAC4s/erEgI6A_ih4/s1600-r/ 225 B
256 B 18ms
17ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-LnvazGBvKh8/VskckSkmzxI/AAAAAAAAC4s/erEgI6A_ih4/s1600-r/metabg.png

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4a5b3992ca4cc6a7c8d3096c013f476f4c28d9bc5fb940ca464bff737f8cc4f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 14:37:46 GMT
x-content-type-options: nosniff
age: 2155
content-disposition: inline;filename="metabg.png"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
server: fife
etag: "vb8c"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 14 Apr 2021 22:36:31 GMT

GET
H2 200 json Show response
trc.taboola.com/lesvospostgr-f20544166/trc/3/ 35 KB
11 KB 262ms
259ms XHR
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/lesvospostgr-f20544166/trc/3/json?tim=17%3A13%3A41.251&lti=deflated&data=%7B%22id%22%3A542%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1618391761700%2C%22vi%22%3A1618586021246%2C%22cv%22%3A%2220210414-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.lesvospost.com%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22cmps%22%3A0%2C%22ga%22%3Atrue%2C%22tcs%22%3A%22%22%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A6282%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22sc-lesvospost-homepage%3Aabp%3D0%22%2C%22uip%22%3A%22Sponsored%20Below%20Article_Homepage%22%2C%22orig_uip%22%3A%22Sponsored%20Below%20Article_Homepage%22%2C%22cd%22%3A331%2C%22mw%22%3A721.71875%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210414-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0cb646c33e77fd757658d11be453504768c9271a26661e1f3935df180edcc3fe

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 253
date: Fri, 16 Apr 2021 15:13:41 GMT
content-encoding: gzip
server: nginx
x-timer: S1618586021.258060,VS0,VE253
x-served-by: cache-hhn11542-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.lesvospost.com
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H3-29 200 %25CE%25BA%25CE%25BF%25CE%25B2%25CE%25B9%25CE%25BD%25CF%2584lesvospost.jpg
1.bp.blogspot.com/-a7EUYfgkXHc/YHjTIAQbrVI/AAAAAAAEElA/mEbHPI9ab3IGn3lKHRzKOakxsxdZDvUVgCLcBGAsYHQ/w640-h384/ 50 KB
50 KB 9ms
7ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-a7EUYfgkXHc/YHjTIAQbrVI/AAAAAAAEElA/mEbHPI9ab3IGn3lKHRzKOakxsxdZDvUVgCLcBGAsYHQ/w640-h384/%25CE%25BA%25CE%25BF%25CE%25B2%25CE%25B9%25CE%25BD%25CF%2584lesvospost.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b244536cfc5bbb3292e727403f3ed77c386dba2d701b79383a872df02fae64c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 14:35:46 GMT
x-content-type-options: nosniff
age: 2275
content-disposition: inline;filename="______lesvospost.jpg";filename*=UTF-8''%CE%BA%CE%BF%CE%B2%CE%B9%CE%BD%CF%84lesvospost.jpg
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51539
x-xss-protection: 0
server: fife
etag: "v41251"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 17 Apr 2021 14:35:46 GMT

GET
H3-29 200 %25CE%25A3%25CE%2595.jpg
1.bp.blogspot.com/-yp-ZP1Y60xw/YHjFAKC3J3I/AAAAAAAEEi0/m6Ry2f2Ting3HTmRiY2WgCLavzL-Q9WjACLcBGAsYHQ/w640-h332/ 22 KB
22 KB 9ms
7ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-yp-ZP1Y60xw/YHjFAKC3J3I/AAAAAAAEEi0/m6Ry2f2Ting3HTmRiY2WgCLavzL-Q9WjACLcBGAsYHQ/w640-h332/%25CE%25A3%25CE%2595.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ecc91e233a5495faee6dfe61e18d4544e889d34a2987d7c2be19fbe7f089fec0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 14:09:14 GMT
x-content-type-options: nosniff
age: 3867
content-disposition: inline;filename="__.jpg";filename*=UTF-8''%CE%A3%CE%95.jpg
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22449
x-xss-protection: 0
server: fife
etag: "v4122e"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 17 Apr 2021 06:00:29 GMT

GET
H3-29 200 %25CE%25A0%25CE%2591%25CE%25A3%25CE%25A7%25CE%25911.jpg
1.bp.blogspot.com/-vt7o42PREJo/YHjEkF3nOEI/AAAAAAAEEio/-llEntqbWM4OnNHPbafDMlJgxuY_Ya2PwCLcBGAsYHQ/w640-h444/ 142 KB
142 KB 10ms
8ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-vt7o42PREJo/YHjEkF3nOEI/AAAAAAAEEio/-llEntqbWM4OnNHPbafDMlJgxuY_Ya2PwCLcBGAsYHQ/w640-h444/%25CE%25A0%25CE%2591%25CE%25A3%25CE%25A7%25CE%25911.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e31d63bac7431603691f015f94dbcee7a82fbddd4716e63f5f0cae7a4139e293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 13:32:29 GMT
x-content-type-options: nosniff
age: 6072
content-disposition: inline;filename="_____1.jpg";filename*=UTF-8''%CE%A0%CE%91%CE%A3%CE%A7%CE%911.jpg
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145011
x-xss-protection: 0
server: fife
etag: "v4122c"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 17 Apr 2021 05:30:41 GMT

GET
H3-29 200 %25CE%25BA%25CE%25BF%25CE%25B2%25CE%25B9%25CE%25BD%25CF%2584lesvospost.jpg
1.bp.blogspot.com/-qmDZ916PYHI/YHgGIZX_dzI/AAAAAAAEEf0/0k4t2Zeb6JYD_SUPu390CKlJFTHq3BVVQCLcBGAsYHQ/w640-h384/ 50 KB
50 KB 10ms
8ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-qmDZ916PYHI/YHgGIZX_dzI/AAAAAAAEEf0/0k4t2Zeb6JYD_SUPu390CKlJFTHq3BVVQCLcBGAsYHQ/w640-h384/%25CE%25BA%25CE%25BF%25CE%25B2%25CE%25B9%25CE%25BD%25CF%2584lesvospost.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b244536cfc5bbb3292e727403f3ed77c386dba2d701b79383a872df02fae64c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 11:58:17 GMT
x-content-type-options: nosniff
age: 11724
content-disposition: inline;filename="______lesvospost.jpg";filename*=UTF-8''%CE%BA%CE%BF%CE%B2%CE%B9%CE%BD%CF%84lesvospost.jpg
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51539
x-xss-protection: 0
server: fife
etag: "v411fe"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 16 Apr 2021 15:49:06 GMT

GET
H3-29 200 dhmos.jpg
1.bp.blogspot.com/-Nq4r9mukgkk/YHjLTLH_jLI/AAAAAAAEEkU/QsMOGWj0f3kqQqKtBXoqutLj4FK4da-5QCLcBGAsYHQ/w640-h304/ 50 KB
50 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-Nq4r9mukgkk/YHjLTLH_jLI/AAAAAAAEEkU/QsMOGWj0f3kqQqKtBXoqutLj4FK4da-5QCLcBGAsYHQ/w640-h304/dhmos.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

aa373e385a25b9de6c36e9b9d044279beeed499118c8a203133db841c364540f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 14:02:42 GMT
x-content-type-options: nosniff
age: 4259
content-disposition: inline;filename="dhmos.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51310
x-xss-protection: 0
server: fife
etag: "v41246"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 17 Apr 2021 10:01:36 GMT

GET
H3-29 200 barba.JPG
1.bp.blogspot.com/-R9MlVTsMEe8/YHf7fSU7GII/AAAAAAAEEew/OCtMc7IQGP4d4Ds0qBmIgJbLNF9A2IPOACLcBGAsYHQ/w640-h480/ 97 KB
97 KB 10ms
10ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-R9MlVTsMEe8/YHf7fSU7GII/AAAAAAAEEew/OCtMc7IQGP4d4Ds0qBmIgJbLNF9A2IPOACLcBGAsYHQ/w640-h480/barba.JPG

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1b037f59834a166a176b1cdec7f74061887a924672fc12f91e22ca4e3988caed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 13:36:30 GMT
x-content-type-options: nosniff
age: 5831
content-disposition: inline;filename="barba.JPG"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99440
x-xss-protection: 0
server: fife
etag: "v411ed"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 16 Apr 2021 12:39:22 GMT

GET
H3-29 200 %25CE%2594%25CE%2597%25CE%259C%25CE%2591%25CE%25A1%25CE%25A7%25CE%259F%25CE%25A3-%25CE%259A%25CE%259F%25CE%25A5%25CE%259D%25CE%25A4%25CE%259F%25CE%25A5%25CE%25A1%25CE%259F%25CE%25A5%25CE%2594%25CE%...
1.bp.blogspot.com/-NmWn1nooBxA/YHfy8XXVc6I/AAAAAAAEEcs/yF5SROCL70oZP47ZuA7hI1ipzE2jdtQ3gCLcBGAsYHQ/w640-h480/ 80 KB
80 KB 10ms
9ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-NmWn1nooBxA/YHfy8XXVc6I/AAAAAAAEEcs/yF5SROCL70oZP47ZuA7hI1ipzE2jdtQ3gCLcBGAsYHQ/w640-h480/%25CE%2594%25CE%2597%25CE%259C%25CE%2591%25CE%25A1%25CE%25A7%25CE%259F%25CE%25A3-%25CE%259A%25CE%259F%25CE%25A5%25CE%259D%25CE%25A4%25CE%259F%25CE%25A5%25CE%25A1%25CE%259F%25CE%25A5%25CE%2594%25CE%2599%25CE%25912.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9ecce716e8b230e76d24eca6ed50c459fad8162459fc92d0d408ff345e60fe98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 12:13:33 GMT
x-content-type-options: nosniff
age: 10808
content-disposition: inline;filename="________-_____________2.jpg";filename*=UTF-8''%CE%94%CE%97%CE%9C%CE%91%CE%A1%CE%A7%CE%9F%CE%A3-%CE%9A%CE%9F%CE%A5%CE%9D%CE%A4%CE%9F%CE%A5%CE%A1%CE%9F%CE%A5%CE%94%CE%99%CE%912.jpg
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82032
x-xss-protection: 0
server: fife
etag: "v411d0"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 16 Apr 2021 08:03:45 GMT

GET
H3-29 200 %25CE%2594%25CE%2597%25CE%259C%25CE%2591%25CE%25A1%25CE%25A7%25CE%259F%25CE%25A3-%25CE%259A%25CE%259F%25CE%25A5%25CE%259D%25CE%25A4%25CE%259F%25CE%25A5%25CE%25A1%25CE%259F%25CE%25A5%25CE%2594%25CE%...
1.bp.blogspot.com/-aID7QG4yjTE/YHfzFYK5QaI/AAAAAAAEEc4/pPjOMw3fPl0JfDfLpy1yzJSKSoFoC3vXgCLcBGAsYHQ/w640-h480/ 81 KB
82 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-aID7QG4yjTE/YHfzFYK5QaI/AAAAAAAEEc4/pPjOMw3fPl0JfDfLpy1yzJSKSoFoC3vXgCLcBGAsYHQ/w640-h480/%25CE%2594%25CE%2597%25CE%259C%25CE%2591%25CE%25A1%25CE%25A7%25CE%259F%25CE%25A3-%25CE%259A%25CE%259F%25CE%25A5%25CE%259D%25CE%25A4%25CE%259F%25CE%25A5%25CE%25A1%25CE%259F%25CE%25A5%25CE%2594%25CE%2599%25CE%2591.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c231a52c44abf40216cbaff402e811240e43d1e9227be1cadc31325340bf1342

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 12:13:33 GMT
x-content-type-options: nosniff
age: 10808
content-disposition: inline;filename="________-_____________.jpg";filename*=UTF-8''%CE%94%CE%97%CE%9C%CE%91%CE%A1%CE%A7%CE%9F%CE%A3-%CE%9A%CE%9F%CE%A5%CE%9D%CE%A4%CE%9F%CE%A5%CE%A1%CE%9F%CE%A5%CE%94%CE%99%CE%91.jpg
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83415
x-xss-protection: 0
server: fife
etag: "v411d3"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 16 Apr 2021 08:03:45 GMT

GET
H3-29 200 %25CE%2594%25CE%2597%25CE%259C%25CE%2591%25CE%25A1%25CE%25A7%25CE%259F%25CE%25A3-%25CE%259A%25CE%259F%25CE%25A5%25CE%259D%25CE%25A4%25CE%259F%25CE%25A5%25CE%25A1%25CE%259F%25CE%25A5%25CE%2594%25CE%...
1.bp.blogspot.com/-ZW4oKGJILmI/YHfzFbo4PVI/AAAAAAAEEc0/Hn-aO7L5xDoURi86HyHJPDd4YsBfcd9wgCLcBGAsYHQ/w640-h480/ 86 KB
86 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-ZW4oKGJILmI/YHfzFbo4PVI/AAAAAAAEEc0/Hn-aO7L5xDoURi86HyHJPDd4YsBfcd9wgCLcBGAsYHQ/w640-h480/%25CE%2594%25CE%2597%25CE%259C%25CE%2591%25CE%25A1%25CE%25A7%25CE%259F%25CE%25A3-%25CE%259A%25CE%259F%25CE%25A5%25CE%259D%25CE%25A4%25CE%259F%25CE%25A5%25CE%25A1%25CE%259F%25CE%25A5%25CE%2594%25CE%2599%25CE%25915.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a7e3fe6c9d3f3a1fa4e3da6ec4ae40292ef104acc9e7268a1cb66e8fa9bb6fdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 11:34:02 GMT
x-content-type-options: nosniff
age: 13179
content-disposition: inline;filename="________-_____________5.jpg";filename*=UTF-8''%CE%94%CE%97%CE%9C%CE%91%CE%A1%CE%A7%CE%9F%CE%A3-%CE%9A%CE%9F%CE%A5%CE%9D%CE%A4%CE%9F%CE%A5%CE%A1%CE%9F%CE%A5%CE%94%CE%99%CE%915.jpg
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87568
x-xss-protection: 0
server: fife
etag: "v411d2"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 16 Apr 2021 11:06:38 GMT

GET
H3-29 200 %25CE%2594%25CE%2597%25CE%259C%25CE%2591%25CE%25A1%25CE%25A7%25CE%259F%25CE%25A3-%25CE%259A%25CE%259F%25CE%25A5%25CE%259D%25CE%25A4%25CE%259F%25CE%25A5%25CE%25A1%25CE%259F%25CE%25A5%25CE%2594%25CE%...
1.bp.blogspot.com/-Edar8Ez21Ss/YHfzFT_oWJI/AAAAAAAEEcw/qXjmHQnmBJc9kN1bbWgRGhv0jbna3IjKACLcBGAsYHQ/w480-h640/ 108 KB
108 KB 12ms
11ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-Edar8Ez21Ss/YHfzFT_oWJI/AAAAAAAEEcw/qXjmHQnmBJc9kN1bbWgRGhv0jbna3IjKACLcBGAsYHQ/w480-h640/%25CE%2594%25CE%2597%25CE%259C%25CE%2591%25CE%25A1%25CE%25A7%25CE%259F%25CE%25A3-%25CE%259A%25CE%259F%25CE%25A5%25CE%259D%25CE%25A4%25CE%259F%25CE%25A5%25CE%25A1%25CE%259F%25CE%25A5%25CE%2594%25CE%2599%25CE%25913.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

921d43949ea26ab6125b2b0b2b9a0f9ece1ede4cc84c4633e724f639f1e65e15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 12:13:33 GMT
x-content-type-options: nosniff
age: 10808
content-disposition: inline;filename="________-_____________3.jpg";filename*=UTF-8''%CE%94%CE%97%CE%9C%CE%91%CE%A1%CE%A7%CE%9F%CE%A3-%CE%9A%CE%9F%CE%A5%CE%9D%CE%A4%CE%9F%CE%A5%CE%A1%CE%9F%CE%A5%CE%94%CE%99%CE%913.jpg
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110342
x-xss-protection: 0
server: fife
etag: "v411d1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 16 Apr 2021 08:03:45 GMT

GET
H3-29 200 THEA.jpg
1.bp.blogspot.com/-86lAwKXTAZI/YHVkQO3pmTI/AAAAAAAEEVI/9XhGg7Ypf1czSu9oWjV9KBSC59GU6lNFgCLcBGAsYHQ/w640-h360/ 62 KB
62 KB 12ms
12ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-86lAwKXTAZI/YHVkQO3pmTI/AAAAAAAEEVI/9XhGg7Ypf1czSu9oWjV9KBSC59GU6lNFgCLcBGAsYHQ/w640-h360/THEA.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6de694411559a3cd2c88b9093fd12636a211450059fc17111a40f6178d6d325f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 12:02:35 GMT
x-content-type-options: nosniff
age: 11466
content-disposition: inline;filename="THEA.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63897
x-xss-protection: 0
server: fife
etag: "v41153"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 17 Apr 2021 12:02:35 GMT

GET
H2 200 rules-p-LJyvKqBr3qrve.js Show response
rules.quantcount.com/ 3 B
358 B 483ms
419ms Script
application/x-javascript 2600:9000:215d:2600:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-LJyvKqBr3qrve.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:215d:2600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:09:06 GMT
via: 1.1 0326fbaba639f5673ce3c647a7884df0.cloudfront.net (CloudFront)
last-modified: Fri, 03 Mar 2017 23:52:35 GMT
server: AmazonS3
age: 276
etag: "8a80554c91d9fca8acb82f023de02f11"
x-cache: Error from cloudfront
content-type: application/x-javascript
cache-control: max-age=300
x-amz-cf-pop: CPH50-C1
accept-ranges: bytes
content-length: 3
x-amz-cf-id: eR0UrxNL_Cz_OIZPfqxkEHGG8R5yboqmcXaZt-ge-MWXydYSkohQwQ==

GET
H3-29 200 23-self_test-koronoios.jpg
1.bp.blogspot.com/-bq1gVZ6jfhg/YHcIe0GtxVI/AAAAAAAEEZc/3zCSOmcimbgk85mrEvrYLoYUTAbzpMIvwCLcBGAsYHQ/w640-h340/ 40 KB
40 KB 9ms
7ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-bq1gVZ6jfhg/YHcIe0GtxVI/AAAAAAAEEZc/3zCSOmcimbgk85mrEvrYLoYUTAbzpMIvwCLcBGAsYHQ/w640-h340/23-self_test-koronoios.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e7c4340eef6f19d3c07e7898acb1df91b7fc0b65ccf9b758371d591bf7d160b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 14:39:35 GMT
x-content-type-options: nosniff
age: 2046
content-disposition: inline;filename="23-self_test-koronoios.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40558
x-xss-protection: 0
server: fife
etag: "v41198"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 16 Apr 2021 19:44:55 GMT

GET
H3-29 200 %25CF%2583%25CE%25B5%25CE%25BB.jpg
1.bp.blogspot.com/-wAmJYpc1W9A/YHYiaPLampI/AAAAAAAEEWI/ExOm7wFKL-gDyUKjPVs_WvYTkQDWQWzIACLcBGAsYHQ/w640-h332/ 37 KB
37 KB 14ms
11ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-wAmJYpc1W9A/YHYiaPLampI/AAAAAAAEEWI/ExOm7wFKL-gDyUKjPVs_WvYTkQDWQWzIACLcBGAsYHQ/w640-h332/%25CF%2583%25CE%25B5%25CE%25BB.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0516d2b936b00d0675fa4cfe7f1491c644238b1e5e24aa7790f3494cdab1b45c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 12:02:37 GMT
x-content-type-options: nosniff
age: 11464
content-disposition: inline;filename="___.jpg";filename*=UTF-8''%CF%83%CE%B5%CE%BB.jpg
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37944
x-xss-protection: 0
server: fife
etag: "v41164"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 17 Apr 2021 12:02:37 GMT

GET
H3-29 200 %25CF%2584%25CE%25B5%25CE%25BB%25CE%25B9%25CE%25BA%25CE%25BF.jpg
1.bp.blogspot.com/-ssfvQDopeqk/YHOPdkmzQSI/AAAAAAAEEPA/PVZe2xs-Lewdv099cSxNvOTRvgCmiNI6ACLcBGAsYHQ/w620-h640/ 174 KB
174 KB 12ms
10ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-ssfvQDopeqk/YHOPdkmzQSI/AAAAAAAEEPA/PVZe2xs-Lewdv099cSxNvOTRvgCmiNI6ACLcBGAsYHQ/w620-h640/%25CF%2584%25CE%25B5%25CE%25BB%25CE%25B9%25CE%25BA%25CE%25BF.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

921618f1f093751ac7c8dc9f32623be2d70a6f10ce189ada1d2c56969bf34da6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 14:10:45 GMT
x-content-type-options: nosniff
age: 3776
content-disposition: inline;filename="______.jpg";filename*=UTF-8''%CF%84%CE%B5%CE%BB%CE%B9%CE%BA%CE%BF.jpg
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 178221
x-xss-protection: 0
server: fife
etag: "v410f2"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 16 Apr 2021 13:32:59 GMT

GET
H3-29 200 paliol.jpg
1.bp.blogspot.com/-XCe1SSLKo10/YHOPsfNevbI/AAAAAAAEEPE/gxVyp6NKkL8GF4L4-k12sRwYqAm_IGYLACLcBGAsYHQ/w400-h283/ 22 KB
22 KB 12ms
10ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-XCe1SSLKo10/YHOPsfNevbI/AAAAAAAEEPE/gxVyp6NKkL8GF4L4-k12sRwYqAm_IGYLACLcBGAsYHQ/w400-h283/paliol.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3dc4a10a1238b107391c97d6468090642d21a62d29bb69157edea66cff3aae5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 12:02:37 GMT
x-content-type-options: nosniff
age: 11464
content-disposition: inline;filename="paliol.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22658
x-xss-protection: 0
server: fife
etag: "v410f6"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 17 Apr 2021 07:59:21 GMT

GET
H3-29 200 168045233_1732906703563487_6704942960361473924_n.jpg
1.bp.blogspot.com/-LfS6l4uf1hc/YHOPxfRjs8I/AAAAAAAEEPM/L5bSZY0PYsQtj3j-rV5mYRFcnFDInBcHwCLcBGAsYHQ/w341-h400/ 28 KB
29 KB 10ms
8ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-LfS6l4uf1hc/YHOPxfRjs8I/AAAAAAAEEPM/L5bSZY0PYsQtj3j-rV5mYRFcnFDInBcHwCLcBGAsYHQ/w341-h400/168045233_1732906703563487_6704942960361473924_n.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2dfb1150e2232de4473e166a50d319e9966000a357b2e56819afbc78f672665f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 12:02:37 GMT
x-content-type-options: nosniff
age: 11464
content-disposition: inline;filename="168045233_1732906703563487_6704942960361473924_n.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29150
x-xss-protection: 0
server: fife
etag: "v410f8"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 17 Apr 2021 07:59:21 GMT

GET
H3-29 200 168103465_1732906650230159_2760776034678913317_n.jpg
1.bp.blogspot.com/-ohfAp1ije-8/YHOP13bhNuI/AAAAAAAEEPQ/HH6vKoO69ecuSnDW0krTuf9_n6g7yfsVQCLcBGAsYHQ/w400-h295/ 24 KB
24 KB 10ms
8ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-ohfAp1ije-8/YHOP13bhNuI/AAAAAAAEEPQ/HH6vKoO69ecuSnDW0krTuf9_n6g7yfsVQCLcBGAsYHQ/w400-h295/168103465_1732906650230159_2760776034678913317_n.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

678c6f27ab4bf3e51e2a640bea1dc6ea18c4ad930445ed24aca8eac488208523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 12:02:37 GMT
x-content-type-options: nosniff
age: 11464
content-disposition: inline;filename="168103465_1732906650230159_2760776034678913317_n.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24855
x-xss-protection: 0
server: fife
etag: "v410fc"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 17 Apr 2021 07:59:21 GMT

GET
H3-29 200 168273700_1732906733563484_5954701986960226926_n%2B%25281%2529.jpg
1.bp.blogspot.com/-E9OdqkkVrIY/YHOP6_mGf1I/AAAAAAAEEPU/wffYif5yLqc0BgR_FbdNT24nm0iZ92bxQCLcBGAsYHQ/w400-h386/ 29 KB
29 KB 23ms
22ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-E9OdqkkVrIY/YHOP6_mGf1I/AAAAAAAEEPU/wffYif5yLqc0BgR_FbdNT24nm0iZ92bxQCLcBGAsYHQ/w400-h386/168273700_1732906733563484_5954701986960226926_n%2B%25281%2529.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

507af6e7229f0834c3b41dc93853faf44a431d2ab733ebb4d080d782990190e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 12:02:37 GMT
x-content-type-options: nosniff
age: 11464
content-disposition: inline;filename="168273700_1732906733563484_5954701986960226926_n (1).jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29546
x-xss-protection: 0
server: fife
etag: "v410fc"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 17 Apr 2021 07:59:21 GMT

GET
H3-29 200 168279703_1732906866896804_6905977385397925066_n%2B%25281%2529.jpg
1.bp.blogspot.com/-TY2Y0_Yqxcw/YHOP-zcSBXI/AAAAAAAEEPc/4NPnTqw065IPtNQytCxA0Bfr1AQxct2ywCLcBGAsYHQ/w388-h400/ 81 KB
81 KB 16ms
14ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-TY2Y0_Yqxcw/YHOP-zcSBXI/AAAAAAAEEPc/4NPnTqw065IPtNQytCxA0Bfr1AQxct2ywCLcBGAsYHQ/w388-h400/168279703_1732906866896804_6905977385397925066_n%2B%25281%2529.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

cbbf6f25e279c8a05e8feb887f2d0022fa0ac2da117fd72246f6026f7ab526dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 12:02:37 GMT
x-content-type-options: nosniff
age: 11464
content-disposition: inline;filename="168279703_1732906866896804_6905977385397925066_n (1).jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82588
x-xss-protection: 0
server: fife
etag: "v410ff"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 17 Apr 2021 12:02:37 GMT

GET
H3-29 200 168579290_1732906800230144_752538168616224886_n.jpg
1.bp.blogspot.com/-2ZR4y6pbFXs/YHOQChPRlJI/AAAAAAAEEPk/T5IcyXmJks8Mb8GHXYzsVUl67HYM16BeACLcBGAsYHQ/w344-h400/ 28 KB
28 KB 17ms
15ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-2ZR4y6pbFXs/YHOQChPRlJI/AAAAAAAEEPk/T5IcyXmJks8Mb8GHXYzsVUl67HYM16BeACLcBGAsYHQ/w344-h400/168579290_1732906800230144_752538168616224886_n.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

94e13fbd5c955852d1ae9a7dae9ef1cfae7505c8a223031a0b30957a8cac095c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 12:02:37 GMT
x-content-type-options: nosniff
age: 11464
content-disposition: inline;filename="168579290_1732906800230144_752538168616224886_n.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28342
x-xss-protection: 0
server: fife
etag: "v410fd"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 17 Apr 2021 07:59:21 GMT

GET
H3-29 200 168874381_1732906776896813_2058818230025513059_n.jpg
1.bp.blogspot.com/-eZN8oZ7zgJg/YHOQHVOQsVI/AAAAAAAEEPo/mNqH_8c55MYF1uKpEJ58Rq5ac7TFQAHLgCLcBGAsYHQ/w640-h546/ 107 KB
107 KB 15ms
13ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-eZN8oZ7zgJg/YHOQHVOQsVI/AAAAAAAEEPo/mNqH_8c55MYF1uKpEJ58Rq5ac7TFQAHLgCLcBGAsYHQ/w640-h546/168874381_1732906776896813_2058818230025513059_n.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

17aa888b8a7fc3f4ddd1c0cbc1ef4db979eb983907e0cb70610996cb6bbd85b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 12:02:37 GMT
x-content-type-options: nosniff
age: 11464
content-disposition: inline;filename="168874381_1732906776896813_2058818230025513059_n.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109683
x-xss-protection: 0
server: fife
etag: "v410ff"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 17 Apr 2021 12:02:37 GMT

GET
H3-29 200 168735133_1732906740230150_8155084040938127350_n.jpg
1.bp.blogspot.com/-99LmaTQxXIo/YHOQHXkETAI/AAAAAAAEEPs/icHUQU9jZjo46qK2UCz-pMK2S5aplIu6wCLcBGAsYHQ/w446-h640/ 68 KB
68 KB 14ms
12ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-99LmaTQxXIo/YHOQHXkETAI/AAAAAAAEEPs/icHUQU9jZjo46qK2UCz-pMK2S5aplIu6wCLcBGAsYHQ/w446-h640/168735133_1732906740230150_8155084040938127350_n.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

62bf6cfaacf92939d73d883acb99a73f449053d821927bcf647573b103b8791b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 12:02:37 GMT
x-content-type-options: nosniff
age: 11464
content-disposition: inline;filename="168735133_1732906740230150_8155084040938127350_n.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69974
x-xss-protection: 0
server: fife
etag: "v410fe"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 17 Apr 2021 12:02:37 GMT

GET
H3-29 200 173739473_814937222447574_809760647667241398_n.jpg
1.bp.blogspot.com/-WCIglLfsOlI/YHjK89E6RiI/AAAAAAAEEkM/0asq90-3ahkprmdeFXgTmYC3w1ptJBO4wCLcBGAsYHQ/w640-h426/ 79 KB
79 KB 17ms
16ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-WCIglLfsOlI/YHjK89E6RiI/AAAAAAAEEkM/0asq90-3ahkprmdeFXgTmYC3w1ptJBO4wCLcBGAsYHQ/w640-h426/173739473_814937222447574_809760647667241398_n.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6b46e1b285f4b27c8e7acc470434345bad828f62046689c958e3fc400409478a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 13:30:28 GMT
x-content-type-options: nosniff
age: 6193
content-disposition: inline;filename="173739473_814937222447574_809760647667241398_n.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 81003
x-xss-protection: 0
server: fife
etag: "v41244"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 17 Apr 2021 09:30:18 GMT

GET
H3-29 200 %25CF%2580%25CF%2581%25CE%25BF.jpg
1.bp.blogspot.com/-HtajjGGcgNY/YHlVjIvaTjI/AAAAAAAEEl0/2pwhH0votH8ZFurDCrO6qGu4q6iafkpVACLcBGAsYHQ/w640-h410/ 103 KB
103 KB 21ms
21ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-HtajjGGcgNY/YHlVjIvaTjI/AAAAAAAEEl0/2pwhH0votH8ZFurDCrO6qGu4q6iafkpVACLcBGAsYHQ/w640-h410/%25CF%2580%25CF%2581%25CE%25BF.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ffbf16cd924b6917b1f857c7d0add07417bc4e2a9b8dad63a5d732851450d6d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 13:20:05 GMT
x-content-type-options: nosniff
age: 6816
content-disposition: inline;filename="___.jpg";filename*=UTF-8''%CF%80%CF%81%CE%BF.jpg
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 105172
x-xss-protection: 0
server: fife
etag: "v4125e"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 17 Apr 2021 13:20:05 GMT

GET
H3-29 200 %25CE%2595%25CE%25A4%25CE%2591.jpg
1.bp.blogspot.com/-_jjye58MEw8/YHgFGIbfCDI/AAAAAAAEEfs/W-NO6xp9x_Q_MVbIIanAYQC2xBOd8AVVgCLcBGAsYHQ/w640-h640/ 75 KB
75 KB 17ms
17ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-_jjye58MEw8/YHgFGIbfCDI/AAAAAAAEEfs/W-NO6xp9x_Q_MVbIIanAYQC2xBOd8AVVgCLcBGAsYHQ/w640-h640/%25CE%2595%25CE%25A4%25CE%2591.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

58e3050a628e286ec70c942b73dd1a748463ff59d00980862e77a367ac9a3033

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 14:39:30 GMT
x-content-type-options: nosniff
age: 2051
content-disposition: inline;filename="___.jpg";filename*=UTF-8''%CE%95%CE%A4%CE%91.jpg
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77070
x-xss-protection: 0
server: fife
etag: "v411fc"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 16 Apr 2021 17:23:52 GMT

GET
H3-29 200 / Show response
services.vlitag.com/uv/ 13 B
752 B 142ms
142ms XHR
application/json 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://services.vlitag.com/uv/?page_url=https%3A%2F%2Fwww.lesvospost.com%2F&mtk=14096

Requested by

Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=f0defa81791596697fbb49dfbf792bf2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:41 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13
cf-request-id: 097cd7c5b7000006295f85c000000001
pragma: no-cache
last-modified: Fri, 16 Apr 2021 15:13:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sZ0Jkitgm2x%2B6GRr6jucUqbyCCfq%2BfJvu86Hc44hPRMl5kZiQHTJryzPDoaOv6GGtK%2Fz1rZnPWAViocPJ4RuhlYNLnTqez3wikOqe64wnRW0MPMOccSiDAOj5dANaG6M"}],"max_age":604800,"group":"cf-nel"}
content-type: application/json
access-control-allow-origin: https://www.lesvospost.com
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray: 640e5be9188d0629-FRA
expires: on, 01 Jan 1970 00:00:00 GMT

GET
H3-29 200 f0defa81791596697fbb49dfbf792bf2.js Show response
tag.vlitag.com/v1/1618576037/ 542 KB
111 KB 51ms
50ms Script
application/javascript 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.vlitag.com/v1/1618576037/f0defa81791596697fbb49dfbf792bf2.js

Requested by

Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=f0defa81791596697fbb49dfbf792bf2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a3b640207b648723376e64fcc33cc8c6de02633d1ef4ff017123b1068c8257b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 9976
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 097cd7c5b400000eb30f958000000001
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=h7wZZJ4eHvlr7rJfZhovmWJkaZj0QMduKwuHtpIwZJbMXE%2Ft6lC6jiQMSEdRJDnVTl4jAtBsuXH1XgS7ufij%2BM8liyeUdohr4xVEeJrxCz0ux2XaCURtJjx3FQ%3D%3D"}],"max_age":604800}
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000, immutable
cf-ray: 640e5be91e8e0eb3-FRA

GET
H2 200 pa_backupads_lib.js Show response
projectagoralibs.com/libs/ Frame D74C 4 KB
2 KB 41ms
16ms Script
application/javascript 2606:4700:e6::ac40:ce03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectagoralibs.com/libs/pa_backupads_lib.js
Requested by: Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=12616
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ce03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32da83762f5b3767f23a6760d121590fc7eb9f3ec8027ea7dd00d21d2f1fe7b0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:41 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 355
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 9DB6F29C93290A96
x-amz-id-2: smen8jySdsd4AujDn3B4ucWjVUiGc8ht7RHzxsFJTxwWckWkguL9DrRr9SztX81tRaS79iryEvE=
last-modified: Tue, 27 Oct 2020 14:01:47 GMT
server: cloudflare
etag: W/"388809d00c3186d72408292dde1dfc83"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KXev7H1AR0pzImgFQWsY8MSveSYP02yPJyL6%2Fa8%2BChrCZgWh81EzGIRix%2FWp9ZyUOFKUlgpUDShAOUbGuNXEpWWB5ase3cLaxFI%2FBEAst%2FWCAiX0NlsSfynMRsBwKm2PNQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
cf-request-id: 097cd7c5d600001f298c06b000000001
cf-ray: 640e5be958ad1f29-FRA

GET
H3-29 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame D74C 91 KB
32 KB 38ms
35ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=12616

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae1c612707ba384af73f3395ce704f043d423bb8db74f7c798efc496d59b63d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32900
x-xss-protection: 0
server: cafe
etag: 9791995449890413327
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 15:13:41 GMT

GET
H/1.1 204
No Content /
projectagora-483829-hdb.adomik.com/ 0
103 B 139ms
28ms Image
text/plain 108.129.18.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiNDA1ZjAxOGMtMGE1Ny00NGQ0LTk5ZjktZjM1MjVhYTRkNTVmIiwiaG9zdG5hbWUiOiJ3d3cubGVzdm9zcG9zdC5jb20iLCJldmVudHNCeVBsYWNlbWVudENvZGUiOlt7InNpemVzIjpbXSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbeyJiaWRkZXIiOiJSVUJJQ09OIn0seyJiaWRkZXIiOiJSVUJJQ09OIn0seyJiaWRkZXIiOiJTTUFSVEFEU0VSVkVSIn0seyJiaWRkZXIiOiJPUEVOWCJ9LHsiYmlkZGVyIjoiQVBQTkVYVVMifSx7ImJpZGRlciI6IlBVQk1BVElDIn1dLCJyZXNwb25zZXMiOltdLCJ3aW5uZXJzIjpbXX19XX0%3D&id=405f018c-0a57-44d4-99f9-f3525aa4d55f&part=0&on=0
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.129.18.26 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-129-18-26.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Date: Fri, 16 Apr 2021 15:13:41 GMT
Server: nginx

GET
H2

200

ROS Show response
ads.us.e-planning.net/hb/1/2c995/1/www.lesvospost.com/
Redirect Chain

https://ads.us.e-planning.net/hb/1/2c995/1/www.lesvospost.com/ROS?rnd=0.2739562396015751&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Fwww.lesvospost.com%2F&r=pbjs&pbv=4.28.0...
https://ads.us.e-planning.net/hb/1/2c995/1/www.lesvospost.com/ROS?ct=1&rnd=0.2739562396015751&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Fwww.lesvospost.com%2F&r=pbjs&pbv=4...

552 B
969 B

19ms
17ms

XHR
application/json

5.178.65.246
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/2c995/1/www.lesvospost.com/ROS?ct=1&rnd=0.2739562396015751&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Fwww.lesvospost.com%2F&r=pbjs&pbv=4.28.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.lesvospost.com%2F&gdpr=1&gdprcs=
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 9a7aa1c3a9ca8ac0a27e300bb780d16ba63f0e3c42caa4c9ae6a231c2b1d99ee

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:41 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://www.lesvospost.com
expires: Fri, 16 Apr 2021 15:13:41 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 552
x-sid: AMS-602

Redirect headers

date: Fri, 16 Apr 2021 15:13:41 GMT
server: openresty
access-control-allow-origin: https://www.lesvospost.com
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/2c995/1/www.lesvospost.com/ROS?ct=1&rnd=0.2739562396015751&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Fwww.lesvospost.com%2F&r=pbjs&pbv=4.28.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.lesvospost.com%2F&gdpr=1&gdprcs=
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-602

POST
H2 204 quantumdex Show response
useast.quantumdex.io/auction/ 0
747 B 281ms
265ms XHR
text/plain 2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/quantumdex
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.28.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 16 Apr 2021 15:13:41 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: https://www.lesvospost.com
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=p7FBUo2QHtDRrCrWRKPw%2B8%2Bun0OzOvCX85DThQ9J%2FzKMHndsVv%2FLVica%2BbnEPI3Wj9RuggL2LXPZ%2Fmle%2Fr3x8iRUpQidTTAtXQVKERfmcwSJJm4IEJwQYSnHzbXuY3sdTQ%3D%3D"}],"group":"cf-nel"}
access-control-allow-credentials: true
cf-ray: 640e5be97cd94ea9-FRA
cf-request-id: 097cd7c5e800004ea9ca9eb000000001

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
367 B 264ms
88ms XHR
text/plain 136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.28.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.lesvospost.com
date: Fri, 16 Apr 2021 15:13:40 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 2
vary: origin

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
750 B 118ms
100ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96957d01727298b51a9a3aed860067&pos=8a96957d01727298b51a9a3c46f80069&cmd=bid&secure=1&gdpr=1
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.28.4.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: 48f56ff39dc6ddf06ccf10a1151c48e59589ede6c373c3d882f9bff6834ba2d4

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 16 Apr 2021 15:13:41 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.lesvospost.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
713 B 8ms
8ms XHR
application/json 37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.28.4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 16 Apr 2021 15:13:41 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 535.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.49:80
AN-X-Request-Uuid: ada9c00f-43a9-4c33-8147-5dff178970f5
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.lesvospost.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
148 B 67ms
22ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.28.0&cb=87828938554
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.28.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.lesvospost.com
date: Fri, 16 Apr 2021 15:13:41 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

71be5063dbca0403121fa756d123869f756b9c926e7f1048ffd63d4f39a382ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: XIrkAuj7iPQUjtNCzpd7Jw==
cross-origin-resource-policy: cross-origin
expires: Fri, 16 Apr 2021 15:29:34 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1778
x-fb-rlafr: 0
x-fb-debug: E7XjgemlXjdXrvqn0H7PoCVCnLnAcjexoVtlNcbVsamO/GEjPu13XztwnKmLPpIxTGbqFgQjlNAABrHeA9UwAg==
x-fb-trip-id: 917726464
x-fb-content-md5: fa63f73a9cebfbf8b21c449212a649c0
date: Fri, 16 Apr 2021 15:13:41 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "f7972340077175402fbd01492f52a67e"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 205960c9c48ecb133c15be6186060087.min.js Show response
clevernt.com/scripts/ 116 KB
48 KB 47ms
32ms Script
text/javascript 2606:4700:20::681a:b75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://clevernt.com/scripts/205960c9c48ecb133c15be6186060087.min.js?20190903=1618586021363
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da09704d64b7e8739508285a0c85200b37642661bb062a45aeaea0748891df5d

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1892
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 2CDKAX63QHR3BREW
x-amz-id-2: SYrrQFG4pwudydWRICZp9AkgV9ok+qeh1kA2QyqykfqNv/asC66DnEeBsP223NoJ/MUYrpdyQjU=
last-modified: Fri, 16 Apr 2021 04:45:24 GMT
server: cloudflare
etag: W/"cc78563a709a5a99c9d7186bfbc30626"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7jq1a9MhpWRZnvjcVzZ5qTdkmJlL3%2F01wZPQouuYZWSkirASYFW46jlH59UWKtcCIJpN%2FQMIxfbMBViVdOwK20xhOyNZOFxmU1n%2B08tKVYkxWC9YlRr9oWo%3D"}]}
content-type: text/javascript
cache-control: max-age=1800
cf-request-id: 097cd7c6040000d6d150919000000001
cf-ray: 640e5be99dc3d6d1-FRA

GET
H2 200 / Show response
www.lesvospost.com/ 261 KB
52 KB 176ms
175ms XHR
text/html 2a00:1450:400d:802::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lesvospost.com/

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2013 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fb6f66254eeec009f4f2bb2bbacc848ae9afa12bbfcce06b0120f22ba4144d05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _ga=GA1.2.178636599.1618586020; _gid=GA1.2.630202238.1618586020; _gat_gtag_UA_162918491_1=1; _gat_blogger=1; _gat_gtag_UA_33165999_1=1; __gads=ID=ed55da207a2c072f-2220556a93a7000f:T=1618586020:RT=1618586020:S=ALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw; __vliIPL={"value":["2a01:4f8:192:5414::2"],"expiredAt":1618593220852}; sf_ck_tst=test; _pbjs_userid_consent_data=6115677930566742; _pubcid=f4adb891-4ca8-4f50-9510-faf6a5934139
:path: /
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html, */*; q=0.01
cache-control: no-cache
:authority: www.lesvospost.com
referer: https://www.lesvospost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: text/html, */*; q=0.01
Referer: https://www.lesvospost.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 16 Apr 2021 14:36:24 GMT
server: GSE
etag: W/"6dcc564c876b89a9b904426dcc93a177880b8c8fbff4042ac5a1da2effdb7a0a"
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0
content-length: 52969
x-xss-protection: 1; mode=block
expires: Fri, 16 Apr 2021 15:13:41 GMT

GET
H2 200 / Show response
www.lesvospost.com/ 261 KB
52 KB 275ms
275ms XHR
text/html 2a00:1450:400d:802::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lesvospost.com/

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2013 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fb6f66254eeec009f4f2bb2bbacc848ae9afa12bbfcce06b0120f22ba4144d05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _ga=GA1.2.178636599.1618586020; _gid=GA1.2.630202238.1618586020; _gat_gtag_UA_162918491_1=1; _gat_blogger=1; _gat_gtag_UA_33165999_1=1; __gads=ID=ed55da207a2c072f-2220556a93a7000f:T=1618586020:RT=1618586020:S=ALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw; __vliIPL={"value":["2a01:4f8:192:5414::2"],"expiredAt":1618593220852}; sf_ck_tst=test; _pbjs_userid_consent_data=6115677930566742; _pubcid=f4adb891-4ca8-4f50-9510-faf6a5934139
:path: /
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html, */*; q=0.01
cache-control: no-cache
:authority: www.lesvospost.com
referer: https://www.lesvospost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: text/html, */*; q=0.01
Referer: https://www.lesvospost.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 16 Apr 2021 14:36:24 GMT
server: GSE
etag: W/"6dcc564c876b89a9b904426dcc93a177880b8c8fbff4042ac5a1da2effdb7a0a"
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0
content-length: 52969
x-xss-protection: 1; mode=block
expires: Fri, 16 Apr 2021 15:13:41 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700&subset=greek,greek-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.lesvospost.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 21:15:20 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
age: 323901
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
expires: Tue, 12 Apr 2022 21:15:20 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
16 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700&subset=greek,greek-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.lesvospost.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 21:15:49 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
age: 323872
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
expires: Tue, 12 Apr 2022 21:15:49 GMT

GET
H3-29 200 %25CE%2593%25CE%2597%25CE%25A0%25CE%2595%25CE%2594%25CE%259F%2B5%25CE%25A75%2B%25CE%2593%25CE%25A5%25CE%259C%25CE%259D%25CE%2591%25CE%25A3%25CE%2599%25CE%259F%2B%25CE%2595%25CE%25A1%25CE%2595%25CE%...
1.bp.blogspot.com/-dUdeihU2RIA/YHVbHaaBLiI/AAAAAAAEEUI/IG6fDklzASM0P8OqiHWOMUe-xitRoI0hACLcBGAsYHQ/w640-h480/ 130 KB
130 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-dUdeihU2RIA/YHVbHaaBLiI/AAAAAAAEEUI/IG6fDklzASM0P8OqiHWOMUe-xitRoI0hACLcBGAsYHQ/w640-h480/%25CE%2593%25CE%2597%25CE%25A0%25CE%2595%25CE%2594%25CE%259F%2B5%25CE%25A75%2B%25CE%2593%25CE%25A5%25CE%259C%25CE%259D%25CE%2591%25CE%25A3%25CE%2599%25CE%259F%2B%25CE%2595%25CE%25A1%25CE%2595%25CE%25A3%25CE%259F%25CE%25A5%2B3.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9dc620d3e3b611e48851005f75f2172bb52fcdbf18a204844ac69fc9fb358a0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 11:45:31 GMT
x-content-type-options: nosniff
age: 12490
content-disposition: inline;filename="______ 5_5 ________ ______ 3.jpg";filename*=UTF-8''%CE%93%CE%97%CE%A0%CE%95%CE%94%CE%9F%205%CE%A75%20%CE%93%CE%A5%CE%9C%CE%9D%CE%91%CE%A3%CE%99%CE%9F%20%CE%95%CE%A1%CE%95%CE%A3%CE%9F%CE%A5%203.jpg
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132661
x-xss-protection: 0
server: fife
etag: "v41145"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 15 Apr 2021 18:24:24 GMT

GET
H3-29 200 %25CE%2593%25CE%2597%25CE%25A0%25CE%2595%25CE%2594%25CE%259F%2B5%25CE%25A75%2B%25CE%2593%25CE%25A5%25CE%259C%25CE%259D%25CE%2591%25CE%25A3%25CE%2599%25CE%259F%2B%25CE%2595%25CE%25A1%25CE%2595%25CE%...
1.bp.blogspot.com/-vGIxC5ab9Q8/YHVbSTtVuyI/AAAAAAAEEUM/m6MwakIxnOk7l1ewYdVX4rgaaLteSA4vwCLcBGAsYHQ/w640-h480/ 112 KB
112 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-vGIxC5ab9Q8/YHVbSTtVuyI/AAAAAAAEEUM/m6MwakIxnOk7l1ewYdVX4rgaaLteSA4vwCLcBGAsYHQ/w640-h480/%25CE%2593%25CE%2597%25CE%25A0%25CE%2595%25CE%2594%25CE%259F%2B5%25CE%25A75%2B%25CE%2593%25CE%25A5%25CE%259C%25CE%259D%25CE%2591%25CE%25A3%25CE%2599%25CE%259F%2B%25CE%2595%25CE%25A1%25CE%2595%25CE%25A3%25CE%259F%25CE%25A5%2B2.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7853200e05269cae96d8b4cf59ade608d389b2ebdc8304213974137d858aa214

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 11:45:31 GMT
x-content-type-options: nosniff
age: 12490
content-disposition: inline;filename="______ 5_5 ________ ______ 2.jpg";filename*=UTF-8''%CE%93%CE%97%CE%A0%CE%95%CE%94%CE%9F%205%CE%A75%20%CE%93%CE%A5%CE%9C%CE%9D%CE%91%CE%A3%CE%99%CE%9F%20%CE%95%CE%A1%CE%95%CE%A3%CE%9F%CE%A5%202.jpg
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114703
x-xss-protection: 0
server: fife
etag: "v41146"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 15 Apr 2021 14:16:27 GMT

GET
H3-29 200 %25CE%2593%25CE%2597%25CE%25A0%25CE%2595%25CE%2594%25CE%259F%2B5%25CE%25A75%2B%25CE%2593%25CE%25A5%25CE%259C%25CE%259D%25CE%2591%25CE%25A3%25CE%2599%25CE%259F%2B%25CE%2595%25CE%25A1%25CE%2595%25CE%...
1.bp.blogspot.com/-kTS4fI2drVY/YHVbSdSTQjI/AAAAAAAEEUQ/dUqku50HNbsE7jYIQaSSfeI_4N7vms_DwCLcBGAsYHQ/w640-h480/ 119 KB
119 KB 10ms
9ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-kTS4fI2drVY/YHVbSdSTQjI/AAAAAAAEEUQ/dUqku50HNbsE7jYIQaSSfeI_4N7vms_DwCLcBGAsYHQ/w640-h480/%25CE%2593%25CE%2597%25CE%25A0%25CE%2595%25CE%2594%25CE%259F%2B5%25CE%25A75%2B%25CE%2593%25CE%25A5%25CE%259C%25CE%259D%25CE%2591%25CE%25A3%25CE%2599%25CE%259F%2B%25CE%2595%25CE%25A1%25CE%2595%25CE%25A3%25CE%259F%25CE%25A5%2B1.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

156b8dbaa490336512bd6de0c09eaebc403d9d36eb7633ef36f7ca55abc64fb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 11:45:31 GMT
x-content-type-options: nosniff
age: 12490
content-disposition: inline;filename="______ 5_5 ________ ______ 1.jpg";filename*=UTF-8''%CE%93%CE%97%CE%A0%CE%95%CE%94%CE%9F%205%CE%A75%20%CE%93%CE%A5%CE%9C%CE%9D%CE%91%CE%A3%CE%99%CE%9F%20%CE%95%CE%A1%CE%95%CE%A3%CE%9F%CE%A5%201.jpg
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121498
x-xss-protection: 0
server: fife
etag: "v41147"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 15 Apr 2021 14:16:27 GMT

GET
H3-29 200 %25CE%2591%25CE%2595%25CE%25A4.jpg
1.bp.blogspot.com/-SjCwKGu9baE/YHMzy2wHlBI/AAAAAAAEENA/O6g-IiePXewDe_r-ig8vj-KLLXCA2q2nQCLcBGAsYHQ/w640-h480/ 77 KB
77 KB 12ms
11ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-SjCwKGu9baE/YHMzy2wHlBI/AAAAAAAEENA/O6g-IiePXewDe_r-ig8vj-KLLXCA2q2nQCLcBGAsYHQ/w640-h480/%25CE%2591%25CE%2595%25CE%25A4.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ad81822765ae270ca1a4cf78b5e3fcec0204810aa5e59b6e1bb2440a674dbb3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 14:10:45 GMT
x-content-type-options: nosniff
age: 3776
content-disposition: inline;filename="___.jpg";filename*=UTF-8''%CE%91%CE%95%CE%A4.jpg
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79290
x-xss-protection: 0
server: fife
etag: "v410d1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 17 Apr 2021 05:59:12 GMT

GET
H3-29 200 %25CE%25A3%25CF%2587%25CE%25BF%25CE%25BB%25CE%25B5%25CE%25AF%25CE%25B1%2B%25CE%2591%25CF%2584%25CF%2584%25CE%25B9%25CE%25BA%25CE%25AE%25CF%2582-%25CE%25A0%25CE%25AC%25CF%2581%25CE%25BA%25CE%25BF%2B...
1.bp.blogspot.com/-7XxpjAfG5Zc/YHlaAVQb2vI/AAAAAAAEEl8/xClH76OZX9QHpVmvWIOvgJrxUX64mQEJACLcBGAsYHQ/w640-h480/ 120 KB
120 KB 11ms
9ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-7XxpjAfG5Zc/YHlaAVQb2vI/AAAAAAAEEl8/xClH76OZX9QHpVmvWIOvgJrxUX64mQEJACLcBGAsYHQ/w640-h480/%25CE%25A3%25CF%2587%25CE%25BF%25CE%25BB%25CE%25B5%25CE%25AF%25CE%25B1%2B%25CE%2591%25CF%2584%25CF%2584%25CE%25B9%25CE%25BA%25CE%25AE%25CF%2582-%25CE%25A0%25CE%25AC%25CF%2581%25CE%25BA%25CE%25BF%2B%25CE%2591%25CF%2580%25CE%25BF%25CE%25BB%25CE%25B9%25CE%25B8%25CF%2589%25CE%25BC%25CE%25AD%25CE%25BD%25CE%25BF%25CF%2585%2B%25CE%2594%25CE%25AC%25CF%2583%25CE%25BF%25CF%2585%25CF%2582.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5afa8ecd8438b9e76791a7dc14cfa98cc0037cd136cd98adf53c5fe28c977fca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 14:00:05 GMT
x-content-type-options: nosniff
age: 4416
content-disposition: inline;filename="_______ _______-_____ ____________ ______.jpg";filename*=UTF-8''%CE%A3%CF%87%CE%BF%CE%BB%CE%B5%CE%AF%CE%B1%20%CE%91%CF%84%CF%84%CE%B9%CE%BA%CE%AE%CF%82-%CE%A0%CE%AC%CF%81%CE%BA%CE%BF%20%CE%91%CF%80%CE%BF%CE%BB%CE%B9%CE%B8%CF%89%CE%BC%CE%AD%CE%BD%CE%BF%CF%85%20%CE%94%CE%AC%CF%83%CE%BF%CF%85%CF%82.jpg
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122547
x-xss-protection: 0
server: fife
etag: "v41260"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 17 Apr 2021 14:00:05 GMT

GET
H3-29 200 kairos.jpg
1.bp.blogspot.com/-lNznkHRP8PM/YHjMTIQolUI/AAAAAAAEEks/sja16XPkmtQqiN95vgjhMISdfsyFzMp1gCLcBGAsYHQ/w640-h314/ 58 KB
58 KB 10ms
8ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-lNznkHRP8PM/YHjMTIQolUI/AAAAAAAEEks/sja16XPkmtQqiN95vgjhMISdfsyFzMp1gCLcBGAsYHQ/w640-h314/kairos.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9c5a06ff8fdcf3995db8fe89759fdf77b7bb7d37e3a360c64137861e2804033c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 14:31:07 GMT
x-content-type-options: nosniff
age: 2554
content-disposition: inline;filename="kairos.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59648
x-xss-protection: 0
server: fife
etag: "v4124c"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 17 Apr 2021 10:30:29 GMT

GET
H3-29 200 %25CE%25A0%25CF%2581%25CE%25BF%25CF%2583%25CF%2586%25CE%25BF%25CF%2581%25CE%25AC%2B%25CF%2583%25CF%2584%25CE%25BF%2B%25CE%259B.%2B%25CE%259C%25CF%2585%25CF%2584%25CE%25B9%25CE%25BB%25CE%25AE%25CE%2...
1.bp.blogspot.com/-rxJaM2MuZPU/YHjLlqQWz7I/AAAAAAAEEkc/hOWFoNtilIobITn--R-sWx_rh7Dq0pZyACLcBGAsYHQ/w640-h258/ 47 KB
47 KB 14ms
12ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-rxJaM2MuZPU/YHjLlqQWz7I/AAAAAAAEEkc/hOWFoNtilIobITn--R-sWx_rh7Dq0pZyACLcBGAsYHQ/w640-h258/%25CE%25A0%25CF%2581%25CE%25BF%25CF%2583%25CF%2586%25CE%25BF%25CF%2581%25CE%25AC%2B%25CF%2583%25CF%2584%25CE%25BF%2B%25CE%259B.%2B%25CE%259C%25CF%2585%25CF%2584%25CE%25B9%25CE%25BB%25CE%25AE%25CE%25BD%25CE%25B7%25CF%2582-page-001.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b5090bbe9aa9debe429b3923e7089d218d6a329bf013e4142ce8248f7e11d53a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 14:31:07 GMT
x-content-type-options: nosniff
age: 2554
content-disposition: inline;filename="________ ___ _. _________-page-001.jpg";filename*=UTF-8''%CE%A0%CF%81%CE%BF%CF%83%CF%86%CE%BF%CF%81%CE%AC%20%CF%83%CF%84%CE%BF%20%CE%9B.%20%CE%9C%CF%85%CF%84%CE%B9%CE%BB%CE%AE%CE%BD%CE%B7%CF%82-page-001.jpg
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48395
x-xss-protection: 0
server: fife
etag: "v41249"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 17 Apr 2021 10:30:25 GMT

GET
H3-29 200 %25CE%25A0%25CF%2581%25CE%25BF%25CF%2583%25CF%2586%25CE%25BF%25CF%2581%25CE%25AC%2B%25CF%2583%25CF%2584%25CE%25BF%2B%25CE%259B.%2B%25CE%259C%25CF%2585%25CF%2584%25CE%25B9%25CE%25BB%25CE%25AE%25CE%2...
1.bp.blogspot.com/-pa_GlEj9bKY/YHjLszieGhI/AAAAAAAEEkg/ezvXew8oFAYcjoMErp5sQxqW5WIlfxjTwCLcBGAsYHQ/w640-h312/ 45 KB
45 KB 14ms
11ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-pa_GlEj9bKY/YHjLszieGhI/AAAAAAAEEkg/ezvXew8oFAYcjoMErp5sQxqW5WIlfxjTwCLcBGAsYHQ/w640-h312/%25CE%25A0%25CF%2581%25CE%25BF%25CF%2583%25CF%2586%25CE%25BF%25CF%2581%25CE%25AC%2B%25CF%2583%25CF%2584%25CE%25BF%2B%25CE%259B.%2B%25CE%259C%25CF%2585%25CF%2584%25CE%25B9%25CE%25BB%25CE%25AE%25CE%25BD%25CE%25B7%25CF%2582-page-002.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

bb717e2fc2c27aca64c8feeb4b82181cf3591cb8897440973f96c8d3bc36bd6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 14:31:07 GMT
x-content-type-options: nosniff
age: 2554
content-disposition: inline;filename="________ ___ _. _________-page-002.jpg";filename*=UTF-8''%CE%A0%CF%81%CE%BF%CF%83%CF%86%CE%BF%CF%81%CE%AC%20%CF%83%CF%84%CE%BF%20%CE%9B.%20%CE%9C%CF%85%CF%84%CE%B9%CE%BB%CE%AE%CE%BD%CE%B7%CF%82-page-002.jpg
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45803
x-xss-protection: 0
server: fife
etag: "v4124a"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 17 Apr 2021 10:30:25 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame EE41 1 KB
989 B 37ms
16ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4266922878443074&output=html&h=50&slotname=2071283390&adk=4034667973&adf=2889198705&pi=t.ma~as.2071283390&w=450&lmt=1618583784&psa=0&format=450x50&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586020402&bpp=1&bdt=177&idt=287&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=259&ady=457&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=7ZwteUMrTZ&p=https%3A//www.lesvospost.com&dtd=292

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 15:13:31 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/ Frame EE41 17 KB
7 KB 26ms
5ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76d293cad87de584b5105472b9672fb1460dcf35f82079e274e44a47860bf700

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 14:57:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 980
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7113
x-xss-protection: 0
server: cafe
etag: 11066897925667386271
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 14:57:21 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame EE41 2 KB
1 KB 37ms
17ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 15:12:47 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EE41 118 KB
36 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618423651533291"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36717
x-xss-protection: 0
expires: Fri, 16 Apr 2021 15:13:41 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame EE41 13 KB
6 KB 28ms
8ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:12:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5602
x-xss-protection: 0
server: cafe
etag: 7525161794280374107
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 15:12:16 GMT

GET
H2 200 15048959890803996431
tpc.googlesyndication.com/simgad/ Frame A206 16 KB
16 KB 36ms
17ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15048959890803996431?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkN82bAWhEhkz53hhDqpPRlD5aO6w

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4266922878443074&output=html&h=60&slotname=2071283390&adk=3236735827&adf=1913544732&pi=t.ma~as.2071283390&w=468&lmt=1618583784&psa=0&format=468x60&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586020403&bpp=1&bdt=177&idt=336&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C450x50&nras=1&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=259&ady=3203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=UTX7ip3RWV&p=https%3A//www.lesvospost.com&dtd=340

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c72133b1ceaccc156dc1632eb31d31eddfeaa671bd00e7488d425427e5d80a7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 02:17:01 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Feb 2021 14:33:54 GMT
server: sffe
age: 133000
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16102
x-xss-protection: 0
expires: Fri, 15 Apr 2022 02:17:01 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/ Frame A206 17 KB
7 KB 29ms
10ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76d293cad87de584b5105472b9672fb1460dcf35f82079e274e44a47860bf700

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 14:57:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 980
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7113
x-xss-protection: 0
server: cafe
etag: 11066897925667386271
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 14:57:21 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame A206 2 KB
1 KB 26ms
12ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 15:12:47 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A206 118 KB
36 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618423651533291"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36717
x-xss-protection: 0
expires: Fri, 16 Apr 2021 15:13:41 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame A206 13 KB
6 KB 25ms
11ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:12:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5602
x-xss-protection: 0
server: cafe
etag: 7525161794280374107
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 15:12:16 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame A206 25 KB
10 KB 31ms
18ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95f66b0fd918f7a6d36f22a9ac49210439d74085bf0fedd1dec6061918f20c1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 11:42:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12676
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10490
x-xss-protection: 0
server: cafe
etag: 4192951226220979311
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 11:42:25 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame A206 0
0 20ms
17ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CKcwNpKl5YMeJL-nI-waZs6y4DfvVxZ1i6_7XmqcNhfbMwcQiEAEg6tHIHWCViviBlAegAY7nudUByAECqQLMEDJbwRq0PqgDAcgDyQSqBNIBT9BA5p2R6w-6s-1PbeBn5GbwrZYn3p0wxMFLRyZfbLc7qXe0Km8o8jWijrAYBdNdhEDb-aNz1WuItWwI9VKPDVKTRRB5tch8O4J10wsHFvpJVpidhVa4LKr21Ty9-j9EA-mCoX51Mo4dMA1U8S9ErrN5me2Ko5whLtGfmi_1ndf-gCRgZJ1vrK4eCDNLyELuT5yNAOxpMjcYyabAcVWnhPYxqUrE1gIWLr74c8DesmFCF4hP_pbPoeWTj1qTTy4iEWoRdmy0J25UdB4dZVzqPt67wATzwo_6wgOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAH2pjGqgKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwMQ91vSCAkIgOGAcBABGB-ACgHICwHYEw2yFxoKGAgAEhRwdWItNDI2NjkyMjg3ODQ0MzA3NA&sigh=cxpFw9cht2Q

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4266922878443074&output=html&h=60&slotname=2071283390&adk=3236735827&adf=1913544732&pi=t.ma~as.2071283390&w=468&lmt=1618583784&psa=0&format=468x60&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586020403&bpp=1&bdt=177&idt=336&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C450x50&nras=1&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=259&ady=3203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=UTX7ip3RWV&p=https%3A//www.lesvospost.com&dtd=340
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 16 Apr 2021 15:13:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 mqdefault.jpg
img.youtube.com/vi/AwHKhjshq-E/ 7 KB
7 KB 45ms
7ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/AwHKhjshq-E/mqdefault.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d79700c0a360190d64f1a1deb4281b5ade95e5497fb144a63eaec5f1e0248c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 14:06:26 GMT
x-content-type-options: nosniff
server: sffe
age: 4035
etag: "1618038674"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7256
x-xss-protection: 0
expires: Fri, 16 Apr 2021 16:06:26 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame EE41 78 KB
79 KB 43ms
7ms Image
image/jpeg 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRhaMfD6nYldftbZN8mLFKbGsi3ZmftwUvOVl_EdDtg0u-ATtFp&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c81714a5c1dfb92d005e947249bf03b0e6867603c2ae773a1a3819e1d7db419f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 04:04:29 GMT
x-content-type-options: nosniff
last-modified: Sat, 06 Feb 2021 14:04:37 GMT
server: sffe
age: 126552
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80233
x-xss-protection: 0
expires: Fri, 15 Apr 2022 04:04:29 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame EE41 17 KB
18 KB 41ms
6ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQ2u7ynxksU40qZKnnNYjQ9PbjS8RMbDi12Cvjjo-rn-mciElY&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47e374ec834e51726978de301336ab9a19476541ed3a3ee5217f259b4abc1ef4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 02:29:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 03 Mar 2021 14:04:43 GMT
server: sffe
age: 132281
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17900
x-xss-protection: 0
expires: Fri, 15 Apr 2022 02:29:00 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame EE41 32 KB
32 KB 46ms
11ms Image
image/jpeg 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcT_H9pnf2vHTl63BskeCm7hZi7LzE1erBNzU7y9g41G7vd6CajHSdFdfOe6BlM&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28956d838bd65826c260b45e97953c40e698c6e47afe74cbc412eec05ab80f86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 13:05:59 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 14:06:23 GMT
server: sffe
age: 180462
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33034
x-xss-protection: 0
expires: Thu, 14 Apr 2022 13:05:59 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame EE41 51 KB
52 KB 46ms
12ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTl-xD6I54CT9DfBOquinmr1ooZmkjTxSEovUhvkkDlBc7KP_oD&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e60fe13d4a8e3267af57110cee0436555ffe1b45166d56e7c8560d61eaa84aa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 12:31:26 GMT
x-content-type-options: nosniff
last-modified: Tue, 02 Feb 2021 14:07:40 GMT
server: sffe
age: 96135
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52648
x-xss-protection: 0
expires: Fri, 15 Apr 2022 12:31:26 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame EE41 69 KB
69 KB 53ms
19ms Image
image/jpeg 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSVD9VggWAxZx6brZYnJQEQ6ETLWTvwSkANgFZA7YPZBg_nOZTC&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bbb1142c50cc7b3830be3efdab1c855a1d7fec27ca6f3da4ff7a00f0a900a295

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 04:57:16 GMT
x-content-type-options: nosniff
last-modified: Wed, 02 Dec 2020 14:15:08 GMT
server: sffe
age: 123385
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70776
x-xss-protection: 0
expires: Fri, 15 Apr 2022 04:57:16 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame EE41 17 KB
17 KB 41ms
7ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSU1q1CWuIslFylvpELknae7NRGHBBi7GqA4CPQ3UPx_sfQklKr&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f870819040947d6cd2340f2f5a6eb7035037f0b708e6312c5b6d9cc96c062d98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 02:04:01 GMT
x-content-type-options: nosniff
last-modified: Fri, 29 Jan 2021 14:07:15 GMT
server: sffe
age: 133780
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17036
x-xss-protection: 0
expires: Fri, 15 Apr 2022 02:04:01 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame EE41 12 KB
12 KB 46ms
13ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcR1Q4I0qEKCogrKikqvhFdAaptHz3_aECjo6UWV-vvJJZm-L2bP&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d56de139eb2e387c34290153ffda2abfd1fc5a8e78440e36748df70c34abe605

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 14:12:53 GMT
x-content-type-options: nosniff
last-modified: Wed, 14 Apr 2021 13:07:16 GMT
server: sffe
age: 176448
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12672
x-xss-protection: 0
expires: Thu, 14 Apr 2022 14:12:53 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame EE41 14 KB
14 KB 39ms
6ms Image
image/jpeg 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQx470DPzOQ8Pu2hMC0cQ2JVkB7VJRsxfEjxUuUeB6EEJmWMko&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e397a3bbb67e88a554f4744781cf9d48ba1c01649f78276674e346baf6bc94fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 23:52:59 GMT
x-content-type-options: nosniff
last-modified: Mon, 11 Jun 2018 15:12:45 GMT
server: sffe
age: 141642
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14472
x-xss-protection: 0
expires: Thu, 14 Apr 2022 23:52:59 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame EE41 19 KB
19 KB 47ms
16ms Image
image/jpeg 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcREhdIXjVqohL9uaEY_d-bxHXK_25EKjv9cSngdAiy-aFyPGhii&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01fb007658893ebe6f95e8bb6131b9db619386f6e5dc1450d5721b6914d0b580

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 10:04:07 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 Nov 2019 14:09:10 GMT
server: sffe
age: 450574
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19298
x-xss-protection: 0
expires: Mon, 11 Apr 2022 10:04:07 GMT

POST
H/1.1 200 zdCDtC7fFn_sBKTwp_XOFv4o21qkjOoNH_93CxI3pWtzMmOclabasqy6VVfyG0Q6SxgjB5IgQO1v6Z1UweMrzHYZo2JwjRSoJDFggyg3zkL-40ScxEwfHu7g9ggactxPyAIhpjmRpNJPrXyXLs5KqAt4--ZDqbZlZ7puVe-GfroGXTnmaM4nYHxdi5DYhEB8fIT2Y... Show response
asrv.dalecta.com/ 565 B
1 KB 106ms
105ms XHR
application/json 212.124.125.232
TRI-AS True Recor...

General

Check archive.org

Show headers Download Go to

Full URL: https://asrv.dalecta.com/zdCDtC7fFn_sBKTwp_XOFv4o21qkjOoNH_93CxI3pWtzMmOclabasqy6VVfyG0Q6SxgjB5IgQO1v6Z1UweMrzHYZo2JwjRSoJDFggyg3zkL-40ScxEwfHu7g9ggactxPyAIhpjmRpNJPrXyXLs5KqAt4--ZDqbZlZ7puVe-GfroGXTnmaM4nYHxdi5DYhEB8fIT2YD9jziY-Q7bKWJ4m9xumR_s59pZHuVgo2KiWA3rZSWsfa7l-7Ibo1Gm-e304urdnXBhHHojCBkxAEigymICRUzSuLoR29WQLrZOMaThDm9LyTjx-4bIoEe93Dx8lz3yYITJcVmgZ0Vt93mNYaPXzG4oLYU8LjfjNmrLMsbGwbKCF7HL7y8qEiGX8pD1U5-BE2ryRnxr5T9YfW9KwkE16DMLjAJzKQ2z3Wbgl7wAFutFSjEkttUEySOHaskNiibPlXwjw?
Requested by: Host: asrv.dalecta.com
URL: https://asrv.dalecta.com/0e697b03.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.125.232 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software: /
Resource Hash: a777470be96e0486e6625547314c59230fc78ba0d3ba71286b8f225450b826e7

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 15:13:41 GMT
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://www.lesvospost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
content-length: 565
expires: 0

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame EE41 0
0 52ms
51ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CJUvfpKl5YK2VLIu8-waHhrUIn96u_mH9r-Lz7wz8oMeq4A4QASDq0cgdYJWK-IGUB6ABuf--7APIAQmpAswQMlvBGrQ-qAMByAPLBKoEzQFP0DkzQydIds5kuYkCLv7dJIvPTbEQ01KZf4_5vLj-rA80w9UtqXFixRuDiRASPbOCV0c_JjB6V5DGD_UfHdiK8sn1B-l3aWpz09bETeEvd4W6T93H5u_83hZXC4MjPIjx9IIvFzyRdYhDXzR_00RElJW1qMO5vgsqQfr7yO7iOlFhPLN6seF62MTn29KbC6uRUE6xBYX4VO4Wd0GGmUCcZTGaxP96JadM0vb2I5H9mIDTiNyPmVjsT7rqzL6XygKJYx6s8XpOMCEU1JYDwATcy57R_gKSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH-rKHFqgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwMQvHrSCAkIgOGAcBABGB-ACgHICwHYEwuIFAOyFxoKGAgAEhRwdWItNDI2NjkyMjg3ODQ0MzA3NA&sigh=VSHNO0DTdzQ&template_id=494

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4266922878443074&output=html&h=50&slotname=2071283390&adk=4034667973&adf=2889198705&pi=t.ma~as.2071283390&w=450&lmt=1618583784&psa=0&format=450x50&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586020402&bpp=1&bdt=177&idt=287&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=259&ady=457&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=7ZwteUMrTZ&p=https%3A//www.lesvospost.com&dtd=292
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 16 Apr 2021 15:13:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 a0b5068ca1fc7f6ff765c7833258ec42.js Show response
www.gstatic.com/mysidia/ Frame EE41 25 KB
10 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a0b5068ca1fc7f6ff765c7833258ec42.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

789a93f4315357995e96053e32ee793d6b12f592fad617bb04f795c750f0c3bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 09:54:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Apr 2021 02:07:20 GMT
server: sffe
age: 191980
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10491
x-xss-protection: 0
expires: Tue, 13 Jul 2021 09:54:01 GMT

GET
H3-29 200 shopping
encrypted-tbn2.gstatic.com/ Frame EE41 13 KB
13 KB 21ms
7ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQIMkpDhG0pT_pkTE8BUZKCM6FwogtzoCB05X4WZjuoXqyttuA&usqp=CAI

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

501ed9ef4682a19fca8242ec5d9a7f438373c3e5b7dc8a1978d62aa2e44706d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 02:20:33 GMT
x-content-type-options: nosniff
last-modified: Sat, 08 Feb 2020 14:05:36 GMT
server: sffe
age: 132788
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12951
x-xss-protection: 0
expires: Fri, 15 Apr 2022 02:20:33 GMT

GET
H3-29

200

12292211746583241485
tpc.googlesyndication.com/simgad/ Frame EE41
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr64iePBCwCRiwCTIINoIjV4alR1E
https://tpc.googlesyndication.com/simgad/12292211746583241485

30 KB
30 KB

7ms
6ms

Image
image/png

2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12292211746583241485

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

801ffc320183425aad8f1d94a5b76c6cadb00703f12ccd83dd997cd941c520cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
age: 450603
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30912
x-xss-protection: 0
last-modified: Mon, 16 Sep 2019 23:08:24 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Apr 2022 10:03:38 GMT

Redirect headers

timing-allow-origin: *
date: Thu, 15 Apr 2021 20:39:42 GMT
x-content-type-options: nosniff
server: cafe
age: 66839
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/12292211746583241485
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 15 May 2021 20:39:42 GMT

GET
H2 200 default Show response
www.lesvospost.com/feeds/posts/ 40 KB
8 KB 199ms
198ms XHR
text/javascript 2a00:1450:400d:802::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lesvospost.com/feeds/posts/default?alt=json-in-script&max-results=3&callback=jQuery111005502978995330774_1618586020303&_=1618586020321

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2013 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

3894d2eb2667643c9d9ed1a3a08bdde5ccaf07f03fbb81617f31093870a85734

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _ga=GA1.2.178636599.1618586020; _gid=GA1.2.630202238.1618586020; _gat_gtag_UA_162918491_1=1; _gat_blogger=1; _gat_gtag_UA_33165999_1=1; __gads=ID=ed55da207a2c072f-2220556a93a7000f:T=1618586020:RT=1618586020:S=ALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw; __vliIPL={"value":["2a01:4f8:192:5414::2"],"expiredAt":1618593220852}; sf_ck_tst=test; _pbjs_userid_consent_data=6115677930566742; _pubcid=f4adb891-4ca8-4f50-9510-faf6a5934139
:path: /feeds/posts/default?alt=json-in-script&max-results=3&callback=jQuery111005502978995330774_1618586020303&_=1618586020321
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control: no-cache
:authority: www.lesvospost.com
referer: https://www.lesvospost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.lesvospost.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 16 Apr 2021 14:36:24 GMT
server: blogger-renderd
etag: W/"ab1be068b90b89a243651338e68af82d529e580ede3dbd62d387c76016897704"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 7634
x-xss-protection: 0
expires: Fri, 16 Apr 2021 15:13:42 GMT

GET
H2 200 default Show response
www.lesvospost.com/feeds/posts/ 34 KB
7 KB 187ms
186ms XHR
text/javascript 2a00:1450:400d:802::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lesvospost.com/feeds/posts/default?alt=json-in-script&start-index=2&max-results=3&callback=jQuery111005502978995330774_1618586020301&_=1618586020322

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2013 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

9addf628b00a42c0154778559569ea23ffee4251278e3ba3e611cb821f964d58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _ga=GA1.2.178636599.1618586020; _gid=GA1.2.630202238.1618586020; _gat_gtag_UA_162918491_1=1; _gat_blogger=1; _gat_gtag_UA_33165999_1=1; __gads=ID=ed55da207a2c072f-2220556a93a7000f:T=1618586020:RT=1618586020:S=ALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw; __vliIPL={"value":["2a01:4f8:192:5414::2"],"expiredAt":1618593220852}; sf_ck_tst=test; _pbjs_userid_consent_data=6115677930566742; _pubcid=f4adb891-4ca8-4f50-9510-faf6a5934139
:path: /feeds/posts/default?alt=json-in-script&start-index=2&max-results=3&callback=jQuery111005502978995330774_1618586020301&_=1618586020322
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control: no-cache
:authority: www.lesvospost.com
referer: https://www.lesvospost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.lesvospost.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 16 Apr 2021 14:36:24 GMT
server: blogger-renderd
etag: W/"7df90f87d9e7421913b88c2f188a120d590db2db263b1a06ad83a683d1912e95"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 7224
x-xss-protection: 0
expires: Fri, 16 Apr 2021 15:13:42 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210414/r20190131/ Frame D74C 222 KB
83 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210414/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2500372977609723&plah=www.lesvospost.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11d5cc5bb3db6c56fb91f9068e7f4741f6212c8e2e5546b17039c1c58720fb83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84747
x-xss-protection: 0
server: cafe
etag: 7950800710615234990
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 15:13:41 GMT

GET
H2 200 cta-branding.js Show response
cdn.taboola.com/demand-formats/cta-branding/ 14 KB
5 KB 7ms
6ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210414-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b80f9996f4ee83ac7e0cdc7b04f9e4150a90d41bbf901e7ea4a646d53f334a92

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: k0fLHolrULeyflnSHDHGwfQ5cxCVyM94
content-encoding: gzip
etag: "03de8465cf9a5b82f8bf06944d4a54bc"
age: 2060
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4635
x-amz-id-2: n0fs0aPjHQZ717aN6pHqjdafdagMI/X2oD473Xn8JdFmnM8xoLNWv04vNqSOrRPlh5LHWAghvv8=
x-served-by: cache-hhn11542-HHN
last-modified: Tue, 13 Apr 2021 14:38:50 GMT
server: AmazonS3
x-timer: S1618586022.587391,VS0,VE0
date: Fri, 16 Apr 2021 15:13:41 GMT
vary: Accept-Encoding
x-amz-request-id: ZZF2F7YZGKDR2BAV
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 79
x-cache-hits: 27230

GET
H2 200 cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ 2 KB
977 B 7ms
6ms Stylesheet
text/css 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210414-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 10qGt8O9hKdbB5IigEtXn8Bn._HPfO8j
content-encoding: gzip
etag: "10c372ee2c83a7fd12df18aebc5320c6"
age: 1491
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 719
x-amz-id-2: WKHOafpT9qf7ClanGhqGwcczB303Ax3znQ9/m3xHolnoZIR6HeT7S39m4QTumo+QVxjz+gbVzlI=
x-served-by: cache-hhn11542-HHN
last-modified: Tue, 06 Apr 2021 14:48:01 GMT
server: AmazonS3
x-timer: S1618586022.587560,VS0,VE0
date: Fri, 16 Apr 2021 15:13:41 GMT
vary: Accept-Encoding
x-amz-request-id: CR4E2RJ6SANDVYVF
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: text/css
abp: 79
x-cache-hits: 20328

GET
H2 200 tfa-eid.20210414-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 13 KB
5 KB 7ms
6ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/tfa-eid.20210414-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/lesvospostgr-f20544166/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3b2738076279a02dfda00b02f8ee435e9cebb77b535a6b9dfe21b5523a5cde08

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: mcil7LLvHShbJAYM25abSAt5ko2HvoSo
content-encoding: gzip
etag: "f0c15c57ffc1f0a46194c879c6386fe4"
age: 43
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4857
x-amz-id-2: v5Ibq2600YiONR7MaKjsx0SsWN3JTRD52AsNpHUhfuIOpkdHdG9indW48CnS9JFF6L2y6pTjImg=
x-served-by: cache-hhn11542-HHN
last-modified: Wed, 14 Apr 2021 09:09:32 GMT
server: AmazonS3
x-timer: S1618586022.590038,VS0,VE0
date: Fri, 16 Apr 2021 15:13:41 GMT
vary: Accept-Encoding
x-amz-request-id: 72FQCTBEEM77ZQS1
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 79
x-cache-hits: 399

GET
H2 200 sha256.20210414-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 6 KB
3 KB 6ms
6ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/sha256.20210414-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/lesvospostgr-f20544166/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c7a91e8ae78a2017b775f76cad66241ca3c2728228866622dc90cad71144e245

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: FCaRxwcW3MLlXzgVX9HQNSiyqGkGeGF_
content-encoding: gzip
etag: "449a15420f4bd41326d0ce1cb3e3252f"
age: 36
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2596
x-amz-id-2: /fVS9G43oGlBjDh7W8lNMwAz/oem2yxojB0zPihiFGUPaXLwNGA4p9d0kdzsaRjM3PZxpd+CR4U=
x-served-by: cache-hhn11542-HHN
last-modified: Wed, 14 Apr 2021 09:09:42 GMT
server: AmazonS3
x-timer: S1618586022.590026,VS0,VE0
date: Fri, 16 Apr 2021 15:13:41 GMT
vary: Accept-Encoding
x-amz-request-id: FRPMTZM1YCZQKJHZ
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 79
x-cache-hits: 327

GET
H2 200 explore-more.20210414-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 18 KB
7 KB 6ms
6ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/explore-more.20210414-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/lesvospostgr-f20544166/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e4d26ad8a054d6c74e9b4dd9bd7f65bb8be1697743cf2dbe6bff108a1aee496

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: j2K81Zi86dO0FD4rzTZh8HEyza2yk.m6
content-encoding: gzip
etag: "67c16589c6de11dbcc214f7d77f16095"
age: 93
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 6620
x-amz-id-2: U6UbB1xGEX4pT/D6fIvpInbzJaqztEiIVXSG0JAn10f2JdPxiWA7BVHT/5+Cy3dag6+g3Y3gDF8=
x-served-by: cache-hhn11542-HHN
last-modified: Wed, 14 Apr 2021 09:10:02 GMT
server: AmazonS3
x-timer: S1618586022.591833,VS0,VE0
date: Fri, 16 Apr 2021 15:13:41 GMT
vary: Accept-Encoding
x-amz-request-id: XS8DKH3VN4PCM6KK
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 79
x-cache-hits: 200

GET
H2 200 feed-card-placeholder.20210414-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 7ms
6ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20210414-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/lesvospostgr-f20544166/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d9084c8d15d1443f22f31d7724ae80d662d69d384d206213458cc784ebd3bf9a

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: lVKcweJm8pgn4Jw61u8krkR2RLWq8EWt
content-encoding: gzip
etag: "495e7acaa76bf6e7a083dd06892c2adc"
age: 63
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1269
x-amz-id-2: ABfv2lZyTicdasoHFB2FyQPExO/canFEjW3HDOThUcVzHKfsh+8ohg3rjLviupbhDf8Kd7FIJEY=
x-served-by: cache-hhn11542-HHN
last-modified: Wed, 14 Apr 2021 09:10:00 GMT
server: AmazonS3
x-timer: S1618586022.594932,VS0,VE0
date: Fri, 16 Apr 2021 15:13:41 GMT
vary: Accept-Encoding
x-amz-request-id: S4GPR057XV66X0DN
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 79
x-cache-hits: 411

GET
H2 200 userx.20210414-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 23 KB
8 KB 6ms
6ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20210414-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/lesvospostgr-f20544166/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 75bda79381d0f3e8fef483deb525dbbb64997a751a33e3901f3e62bc555501df

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: AB5kaFHgjUzYaSgXhghd6SMiz6ooDCVp
content-encoding: gzip
etag: "4dee943d9af8f930facd1ec702b5266b"
age: 5
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 7856
x-amz-id-2: urU9COxwtiuiB4uz1lO56EVkmVboMnMmnNM0RY1SB51LRkaZcs2S1tm+RTZouhYEPct48bnbYbE=
x-served-by: cache-hhn11542-HHN
last-modified: Wed, 14 Apr 2021 09:09:28 GMT
server: AmazonS3
x-timer: S1618586022.606301,VS0,VE0
date: Fri, 16 Apr 2021 15:13:41 GMT
vary: Accept-Encoding
x-amz-request-id: 4KDN0BQFYB3QY2Q0
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 79
x-cache-hits: 5

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 30ms
15ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.lesvospost.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 16 Apr 2021 15:13:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 23ms
21ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.lesvospost.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 16 Apr 2021 15:13:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E546 80 KB
25 KB 732ms
732ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&gdpr=1&client=ca-pub-4266922878443074&output=html&h=250&adk=1798448534&adf=2767709707&pi=t.aa~a.2294275233~rp.4&w=325&fwrn=4&fwrnh=100&lmt=1618583784&rafmt=1&to=qs&pwprc=3593517408&psa=0&format=325x250&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021021&bpp=2&bdt=795&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&prev_fmts=0x0%2C728x90%2C450x50%2C468x60&nras=2&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=1994&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=tfgJaXE0pz&p=https%3A//www.lesvospost.com&dtd=658

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e55ce4ed005132a6dce244be5bd696b695fb58b95c7244c13ba654c9faff6d1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?npa=1&gdpr=1&client=ca-pub-4266922878443074&output=html&h=250&adk=1798448534&adf=2767709707&pi=t.aa~a.2294275233~rp.4&w=325&fwrn=4&fwrnh=100&lmt=1618583784&rafmt=1&to=qs&pwprc=3593517408&psa=0&format=325x250&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021021&bpp=2&bdt=795&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&prev_fmts=0x0%2C728x90%2C450x50%2C468x60&nras=2&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=1994&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=tfgJaXE0pz&p=https%3A//www.lesvospost.com&dtd=658
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.lesvospost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnaFtvl-usS89_Dwem0OJxcgX82zk1PD6Ca6ujk0eYnCCxzn5zZ_w9cvI1ONFs
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.lesvospost.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 16 Apr 2021 15:13:42 GMT
server: cafe
content-length: 25966
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8C03 91 KB
26 KB 544ms
544ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&gdpr=1&client=ca-pub-4266922878443074&output=html&h=250&adk=2043369985&adf=1612897656&pi=t.aa~a.3541100581~rp.4&w=325&fwrn=4&fwrnh=100&lmt=1618583784&rafmt=1&to=qs&pwprc=3593517408&psa=0&format=325x250&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021021&bpp=1&bdt=795&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&prev_fmts=0x0%2C728x90%2C450x50%2C468x60%2C325x250&nras=3&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=2868&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=zK3o8JBnO6&p=https%3A//www.lesvospost.com&dtd=669

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

670a99331339865a5bd9b014d1b488e4f5a2679fef46b48ccfc4bf813ff8a3f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?npa=1&gdpr=1&client=ca-pub-4266922878443074&output=html&h=250&adk=2043369985&adf=1612897656&pi=t.aa~a.3541100581~rp.4&w=325&fwrn=4&fwrnh=100&lmt=1618583784&rafmt=1&to=qs&pwprc=3593517408&psa=0&format=325x250&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021021&bpp=1&bdt=795&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&prev_fmts=0x0%2C728x90%2C450x50%2C468x60%2C325x250&nras=3&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=2868&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=zK3o8JBnO6&p=https%3A//www.lesvospost.com&dtd=669
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.lesvospost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnaFtvl-usS89_Dwem0OJxcgX82zk1PD6Ca6ujk0eYnCCxzn5zZ_w9cvI1ONFs
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.lesvospost.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 16 Apr 2021 15:13:42 GMT
server: cafe
content-length: 26607
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F9A5 61 KB
23 KB 771ms
770ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&gdpr=1&client=ca-pub-4266922878443074&output=html&h=250&adk=2326970725&adf=2827123698&pi=t.aa~a.748759278~rp.4&w=325&fwrn=4&fwrnh=100&lmt=1618583784&rafmt=1&to=qs&pwprc=3593517408&psa=0&format=325x250&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021021&bpp=1&bdt=796&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&prev_fmts=0x0%2C728x90%2C450x50%2C468x60%2C325x250%2C325x250&nras=4&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=3742&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=qO4wlJG25i&p=https%3A//www.lesvospost.com&dtd=678

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca0a6fcfb74a4f343761942c073ddc1f2c0271526ec4b496116af2e07f336b42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?npa=1&gdpr=1&client=ca-pub-4266922878443074&output=html&h=250&adk=2326970725&adf=2827123698&pi=t.aa~a.748759278~rp.4&w=325&fwrn=4&fwrnh=100&lmt=1618583784&rafmt=1&to=qs&pwprc=3593517408&psa=0&format=325x250&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021021&bpp=1&bdt=796&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&prev_fmts=0x0%2C728x90%2C450x50%2C468x60%2C325x250%2C325x250&nras=4&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=3742&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=qO4wlJG25i&p=https%3A//www.lesvospost.com&dtd=678
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.lesvospost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnaFtvl-usS89_Dwem0OJxcgX82zk1PD6Ca6ujk0eYnCCxzn5zZ_w9cvI1ONFs
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.lesvospost.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 16 Apr 2021 15:13:42 GMT
server: cafe
content-length: 23125
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E74E 62 KB
23 KB 654ms
654ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&gdpr=1&client=ca-pub-4266922878443074&output=html&h=250&adk=2398528108&adf=3389349890&pi=t.aa~a.1098341321~rp.4&w=325&fwrn=4&fwrnh=100&lmt=1618583784&rafmt=1&to=qs&pwprc=3593517408&psa=0&format=325x250&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021021&bpp=1&bdt=795&idt=1&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&prev_fmts=0x0%2C728x90%2C450x50%2C468x60%2C325x250%2C325x250%2C325x250&nras=5&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=4057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=1&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=UuEOv4NAXb&p=https%3A//www.lesvospost.com&dtd=688

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b15c7505e832ec990b2f7a80a1577ffcf66a4122b8fa8814d5b59177488dd6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?npa=1&gdpr=1&client=ca-pub-4266922878443074&output=html&h=250&adk=2398528108&adf=3389349890&pi=t.aa~a.1098341321~rp.4&w=325&fwrn=4&fwrnh=100&lmt=1618583784&rafmt=1&to=qs&pwprc=3593517408&psa=0&format=325x250&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021021&bpp=1&bdt=795&idt=1&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&prev_fmts=0x0%2C728x90%2C450x50%2C468x60%2C325x250%2C325x250%2C325x250&nras=5&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=4057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=1&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=UuEOv4NAXb&p=https%3A//www.lesvospost.com&dtd=688
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.lesvospost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnaFtvl-usS89_Dwem0OJxcgX82zk1PD6Ca6ujk0eYnCCxzn5zZ_w9cvI1ONFs
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.lesvospost.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 16 Apr 2021 15:13:42 GMT
server: cafe
content-length: 23686
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame EE41 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5eb74e538da40f058d710504252a7b1037f099a186089fcf999b823eaf646a34

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1EF1 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4266922878443074&output=html&h=60&slotname=2071283390&adk=3236735827&adf=1913544732&pi=t.ma~as.2071283390&w=468&lmt=1618583784&psa=0&format=468x60&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586020403&bpp=1&bdt=177&idt=336&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C450x50&nras=1&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=259&ady=3203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=UTX7ip3RWV&p=https%3A//www.lesvospost.com&dtd=340
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnaFtvl-usS89_Dwem0OJxcgX82zk1PD6Ca6ujk0eYnCCxzn5zZ_w9cvI1ONFs
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4266922878443074&output=html&h=60&slotname=2071283390&adk=3236735827&adf=1913544732&pi=t.ma~as.2071283390&w=468&lmt=1618583784&psa=0&format=468x60&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586020403&bpp=1&bdt=177&idt=336&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C450x50&nras=1&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=259&ady=3203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=UTX7ip3RWV&p=https%3A//www.lesvospost.com&dtd=340

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 16 Apr 2021 14:23:25 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3016
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame A206 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 482b277a815fb1fcf7091fa4e0162bc8073e900aaccfbf9210d890043f72874d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ 216 KB
64 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=413e3fa657aa06ad6944bec97d7491a5&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c8774b4b740a1c2ed2cb38c541b891be94475cb3201cb4c281939af6765625e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.lesvospost.com
Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: u6mttn9nTOYHm94+/eHQDA==
cross-origin-resource-policy: cross-origin
expires: Sat, 16 Apr 2022 14:35:29 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 65489
x-fb-rlafr: 0
x-fb-debug: VHJAjtUUQYk0OZxidTYyO8Njq8yPNWht/wYr/fARjK1ZzsMszLb1gzHQakWM1eiM6yCUFoyAeFkqjXHLpQrTlQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: d7686ba19059ad88f2bcbf09f74cab7e
date: Fri, 16 Apr 2021 15:13:41 GMT
x-frame-options: DENY
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "cdc509206d11297d53f581dbb71bee2d"
timing-allow-origin: *
priority: u=3,i
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 docallbackinfo46af70590e0841948531881640bd8aac.js Show response
ui.clevernt.com/ 695 B
1017 B 145ms
50ms Script
text/javascript 148.69.64.109
VODAFONE-PT Vodaf...

General

Check archive.org

Show headers Download Go to

Full URL

https://ui.clevernt.com/docallbackinfo46af70590e0841948531881640bd8aac.js

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

148.69.64.109 Porto, Portugal, ASN12353 (VODAFONE-PT Vodafone Portugal, PT),

Reverse DNS

host-109.clevernetwork.pt

Software

nginx /

Resource Hash

c31d34c789260a55001e77a569636bc6e9bf1bad692b3555617dbb1b6a5ca60c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: cache
date: Fri, 16 Apr 2021 15:13:41 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
strict-transport-security: max-age=15768000
expires: Fri, 16 Apr 2021 16:13:41 GMT

GET
H2 200 tb Show response
15.taboola.com/ 30 KB
9 KB 25ms
24ms XHR
text/html 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tb?oid=15&pubnm=lesvospostgr-f20544166&unitType=226&tbloc=&pageType=text&pstn=Sponsored%20Below%20Article_Homepage&uuip=&cisrf=&cirf=https%3A%2F%2Fwww.lesvospost.com%2F&encoded=1&uid=17e86e00-adb0-45e3-9178-b9927573c070-tuct7732f25&variant=-100|1&callback=TRC.videoTagCallbacks.videoCallback1&cb=1618586021897&tagid=&cntry=DE&platform=1&sesid=9d0be8c77c91f5df0c138c355ea96dc0&itemid=/&viewid=1618586021246&geolat=&geoing=&deviceifa=&appid=&sd=v2_9d0be8c77c91f5df0c138c355ea96dc0_17e86e00-adb0-45e3-9178-b9927573c070-tuct7732f25_1618586021_1618586021_CNawjgYQ-ftRGP7a-tmNLyABKAEwODib4wlAgooQSMzK2QNQpewQWABgAGixr-m1yv33zq0B&ri=c9538d244a866ae2bf94781b56630cb5&appname=&cdb=&gdprApplies=true&rid=&sii=-5935552082435471478&oee=true&tpubid=1342969&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=BY&hasGDPRConsent=true&tcfVersion=2&cmpStatus=0&tnetid=1256973&prcnt=&layer=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210414-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a66838c6a12efc10ee34d2fd7495e58de6d062bf43884afe62080aebc0a2ab1e

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 16 Apr 2021 15:13:41 GMT
content-encoding: gzip
access-control-allow-origin: https://www.lesvospost.com
machineid: 1449
x-cache: MISS
xvid-debug: mrmr - :
x-served-by: cache-hhn11542-HHN
pragma: no-cache
server: nginx
x-timer: S1618586022.901922,VS0,VE18
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <https://am-wf.taboola.com>; rel=preconnect
x-cache-hits: 0

GET
H/1.1 200 zjpez1TwSoVma7HERmmzpYhuBvqpHMaAdgm1K8hNMIdijoSWy0QlFlvadzIbc4hmgVwzIP5ZYRHDl1B4V-tgDJdt-dKsKsrV_6Vt_fun6CTDZBzxRFK-ZLlcWwT_Sy3YP-wtbpZTzGOUFQEHdzQEAIxZlHCCBIjMyrpLUEhJ4e5k7x_WUeHEmrlVYQG7PjtG7h2M0...
asrv.dalecta.com/ 49 B
382 B 103ms
103ms Image
image/gif 212.124.125.232
TRI-AS True Recor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://asrv.dalecta.com/zjpez1TwSoVma7HERmmzpYhuBvqpHMaAdgm1K8hNMIdijoSWy0QlFlvadzIbc4hmgVwzIP5ZYRHDl1B4V-tgDJdt-dKsKsrV_6Vt_fun6CTDZBzxRFK-ZLlcWwT_Sy3YP-wtbpZTzGOUFQEHdzQEAIxZlHCCBIjMyrpLUEhJ4e5k7x_WUeHEmrlVYQG7PjtG7h2M0LyLpVhE41Yb-a4ym5Wc-NvuyblIeD6evvrgQvFjKeuRNBuu5DXmtQUo8bcBq_0qmk0A32DObyAKinfZADOy0T1dVtZpU6zv62lCJEqJMOqETCTDaeXP8pzwEkGp4ntJTqx96UTiDrHFkTO-R6zO4lA?DC=DO
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.125.232 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 15:13:41 GMT
last-modified: Wed, 07 Apr 2021 10:57:42 GMT
etag: W/"49-1617793062000"
p3p: CP="CAO PSA OUR"
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-type: image/gif
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29 200 / Show response
tag.vlitag.com/passbacktarget/1618576037/ Frame 35DE 299 B
835 B 267ms
267ms Script
application/javascript 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.vlitag.com/passbacktarget/1618576037/?t=iframe&pbID=7&d=14096&z=55196&divID=vi_1409655196_121&w=300&h=250

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1618576037/f0defa81791596697fbb49dfbf792bf2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20ab3aac6505edc7d73698c81e45c77d9b1e21b59afd5efe3935f93e8a0c46db

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:42 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=d2zUBMSsVOs%2Bq8WSfD%2FGq6etXUuCmyCdmYZxWWHkYWN7tLn8pyr1mSZbHufge165Jb21AIwxXWJQ3JHWymgpbZoLJGDDWLFqkSDNBxu5MMj7Do1wrBpAQdZYnA%3D%3D"}],"max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
cf-request-id: 097cd7c81800000eb3f7048000000001
cf-ray: 640e5becfd1b0eb3-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H2 200 /
stats.vlitag.com/pi/ 0
445 B 141ms
134ms Image
image/jpeg 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats.vlitag.com/pi/?e=zdNAqateKZP-YYat-PZYZ-qqaa-qeZZUwPBtZUaRzNhqllwqe0RrNTPAaURmNZZTaURrcorNco_TPAaUZZTaU_TYTRrtNRcsokty_orN
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:42 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OEq2aMqYZ2i%2FFckEUnKBt8Vzn1tyWy%2F3J0skcyhbgI2DSEqagjHm8ap17rJbUcBysg%2FZP4d2GmreXcDcz1AHjRU%2B1dq47eDlCRi78VRTfHQhZdpXS1lomZruYRJz"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache, no-store, must-revalidate
cf-ray: 640e5becf8784e49-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 097cd7c81f00004e494caa8000000001

GET
H2 204 abtests
trc.taboola.com/lesvospostgr-f20544166/log/3/ 0
255 B 16ms
15ms Image
image/gif 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/lesvospostgr-f20544166/log/3/abtests?route=AM:AM:V&tvi2=5024&lti=deflated&ri=c9538d244a866ae2bf94781b56630cb5&sd=v2_9d0be8c77c91f5df0c138c355ea96dc0_17e86e00-adb0-45e3-9178-b9927573c070-tuct7732f25_1618586021_1618586021_CNawjgYQ-ftRGP7a-tmNLyABKAEwODib4wlAgooQSMzK2QNQpewQWABgAGixr-m1yv33zq0B&ui=17e86e00-adb0-45e3-9178-b9927573c070-tuct7732f25&pi=/&wi=-5935552082435471478&pt=text&vi=1618586021246&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22animated_story%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1618586021913%7D&tim=17%3A13%3A41.914&id=7715&llvl=1&cv=20210414-6-RELEASE&
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 8
pragma: no-cache
date: Fri, 16 Apr 2021 15:13:41 GMT
via: 1.1 varnish
server: nginx
x-timer: S1618586022.930447,VS0,VE8
x-served-by: cache-hhn11542-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 67710652_404615920159859_6269817898928177152_n.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//1.bp.blogspot.com/-ECz6-n5Iv34/XUM2-eMlYmI/AAAAAAADVNU/lSmht9zTWOcc7fPH_5UHqKGG-... 18 KB
18 KB 10ms
8ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//1.bp.blogspot.com/-ECz6-n5Iv34/XUM2-eMlYmI/AAAAAAADVNU/lSmht9zTWOcc7fPH_5UHqKGG-MO9OR7TwCLcBGAs/w1200-h630-p-k-no-nu/67710652_404615920159859_6269817898928177152_n.jpg
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7198e7606463c04883065030ea386dafd096dd85865ddb29c04d54e5f21af52f

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 16 Apr 2021 15:13:41 GMT
via: 1.1 varnish, 1.1 varnish
age: 964478
edge-cache-tag: 358706438197898928137627171487489760886,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 95
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//1.bp.blogspot.com/-ECz6-n5Iv34/XUM2-eMlYmI/AAAAAAADVNU/lSmht9zTWOcc7fPH_5UHqKGG-MO9OR7TwCLcBGAs/w1200-h630-p-k-no-nu/67710652_404615920159859_6269817898928177152_n.jpg
content-length: 17996
x-request-id: 8e50b5d6c0890fd0686bae7bbd408f0d
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified: Sat, 03 Apr 2021 15:49:54 GMT
server: nginx
x-timer: S1618586022.937709,VS0,VE1
etag: "79c7ebfc106e5dbd31dcec89351fcfd9"
x-served-by: cache-wdc5537-WDC, cache-dca17732-DCA, cache-hhn11542-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 KARA1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//1.bp.blogspot.com/-9e8IEbULWJQ/YHOMespzPhI/AAAAAAAEEOQ/MKomE139tWIHSIsGwL11WjJki... 39 KB
40 KB 8ms
7ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//1.bp.blogspot.com/-9e8IEbULWJQ/YHOMespzPhI/AAAAAAAEEOQ/MKomE139tWIHSIsGwL11WjJkiYW5qPYIACLcBGAsYHQ/w1200-h630-p-k-no-nu/KARA1.jpg
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6b6c587f1f167176407970bd1eb39a6b9946015b59b2a88ef4a16ee83f599408

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 16 Apr 2021 15:13:41 GMT
via: 1.1 varnish, 1.1 varnish
age: 274265
edge-cache-tag: 513788835956773312232887714074535053164,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
expiration: expiry-date="Thu, 13 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//1.bp.blogspot.com/-9e8IEbULWJQ/YHOMespzPhI/AAAAAAAEEOQ/MKomE139tWIHSIsGwL11WjJkiYW5qPYIACLcBGAsYHQ/w1200-h630-p-k-no-nu/KARA1.jpg
content-length: 39806
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Mon, 12 Apr 2021 20:52:11 GMT
server: nginx
x-timer: S1618586022.937507,VS0,VE1
etag: "634f19818367191f1ad5f66a3f6b53fd"
x-served-by: cache-wdc5542-WDC, cache-dca17751-DCA, cache-hhn11542-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 %2525CE%2525BC%2525CE%2525B1%2525CE%2525BD%2525CE%2525B1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//1.bp.blogspot.com/-R8BC5CeEPHA/YFVKwFYKK5I/AAAAAAAEClg/M_fuhQE0nP4C-KD1h37py-jgg... 89 KB
89 KB 13ms
12ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//1.bp.blogspot.com/-R8BC5CeEPHA/YFVKwFYKK5I/AAAAAAAEClg/M_fuhQE0nP4C-KD1h37py-jggvMlj7zYgCLcBGAsYHQ/w1200-h630-p-k-no-nu/%2525CE%2525BC%2525CE%2525B1%2525CE%2525BD%2525CE%2525B1.jpg
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 105fb48017d5e034107656dcaf5befeb991458a8f7651013e6f3e54faa5c7163

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 6
date: Fri, 16 Apr 2021 15:13:41 GMT
via: 1.1 varnish, 1.1 varnish
age: 689850
edge-cache-tag: 515562791177928793645179364873908398692,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//1.bp.blogspot.com/-R8BC5CeEPHA/YFVKwFYKK5I/AAAAAAAEClg/M_fuhQE0nP4C-KD1h37py-jggvMlj7zYgCLcBGAsYHQ/w1200-h630-p-k-no-nu/%2525CE%2525BC%2525CE%2525B1%2525CE%2525BD%2525CE%2525B1.jpg
content-length: 90722
x-request-id: ee0201c6a126e6b27d715cf197edadaf
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb103
last-modified: Mon, 22 Mar 2021 17:18:15 GMT
server: nginx
x-timer: S1618586022.937687,VS0,VE6
etag: "6bbc533dfedc868d0cb1dd61f142d837"
x-served-by: cache-wdc5527-WDC, cache-dca12927-DCA, cache-hhn11542-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 anilikh.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//1.bp.blogspot.com/-P9Hvkz9PkZQ/XUPiWW_eHnI/AAAAAAADVOY/W2fmSGxG4EItmf4fNj5mg5DQV... 41 KB
42 KB 104ms
103ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//1.bp.blogspot.com/-P9Hvkz9PkZQ/XUPiWW_eHnI/AAAAAAADVOY/W2fmSGxG4EItmf4fNj5mg5DQVLAxmHpuwCLcBGAs/w1200-h630-p-k-no-nu/anilikh.jpg
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 92f74453146e050ed1349fc991c368328e868927546bc7e5de0b07bf7ea9b75e

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 97
date: Fri, 16 Apr 2021 15:13:42 GMT
via: 1.1 varnish, 1.1 varnish
age: 274264
edge-cache-tag: 480904664251323414382890285610035389886,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 98
x-cache: MISS, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//1.bp.blogspot.com/-P9Hvkz9PkZQ/XUPiWW_eHnI/AAAAAAADVOY/W2fmSGxG4EItmf4fNj5mg5DQVLAxmHpuwCLcBGAs/w1200-h630-p-k-no-nu/anilikh.jpg
content-length: 41768
x-request-id: ef9e583c263f82aec6594e0c173191ca
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified: Fri, 09 Apr 2021 19:47:38 GMT
server: nginx
x-timer: S1618586022.937697,VS0,VE97
etag: "8e48392055561e12ad00e0d8fe0fbd1c"
x-served-by: cache-wdc5570-WDC, cache-dca17754-DCA, cache-hhn11542-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0

GET
H2 200 caption.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//1.bp.blogspot.com/-RFyqB9Q68Ns/YGLHDQftd7I/AAAAAAAEDSc/NmiPiaEHkOAceB59OZQ9A26w1N... 43 KB
43 KB 107ms
106ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//1.bp.blogspot.com/-RFyqB9Q68Ns/YGLHDQftd7I/AAAAAAAEDSc/NmiPiaEHkOAceB59OZQ9A26w1NWcwVcOQCLcBGAsYHQ/w1200-h630-p-k-no-nu/caption.jpg
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 96642bff840db61fdbe29fdbfb2a9fd901243d2078ee9fcb4652482263b2fb60

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 100
date: Fri, 16 Apr 2021 15:13:42 GMT
via: 1.1 varnish, 1.1 varnish
age: 61852
edge-cache-tag: 511351920194918771644371344626923520956,388671775900320025315642327208943500211,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
expiration: expiry-date="Sat, 01 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//1.bp.blogspot.com/-RFyqB9Q68Ns/YGLHDQftd7I/AAAAAAAEDSc/NmiPiaEHkOAceB59OZQ9A26w1NWcwVcOQCLcBGAsYHQ/w1200-h630-p-k-no-nu/caption.jpg
content-length: 43860
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified: Wed, 31 Mar 2021 19:15:48 GMT
server: nginx
x-timer: S1618586022.939252,VS0,VE100
etag: "f1bfe731f4385d1bc7be55c60917527a"
x-served-by: cache-wdc5546-WDC, cache-dca12924-DCA, cache-hhn11542-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0

GET
H2 200 AYUTFOT.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//1.bp.blogspot.com/-HKe4jDDAmbI/YHP6yYkiHlI/AAAAAAAEERU/_lr7jrU-Too5_HJxVU6atabK7o... 19 KB
20 KB 8ms
7ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//1.bp.blogspot.com/-HKe4jDDAmbI/YHP6yYkiHlI/AAAAAAAEERU/_lr7jrU-Too5_HJxVU6atabK7o1rd-c7wCLcBGAsYHQ/w1200-h630-p-k-no-nu/AYUTFOT.jpg
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 140f2b4dff854d6ce68e069b181c535a8d7e8db80a324bc57247858f2393b2b7

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 16 Apr 2021 15:13:41 GMT
via: 1.1 varnish, 1.1 varnish
age: 341787
edge-cache-tag: 589143383920073283671771794300255622369,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//1.bp.blogspot.com/-HKe4jDDAmbI/YHP6yYkiHlI/AAAAAAAEERU/_lr7jrU-Too5_HJxVU6atabK7o1rd-c7wCLcBGAsYHQ/w1200-h630-p-k-no-nu/AYUTFOT.jpg
content-length: 19648
x-request-id: 4ef119b0f433abaa0ff186ce93b6fcf8
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified: Mon, 12 Apr 2021 08:13:56 GMT
server: nginx
x-timer: S1618586022.939320,VS0,VE1
etag: "ad3efaf426bc05c145821457305d75e5"
x-served-by: cache-wdc5566-WDC, cache-dca17724-DCA, cache-hhn11542-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 %2525CE%2525B2%2525CE%2525BF%2525CF%252583%2525CF%252584%2525CE%2525B1%2525CE%2525BD%2525CE%2525B5%2525CE%2525B9%2525CE%2525BF.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//1.bp.blogspot.com/-eQD3zG6rMgw/YGeXMJNYooI/AAAAAAAEDlw/A5-Vdnd3Rz4GasEok5uyQPMP2p... 49 KB
50 KB 11ms
7ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//1.bp.blogspot.com/-eQD3zG6rMgw/YGeXMJNYooI/AAAAAAAEDlw/A5-Vdnd3Rz4GasEok5uyQPMP2p1iX_HcQCLcBGAsYHQ/w1200-h630-p-k-no-nu/%2525CE%2525B2%2525CE%2525BF%2525CF%252583%2525CF%252584%2525CE%2525B1%2525CE%2525BD%2525CE%2525B5%2525CE%2525B9%2525CE%2525BF.jpg
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 089ea9b286315b596869da62bbc40127610f5354b720b1d4ed07651355552878

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 16 Apr 2021 15:13:41 GMT
via: 1.1 varnish, 1.1 varnish
age: 1008035
edge-cache-tag: 606053822236954556584378950997157431457,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//1.bp.blogspot.com/-eQD3zG6rMgw/YGeXMJNYooI/AAAAAAAEDlw/A5-Vdnd3Rz4GasEok5uyQPMP2p1iX_HcQCLcBGAsYHQ/w1200-h630-p-k-no-nu/%2525CE%2525B2%2525CE%2525BF%2525CF%252583%2525CF%252584%2525CE%2525B1%2525CE%2525BD%2525CE%2525B5%2525CE%2525B9%2525CE%2525BF.jpg
content-length: 50156
x-request-id: 532c082a77352cfb8d3f22af523b4261
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified: Sat, 03 Apr 2021 10:37:09 GMT
server: nginx
x-timer: S1618586022.948913,VS0,VE1
etag: "42729c1352ec6752e56a5d1a38f0af03"
x-served-by: cache-wdc5552-WDC, cache-dca17760-DCA, cache-hhn11542-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 IMG_20210327_160239.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//1.bp.blogspot.com/-1RljvcsSUiQ/YF87GSB1PaI/AAAAAAAEDEg/nxImuy5ee7gPGVUYIP9XV2Dxua... 26 KB
26 KB 10ms
8ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//1.bp.blogspot.com/-1RljvcsSUiQ/YF87GSB1PaI/AAAAAAAEDEg/nxImuy5ee7gPGVUYIP9XV2Dxua9z2Rq9QCLcBGAsYHQ/w1200-h630-p-k-no-nu/IMG_20210327_160239.jpg
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 14baf65f98771ec6e66301dc126e06cea79b2ebfc70be3c643191a983913795b

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 16 Apr 2021 15:13:41 GMT
via: 1.1 varnish, 1.1 varnish
age: 1297327
edge-cache-tag: 580692102096020818719351755255671421463,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 98
x-cache: HIT, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//1.bp.blogspot.com/-1RljvcsSUiQ/YF87GSB1PaI/AAAAAAAEDEg/nxImuy5ee7gPGVUYIP9XV2Dxua9z2Rq9QCLcBGAsYHQ/w1200-h630-p-k-no-nu/IMG_20210327_160239.jpg
content-length: 26280
x-request-id: 88287f6e30a85b610eb48065bf7e1bc8
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified: Sun, 28 Mar 2021 09:01:07 GMT
server: nginx
x-timer: S1618586022.949350,VS0,VE1
etag: "0558183f01e5209f315ee1cfef2bd829"
x-served-by: cache-wdc5563-WDC, cache-dca17738-DCA, cache-hhn11542-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 1

GET
H2 200 ef84fc293d41224c184dbdcfd8c83181.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 128 KB
128 KB 8ms
7ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ef84fc293d41224c184dbdcfd8c83181.jpg
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 47dd28fb8b57ab237856647805db9c3a6f5724759abc07c57750f56cbd0912ed

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 16 Apr 2021 15:13:41 GMT
via: 1.1 varnish, 1.1 varnish
age: 1934626
edge-cache-tag: 302479151993994568927198867523656057236,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ef84fc293d41224c184dbdcfd8c83181.jpg
content-length: 130708
x-request-id: 4f019a8a14394c5f6a2bee7acf967a7a
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Mon, 22 Mar 2021 19:17:37 GMT
server: nginx
x-timer: S1618586022.949391,VS0,VE1
etag: "9d84e931889f413f949d1971ced68f9e"
x-served-by: cache-wdc5544-WDC, cache-dca17758-DCA, cache-hhn11542-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 9546b5f3617f3c4f83189135f04697f2.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 27 KB
27 KB 7ms
7ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9546b5f3617f3c4f83189135f04697f2.jpg
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9ea163fc89a710178afdb645913b470f90f92307a1d79e54ae2c3c990eddb596

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 16 Apr 2021 15:13:41 GMT
via: 1.1 varnish, 1.1 varnish
age: 3453048
edge-cache-tag: 481722415960028527897246278855100796349,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9546b5f3617f3c4f83189135f04697f2.jpg
content-length: 27342
x-request-id: 92498f50b29de74f6aaca389023f2424
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified: Sat, 06 Mar 2021 11:54:00 GMT
server: nginx
x-timer: S1618586022.951467,VS0,VE1
etag: "4d526a758605e9ffee59fe0106e2d190"
x-served-by: cache-wdc5546-WDC, cache-dca17749-DCA, cache-hhn11542-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 %2525CE%2525B2%2525CF%252581.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//1.bp.blogspot.com/-y6fbHTt-i1A/YHONLbDA-mI/AAAAAAAEEOY/Ap7yLK2pTXUwQ2CN8bUFwRpXTo... 12 KB
13 KB 9ms
6ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//1.bp.blogspot.com/-y6fbHTt-i1A/YHONLbDA-mI/AAAAAAAEEOY/Ap7yLK2pTXUwQ2CN8bUFwRpXToYvUiXfgCLcBGAsYHQ/w1200-h630-p-k-no-nu/%2525CE%2525B2%2525CF%252581.jpg
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d2c34f3973b6190f592b06da3bc5a790fb38b1fb005645956d51dc155c7a2085

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 16 Apr 2021 15:13:41 GMT
via: 1.1 varnish, 1.1 varnish
age: 343212
edge-cache-tag: 490194622986672022705265718254541348395,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 98
x-cache: MISS, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//1.bp.blogspot.com/-y6fbHTt-i1A/YHONLbDA-mI/AAAAAAAEEOY/Ap7yLK2pTXUwQ2CN8bUFwRpXToYvUiXfgCLcBGAsYHQ/w1200-h630-p-k-no-nu/%2525CE%2525B2%2525CF%252581.jpg
content-length: 12140
x-request-id: f5a60672ce3b2a5d80c6a61589b7d7be
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Mon, 12 Apr 2021 07:37:49 GMT
server: nginx
x-timer: S1618586022.959612,VS0,VE1
etag: "0692bbfbdbec1f1e1d4e2f82b8d59833"
x-served-by: cache-wdc5547-WDC, cache-dca17752-DCA, cache-hhn11542-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1

GET
H2 200 %2525CF%252580%2525CF%252583%2525CE%2525B1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//1.bp.blogspot.com/-F9bkyBmPtb0/YHOOC_4LXMI/AAAAAAAEEOo/ROcA4E2MFfMUUDJsUZOBFYtwG1... 7 KB
8 KB 247ms
245ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//1.bp.blogspot.com/-F9bkyBmPtb0/YHOOC_4LXMI/AAAAAAAEEOo/ROcA4E2MFfMUUDJsUZOBFYtwG1m2O2rHwCLcBGAsYHQ/w1200-h630-p-k-no-nu/%2525CF%252580%2525CF%252583%2525CE%2525B1.jpg
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3f88cc8f57ab0f23ad64ae4f1cf09c7147bf8cbc62422718326b468c7ccaa3f0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 239
date: Fri, 16 Apr 2021 15:13:42 GMT
via: 1.1 varnish, 1.1 varnish
age: 0
edge-cache-tag: 383544906796434722530170466154038735181,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
expiration: expiry-date="Thu, 13 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, MISS, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//1.bp.blogspot.com/-F9bkyBmPtb0/YHOOC_4LXMI/AAAAAAAEEOo/ROcA4E2MFfMUUDJsUZOBFYtwG1m2O2rHwCLcBGAsYHQ/w1200-h630-p-k-no-nu/%2525CF%252580%2525CF%252583%2525CE%2525B1.jpg
content-length: 7496
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Mon, 12 Apr 2021 19:42:07 GMT
server: nginx
x-timer: S1618586022.960062,VS0,VE239
etag: "e18f3d16ba4b68da11348008a552a484"
x-served-by: cache-wdc5528-WDC, cache-dca17752-DCA, cache-hhn11542-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0

GET
H2 200 c388f67ebe8a2732ebed88b2419da7bc.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 5 KB
6 KB 8ms
7ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c388f67ebe8a2732ebed88b2419da7bc.jpg
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: bf37e672439e11e3923977a85fedbcd493299cdec845d13c52e574d148aef36a

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 16 Apr 2021 15:13:41 GMT
via: 1.1 varnish, 1.1 varnish
age: 1903174
edge-cache-tag: 318270056734806123079317470781134532838,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c388f67ebe8a2732ebed88b2419da7bc.jpg
content-length: 5026
x-request-id: 31104d3da5e9456af8ca3232f32ee8b1
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb106
last-modified: Sun, 21 Mar 2021 11:29:57 GMT
server: nginx
x-timer: S1618586022.960289,VS0,VE1
etag: "1577c08e26e4e808023d18bcb63ef540"
x-served-by: cache-wdc5527-WDC, cache-dca17727-DCA, cache-hhn11542-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 tbp Show response
15.taboola.com/ 6 KB
3 KB 166ms
165ms XHR
text/html 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tbp?oid=15&pubid=166277&tagid=948107&pstn=[pstn]&cb=[cb]&callback=TRC.pVideoCallbacks.videoCallback1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210414-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9779abefda7b000a239972765b930aeebbfcba2627619c096e6ecf36d009efa0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 16 Apr 2021 15:13:42 GMT
content-encoding: gzip
access-control-allow-origin: https://www.lesvospost.com
machineid: 1418
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn11542-HHN
pragma: no-cache
server: nginx
x-timer: S1618586022.943989,VS0,VE159
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 865662d0b37b2578573cc2a83cc34075.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 12 KB
13 KB 7ms
7ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/865662d0b37b2578573cc2a83cc34075.jpg
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 70d46d744c542536b97c68743ace9647ceaaec14ef278f99f5c012b9b1d82aa3

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 16 Apr 2021 15:13:41 GMT
via: 1.1 varnish, 1.1 varnish
age: 1734245
edge-cache-tag: 555060570620226188900659685850318674989,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-cache: HIT, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/865662d0b37b2578573cc2a83cc34075.jpg
content-length: 12382
x-request-id: 2c25e965e85698eb9a56e269e313759c
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified: Thu, 04 Mar 2021 07:53:33 GMT
server: nginx
x-timer: S1618586022.960266,VS0,VE1
etag: "1022c379f2055fd44c3c6d240f676414"
x-served-by: cache-wdc5540-WDC, cache-dca17722-DCA, cache-hhn11542-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 1

GET
H2 200 %2525CE%2525BA%2525CE%2525B1%2525CF%252581%2525CE%2525B1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//1.bp.blogspot.com/-Txn_F9Rz_3k/YGUEvZ2xs5I/AAAAAAAEDaQ/0JasfrQ9wIIYTl5x3C2OJcWac2... 71 KB
71 KB 8ms
7ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//1.bp.blogspot.com/-Txn_F9Rz_3k/YGUEvZ2xs5I/AAAAAAAEDaQ/0JasfrQ9wIIYTl5x3C2OJcWac2SvupJYACLcBGAsYHQ/w1200-h630-p-k-no-nu/%2525CE%2525BA%2525CE%2525B1%2525CF%252581%2525CE%2525B1.jpg
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 56877b7b26a3ff60e4afe81644be06429e8f450441600fe6923e7cb301371eaf

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 16 Apr 2021 15:13:41 GMT
via: 1.1 varnish, 1.1 varnish
age: 877447
edge-cache-tag: 309614669756638716688245713489062166713,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 91
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//1.bp.blogspot.com/-Txn_F9Rz_3k/YGUEvZ2xs5I/AAAAAAAEDaQ/0JasfrQ9wIIYTl5x3C2OJcWac2SvupJYACLcBGAsYHQ/w1200-h630-p-k-no-nu/%2525CE%2525BA%2525CE%2525B1%2525CF%252581%2525CE%2525B1.jpg
content-length: 72400
x-request-id: e175a29193b76e16e037728341f1f5d6
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb104
last-modified: Thu, 01 Apr 2021 07:42:53 GMT
server: nginx
x-timer: S1618586022.968754,VS0,VE1
etag: "d213607d027e6b83d2d857ca0b6017cf"
x-served-by: cache-wdc5548-WDC, cache-dca17727-DCA, cache-hhn11542-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 %2525CE%25259A%2525CE%2525BF%2525CE%2525BB%2525CE%2525BF%2525CE%2525BA%2525CE%2525BF%2525CF%252584%2525CF%252581%2525CF%25258E%2525CE%2525BD%2525CE%2525B7%2525CF%252582%252B%252528%252B%2525CE%2525...
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//1.bp.blogspot.com/-AzT5DR3fXpo/YFvYEfBSdxI/AAAAAAAEC5k/sShuB9kkbBo8OmFXDyRj0kP4RO... 37 KB
39 KB 102ms
102ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//1.bp.blogspot.com/-AzT5DR3fXpo/YFvYEfBSdxI/AAAAAAAEC5k/sShuB9kkbBo8OmFXDyRj0kP4ROEvqpGpwCLcBGAsYHQ/w1200-h630-p-k-no-nu/%2525CE%25259A%2525CE%2525BF%2525CE%2525BB%2525CE%2525BF%2525CE%2525BA%2525CE%2525BF%2525CF%252584%2525CF%252581%2525CF%25258E%2525CE%2525BD%2525CE%2525B7%2525CF%252582%252B%252528%252B%2525CE%252586%2525CE%2525BB%2525CE%2525BF%2525CE%2525B3%2525CE%2525BF%252B-%2525CE%2525B1%2525CE%2525BD%2525CE%2525B1%2525CE%2525B2%2525CE%2525AC%2525CF%252584%2525CE%2525B7%2525CF%252582%252B%2525CE%25259C%2525CE%2525BF%2525CF%252585%2525CF%252583%2525CF%252584%2525CE%2525AC%2525CE%2525BA%2525CE%2525B1%2525CF%252582%252B%2525CE%252593.%252529.JPG
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a7672a3ba717159720f08b0b0886db53f1baee0e95f2077ba48cf1386b2720f9

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 96
date: Fri, 16 Apr 2021 15:13:42 GMT
via: 1.1 varnish, 1.1 varnish
age: 596946
edge-cache-tag: 517415899302063761128270397280940721985,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-cache: MISS, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//1.bp.blogspot.com/-AzT5DR3fXpo/YFvYEfBSdxI/AAAAAAAEC5k/sShuB9kkbBo8OmFXDyRj0kP4ROEvqpGpwCLcBGAsYHQ/w1200-h630-p-k-no-nu/%2525CE%25259A%2525CE%2525BF%2525CE%2525BB%2525CE%2525BF%2525CE%2525BA%2525CE%2525BF%2525CF%252584%2525CF%252581%2525CF%25258E%2525CE%2525BD%2525CE%2525B7%2525CF%252582%252B%252528%252B%2525CE%252586%2525CE%2525BB%2525CE%2525BF%2525CE%2525B3%2525CE%2525BF%252B-%2525CE%2525B1%2525CE%2525BD%2525CE%2525B1%2525CE%2525B2%2525CE%2525AC%2525CF%252584%2525CE%2525B7%2525CF%252582%252B%2525CE%25259C%2525CE%2525BF%2525CF%252585%2525CF%252583%2525CF%252584%2525CE%2525AC%2525CE%2525BA%2525CE%2525B1%2525CF%252582%252B%2525CE%252593.%252529.JPG
content-length: 38356
x-request-id: b9dfafb703850e346a171dedb34d5385
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Fri, 26 Mar 2021 10:24:47 GMT
server: nginx
x-timer: S1618586022.968896,VS0,VE96
etag: "67ffac23ad3babe6df9fde44603a1c51"
x-served-by: cache-wdc5569-WDC, cache-dca17783-DCA, cache-hhn11542-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0

GET
H3-29 200 fox.jpg
1.bp.blogspot.com/-QqlGri5ipU0/YHlUAtbYCHI/AAAAAAAEEls/a-VrdwxHqVE5J4CcZj0q7v1AMp9_lRSowCLcBGAsYHQ/w640-h336/ 35 KB
35 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-QqlGri5ipU0/YHlUAtbYCHI/AAAAAAAEEls/a-VrdwxHqVE5J4CcZj0q7v1AMp9_lRSowCLcBGAsYHQ/w640-h336/fox.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

969d3f3813f31f47f6195326b5e38b78fa9617ad087ffc76363dec762924dd02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 13:08:32 GMT
x-content-type-options: nosniff
age: 7509
content-disposition: inline;filename="fox.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35458
x-xss-protection: 0
server: fife
etag: "v4125c"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 17 Apr 2021 13:08:32 GMT

GET
H3-29 200 TOYR.jpg
1.bp.blogspot.com/-AwP9bHZdNmQ/YHjMytzwMEI/AAAAAAAEEk0/cHOklcybHkQwT0UirKAvL5T6sHlZq5IkgCLcBGAsYHQ/w640-h360/ 71 KB
71 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-AwP9bHZdNmQ/YHjMytzwMEI/AAAAAAAEEk0/cHOklcybHkQwT0UirKAvL5T6sHlZq5IkgCLcBGAsYHQ/w640-h360/TOYR.jpg

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e9469a0dd82a9305059a1efd7a1ec92896bc5a85fe0376b771a040ab91de6782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:00:33 GMT
x-content-type-options: nosniff
age: 788
content-disposition: inline;filename="TOYR.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72996
x-xss-protection: 0
server: fife
etag: "v4124e"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 17 Apr 2021 11:00:33 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ Frame 9B9D 93 KB
37 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-128776493-28

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1618576037/f0defa81791596697fbb49dfbf792bf2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9f3d07899de17fe2c8b2c4ab4bea994d3be570900f4f5813b7e2ba7d02b5d934

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:41 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37424
x-xss-protection: 0
expires: Fri, 16 Apr 2021 15:13:41 GMT

GET
H2 200 ef84fc293d41224c184dbdcfd8c83181.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_130%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 12 KB
12 KB 8ms
7ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_130%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ef84fc293d41224c184dbdcfd8c83181.jpg
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6fafee9bc87610abe7dfb0c8dca6f00d8735b08de860bcd337ef1161eac74198

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 16 Apr 2021 15:13:42 GMT
via: 1.1 varnish, 1.1 varnish
age: 1827224
edge-cache-tag: 302479151993994568927198867523656057236,611705804638510531275839387012176038151,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
expiration: expiry-date="Thu, 22 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_130%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ef84fc293d41224c184dbdcfd8c83181.jpg
content-length: 11946
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified: Mon, 22 Mar 2021 20:37:39 GMT
server: nginx
x-timer: S1618586022.013292,VS0,VE1
etag: "deb48dec68fe5b314b0879fe0154c2a4"
x-served-by: cache-wdc5558-WDC, cache-dca17721-DCA, cache-hhn11542-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 9546b5f3617f3c4f83189135f04697f2.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_130%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 5 KB
6 KB 8ms
7ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_130%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9546b5f3617f3c4f83189135f04697f2.jpg
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8b1194a5cefabdf321fc7d9ed5789d0b49be37140078156df8bb1333f91086dd

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 16 Apr 2021 15:13:42 GMT
via: 1.1 varnish, 1.1 varnish
age: 1853245
edge-cache-tag: 481722415960028527897246278855100796349,611705804638510531275839387012176038151,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_130%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9546b5f3617f3c4f83189135f04697f2.jpg
content-length: 5460
x-request-id: 79787bbdd5d78c768b71846ed76c6554
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified: Wed, 17 Mar 2021 16:35:09 GMT
server: nginx
x-timer: S1618586022.013361,VS0,VE1
etag: "fa0a2ff3f6683ae1d3497e3c556bbdfc"
x-served-by: cache-wdc5571-WDC, cache-dca17774-DCA, cache-hhn11542-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 c388f67ebe8a2732ebed88b2419da7bc.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_130%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 3 KB
3 KB 6ms
6ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_130%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c388f67ebe8a2732ebed88b2419da7bc.jpg
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6220b122e560f7cda912ba312d59f6967fb215d1555016492ddc70749dc05c9e

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 16 Apr 2021 15:13:42 GMT
via: 1.1 varnish, 1.1 varnish
age: 873452
edge-cache-tag: 318270056734806123079317470781134532838,611705804638510531275839387012176038151,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-cache: MISS, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_130%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c388f67ebe8a2732ebed88b2419da7bc.jpg
content-length: 2896
x-request-id: 181f78b2d50a27d071d3a1e020c907ae
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified: Thu, 25 Mar 2021 12:57:34 GMT
server: nginx
x-timer: S1618586022.021431,VS0,VE0
etag: "5c85c9e31a9ea5f1d7106d679d3514a9"
x-served-by: cache-wdc5526-WDC, cache-dca12924-DCA, cache-hhn11542-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 2

GET
H2 200 rnk7erfi7uqv2nsccqx8.gif
images.taboola.com/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_130%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/gif/t_PERFORMANCE_VIDEO_DEFAULT/e_loop/so_0/f_gif/v... 215 KB
216 KB 8ms
8ms Image
image/gif 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_130%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/gif/t_PERFORMANCE_VIDEO_DEFAULT/e_loop/so_0/f_gif/v1598426375/rnk7erfi7uqv2nsccqx8.gif
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 3d85a7748bb5279ef3552e94fd5f758df812eba4fc42fa2eac4db369b24d0350

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Fri, 16 Apr 2021 15:13:42 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 895157
edge-cache-tag: 364820701648072326245179823654297572800,498523784059322641141713197063808246472,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Mon, 26 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_130%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/gif/t_PERFORMANCE_VIDEO_DEFAULT/e_loop/so_0/f_gif/v1598426375/rnk7erfi7uqv2nsccqx8.gif
content-length: 220439
x-served-by: cache-dca17757-DCA, cache-dca17772-DCA, cache-hhn11542-HHN
x-backend-name: CLOUDINARY:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
last-modified: Fri, 26 Mar 2021 21:25:34 GMT
server: cloudinary
x-timer: S1618586022.021486,VS0,VE2
etag: "94c876b9ad7c15474007049013d1a9cd"
vary: ImageFormat
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 UnitWidgetItemDesktop.min.js Show response
vidstat.taboola.com/lite-unit/3.3.9/ 95 KB
27 KB 7ms
6ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/3.3.9/UnitWidgetItemDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210414-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 847eb5078a68fe834f84d51a8d1906edeb9f375a23dcd6718b5fb89fa16b150f

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:42 GMT
via: 1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront), 1.1 varnish
age: 367873
x-cache: Miss from cloudfront, HIT
content-encoding: gzip
content-length: 27627
x-served-by: cache-hhn11542-HHN
last-modified: Mon, 12 Apr 2021 09:01:27 GMT
server: AmazonS3
x-timer: S1618586022.016425,VS0,VE0
etag: "e886ca2416ef6529c5a4f366d41192f2"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: eHnoEnQGZXEnHunBkTgEdW8RNsQ7YxIqQZrs2vM0pNwCO9fZ3dzXRg==
x-cache-hits: 31309

GET
H3-29 200 wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js Show response
pagead2.googlesyndication.com/bg/ Frame 0412 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c24a517cf3dc453e6046e54ec1f6944bd762da6fc68447fcfa84c374723bbb09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 11:40:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 12800
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5710
x-xss-protection: 0
expires: Sat, 16 Apr 2022 11:40:22 GMT

GET
H2 200 creative_js.js Show response
vidstat.taboola.com/vpaid/units/27_2_17/creatives/ 4 KB
2 KB 7ms
7ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210414-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6258018e9f890f2383a09a2be6df7792affd977d856e7247ace8341f5b5487f0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:42 GMT
via: 1.1 0e75d8f2d484ce463fc04f5c422aa179.cloudfront.net (CloudFront), 1.1 varnish
age: 495996
x-amz-meta-mtime: 1580720676
x-cache: RefreshHit from cloudfront, HIT
x-amz-meta-ctime: 1580720957
x-amz-meta-mode: 33188
content-encoding: gzip
content-length: 1904
x-served-by: cache-hhn11542-HHN
last-modified: Mon, 03 Feb 2020 09:09:18 GMT
server: AmazonS3
x-timer: S1618586022.137838,VS0,VE0
etag: "d80eacb3ed43f93a2da80d76e65d19a8"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: *
x-amz-cf-id: wmzh0cDjDIUcI3Wel4tio7NVrqgrg1rCz2Rz1knjAiGHpx_HwKnRPQ==
x-cache-hits: 75087

GET
H3-29 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame D74C 12 B
53 B 29ms
14ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.lesvospost.com&callback=_gfp_s_&client=ca-pub-2500372977609723&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame D74C 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.lesvospost.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 16 Apr 2021 15:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame D74C 107 B
122 B 17ms
17ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.lesvospost.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 16 Apr 2021 15:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4A0B 89 KB
32 KB 355ms
354ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-2500372977609723&output=html&h=600&slotname=PA_GR_SotirisOikonomou%2Flesvospost.com%2F20567447_lesvospost.com_ros_300x600&adk=3326736904&adf=946937704&pi=t.ma~as.PA_GR_SotirisOikono_&w=300&url=https%3A%2F%2Fwww.lesvospost.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021553&bpp=12&bdt=678&idt=514&shv=r20210414&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&correlator=3455979296148&frm=23&ife=1&pv=2&ga_vid=178636599.1618586020&ga_sid=1618586022&ga_hid=856319401&ga_fc=1&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=6245&biw=1600&bih=1200&isw=300&ish=600&ifk=1836693372&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C44736525%2C44740079&oid=3&pvsid=2612572080098448&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w96yl9i833u5&btvi=1&fsb=1&dtd=607

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5d33a380a26e353e2a0659060b3e80c0dc937f0f718860d93c13352c2c8ef84

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5099600406695979504/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5099600406695979504/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLepkOeGg_ACFYkf0wodp60OmA&gqi=pql5YKWzCs-M-waHxaq4BA&layout=/sadbundle/%24csp%253Der3%24/5099600406695979504/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?gdpr=1&client=ca-pub-2500372977609723&output=html&h=600&slotname=PA_GR_SotirisOikonomou%2Flesvospost.com%2F20567447_lesvospost.com_ros_300x600&adk=3326736904&adf=946937704&pi=t.ma~as.PA_GR_SotirisOikono_&w=300&url=https%3A%2F%2Fwww.lesvospost.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021553&bpp=12&bdt=678&idt=514&shv=r20210414&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&correlator=3455979296148&frm=23&ife=1&pv=2&ga_vid=178636599.1618586020&ga_sid=1618586022&ga_hid=856319401&ga_fc=1&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=6245&biw=1600&bih=1200&isw=300&ish=600&ifk=1836693372&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C44736525%2C44740079&oid=3&pvsid=2612572080098448&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w96yl9i833u5&btvi=1&fsb=1&dtd=607
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.lesvospost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnaFtvl-usS89_Dwem0OJxcgX82zk1PD6Ca6ujk0eYnCCxzn5zZ_w9cvI1ONFs
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.lesvospost.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5099600406695979504/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5099600406695979504/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLepkOeGg_ACFYkf0wodp60OmA&gqi=pql5YKWzCs-M-waHxaq4BA&layout=/sadbundle/%24csp%253Der3%24/5099600406695979504/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 16 Apr 2021 15:13:42 GMT
server: cafe
content-length: 32734
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame D74C 9 KB
7 KB 26ms
24ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210414&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c1a892623b93f1af72766b261dafd330d7942c9664b4e0f1066446912f8f92be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 16 Apr 2021 15:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6936
x-xss-protection: 0

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame D74C 73 KB
28 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74e1cf077493c33fe895c7ce5732cda76b195e2d357d928f094bc3367cc7a75f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618423639646658"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28266
x-xss-protection: 0
expires: Fri, 16 Apr 2021 15:13:42 GMT

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ Frame 9B9D 48 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128776493-28

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 1228
date: Fri, 16 Apr 2021 14:53:14 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Fri, 16 Apr 2021 16:53:14 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame D74C 17 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Fri, 16 Apr 2021 15:13:42 GMT

GET
H2 200 bn.php Show response
worldstatistics.live/ Frame B50F 481 B
938 B 184ms
163ms Document
text/html 2606:4700:e4::ac40:a817
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://worldstatistics.live/bn.php
Requested by: Host: tag.vlitag.com
URL: https://tag.vlitag.com/passbacktarget/1618576037/?t=iframe&pbID=7&d=14096&z=55196&divID=vi_1409655196_121&w=300&h=250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a817 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.24
Resource Hash: 18979dd7475f72edf96842b322c74d8c5b6ac769e3609f2fa45965ed455bdd9d

Request headers

:method: GET
:authority: worldstatistics.live
:scheme: https
:path: /bn.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.lesvospost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.lesvospost.com/

Response headers

date: Fri, 16 Apr 2021 15:13:42 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d80721e46607442cfd0bd80c7b03434981618586022; expires=Sun, 16-May-21 15:13:42 GMT; path=/; domain=.worldstatistics.live; HttpOnly; SameSite=Lax; Secure
vary: Accept-Encoding
x-powered-by: PHP/7.3.24
cf-cache-status: DYNAMIC
cf-request-id: 097cd7c96a00004e80afa27000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gjMKuAGP1jYzT372Q1pbIkU9CzyGpxNo7tMounNF%2FCH78iwQM90OMfT71sBIaAMCI%2BkMxlCiq1Na47V7cn8Wnk0YNvxvuMPgtqXUiL0CCMlLuSMN9LeoeoNPrTQaIEcArw%3D%3D"}],"max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 640e5bef0ffb4e80-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1EF1
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

23ms
22ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnaFtvl-usS89_Dwem0OJxcgX82zk1PD6Ca6ujk0eYnCCxzn5zZ_w9cvI1ONFs
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 16 Apr 2021 15:13:42 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 16-Apr-2021 15:14:42 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 16 Apr 2021 15:13:42 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 16 Apr 2021 15:13:42 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 st Show response
imprammp.taboola.com/ Frame DD6B 0
67 B 16ms
14ms Document
text/plain 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=7B929869AA213246216844969299&cicmp=1337627&cijs=1&dast=V7E-UCFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHHTdhTpbD2XLBoCw2k9FsslgtVsPNcLcbzgZLmJjFYjEarlajsWaxWIwms9VwCgZb-Jzu7jZsoOl0-Fz3et3vdxe7PLe_5_D3nO4av9svBwAAAIAHAKKWaIgd34b2CAAAAAAJnpFrBYqAin8LgQsAAAAADAACsXANACgOhnPdrS-70eH6vOz-AAB4KAABABDACAHg8agTAQAAABgBAAAAIAEQSCwsAXC4WzQBAAjA2_aB1TsBAAA4qJN52mb5____jwHIe2-SAaBI27gx6AF48AF4EAIAALgYgvvVvOOR-gAnKlAsYgQAAAAAydTmcTSpEyqLqv___38rgCsAgAC8bR_Y6Kybk2LWMAAAAICxBXpY_H6zw67xu132_________2_2fwaAJkRkZpYWxAIAoMYzcq2w9gsIAMD2bgAAbwFwMQdgBwAAAHD3____nwcAAACzR8n2Wo1nj7LeZ7CFz-nurt-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RAPqs6l83l1PjbEaDTXzeaKwXKuGawSAAAAAAAAAMASpsybAAAAAJwGMZtNdrsVN97smSDWarWsAQAAALh1Iwc!&excid=22&tst=1&docw=0&cs=false
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: imprammp.taboola.com
:scheme: https
:path: /st?cipid=7991117&ttype=0&cirid=7B929869AA213246216844969299&cicmp=1337627&cijs=1&dast=V7E-UCFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHHTdhTpbD2XLBoCw2k9FsslgtVsPNcLcbzgZLmJjFYjEarlajsWaxWIwms9VwCgZb-Jzu7jZsoOl0-Fz3et3vdxe7PLe_5_D3nO4av9svBwAAAIAHAKKWaIgd34b2CAAAAAAJnpFrBYqAin8LgQsAAAAADAACsXANACgOhnPdrS-70eH6vOz-AAB4KAABABDACAHg8agTAQAAABgBAAAAIAEQSCwsAXC4WzQBAAjA2_aB1TsBAAA4qJN52mb5____jwHIe2-SAaBI27gx6AF48AF4EAIAALgYgvvVvOOR-gAnKlAsYgQAAAAAydTmcTSpEyqLqv___38rgCsAgAC8bR_Y6Kybk2LWMAAAAICxBXpY_H6zw67xu132_________2_2fwaAJkRkZpYWxAIAoMYzcq2w9gsIAMD2bgAAbwFwMQdgBwAAAHD3____nwcAAACzR8n2Wo1nj7LeZ7CFz-nurt-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RAPqs6l83l1PjbEaDTXzeaKwXKuGawSAAAAAAAAAMASpsybAAAAAJwGMZtNdrsVN97smSDWarWsAQAAALh1Iwc!&excid=22&tst=1&docw=0&cs=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.lesvospost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.lesvospost.com/

Response headers

server: nginx
accept-ranges: bytes
date: Fri, 16 Apr 2021 15:13:42 GMT
via: 1.1 varnish
x-served-by: cache-hhn11542-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1618586022.309435,VS0,VE9
content-length: 0

GET
H2 200 cmTagCUSTOM.js Show response
vidstat.taboola.com/vpaid/units/28_3_10/infra/ 727 KB
132 KB 6ms
6ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/28_3_10/infra/cmTagCUSTOM.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: aa7c984cd510935c132345bc7d579dfcde68742f7b11b599b905310f7164718c

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:42 GMT
via: 1.1 varnish
age: 399116
x-amz-meta-mtime: 1605697226
x-cache: HIT
x-amz-meta-ctime: 1605697428
x-amz-meta-mode: 33188
content-encoding: br
content-length: 135037
x-amz-id-2: VjxBj1XdfouY88emdfOOgVqAHiza02SZVwx0PgQinFeBnGvncgkuWFaN9Q+swBuUTy4oWz91VZQ=
x-served-by: cache-hhn11542-HHN
accept-ranges: bytes
last-modified: Wed, 18 Nov 2020 11:03:50 GMT
server: AmazonS3-br
x-timer: S1618586022.308515,VS0,VE0
etag: "37b0b0415484e88063c945bde767ba70"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: FQ2Z8D2H15BWD431
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-headers: *
x-cache-hits: 18147

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/28_3_10/assets/css/ 44 KB
7 KB 8ms
7ms Stylesheet
text/css 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/28_3_10/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 4e7681cdfb27c5d0457c58c9f0fe26a68bbf6a8dc88defd3c43826adb1fe6ca8

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:42 GMT
via: 1.1 varnish
age: 1869497
x-amz-meta-mtime: 1605697226
x-cache: HIT
x-amz-meta-ctime: 1605697397
x-amz-meta-mode: 33188
content-encoding: br
content-length: 6493
x-amz-id-2: sin4OqQLKZQNB5ffyyx/8q8TmGjdtCifygYVIghUNoO5fsn8Q6wUPc8HK3I0fZsVWl8PiRMS8Ig=
x-served-by: cache-hhn11542-HHN
accept-ranges: bytes
last-modified: Wed, 18 Nov 2020 11:03:19 GMT
server: AmazonS3-br
x-timer: S1618586022.308786,VS0,VE0
etag: "083925e970a05bed26a70ecbfde9c0ca"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: G7WNZJ429RRKGDQM
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-headers: *
x-cache-hits: 18303

GET
H3-29 200 wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js Show response
pagead2.googlesyndication.com/bg/ Frame A89C 14 KB
6 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c24a517cf3dc453e6046e54ec1f6944bd762da6fc68447fcfa84c374723bbb09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 11:40:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 12800
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5710
x-xss-protection: 0
expires: Sat, 16 Apr 2022 11:40:22 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ Frame 9B9D 1 B
21 B 13ms
13ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&a=189998076&t=pageview&_s=1&dl=https%3A%2F%2Fwww.lesvospost.com%2F&ul=en-us&de=UTF-8&dt=noBid_lesvospost.com_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=lesvospost.com&cm=noBid&cc=Default&_u=AACAAUABAAAAAC~&jid=529817558&gjid=1188609188&cid=178636599.1618586020&tid=UA-128776493-28&_gid=630202238.1618586020&_r=1&gtm=2ou472&z=51827705

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 15:13:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.lesvospost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 800E 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.lesvospost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.lesvospost.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Fri, 16 Apr 2021 15:03:36 GMT
expires: Sat, 16 Apr 2022 15:03:36 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 606
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 css
fonts.googleapis.com/ Frame 8C03 2 KB
531 B 24ms
22ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&gdpr=1&client=ca-pub-4266922878443074&output=html&h=250&adk=2043369985&adf=1612897656&pi=t.aa~a.3541100581~rp.4&w=325&fwrn=4&fwrnh=100&lmt=1618583784&rafmt=1&to=qs&pwprc=3593517408&psa=0&format=325x250&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021021&bpp=1&bdt=795&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&prev_fmts=0x0%2C728x90%2C450x50%2C468x60%2C325x250&nras=3&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=2868&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=zK3o8JBnO6&p=https%3A//www.lesvospost.com&dtd=669

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c6a305cd9f8592bbd50ddd47eb5af53952b97937e9b0c4df40498f7140ff8a49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 16 Apr 2021 14:14:42 GMT
server: ESF
date: Fri, 16 Apr 2021 15:13:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 16 Apr 2021 15:13:42 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 8C03 1 KB
909 B 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:05:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 486
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 15:05:36 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/ Frame 8C03 17 KB
7 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76d293cad87de584b5105472b9672fb1460dcf35f82079e274e44a47860bf700

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 14:57:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 981
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7113
x-xss-protection: 0
server: cafe
etag: 11066897925667386271
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 14:57:21 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 8C03 2 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 15:12:47 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8C03 118 KB
36 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618423651533291"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36717
x-xss-protection: 0
expires: Fri, 16 Apr 2021 15:13:42 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 8C03 13 KB
5 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:12:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 86
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5602
x-xss-protection: 0
server: cafe
etag: 7525161794280374107
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 15:12:16 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 8C03 0
0 15ms
14ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQuVspqdEsdCbKrEzRLfif0e0RyUxXXH7GK9DusWKTNNhorp1WCWx775wP0tn1wbcx5u-4l
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&gdpr=1&client=ca-pub-4266922878443074&output=html&h=250&adk=2043369985&adf=1612897656&pi=t.aa~a.3541100581~rp.4&w=325&fwrn=4&fwrnh=100&lmt=1618583784&rafmt=1&to=qs&pwprc=3593517408&psa=0&format=325x250&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021021&bpp=1&bdt=795&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&prev_fmts=0x0%2C728x90%2C450x50%2C468x60%2C325x250&nras=3&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=2868&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=zK3o8JBnO6&p=https%3A//www.lesvospost.com&dtd=669
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 a0b5068ca1fc7f6ff765c7833258ec42.js Show response
www.gstatic.com/mysidia/ Frame 8C03 25 KB
10 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a0b5068ca1fc7f6ff765c7833258ec42.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

789a93f4315357995e96053e32ee793d6b12f592fad617bb04f795c750f0c3bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 09:54:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Apr 2021 02:07:20 GMT
server: sffe
age: 191981
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10491
x-xss-protection: 0
expires: Tue, 13 Jul 2021 09:54:01 GMT

GET
H2 200 PMS.js Show response
vidstat.taboola.com/PMS/2.2.1/ 51 KB
16 KB 6ms
6ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/PMS/2.2.1/PMS.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/28_3_10/infra/cmTagCUSTOM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a9e402d2d19f1057cdea09b2152d8cfd35664182564595e19bb83916c1f00201

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:42 GMT
via: 1.1 c888f786e25e6e3c7dbb7e9da462d715.cloudfront.net (CloudFront), 1.1 varnish
age: 2823770
x-amz-meta-mtime: 1542789750
x-cache: Hit from cloudfront, HIT
x-amz-meta-mode: 33188
content-encoding: gzip
content-length: 15795
x-served-by: cache-hhn11542-HHN
last-modified: Wed, 21 Nov 2018 08:42:31 GMT
server: AmazonS3
x-timer: S1618586022.476047,VS0,VE0
etag: "57a7ebef371550a9ab54a2f0f82547af"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: *
x-amz-cf-id: mgdkqzBw1GOTaYomORTPdr_tmhZGYZUuQQ4kYCsx2OfRHmOT3d-7qg==
x-cache-hits: 122733

GET
H3-29 200 shopping
encrypted-tbn3.gstatic.com/ Frame 8C03 69 KB
69 KB 25ms
11ms Image
image/jpeg 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSVD9VggWAxZx6brZYnJQEQ6ETLWTvwSkANgFZA7YPZBg_nOZTC&usqp=CAI

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bbb1142c50cc7b3830be3efdab1c855a1d7fec27ca6f3da4ff7a00f0a900a295

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 04:57:16 GMT
x-content-type-options: nosniff
last-modified: Wed, 02 Dec 2020 14:15:08 GMT
server: sffe
age: 123386
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70776
x-xss-protection: 0
expires: Fri, 15 Apr 2022 04:57:16 GMT

GET
H3-29 200 shopping
encrypted-tbn3.gstatic.com/ Frame 8C03 32 KB
32 KB 21ms
7ms Image
image/jpeg 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcT_H9pnf2vHTl63BskeCm7hZi7LzE1erBNzU7y9g41G7vd6CajHSdFdfOe6BlM&usqp=CAI

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28956d838bd65826c260b45e97953c40e698c6e47afe74cbc412eec05ab80f86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 13:05:59 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 14:06:23 GMT
server: sffe
age: 180463
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33034
x-xss-protection: 0
expires: Thu, 14 Apr 2022 13:05:59 GMT

GET
H3-29

200

12292211746583241485
tpc.googlesyndication.com/simgad/ Frame 8C03
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr64iePBCwCRiwCTIINoIjV4alR1E
https://tpc.googlesyndication.com/simgad/12292211746583241485

30 KB
30 KB

6ms
6ms

Image
image/png

2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12292211746583241485

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

801ffc320183425aad8f1d94a5b76c6cadb00703f12ccd83dd997cd941c520cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
age: 450604
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30912
x-xss-protection: 0
last-modified: Mon, 16 Sep 2019 23:08:24 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Apr 2022 10:03:38 GMT

Redirect headers

timing-allow-origin: *
date: Thu, 15 Apr 2021 20:39:42 GMT
x-content-type-options: nosniff
server: cafe
age: 66840
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/12292211746583241485
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 15 May 2021 20:39:42 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8C03 0
0 24ms
24ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CcVgvpal5YMrIK8b-zAaj2YOoAZ_erv5h_a_i8-8M_KDHquAOEAEg6tHIHWCViviBlAegAbn_vuwDyAEJqQLMEDJbwRq0PqgDAcgDywSqBM4BT9C99rWwoEp7Dg6OZ8HDdsG3tZs0TLUO1EEfjiEeit0azt0BvLUis9v1dvWsgNrAGhVXCWxk5GvI4xnaJO9Wkm5mG5y9Wdy1UiedLU2TYTd1KS1882qI6V49GeZL7oMcDOj-IfWiWro7GPL8H_Y_3anzvviqaDDlMtCvz5xKnjCj8H7PwwgipSmdmlRfELPn85AlkV0rut8u69eS_nMOh5-_tebq0cbHhWeZkMSaV9cJSQCwFty3yS4FMuF4WXkjp_x0pGdW3-lFMkzeCXvABNzLntH-ApIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAf6socWqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDC_gPSCAkIgOGAcBABGB-ACgHICwHYEwuIFAOyFxoKGAgAEhRwdWItNDI2NjkyMjg3ODQ0MzA3NA&sigh=t3RtvsK7OfE&template_id=494

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&gdpr=1&client=ca-pub-4266922878443074&output=html&h=250&adk=2043369985&adf=1612897656&pi=t.aa~a.3541100581~rp.4&w=325&fwrn=4&fwrnh=100&lmt=1618583784&rafmt=1&to=qs&pwprc=3593517408&psa=0&format=325x250&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021021&bpp=1&bdt=795&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&prev_fmts=0x0%2C728x90%2C450x50%2C468x60%2C325x250&nras=3&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=2868&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=zK3o8JBnO6&p=https%3A//www.lesvospost.com&dtd=669
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 16 Apr 2021 15:13:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 st Show response
imprammp.taboola.com/ Frame B075 602 B
453 B 17ms
17ms Document
text/html 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66475635&crid=6148915&dast=V7DVMCFgN0Dan7hUxe7wR0Dan7hUxe7wUAAAAGBuIHHbVbUVaMzYqymCwGw9Vut1wtdqPlbLKaDQdD6KjdirJibFaUxWQxGK52u-VoMZkNNqPlZLeaAsgU_nbP3_IyGSQss993UFBOT4_Z5S_y3S7Dw-dywwaaTofPda_X_X53sctz-3sOf8_prvG7_XIAAAAAeADomp6B-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAUDgY1QCA4mA41936shsdrs_L7g8AgIcCEAAAAQwSgAOa6RIAE7WeEwAAAAAAAAAAlv____-YAXurOZkBfdLgHoAHH4AHooLUIkYAAAAAkExtHkeTOqGyqAIAIEi3ArgCAAjA2_aBpQgDAAAAGFugh8XvNzvsGr_bZQAAAAAAAAAAZv9n_2hCRGZmaUEsAABqv4AAAGu_gAAAbOoGAPAWABd0BK0YDFYXELMDAAAAuPv____XA8mRYeIybny7jXMxc41sho1jM9x4VquVwzkbeQzb2zhC0x0v2QbuA5nC3-75W14mg4Rl9vsOCsrp6TG7_EW-22V4-Fz2m7DFaDWZbJbD2XIxGQxHw9FofwK4HOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEJ2Q42kxWo91qN1kOJ6PRbDPZIEWrVrPRZjBczSaz3W41HAyXoxFStGYxm0wWs9FytxksJ6PBcDIcIkzsVsbZyjBYK0wWw1q0WnnWysVuuJY4l5PdarfZGHaDtej1Mf12m8nMstqiYIDFXgQX6UTs8tz-nsPfc_pZ3jLLYDUaLWaziViiOVmkE9ll3xwZJi7jxrfbOBcz18hm2Dg2w41ntVo5nLORx7Bv7FbG2cowWCtMFsNatFp51srFbriWOJeT3Wq32Rh2g7Xo9TH9dpvJzLLaN2aL4Wo4G0wW-8ZsMVwNZ4PJYt-hM3xXn7PRlpkuPUJv4Ra97WTmg8JlsHh_EtNi2p0dPL_f0WlTv5RFnVF4-R69BoXn4DGNl7fasbx9NtPHYUIRSwSni3QiehlPF7FE8rRIJxrnajMcWUajhXE2W7gsE5tztBsuJq7ZbDPYWFwTsURpukgneon6jw0xGs11s7lisJxrBqsEAAAAAAAAALCEOfMmAAAAAKcB7SaT3Wq5ABR9-brAIAAAAAAAALutoK7UNJqHiscW7PLc_p7D33P6Wd4yy2A1Gi1msykDTLg0MG_2TBBrtVrWAAAAAtgAAAAB3Lp5Cwiz4gAAAALjAAAAAOQA!&cmcv=&pix=undefined&cb=1618586022518&uv=2953&tms=1618586022518&abt=adh5c-1_vA!insc_vA!nrlc_vA!spa2_vB!sre_vB!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=57E2E13E212108577951749625680&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.3.9/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a1b11818c028d63bac545285bca5da170958e5a0dff92c90f3037255d2ee41c1

Request headers

:method: GET
:authority: imprammp.taboola.com
:scheme: https
:path: /st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66475635&crid=6148915&dast=V7DVMCFgN0Dan7hUxe7wR0Dan7hUxe7wUAAAAGBuIHHbVbUVaMzYqymCwGw9Vut1wtdqPlbLKaDQdD6KjdirJibFaUxWQxGK52u-VoMZkNNqPlZLeaAsgU_nbP3_IyGSQss993UFBOT4_Z5S_y3S7Dw-dywwaaTofPda_X_X53sctz-3sOf8_prvG7_XIAAAAAeADomp6B-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAUDgY1QCA4mA41936shsdrs_L7g8AgIcCEAAAAQwSgAOa6RIAE7WeEwAAAAAAAAAAlv____-YAXurOZkBfdLgHoAHH4AHooLUIkYAAAAAkExtHkeTOqGyqAIAIEi3ArgCAAjA2_aBpQgDAAAAGFugh8XvNzvsGr_bZQAAAAAAAAAAZv9n_2hCRGZmaUEsAABqv4AAAGu_gAAAbOoGAPAWABd0BK0YDFYXELMDAAAAuPv____XA8mRYeIybny7jXMxc41sho1jM9x4VquVwzkbeQzb2zhC0x0v2QbuA5nC3-75W14mg4Rl9vsOCsrp6TG7_EW-22V4-Fz2m7DFaDWZbJbD2XIxGQxHw9FofwK4HOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEJ2Q42kxWo91qN1kOJ6PRbDPZIEWrVrPRZjBczSaz3W41HAyXoxFStGYxm0wWs9FytxksJ6PBcDIcIkzsVsbZyjBYK0wWw1q0WnnWysVuuJY4l5PdarfZGHaDtej1Mf12m8nMstqiYIDFXgQX6UTs8tz-nsPfc_pZ3jLLYDUaLWaziViiOVmkE9ll3xwZJi7jxrfbOBcz18hm2Dg2w41ntVo5nLORx7Bv7FbG2cowWCtMFsNatFp51srFbriWOJeT3Wq32Rh2g7Xo9TH9dpvJzLLaN2aL4Wo4G0wW-8ZsMVwNZ4PJYt-hM3xXn7PRlpkuPUJv4Ra97WTmg8JlsHh_EtNi2p0dPL_f0WlTv5RFnVF4-R69BoXn4DGNl7fasbx9NtPHYUIRSwSni3QiehlPF7FE8rRIJxrnajMcWUajhXE2W7gsE5tztBsuJq7ZbDPYWFwTsURpukgneon6jw0xGs11s7lisJxrBqsEAAAAAAAAALCEOfMmAAAAAKcB7SaT3Wq5ABR9-brAIAAAAAAAALutoK7UNJqHiscW7PLc_p7D33P6Wd4yy2A1Gi1msykDTLg0MG_2TBBrtVrWAAAAAtgAAAAB3Lp5Cwiz4gAAAALjAAAAAOQA!&cmcv=&pix=undefined&cb=1618586022518&uv=2953&tms=1618586022518&abt=adh5c-1_vA!insc_vA!nrlc_vA!spa2_vB!sre_vB!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=57E2E13E212108577951749625680&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.lesvospost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.lesvospost.com/

Response headers

server: nginx
content-type: text/html;charset=ISO-8859-1
content-encoding: gzip
accept-ranges: bytes
date: Fri, 16 Apr 2021 15:13:42 GMT
via: 1.1 varnish
x-served-by: cache-hhn11542-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1618586023.524044,VS0,VE11
vary: Accept-Encoding

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 46F9 602 B
688 B 48ms
16ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V7DVMCFgN0Dan7hUxe7wR0Dan7hUxe7wUAAAAGBuIHHbVbUVaMzYqymCwGw9Vut1wtdqPlbLKaDQdD6KjdirJibFaUxWQxGK52u-VoMZkNNqPlZLeaAsgU_nbP3_IyGSQss993UFBOT4_Z5S_y3S7Dw-dywwaaTofPda_X_X53sctz-3sOf8_prvG7_XIAAAAAeADomp6B-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAUDgY1QCA4mA41936shsdrs_L7g8AgIcCEAAAAQwSgAOa6RIAE7WeEwAAAAAAAAAAlv____-YAXurOZkBfdLgHoAHH4AHooLUIkYAAAAAkExtHkeTOqGyqAIAIEi3ArgCAAjA2_aBpQgDAAAAGFugh8XvNzvsGr_bZQAAAAAAAAAAZv9n_2hCRGZmaUEsAABqv4AAAGu_gAAAbOoGAPAWABd0BK0YDFYXELMDAAAAuPv____XA8mRYeIybny7jXMxc41sho1jM9x4VquVwzkbeQzb2zhC0x0v2QbuA5nC3-75W14mg4Rl9vsOCsrp6TG7_EW-22V4-Fz2m7DFaDWZbJbD2XIxGQxHw9FofwK4HOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEJ2Q42kxWo91qN1kOJ6PRbDPZIEWrVrPRZjBczSaz3W41HAyXoxFStGYxm0wWs9FytxksJ6PBcDIcIkzsVsbZyjBYK0wWw1q0WnnWysVuuJY4l5PdarfZGHaDtej1Mf12m8nMstqiYIDFXgQX6UTs8tz-nsPfc_pZ3jLLYDUaLWaziViiOVmkE9ll3xwZJi7jxrfbOBcz18hm2Dg2w41ntVo5nLORx7Bv7FbG2cowWCtMFsNatFp51srFbriWOJeT3Wq32Rh2g7Xo9TH9dpvJzLLaN2aL4Wo4G0wW-8ZsMVwNZ4PJYt-hM3xXn7PRlpkuPUJv4Ra97WTmg8JlsHh_EtNi2p0dPL_f0WlTv5RFnVF4-R69BoXn4DGNl7fasbx9NtPHYUIRSwSni3QiehlPF7FE8rRIJxrnajMcWUajhXE2W7gsE5tztBsuJq7ZbDPYWFwTsURpukgneon6jw0xGs11s7lisJxrBqsEAAAAAAAAALCEOfMmAAAAAKcB7SaT3Wq5ABR9-brAIAAAAAAAALutoK7UNJqHiscW7PLc_p7D33P6Wd4yy2A1Gi1msykDTLg0MG_2TBBrtVrWAAAAAtgAAAAB3Lp5Cwiz4gAAAALjAAAAAOQA!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.3.9/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: a1b11818c028d63bac545285bca5da170958e5a0dff92c90f3037255d2ee41c1

Request headers

:method: GET
:authority: am-match.taboola.com
:scheme: https
:path: /sync?dast=V7DVMCFgN0Dan7hUxe7wR0Dan7hUxe7wUAAAAGBuIHHbVbUVaMzYqymCwGw9Vut1wtdqPlbLKaDQdD6KjdirJibFaUxWQxGK52u-VoMZkNNqPlZLeaAsgU_nbP3_IyGSQss993UFBOT4_Z5S_y3S7Dw-dywwaaTofPda_X_X53sctz-3sOf8_prvG7_XIAAAAAeADomp6B-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAUDgY1QCA4mA41936shsdrs_L7g8AgIcCEAAAAQwSgAOa6RIAE7WeEwAAAAAAAAAAlv____-YAXurOZkBfdLgHoAHH4AHooLUIkYAAAAAkExtHkeTOqGyqAIAIEi3ArgCAAjA2_aBpQgDAAAAGFugh8XvNzvsGr_bZQAAAAAAAAAAZv9n_2hCRGZmaUEsAABqv4AAAGu_gAAAbOoGAPAWABd0BK0YDFYXELMDAAAAuPv____XA8mRYeIybny7jXMxc41sho1jM9x4VquVwzkbeQzb2zhC0x0v2QbuA5nC3-75W14mg4Rl9vsOCsrp6TG7_EW-22V4-Fz2m7DFaDWZbJbD2XIxGQxHw9FofwK4HOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEJ2Q42kxWo91qN1kOJ6PRbDPZIEWrVrPRZjBczSaz3W41HAyXoxFStGYxm0wWs9FytxksJ6PBcDIcIkzsVsbZyjBYK0wWw1q0WnnWysVuuJY4l5PdarfZGHaDtej1Mf12m8nMstqiYIDFXgQX6UTs8tz-nsPfc_pZ3jLLYDUaLWaziViiOVmkE9ll3xwZJi7jxrfbOBcz18hm2Dg2w41ntVo5nLORx7Bv7FbG2cowWCtMFsNatFp51srFbriWOJeT3Wq32Rh2g7Xo9TH9dpvJzLLaN2aL4Wo4G0wW-8ZsMVwNZ4PJYt-hM3xXn7PRlpkuPUJv4Ra97WTmg8JlsHh_EtNi2p0dPL_f0WlTv5RFnVF4-R69BoXn4DGNl7fasbx9NtPHYUIRSwSni3QiehlPF7FE8rRIJxrnajMcWUajhXE2W7gsE5tztBsuJq7ZbDPYWFwTsURpukgneon6jw0xGs11s7lisJxrBqsEAAAAAAAAALCEOfMmAAAAAKcB7SaT3Wq5ABR9-brAIAAAAAAAALutoK7UNJqHiscW7PLc_p7D33P6Wd4yy2A1Gi1msykDTLg0MG_2TBBrtVrWAAAAAtgAAAAB3Lp5Cwiz4gAAAALjAAAAAOQA!&excid=22&docw=0&cijs=1&nlb=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.lesvospost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.lesvospost.com/

Response headers

server: nginx
date: Fri, 16 Apr 2021 15:13:42 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3402

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 1 KB
687 B 72ms
70ms XHR
application/json 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=354&height=199&pubid=169497&tagid=953497&crid=6148915&noaop=3&sortOrderType=0&cb=1618586022524&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1214&pt=1635951877&tz=120&viewable=true&ddast=V7DVMCFgN0Dan7hUxe7wR0Dan7hUxe7wUAAAAGBuIHHbVbUVaMzYqymCwGw9Vut1wtdqPlbLKaDQdD6KjdirJibFaUxWQxGK52u-VoMZkNNqPlZLeaAsgU_nbP3_IyGSQss993UFBOT4_Z5S_y3S7Dw-dywwaaTofPda_X_X53sctz-3sOf8_prvG7_XIAAAAAeADomp6B-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAUDgY1QCA4mA41936shsdrs_L7g8AgIcCEAAAAQwSgAOa6RIAE7WeEwAAAAAAAAAAlv____-YAXurOZkBfdLgHoAHH4AHooLUIkYAAAAAkExtHkeTOqGyqAIAIEi3ArgCAAjA2_aBpQgDAAAAGFugh8XvNzvsGr_bZQAAAAAAAAAAZv9n_2hCRGZmaUEsAABqv4AAAGu_gAAAbOoGAPAWABd0BK0YDFYXELMDAAAAuPv____XA8mRYeIybny7jXMxc41sho1jM9x4VquVwzkbeQzb2zhC0x0v2QbuA5nC3-75W14mg4Rl9vsOCsrp6TG7_EW-22V4-Fz2m7DFaDWZbJbD2XIxGQxHw9FofwK4HOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEJ2Q42kxWo91qN1kOJ6PRbDPZIEWrVrPRZjBczSaz3W41HAyXoxFStGYxm0wWs9FytxksJ6PBcDIcIkzsVsbZyjBYK0wWw1q0WnnWysVuuJY4l5PdarfZGHaDtej1Mf12m8nMstqiYIDFXgQX6UTs8tz-nsPfc_pZ3jLLYDUaLWaziViiOVmkE9ll3xwZJi7jxrfbOBcz18hm2Dg2w41ntVo5nLORx7Bv7FbG2cowWCtMFsNatFp51srFbriWOJeT3Wq32Rh2g7Xo9TH9dpvJzLLaN2aL4Wo4G0wW-8ZsMVwNZ4PJYt-hM3xXn7PRlpkuPUJv4Ra97WTmg8JlsHh_EtNi2p0dPL_f0WlTv5RFnVF4-R69BoXn4DGNl7fasbx9NtPHYUIRSwSni3QiehlPF7FE8rRIJxrnajMcWUajhXE2W7gsE5tztBsuJq7ZbDPYWFwTsURpukgneon6jw0xGs11s7lisJxrBqsEAAAAAAAAALCEOfMmAAAAAKcB7SaT3Wq5ABR9-brAIAAAAAAAALutoK7UNJqHiscW7PLc_p7D33P6Wd4yy2A1Gi1msykDTLg0MG_2TBBrtVrWAAAAAtgAAAAB3Lp5Cwiz4gAAAALjAAAAAOQA!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&dtagid=2517565&dpubid=472275&abtst=adh5c-1_vA!insc_vA!nrlc_vA!spa2_vB!sre_vB!ufm&mPre=0.033&cirf=https%3A%2F%2Fwww.lesvospost.com&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.3.9/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5fdce75968f9bc865f70cc8dba5ec8d2cd048f90ad462ecac42e3746b3d3c38e

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

date: Fri, 16 Apr 2021 15:13:42 GMT
content-encoding: gzip
access-control-allow-origin: https://www.lesvospost.com
machineid: 1479
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn11542-HHN
pragma: no-cache
server: nginx
x-timer: S1618586023.530389,VS0,VE63
vary: Accept-Encoding
content-type: application/json;charset=utf-8
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ 0
44 B 42ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66475635&crid=6148915&dast=V7DVMCFgN0Dan7hUxe7wR0Dan7hUxe7wUAAAAGBuIHHbVbUVaMzYqymCwGw9Vut1wtdqPlbLKaDQdD6KjdirJibFaUxWQxGK52u-VoMZkNNqPlZLeaAsgU_nbP3_IyGSQss993UFBOT4_Z5S_y3S7Dw-dywwaaTofPda_X_X53sctz-3sOf8_prvG7_XIAAAAAeADomp6B-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAUDgY1QCA4mA41936shsdrs_L7g8AgIcCEAAAAQwSgAOa6RIAE7WeEwAAAAAAAAAAlv____-YAXurOZkBfdLgHoAHH4AHooLUIkYAAAAAkExtHkeTOqGyqAIAIEi3ArgCAAjA2_aBpQgDAAAAGFugh8XvNzvsGr_bZQAAAAAAAAAAZv9n_2hCRGZmaUEsAABqv4AAAGu_gAAAbOoGAPAWABd0BK0YDFYXELMDAAAAuPv____XA8mRYeIybny7jXMxc41sho1jM9x4VquVwzkbeQzb2zhC0x0v2QbuA5nC3-75W14mg4Rl9vsOCsrp6TG7_EW-22V4-Fz2m7DFaDWZbJbD2XIxGQxHw9FofwK4HOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEJ2Q42kxWo91qN1kOJ6PRbDPZIEWrVrPRZjBczSaz3W41HAyXoxFStGYxm0wWs9FytxksJ6PBcDIcIkzsVsbZyjBYK0wWw1q0WnnWysVuuJY4l5PdarfZGHaDtej1Mf12m8nMstqiYIDFXgQX6UTs8tz-nsPfc_pZ3jLLYDUaLWaziViiOVmkE9ll3xwZJi7jxrfbOBcz18hm2Dg2w41ntVo5nLORx7Bv7FbG2cowWCtMFsNatFp51srFbriWOJeT3Wq32Rh2g7Xo9TH9dpvJzLLaN2aL4Wo4G0wW-8ZsMVwNZ4PJYt-hM3xXn7PRlpkuPUJv4Ra97WTmg8JlsHh_EtNi2p0dPL_f0WlTv5RFnVF4-R69BoXn4DGNl7fasbx9NtPHYUIRSwSni3QiehlPF7FE8rRIJxrnajMcWUajhXE2W7gsE5tztBsuJq7ZbDPYWFwTsURpukgneon6jw0xGs11s7lisJxrBqsEAAAAAAAAALCEOfMmAAAAAKcB7SaT3Wq5ABR9-brAIAAAAAAAALutoK7UNJqHiscW7PLc_p7D33P6Wd4yy2A1Gi1msykDTLg0MG_2TBBrtVrWAAAAAtgAAAAB3Lp5Cwiz4gAAAALjAAAAAOQA!&cmcv=&pix=31589837&cb=1618586022518&uv=2953&tms=1618586022518&abt=adh5c-1_vA!insc_vA!nrlc_vA!spa2_vB!sre_vB!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1618586019460.7002!ts:1618586022518&mntl=1
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:42 GMT
content-length: 0
server: nginx

GET
DATA 200
OK truncated
/ Frame 8C03 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f810ffb779e42ee8f8690694073077d83e91ed67472a33e23017774e6ba119e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 css
fonts.googleapis.com/ Frame E546 4 KB
617 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&gdpr=1&client=ca-pub-4266922878443074&output=html&h=250&adk=1798448534&adf=2767709707&pi=t.aa~a.2294275233~rp.4&w=325&fwrn=4&fwrnh=100&lmt=1618583784&rafmt=1&to=qs&pwprc=3593517408&psa=0&format=325x250&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021021&bpp=2&bdt=795&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&prev_fmts=0x0%2C728x90%2C450x50%2C468x60&nras=2&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=1994&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=tfgJaXE0pz&p=https%3A//www.lesvospost.com&dtd=658

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 16 Apr 2021 14:12:15 GMT
server: ESF
date: Fri, 16 Apr 2021 15:13:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 16 Apr 2021 15:13:42 GMT

GET
H3-29 200 2419807376670899038
tpc.googlesyndication.com/simgad/ Frame E74E 43 KB
43 KB 7ms
7ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2419807376670899038?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnLbiyz08UzS3qfCvjyvXtpGAmYdQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&gdpr=1&client=ca-pub-4266922878443074&output=html&h=250&adk=2398528108&adf=3389349890&pi=t.aa~a.1098341321~rp.4&w=325&fwrn=4&fwrnh=100&lmt=1618583784&rafmt=1&to=qs&pwprc=3593517408&psa=0&format=325x250&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021021&bpp=1&bdt=795&idt=1&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&prev_fmts=0x0%2C728x90%2C450x50%2C468x60%2C325x250%2C325x250%2C325x250&nras=5&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=4057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=1&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=UuEOv4NAXb&p=https%3A//www.lesvospost.com&dtd=688

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff35395d737f58417c911c0f32b21f1c581565227b042df486e9cdbfad6344a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 10:03:42 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 03:33:53 GMT
server: sffe
age: 450600
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43906
x-xss-protection: 0
expires: Mon, 11 Apr 2022 10:03:42 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/ Frame E74E 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&gdpr=1&client=ca-pub-4266922878443074&output=html&h=250&adk=2398528108&adf=3389349890&pi=t.aa~a.1098341321~rp.4&w=325&fwrn=4&fwrnh=100&lmt=1618583784&rafmt=1&to=qs&pwprc=3593517408&psa=0&format=325x250&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021021&bpp=1&bdt=795&idt=1&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&prev_fmts=0x0%2C728x90%2C450x50%2C468x60%2C325x250%2C325x250%2C325x250&nras=5&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=4057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=1&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=UuEOv4NAXb&p=https%3A//www.lesvospost.com&dtd=688

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76d293cad87de584b5105472b9672fb1460dcf35f82079e274e44a47860bf700

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 14:57:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 981
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7113
x-xss-protection: 0
server: cafe
etag: 11066897925667386271
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 14:57:21 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame E74E 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&gdpr=1&client=ca-pub-4266922878443074&output=html&h=250&adk=2398528108&adf=3389349890&pi=t.aa~a.1098341321~rp.4&w=325&fwrn=4&fwrnh=100&lmt=1618583784&rafmt=1&to=qs&pwprc=3593517408&psa=0&format=325x250&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021021&bpp=1&bdt=795&idt=1&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&prev_fmts=0x0%2C728x90%2C450x50%2C468x60%2C325x250%2C325x250%2C325x250&nras=5&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=4057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=1&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=UuEOv4NAXb&p=https%3A//www.lesvospost.com&dtd=688

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 15:12:47 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E74E 118 KB
36 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&gdpr=1&client=ca-pub-4266922878443074&output=html&h=250&adk=2398528108&adf=3389349890&pi=t.aa~a.1098341321~rp.4&w=325&fwrn=4&fwrnh=100&lmt=1618583784&rafmt=1&to=qs&pwprc=3593517408&psa=0&format=325x250&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021021&bpp=1&bdt=795&idt=1&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&prev_fmts=0x0%2C728x90%2C450x50%2C468x60%2C325x250%2C325x250%2C325x250&nras=5&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=4057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=1&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=UuEOv4NAXb&p=https%3A//www.lesvospost.com&dtd=688

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618423651533291"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36717
x-xss-protection: 0
expires: Fri, 16 Apr 2021 15:13:42 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame E74E 13 KB
5 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&gdpr=1&client=ca-pub-4266922878443074&output=html&h=250&adk=2398528108&adf=3389349890&pi=t.aa~a.1098341321~rp.4&w=325&fwrn=4&fwrnh=100&lmt=1618583784&rafmt=1&to=qs&pwprc=3593517408&psa=0&format=325x250&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021021&bpp=1&bdt=795&idt=1&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&prev_fmts=0x0%2C728x90%2C450x50%2C468x60%2C325x250%2C325x250%2C325x250&nras=5&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=4057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=1&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=UuEOv4NAXb&p=https%3A//www.lesvospost.com&dtd=688

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:12:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 86
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5602
x-xss-protection: 0
server: cafe
etag: 7525161794280374107
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 15:12:16 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame E74E 0
0 15ms
14ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQJGlXP1D5zqldjuigNpc4FwgT6X0GHhV4k_9UVFA9gg-rLILOIW6vIhd1G7iSvwW9yXhbS
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&gdpr=1&client=ca-pub-4266922878443074&output=html&h=250&adk=2398528108&adf=3389349890&pi=t.aa~a.1098341321~rp.4&w=325&fwrn=4&fwrnh=100&lmt=1618583784&rafmt=1&to=qs&pwprc=3593517408&psa=0&format=325x250&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021021&bpp=1&bdt=795&idt=1&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&prev_fmts=0x0%2C728x90%2C450x50%2C468x60%2C325x250%2C325x250%2C325x250&nras=5&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=4057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=1&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=UuEOv4NAXb&p=https%3A//www.lesvospost.com&dtd=688
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame E74E 25 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&gdpr=1&client=ca-pub-4266922878443074&output=html&h=250&adk=2398528108&adf=3389349890&pi=t.aa~a.1098341321~rp.4&w=325&fwrn=4&fwrnh=100&lmt=1618583784&rafmt=1&to=qs&pwprc=3593517408&psa=0&format=325x250&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021021&bpp=1&bdt=795&idt=1&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&prev_fmts=0x0%2C728x90%2C450x50%2C468x60%2C325x250%2C325x250%2C325x250&nras=5&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=4057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=1&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=UuEOv4NAXb&p=https%3A//www.lesvospost.com&dtd=688

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95f66b0fd918f7a6d36f22a9ac49210439d74085bf0fedd1dec6061918f20c1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 11:42:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12677
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10490
x-xss-protection: 0
server: cafe
etag: 4192951226220979311
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 11:42:25 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame E74E 0
0 56ms
55ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CRiX9pal5YK_0LM7rzQbi6rS4BNrFuZZitPqaoJYNoIeA7JACEAEg6tHIHWCViviBlAegAYeDv_cDyAECqAMByAPJBKoE2wFP0BRq-582CQLjYSL9BLl5zVofgMvUSMhrf0JpRwnlgRlf38cLIHULargC774rRXUPJnbeScNcD32BaQJRL_pchorv0N0RwSR-69fUx1idxQTixA9BpXYC5fmCrb0uTEg5ketNdmCo0PzwtMe3vn_PBT_VFJd7U9YocScKEIYzyb9T1peYV3g1kWiH2a86LUz6wf4XrRuwHrfiMcNy9TS5WbZ9pB41lF2tIG7VXQUy2aBKsdkvPoOkHZTjGCKamxHxdgsIIcCvEOsmWQ7ACnQ1yQ5M3YyYO80GpQrABJ6Qkv-4A5IFBAgEGAGSBQQIBRgEoAYCgAfk9JeJAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCSigLSCAkIgOGAcBABGB-ACgHICwHYEwyyFxoKGAgAEhRwdWItNDI2NjkyMjg3ODQ0MzA3NA&sigh=VPXqhMykwgo

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&gdpr=1&client=ca-pub-4266922878443074&output=html&h=250&adk=2398528108&adf=3389349890&pi=t.aa~a.1098341321~rp.4&w=325&fwrn=4&fwrnh=100&lmt=1618583784&rafmt=1&to=qs&pwprc=3593517408&psa=0&format=325x250&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021021&bpp=1&bdt=795&idt=1&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&prev_fmts=0x0%2C728x90%2C450x50%2C468x60%2C325x250%2C325x250%2C325x250&nras=5&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=4057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=1&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=UuEOv4NAXb&p=https%3A//www.lesvospost.com&dtd=688

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&gdpr=1&client=ca-pub-4266922878443074&output=html&h=250&adk=2398528108&adf=3389349890&pi=t.aa~a.1098341321~rp.4&w=325&fwrn=4&fwrnh=100&lmt=1618583784&rafmt=1&to=qs&pwprc=3593517408&psa=0&format=325x250&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021021&bpp=1&bdt=795&idt=1&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&prev_fmts=0x0%2C728x90%2C450x50%2C468x60%2C325x250%2C325x250%2C325x250&nras=5&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=4057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=1&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=UuEOv4NAXb&p=https%3A//www.lesvospost.com&dtd=688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 16 Apr 2021 15:13:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v14/ Frame 8C03 20 KB
20 KB 16ms
15ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v14/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Wed, 04 Dec 2019 18:44:32 GMT
server: sffe
age: 450604
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20900
x-xss-protection: 0
expires: Mon, 11 Apr 2022 10:03:38 GMT

GET
H2 200 charles-r-swindoll_2.png
worldstatistics.live/img/baner/ Frame B50F 111 KB
112 KB 316ms
15ms Image
image/png 2606:4700:e4::ac40:a817
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://worldstatistics.live/img/baner/charles-r-swindoll_2.png
Requested by: Host: worldstatistics.live
URL: https://worldstatistics.live/bn.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a817 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e01e867985df5cd6d952607e7c1c4dfd633b7964924d3e4c0785a50938d5ad4e

Request headers

Referer: https://worldstatistics.live/bn.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:42 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2529497
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 114124
cf-request-id: 097cd7cc1f00004e8047964000000001
pragma: public
last-modified: Tue, 09 Feb 2021 07:49:47 GMT
server: cloudflare
etag: "60223e9b-1bdcc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AYgXx0Rg4Eme40RHjHrzIOz0lx2JLf3Aj2yNLulYJk%2FmNjikcAGbcWeljvu%2BRZBaHAUd%2BrD6%2F58MfuwC6X7X4JGpfHWCH0aG83Ga6tZMBO0IVpip6Qwy%2F5UVooTR3btpRA%3D%3D"}],"max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 640e5bf36ad04e80-FRA
expires: Sat, 17 Apr 2021 08:35:25 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame E546 1 KB
909 B 9ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&gdpr=1&client=ca-pub-4266922878443074&output=html&h=250&adk=1798448534&adf=2767709707&pi=t.aa~a.2294275233~rp.4&w=325&fwrn=4&fwrnh=100&lmt=1618583784&rafmt=1&to=qs&pwprc=3593517408&psa=0&format=325x250&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021021&bpp=2&bdt=795&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&prev_fmts=0x0%2C728x90%2C450x50%2C468x60&nras=2&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=1994&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=tfgJaXE0pz&p=https%3A//www.lesvospost.com&dtd=658

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:05:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 486
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 15:05:36 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/ Frame E546 17 KB
7 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&gdpr=1&client=ca-pub-4266922878443074&output=html&h=250&adk=1798448534&adf=2767709707&pi=t.aa~a.2294275233~rp.4&w=325&fwrn=4&fwrnh=100&lmt=1618583784&rafmt=1&to=qs&pwprc=3593517408&psa=0&format=325x250&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021021&bpp=2&bdt=795&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&prev_fmts=0x0%2C728x90%2C450x50%2C468x60&nras=2&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=1994&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=tfgJaXE0pz&p=https%3A//www.lesvospost.com&dtd=658

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76d293cad87de584b5105472b9672fb1460dcf35f82079e274e44a47860bf700

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 14:57:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 981
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7113
x-xss-protection: 0
server: cafe
etag: 11066897925667386271
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 14:57:21 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame E546 2 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&gdpr=1&client=ca-pub-4266922878443074&output=html&h=250&adk=1798448534&adf=2767709707&pi=t.aa~a.2294275233~rp.4&w=325&fwrn=4&fwrnh=100&lmt=1618583784&rafmt=1&to=qs&pwprc=3593517408&psa=0&format=325x250&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021021&bpp=2&bdt=795&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&prev_fmts=0x0%2C728x90%2C450x50%2C468x60&nras=2&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=1994&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=tfgJaXE0pz&p=https%3A//www.lesvospost.com&dtd=658

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 15:12:47 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E546 118 KB
36 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&gdpr=1&client=ca-pub-4266922878443074&output=html&h=250&adk=1798448534&adf=2767709707&pi=t.aa~a.2294275233~rp.4&w=325&fwrn=4&fwrnh=100&lmt=1618583784&rafmt=1&to=qs&pwprc=3593517408&psa=0&format=325x250&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021021&bpp=2&bdt=795&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&prev_fmts=0x0%2C728x90%2C450x50%2C468x60&nras=2&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=1994&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=tfgJaXE0pz&p=https%3A//www.lesvospost.com&dtd=658

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618423651533291"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36717
x-xss-protection: 0
expires: Fri, 16 Apr 2021 15:13:42 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame E546 13 KB
5 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&gdpr=1&client=ca-pub-4266922878443074&output=html&h=250&adk=1798448534&adf=2767709707&pi=t.aa~a.2294275233~rp.4&w=325&fwrn=4&fwrnh=100&lmt=1618583784&rafmt=1&to=qs&pwprc=3593517408&psa=0&format=325x250&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021021&bpp=2&bdt=795&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&prev_fmts=0x0%2C728x90%2C450x50%2C468x60&nras=2&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=1994&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=tfgJaXE0pz&p=https%3A//www.lesvospost.com&dtd=658

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:12:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 86
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5602
x-xss-protection: 0
server: cafe
etag: 7525161794280374107
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 15:12:16 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame E546 0
0 16ms
15ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQV_0mcAL_Kc6kDnXkpLuh7ueehjNq9MFJaVQem_H-_IO1Bsr1qg4R_yuv8F9XUygpFwnM3
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&gdpr=1&client=ca-pub-4266922878443074&output=html&h=250&adk=1798448534&adf=2767709707&pi=t.aa~a.2294275233~rp.4&w=325&fwrn=4&fwrnh=100&lmt=1618583784&rafmt=1&to=qs&pwprc=3593517408&psa=0&format=325x250&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021021&bpp=2&bdt=795&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&prev_fmts=0x0%2C728x90%2C450x50%2C468x60&nras=2&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=1994&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=tfgJaXE0pz&p=https%3A//www.lesvospost.com&dtd=658
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 a0b5068ca1fc7f6ff765c7833258ec42.js Show response
www.gstatic.com/mysidia/ Frame E546 25 KB
10 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a0b5068ca1fc7f6ff765c7833258ec42.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&gdpr=1&client=ca-pub-4266922878443074&output=html&h=250&adk=1798448534&adf=2767709707&pi=t.aa~a.2294275233~rp.4&w=325&fwrn=4&fwrnh=100&lmt=1618583784&rafmt=1&to=qs&pwprc=3593517408&psa=0&format=325x250&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021021&bpp=2&bdt=795&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&prev_fmts=0x0%2C728x90%2C450x50%2C468x60&nras=2&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=1994&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=tfgJaXE0pz&p=https%3A//www.lesvospost.com&dtd=658

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

789a93f4315357995e96053e32ee793d6b12f592fad617bb04f795c750f0c3bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 09:54:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Apr 2021 02:07:20 GMT
server: sffe
age: 191981
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10491
x-xss-protection: 0
expires: Tue, 13 Jul 2021 09:54:01 GMT

GET
H3-29 200 15231571866216754498
tpc.googlesyndication.com/simgad/ Frame F9A5 68 KB
69 KB 8ms
6ms Image
image/gif 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15231571866216754498

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&gdpr=1&client=ca-pub-4266922878443074&output=html&h=250&adk=2326970725&adf=2827123698&pi=t.aa~a.748759278~rp.4&w=325&fwrn=4&fwrnh=100&lmt=1618583784&rafmt=1&to=qs&pwprc=3593517408&psa=0&format=325x250&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021021&bpp=1&bdt=796&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&prev_fmts=0x0%2C728x90%2C450x50%2C468x60%2C325x250%2C325x250&nras=4&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=3742&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=qO4wlJG25i&p=https%3A//www.lesvospost.com&dtd=678

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc04b20954bed0b68c5bb28805c4eb86970bf82a1634c45cc61a6f7c6bd2ac4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 18:02:49 GMT
x-content-type-options: nosniff
age: 421853
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70142
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 08:55:51 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Apr 2022 18:02:49 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/ Frame F9A5 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&gdpr=1&client=ca-pub-4266922878443074&output=html&h=250&adk=2326970725&adf=2827123698&pi=t.aa~a.748759278~rp.4&w=325&fwrn=4&fwrnh=100&lmt=1618583784&rafmt=1&to=qs&pwprc=3593517408&psa=0&format=325x250&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021021&bpp=1&bdt=796&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&prev_fmts=0x0%2C728x90%2C450x50%2C468x60%2C325x250%2C325x250&nras=4&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=3742&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=qO4wlJG25i&p=https%3A//www.lesvospost.com&dtd=678

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76d293cad87de584b5105472b9672fb1460dcf35f82079e274e44a47860bf700

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 14:57:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 981
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7113
x-xss-protection: 0
server: cafe
etag: 11066897925667386271
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 14:57:21 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame F9A5 2 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&gdpr=1&client=ca-pub-4266922878443074&output=html&h=250&adk=2326970725&adf=2827123698&pi=t.aa~a.748759278~rp.4&w=325&fwrn=4&fwrnh=100&lmt=1618583784&rafmt=1&to=qs&pwprc=3593517408&psa=0&format=325x250&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021021&bpp=1&bdt=796&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&prev_fmts=0x0%2C728x90%2C450x50%2C468x60%2C325x250%2C325x250&nras=4&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=3742&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=qO4wlJG25i&p=https%3A//www.lesvospost.com&dtd=678

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 15:12:47 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F9A5 118 KB
36 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&gdpr=1&client=ca-pub-4266922878443074&output=html&h=250&adk=2326970725&adf=2827123698&pi=t.aa~a.748759278~rp.4&w=325&fwrn=4&fwrnh=100&lmt=1618583784&rafmt=1&to=qs&pwprc=3593517408&psa=0&format=325x250&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021021&bpp=1&bdt=796&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&prev_fmts=0x0%2C728x90%2C450x50%2C468x60%2C325x250%2C325x250&nras=4&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=3742&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=qO4wlJG25i&p=https%3A//www.lesvospost.com&dtd=678

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618423651533291"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36717
x-xss-protection: 0
expires: Fri, 16 Apr 2021 15:13:42 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame F9A5 13 KB
5 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&gdpr=1&client=ca-pub-4266922878443074&output=html&h=250&adk=2326970725&adf=2827123698&pi=t.aa~a.748759278~rp.4&w=325&fwrn=4&fwrnh=100&lmt=1618583784&rafmt=1&to=qs&pwprc=3593517408&psa=0&format=325x250&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021021&bpp=1&bdt=796&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&prev_fmts=0x0%2C728x90%2C450x50%2C468x60%2C325x250%2C325x250&nras=4&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=3742&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=qO4wlJG25i&p=https%3A//www.lesvospost.com&dtd=678

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:12:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 86
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5602
x-xss-protection: 0
server: cafe
etag: 7525161794280374107
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 15:12:16 GMT

GET
H3-29 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame F9A5 25 KB
10 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&gdpr=1&client=ca-pub-4266922878443074&output=html&h=250&adk=2326970725&adf=2827123698&pi=t.aa~a.748759278~rp.4&w=325&fwrn=4&fwrnh=100&lmt=1618583784&rafmt=1&to=qs&pwprc=3593517408&psa=0&format=325x250&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021021&bpp=1&bdt=796&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&prev_fmts=0x0%2C728x90%2C450x50%2C468x60%2C325x250%2C325x250&nras=4&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=3742&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=qO4wlJG25i&p=https%3A//www.lesvospost.com&dtd=678

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95f66b0fd918f7a6d36f22a9ac49210439d74085bf0fedd1dec6061918f20c1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 11:42:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12677
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10490
x-xss-protection: 0
server: cafe
etag: 4192951226220979311
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 11:42:25 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame F9A5 0
0 56ms
53ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CNaKPpal5YNH6K_jizAbD46-YBafukKdi96_R28UNv-EeEAEg6tHIHWCViviBlAegAfGD_ZUDyAEDqAMByAPJBKoE0AFP0Jf7h1AousQlMJNoC6htDzUYeEVO3DM9jkkFWQDESF0nDruzQ4kGSnleeKnMgnh3TbiHNkZUfvPs8_ImFavAdVagalaYjX63I70XRWNHJs1qT2UffzqobSD4iy0rxy_BH-e1poAYgKVfVqGNXQpPC2yaCJlPBmG-fDHHzqHVuqrWZ5TNvs658XDq2typMc_Ga08IZ4jDgk-RAFeClJzlDEYOEz8YAdVr0zVJcqSiyhcU8w7eh_f8i5aw01VjTyMoQQyXAIcJr14pz-_-HjTowASCnu7ZuQOSBQQIBBgBkgUECAUYBKAGA4AH3NTVtAGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQwc8D0ggJCIDhgHAQARgfgAoByAsB2BMNshcaChgIABIUcHViLTQyNjY5MjI4Nzg0NDMwNzQ&sigh=hMf1_lt-H58

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&gdpr=1&client=ca-pub-4266922878443074&output=html&h=250&adk=2326970725&adf=2827123698&pi=t.aa~a.748759278~rp.4&w=325&fwrn=4&fwrnh=100&lmt=1618583784&rafmt=1&to=qs&pwprc=3593517408&psa=0&format=325x250&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021021&bpp=1&bdt=796&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&prev_fmts=0x0%2C728x90%2C450x50%2C468x60%2C325x250%2C325x250&nras=4&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=3742&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=qO4wlJG25i&p=https%3A//www.lesvospost.com&dtd=678

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&gdpr=1&client=ca-pub-4266922878443074&output=html&h=250&adk=2326970725&adf=2827123698&pi=t.aa~a.748759278~rp.4&w=325&fwrn=4&fwrnh=100&lmt=1618583784&rafmt=1&to=qs&pwprc=3593517408&psa=0&format=325x250&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021021&bpp=1&bdt=796&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&prev_fmts=0x0%2C728x90%2C450x50%2C468x60%2C325x250%2C325x250&nras=4&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=3742&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=qO4wlJG25i&p=https%3A//www.lesvospost.com&dtd=678
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 16 Apr 2021 15:13:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 cmTagWIDGET_ITEM.js Show response
vidstat.taboola.com/vpaid/units/29_5_3/infra/ 641 KB
113 KB 163ms
6ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/29_5_3/infra/cmTagWIDGET_ITEM.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.3.9/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: be270dd94c4a946a3437bddd8bd5714825212fe40529408f6e6c49d30e0149aa

Request headers

Origin: https://www.lesvospost.com
Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:42 GMT
via: 1.1 varnish
age: 167240
x-amz-meta-mtime: 1618418549
x-cache: HIT
x-amz-meta-ctime: 1618418726
x-amz-meta-mode: 33188
content-encoding: br
content-length: 115451
x-amz-id-2: ZKCtc2KtXgjpH9kWYk+6w2iI6n2nMu5FEYTrGnZTzkuZjYc0/dZoV+w/zKjOx2+Xgce3ek2fICY=
x-served-by: cache-hhn11562-HHN
accept-ranges: bytes
last-modified: Wed, 14 Apr 2021 16:45:28 GMT
server: AmazonS3-br
x-timer: S1618586023.823263,VS0,VE0
etag: "938df8258d123320e98e98b6a68d8c93"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: 5MSXH10YWPYYZY75
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-headers: *
x-cache-hits: 25068

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/29_5_3/assets/css/ 58 KB
8 KB 7ms
6ms Stylesheet
text/css 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/29_5_3/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.3.9/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 3fa2d05c853e9ae626a42e17be01f3959480d9a36518b9f35c7647750dab6fff

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:42 GMT
via: 1.1 varnish
age: 167240
x-amz-meta-mtime: 1618418549
x-cache: HIT
x-amz-meta-ctime: 1618418674
x-amz-meta-mode: 33188
content-encoding: br
content-length: 7758
x-amz-id-2: 0WFu+8lyYx3Hfp90nI9JSpQkR1MebOqyVZ2VpNpVhXxSeQlfugQvTpwuWej1l4U3tiEht4jWgbw=
x-served-by: cache-hhn11542-HHN
accept-ranges: bytes
last-modified: Wed, 14 Apr 2021 16:44:35 GMT
server: AmazonS3-br
x-timer: S1618586023.667483,VS0,VE0
etag: "e5a46ef3bd4c553a76fa4e52d4e0347e"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: 5MSW3RKJ41DNNC3Z
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-headers: *
x-cache-hits: 247712

GET
BLOB 206
Partial Content 5ecb7aa5-9468-4009-a65e-6a825e074ef5
https://www.lesvospost.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.lesvospost.com/5ecb7aa5-9468-4009-a65e-6a825e074ef5
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content c65c7b8b-ab0c-4a65-971f-dd42890c6521
https://www.lesvospost.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.lesvospost.com/c65c7b8b-ab0c-4a65-971f-dd42890c6521
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 206 rnk7erfi7uqv2nsccqx8.mp4
c3.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_DEFAULT/v1598426375/ 471 KB
472 KB 9ms
7ms Media
video/mp4 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c3.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_DEFAULT/v1598426375/rnk7erfi7uqv2nsccqx8.mp4
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef0957cbf988fc87222c3e3761dc43198572596b8b39baa9f3f2a96dc358504c

Request headers

Referer: https://www.lesvospost.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: hce6wJ75MmbTkqRIKVnGLcv2IJQotOnX
via: 1.1 varnish
etag: "7a3f6953477a92712e00eb32695f37df"
age: 39
x-cache: HIT
Content-Range: bytes 0-482708/482709
x-amz-replication-status: COMPLETED
Content-Length: 482709
x-amz-id-2: PAF9GFVbfWQhvzrZcLRs6LMytP7PZTw6bq9PELU3cAnT06gDeOYwGTAr5AL2j3tR10WSFO6h9UE=
x-served-by: cache-hhn11542-HHN
last-modified: Wed, 26 Aug 2020 07:19:47 GMT
server: AmazonS3
x-timer: S1618586023.671759,VS0,VE1
date: Fri, 16 Apr 2021 15:13:42 GMT
x-amz-request-id: WHF4KZAZFFSKKCEA
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: video/mp4;codecs=avc1
abp: 79
x-cache-hits: 0

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/14390195233685576772/ Frame E546 14 KB
14 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14390195233685576772/downsize_200k_v1?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&gdpr=1&client=ca-pub-4266922878443074&output=html&h=250&adk=1798448534&adf=2767709707&pi=t.aa~a.2294275233~rp.4&w=325&fwrn=4&fwrnh=100&lmt=1618583784&rafmt=1&to=qs&pwprc=3593517408&psa=0&format=325x250&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021021&bpp=2&bdt=795&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&prev_fmts=0x0%2C728x90%2C450x50%2C468x60&nras=2&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=1994&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=tfgJaXE0pz&p=https%3A//www.lesvospost.com&dtd=658

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a693e4d7cd47242a3f5baa645ab34ff4702f8a0b545337ce2e122680ff36b0a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 00:12:43 GMT
x-content-type-options: nosniff
age: 140459
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13903
x-xss-protection: 0
last-modified: Tue, 10 Nov 2020 12:14:44 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Apr 2022 00:12:43 GMT

GET
DATA 200
OK truncated
/ Frame E546 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js Show response
pagead2.googlesyndication.com/bg/ Frame A3B9 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c24a517cf3dc453e6046e54ec1f6944bd762da6fc68447fcfa84c374723bbb09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 11:40:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 12800
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5710
x-xss-protection: 0
expires: Sat, 16 Apr 2022 11:40:22 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame E546 0
0 48ms
48ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C3r8Dpal5YOafK4f7zAbf75WIDPqghIFcqvKAg-UMv-EeEAEg6tHIHWCViviBlAegAZmtr9gDyAEJqQKgGID7mBi0PqgDAcgDywSqBM8BT9BSwfQyY7awIf5eq03KvkJ9MIGNOzW65ub1dT7BkmdO9vDE568EBIFbztjJQA8mlhSUJ8Z10mGlOtVuDsskmkoMtR1NeBTwJZha28c2b-vs8pCYK5zEsPL28Zm3XmDyf2FtCcyARE0rIfZX89ucin3D3zdF3hn_OpiPHurhsQMoZzFFcVA2KOaktgVRK1QE6sEA8rTGtUeSM8x1V6BGGW2Xdn7WgzvQHD0x_GsZJSHKFiDdI0lvwxLPy2bkrxJQj3rqpDRZmLwA0AOPnr0vwAT9js2iwQGSBQQIBBgBkgUECAUYBKAGLoAH_uazLqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBClpQTSCAkIgOGAcBABGB-ACgHICwG4E4gn2BMNiBQCshcaChgIABIUcHViLTQyNjY5MjI4Nzg0NDMwNzQ&sigh=4Jo0ugFXhvY&template_id=5000

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&gdpr=1&client=ca-pub-4266922878443074&output=html&h=250&adk=1798448534&adf=2767709707&pi=t.aa~a.2294275233~rp.4&w=325&fwrn=4&fwrnh=100&lmt=1618583784&rafmt=1&to=qs&pwprc=3593517408&psa=0&format=325x250&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021021&bpp=2&bdt=795&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&prev_fmts=0x0%2C728x90%2C450x50%2C468x60&nras=2&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=1994&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=tfgJaXE0pz&p=https%3A//www.lesvospost.com&dtd=658

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&gdpr=1&client=ca-pub-4266922878443074&output=html&h=250&adk=1798448534&adf=2767709707&pi=t.aa~a.2294275233~rp.4&w=325&fwrn=4&fwrnh=100&lmt=1618583784&rafmt=1&to=qs&pwprc=3593517408&psa=0&format=325x250&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021021&bpp=2&bdt=795&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&prev_fmts=0x0%2C728x90%2C450x50%2C468x60&nras=2&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=1994&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=tfgJaXE0pz&p=https%3A//www.lesvospost.com&dtd=658
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 16 Apr 2021 15:13:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5099600406695979504/ Frame 4B00 12 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5099600406695979504/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-2500372977609723&output=html&h=600&slotname=PA_GR_SotirisOikonomou%2Flesvospost.com%2F20567447_lesvospost.com_ros_300x600&adk=3326736904&adf=946937704&pi=t.ma~as.PA_GR_SotirisOikono_&w=300&url=https%3A%2F%2Fwww.lesvospost.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021553&bpp=12&bdt=678&idt=514&shv=r20210414&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&correlator=3455979296148&frm=23&ife=1&pv=2&ga_vid=178636599.1618586020&ga_sid=1618586022&ga_hid=856319401&ga_fc=1&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=6245&biw=1600&bih=1200&isw=300&ish=600&ifk=1836693372&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C44736525%2C44740079&oid=3&pvsid=2612572080098448&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w96yl9i833u5&btvi=1&fsb=1&dtd=607

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf36f3295881d2714bf0f509f0126886b4b6190d2e1c90245e032d20797f0763

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/5099600406695979504/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3095
date: Sun, 11 Apr 2021 02:35:07 GMT
expires: Mon, 11 Apr 2022 02:35:07 GMT
last-modified: Fri, 12 Mar 2021 10:24:08 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 477515
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/ Frame 4A0B 17 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76d293cad87de584b5105472b9672fb1460dcf35f82079e274e44a47860bf700

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 14:57:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 981
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7113
x-xss-protection: 0
server: cafe
etag: 11066897925667386271
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 14:57:21 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 4A0B 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 15:12:47 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4A0B 118 KB
36 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618423651533291"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36717
x-xss-protection: 0
expires: Fri, 16 Apr 2021 15:13:42 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 4A0B 13 KB
5 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:12:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 86
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5602
x-xss-protection: 0
server: cafe
etag: 7525161794280374107
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 15:12:16 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 4A0B 0
0 15ms
15ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSKZxXi5BsD9XVsZzKFk7TVdWV5z-zCuo9b4cwNet2Tc9QCEQ999Skfrr1qHjY_kmqgTTIZHBI7xsy3c1a5lXYNCPQZbA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-2500372977609723&output=html&h=600&slotname=PA_GR_SotirisOikonomou%2Flesvospost.com%2F20567447_lesvospost.com_ros_300x600&adk=3326736904&adf=946937704&pi=t.ma~as.PA_GR_SotirisOikono_&w=300&url=https%3A%2F%2Fwww.lesvospost.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021553&bpp=12&bdt=678&idt=514&shv=r20210414&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&correlator=3455979296148&frm=23&ife=1&pv=2&ga_vid=178636599.1618586020&ga_sid=1618586022&ga_hid=856319401&ga_fc=1&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=6245&biw=1600&bih=1200&isw=300&ish=600&ifk=1836693372&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C44736525%2C44740079&oid=3&pvsid=2612572080098448&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w96yl9i833u5&btvi=1&fsb=1&dtd=607
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3F3E 143 B
163 B 7ms
7ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&gdpr=1&client=ca-pub-4266922878443074&output=html&h=250&adk=2398528108&adf=3389349890&pi=t.aa~a.1098341321~rp.4&w=325&fwrn=4&fwrnh=100&lmt=1618583784&rafmt=1&to=qs&pwprc=3593517408&psa=0&format=325x250&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021021&bpp=1&bdt=795&idt=1&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&prev_fmts=0x0%2C728x90%2C450x50%2C468x60%2C325x250%2C325x250%2C325x250&nras=5&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=4057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=1&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=UuEOv4NAXb&p=https%3A//www.lesvospost.com&dtd=688

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&gdpr=1&client=ca-pub-4266922878443074&output=html&h=250&adk=2398528108&adf=3389349890&pi=t.aa~a.1098341321~rp.4&w=325&fwrn=4&fwrnh=100&lmt=1618583784&rafmt=1&to=qs&pwprc=3593517408&psa=0&format=325x250&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021021&bpp=1&bdt=795&idt=1&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&prev_fmts=0x0%2C728x90%2C450x50%2C468x60%2C325x250%2C325x250%2C325x250&nras=5&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=4057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=1&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=UuEOv4NAXb&p=https%3A//www.lesvospost.com&dtd=688
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnaFtvl-usS89_Dwem0OJxcgX82zk1PD6Ca6ujk0eYnCCxzn5zZ_w9cvI1ONFs; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&gdpr=1&client=ca-pub-4266922878443074&output=html&h=250&adk=2398528108&adf=3389349890&pi=t.aa~a.1098341321~rp.4&w=325&fwrn=4&fwrnh=100&lmt=1618583784&rafmt=1&to=qs&pwprc=3593517408&psa=0&format=325x250&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021021&bpp=1&bdt=795&idt=1&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&prev_fmts=0x0%2C728x90%2C450x50%2C468x60%2C325x250%2C325x250%2C325x250&nras=5&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=4057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=1&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=UuEOv4NAXb&p=https%3A//www.lesvospost.com&dtd=688

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 16 Apr 2021 14:23:25 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3017
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame B075 70 B
265 B 91ms
29ms Image
image/gif 54.72.59.228
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66475635&crid=6148915&dast=V7DVMCFgN0Dan7hUxe7wR0Dan7hUxe7wUAAAAGBuIHHbVbUVaMzYqymCwGw9Vut1wtdqPlbLKaDQdD6KjdirJibFaUxWQxGK52u-VoMZkNNqPlZLeaAsgU_nbP3_IyGSQss993UFBOT4_Z5S_y3S7Dw-dywwaaTofPda_X_X53sctz-3sOf8_prvG7_XIAAAAAeADomp6B-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAUDgY1QCA4mA41936shsdrs_L7g8AgIcCEAAAAQwSgAOa6RIAE7WeEwAAAAAAAAAAlv____-YAXurOZkBfdLgHoAHH4AHooLUIkYAAAAAkExtHkeTOqGyqAIAIEi3ArgCAAjA2_aBpQgDAAAAGFugh8XvNzvsGr_bZQAAAAAAAAAAZv9n_2hCRGZmaUEsAABqv4AAAGu_gAAAbOoGAPAWABd0BK0YDFYXELMDAAAAuPv____XA8mRYeIybny7jXMxc41sho1jM9x4VquVwzkbeQzb2zhC0x0v2QbuA5nC3-75W14mg4Rl9vsOCsrp6TG7_EW-22V4-Fz2m7DFaDWZbJbD2XIxGQxHw9FofwK4HOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEJ2Q42kxWo91qN1kOJ6PRbDPZIEWrVrPRZjBczSaz3W41HAyXoxFStGYxm0wWs9FytxksJ6PBcDIcIkzsVsbZyjBYK0wWw1q0WnnWysVuuJY4l5PdarfZGHaDtej1Mf12m8nMstqiYIDFXgQX6UTs8tz-nsPfc_pZ3jLLYDUaLWaziViiOVmkE9ll3xwZJi7jxrfbOBcz18hm2Dg2w41ntVo5nLORx7Bv7FbG2cowWCtMFsNatFp51srFbriWOJeT3Wq32Rh2g7Xo9TH9dpvJzLLaN2aL4Wo4G0wW-8ZsMVwNZ4PJYt-hM3xXn7PRlpkuPUJv4Ra97WTmg8JlsHh_EtNi2p0dPL_f0WlTv5RFnVF4-R69BoXn4DGNl7fasbx9NtPHYUIRSwSni3QiehlPF7FE8rRIJxrnajMcWUajhXE2W7gsE5tztBsuJq7ZbDPYWFwTsURpukgneon6jw0xGs11s7lisJxrBqsEAAAAAAAAALCEOfMmAAAAAKcB7SaT3Wq5ABR9-brAIAAAAAAAALutoK7UNJqHiscW7PLc_p7D33P6Wd4yy2A1Gi1msykDTLg0MG_2TBBrtVrWAAAAAtgAAAAB3Lp5Cwiz4gAAAALjAAAAAOQA!&cmcv=&pix=undefined&cb=1618586022518&uv=2953&tms=1618586022518&abt=adh5c-1_vA!insc_vA!nrlc_vA!spa2_vB!sre_vB!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=57E2E13E212108577951749625680&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.59.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-59-228.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 15:13:42 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame B075 43 B
182 B 374ms
196ms Image
image/gif 2600:1f18:612b:4216:d315:ab3a:faf3:d624
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66475635&crid=6148915&dast=V7DVMCFgN0Dan7hUxe7wR0Dan7hUxe7wUAAAAGBuIHHbVbUVaMzYqymCwGw9Vut1wtdqPlbLKaDQdD6KjdirJibFaUxWQxGK52u-VoMZkNNqPlZLeaAsgU_nbP3_IyGSQss993UFBOT4_Z5S_y3S7Dw-dywwaaTofPda_X_X53sctz-3sOf8_prvG7_XIAAAAAeADomp6B-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAUDgY1QCA4mA41936shsdrs_L7g8AgIcCEAAAAQwSgAOa6RIAE7WeEwAAAAAAAAAAlv____-YAXurOZkBfdLgHoAHH4AHooLUIkYAAAAAkExtHkeTOqGyqAIAIEi3ArgCAAjA2_aBpQgDAAAAGFugh8XvNzvsGr_bZQAAAAAAAAAAZv9n_2hCRGZmaUEsAABqv4AAAGu_gAAAbOoGAPAWABd0BK0YDFYXELMDAAAAuPv____XA8mRYeIybny7jXMxc41sho1jM9x4VquVwzkbeQzb2zhC0x0v2QbuA5nC3-75W14mg4Rl9vsOCsrp6TG7_EW-22V4-Fz2m7DFaDWZbJbD2XIxGQxHw9FofwK4HOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEJ2Q42kxWo91qN1kOJ6PRbDPZIEWrVrPRZjBczSaz3W41HAyXoxFStGYxm0wWs9FytxksJ6PBcDIcIkzsVsbZyjBYK0wWw1q0WnnWysVuuJY4l5PdarfZGHaDtej1Mf12m8nMstqiYIDFXgQX6UTs8tz-nsPfc_pZ3jLLYDUaLWaziViiOVmkE9ll3xwZJi7jxrfbOBcz18hm2Dg2w41ntVo5nLORx7Bv7FbG2cowWCtMFsNatFp51srFbriWOJeT3Wq32Rh2g7Xo9TH9dpvJzLLaN2aL4Wo4G0wW-8ZsMVwNZ4PJYt-hM3xXn7PRlpkuPUJv4Ra97WTmg8JlsHh_EtNi2p0dPL_f0WlTv5RFnVF4-R69BoXn4DGNl7fasbx9NtPHYUIRSwSni3QiehlPF7FE8rRIJxrnajMcWUajhXE2W7gsE5tztBsuJq7ZbDPYWFwTsURpukgneon6jw0xGs11s7lisJxrBqsEAAAAAAAAALCEOfMmAAAAAKcB7SaT3Wq5ABR9-brAIAAAAAAAALutoK7UNJqHiscW7PLc_p7D33P6Wd4yy2A1Gi1msykDTLg0MG_2TBBrtVrWAAAAAtgAAAAB3Lp5Cwiz4gAAAALjAAAAAOQA!&cmcv=&pix=undefined&cb=1618586022518&uv=2953&tms=1618586022518&abt=adh5c-1_vA!insc_vA!nrlc_vA!spa2_vB!sre_vB!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=57E2E13E212108577951749625680&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:d315:ab3a:faf3:d624 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:43 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 204 sync Show response
pixel.advertising.com/ups/58166/ Frame B075 0
125 B 47ms
8ms Script
text/plain 52.57.10.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel.advertising.com/ups/58166/sync?gdpr=1&uid=&_origin=1&us_privacy=1---&redir=true

Requested by

Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66475635&crid=6148915&dast=V7DVMCFgN0Dan7hUxe7wR0Dan7hUxe7wUAAAAGBuIHHbVbUVaMzYqymCwGw9Vut1wtdqPlbLKaDQdD6KjdirJibFaUxWQxGK52u-VoMZkNNqPlZLeaAsgU_nbP3_IyGSQss993UFBOT4_Z5S_y3S7Dw-dywwaaTofPda_X_X53sctz-3sOf8_prvG7_XIAAAAAeADomp6B-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAUDgY1QCA4mA41936shsdrs_L7g8AgIcCEAAAAQwSgAOa6RIAE7WeEwAAAAAAAAAAlv____-YAXurOZkBfdLgHoAHH4AHooLUIkYAAAAAkExtHkeTOqGyqAIAIEi3ArgCAAjA2_aBpQgDAAAAGFugh8XvNzvsGr_bZQAAAAAAAAAAZv9n_2hCRGZmaUEsAABqv4AAAGu_gAAAbOoGAPAWABd0BK0YDFYXELMDAAAAuPv____XA8mRYeIybny7jXMxc41sho1jM9x4VquVwzkbeQzb2zhC0x0v2QbuA5nC3-75W14mg4Rl9vsOCsrp6TG7_EW-22V4-Fz2m7DFaDWZbJbD2XIxGQxHw9FofwK4HOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEJ2Q42kxWo91qN1kOJ6PRbDPZIEWrVrPRZjBczSaz3W41HAyXoxFStGYxm0wWs9FytxksJ6PBcDIcIkzsVsbZyjBYK0wWw1q0WnnWysVuuJY4l5PdarfZGHaDtej1Mf12m8nMstqiYIDFXgQX6UTs8tz-nsPfc_pZ3jLLYDUaLWaziViiOVmkE9ll3xwZJi7jxrfbOBcz18hm2Dg2w41ntVo5nLORx7Bv7FbG2cowWCtMFsNatFp51srFbriWOJeT3Wq32Rh2g7Xo9TH9dpvJzLLaN2aL4Wo4G0wW-8ZsMVwNZ4PJYt-hM3xXn7PRlpkuPUJv4Ra97WTmg8JlsHh_EtNi2p0dPL_f0WlTv5RFnVF4-R69BoXn4DGNl7fasbx9NtPHYUIRSwSni3QiehlPF7FE8rRIJxrnajMcWUajhXE2W7gsE5tztBsuJq7ZbDPYWFwTsURpukgneon6jw0xGs11s7lisJxrBqsEAAAAAAAAALCEOfMmAAAAAKcB7SaT3Wq5ABR9-brAIAAAAAAAALutoK7UNJqHiscW7PLc_p7D33P6Wd4yy2A1Gi1msykDTLg0MG_2TBBrtVrWAAAAAtgAAAAB3Lp5Cwiz4gAAAALjAAAAAOQA!&cmcv=&pix=undefined&cb=1618586022518&uv=2953&tms=1618586022518&abt=adh5c-1_vA!insc_vA!nrlc_vA!spa2_vB!sre_vB!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=57E2E13E212108577951749625680&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.10.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-10-248.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:42 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
DATA 200
OK truncated
/ Frame E74E 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b80d2d0f6e446987fa27b4bb582b284cf539823a23dff41800b4fdcaac3aaed2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BCC9 143 B
163 B 8ms
8ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&gdpr=1&client=ca-pub-4266922878443074&output=html&h=250&adk=2326970725&adf=2827123698&pi=t.aa~a.748759278~rp.4&w=325&fwrn=4&fwrnh=100&lmt=1618583784&rafmt=1&to=qs&pwprc=3593517408&psa=0&format=325x250&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021021&bpp=1&bdt=796&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&prev_fmts=0x0%2C728x90%2C450x50%2C468x60%2C325x250%2C325x250&nras=4&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=3742&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=qO4wlJG25i&p=https%3A//www.lesvospost.com&dtd=678

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&gdpr=1&client=ca-pub-4266922878443074&output=html&h=250&adk=2326970725&adf=2827123698&pi=t.aa~a.748759278~rp.4&w=325&fwrn=4&fwrnh=100&lmt=1618583784&rafmt=1&to=qs&pwprc=3593517408&psa=0&format=325x250&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021021&bpp=1&bdt=796&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&prev_fmts=0x0%2C728x90%2C450x50%2C468x60%2C325x250%2C325x250&nras=4&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=3742&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=qO4wlJG25i&p=https%3A//www.lesvospost.com&dtd=678
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnaFtvl-usS89_Dwem0OJxcgX82zk1PD6Ca6ujk0eYnCCxzn5zZ_w9cvI1ONFs; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&gdpr=1&client=ca-pub-4266922878443074&output=html&h=250&adk=2326970725&adf=2827123698&pi=t.aa~a.748759278~rp.4&w=325&fwrn=4&fwrnh=100&lmt=1618583784&rafmt=1&to=qs&pwprc=3593517408&psa=0&format=325x250&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021021&bpp=1&bdt=796&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&prev_fmts=0x0%2C728x90%2C450x50%2C468x60%2C325x250%2C325x250&nras=4&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=3742&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=qO4wlJG25i&p=https%3A//www.lesvospost.com&dtd=678

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 16 Apr 2021 14:23:25 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3017
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame F9A5 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 517033d5233fec94018014ded2b86935c494879463c2b6c349cbde4116af83b9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E546 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 71c4b30297d9bdb7cb86ac97d51da83189497ad76ccbda18c03357c1776eff62

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 46F9 70 B
264 B 42ms
41ms Image
image/gif 54.72.59.228
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7DVMCFgN0Dan7hUxe7wR0Dan7hUxe7wUAAAAGBuIHHbVbUVaMzYqymCwGw9Vut1wtdqPlbLKaDQdD6KjdirJibFaUxWQxGK52u-VoMZkNNqPlZLeaAsgU_nbP3_IyGSQss993UFBOT4_Z5S_y3S7Dw-dywwaaTofPda_X_X53sctz-3sOf8_prvG7_XIAAAAAeADomp6B-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAUDgY1QCA4mA41936shsdrs_L7g8AgIcCEAAAAQwSgAOa6RIAE7WeEwAAAAAAAAAAlv____-YAXurOZkBfdLgHoAHH4AHooLUIkYAAAAAkExtHkeTOqGyqAIAIEi3ArgCAAjA2_aBpQgDAAAAGFugh8XvNzvsGr_bZQAAAAAAAAAAZv9n_2hCRGZmaUEsAABqv4AAAGu_gAAAbOoGAPAWABd0BK0YDFYXELMDAAAAuPv____XA8mRYeIybny7jXMxc41sho1jM9x4VquVwzkbeQzb2zhC0x0v2QbuA5nC3-75W14mg4Rl9vsOCsrp6TG7_EW-22V4-Fz2m7DFaDWZbJbD2XIxGQxHw9FofwK4HOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEJ2Q42kxWo91qN1kOJ6PRbDPZIEWrVrPRZjBczSaz3W41HAyXoxFStGYxm0wWs9FytxksJ6PBcDIcIkzsVsbZyjBYK0wWw1q0WnnWysVuuJY4l5PdarfZGHaDtej1Mf12m8nMstqiYIDFXgQX6UTs8tz-nsPfc_pZ3jLLYDUaLWaziViiOVmkE9ll3xwZJi7jxrfbOBcz18hm2Dg2w41ntVo5nLORx7Bv7FbG2cowWCtMFsNatFp51srFbriWOJeT3Wq32Rh2g7Xo9TH9dpvJzLLaN2aL4Wo4G0wW-8ZsMVwNZ4PJYt-hM3xXn7PRlpkuPUJv4Ra97WTmg8JlsHh_EtNi2p0dPL_f0WlTv5RFnVF4-R69BoXn4DGNl7fasbx9NtPHYUIRSwSni3QiehlPF7FE8rRIJxrnajMcWUajhXE2W7gsE5tztBsuJq7ZbDPYWFwTsURpukgneon6jw0xGs11s7lisJxrBqsEAAAAAAAAALCEOfMmAAAAAKcB7SaT3Wq5ABR9-brAIAAAAAAAALutoK7UNJqHiscW7PLc_p7D33P6Wd4yy2A1Gi1msykDTLg0MG_2TBBrtVrWAAAAAtgAAAAB3Lp5Cwiz4gAAAALjAAAAAOQA!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.59.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-59-228.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 15:13:42 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame 46F9 43 B
183 B 179ms
86ms Image
image/gif 2600:1f18:612b:4216:d315:ab3a:faf3:d624
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7DVMCFgN0Dan7hUxe7wR0Dan7hUxe7wUAAAAGBuIHHbVbUVaMzYqymCwGw9Vut1wtdqPlbLKaDQdD6KjdirJibFaUxWQxGK52u-VoMZkNNqPlZLeaAsgU_nbP3_IyGSQss993UFBOT4_Z5S_y3S7Dw-dywwaaTofPda_X_X53sctz-3sOf8_prvG7_XIAAAAAeADomp6B-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAUDgY1QCA4mA41936shsdrs_L7g8AgIcCEAAAAQwSgAOa6RIAE7WeEwAAAAAAAAAAlv____-YAXurOZkBfdLgHoAHH4AHooLUIkYAAAAAkExtHkeTOqGyqAIAIEi3ArgCAAjA2_aBpQgDAAAAGFugh8XvNzvsGr_bZQAAAAAAAAAAZv9n_2hCRGZmaUEsAABqv4AAAGu_gAAAbOoGAPAWABd0BK0YDFYXELMDAAAAuPv____XA8mRYeIybny7jXMxc41sho1jM9x4VquVwzkbeQzb2zhC0x0v2QbuA5nC3-75W14mg4Rl9vsOCsrp6TG7_EW-22V4-Fz2m7DFaDWZbJbD2XIxGQxHw9FofwK4HOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEJ2Q42kxWo91qN1kOJ6PRbDPZIEWrVrPRZjBczSaz3W41HAyXoxFStGYxm0wWs9FytxksJ6PBcDIcIkzsVsbZyjBYK0wWw1q0WnnWysVuuJY4l5PdarfZGHaDtej1Mf12m8nMstqiYIDFXgQX6UTs8tz-nsPfc_pZ3jLLYDUaLWaziViiOVmkE9ll3xwZJi7jxrfbOBcz18hm2Dg2w41ntVo5nLORx7Bv7FbG2cowWCtMFsNatFp51srFbriWOJeT3Wq32Rh2g7Xo9TH9dpvJzLLaN2aL4Wo4G0wW-8ZsMVwNZ4PJYt-hM3xXn7PRlpkuPUJv4Ra97WTmg8JlsHh_EtNi2p0dPL_f0WlTv5RFnVF4-R69BoXn4DGNl7fasbx9NtPHYUIRSwSni3QiehlPF7FE8rRIJxrnajMcWUajhXE2W7gsE5tztBsuJq7ZbDPYWFwTsURpukgneon6jw0xGs11s7lisJxrBqsEAAAAAAAAALCEOfMmAAAAAKcB7SaT3Wq5ABR9-brAIAAAAAAAALutoK7UNJqHiscW7PLc_p7D33P6Wd4yy2A1Gi1msykDTLg0MG_2TBBrtVrWAAAAAtgAAAAB3Lp5Cwiz4gAAAALjAAAAAOQA!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:d315:ab3a:faf3:d624 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:43 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 204 sync Show response
pixel.advertising.com/ups/58166/ Frame 46F9 0
124 B 8ms
7ms Script
text/plain 52.57.10.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel.advertising.com/ups/58166/sync?gdpr=1&uid=&_origin=1&us_privacy=1---&redir=true

Requested by

Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7DVMCFgN0Dan7hUxe7wR0Dan7hUxe7wUAAAAGBuIHHbVbUVaMzYqymCwGw9Vut1wtdqPlbLKaDQdD6KjdirJibFaUxWQxGK52u-VoMZkNNqPlZLeaAsgU_nbP3_IyGSQss993UFBOT4_Z5S_y3S7Dw-dywwaaTofPda_X_X53sctz-3sOf8_prvG7_XIAAAAAeADomp6B-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAUDgY1QCA4mA41936shsdrs_L7g8AgIcCEAAAAQwSgAOa6RIAE7WeEwAAAAAAAAAAlv____-YAXurOZkBfdLgHoAHH4AHooLUIkYAAAAAkExtHkeTOqGyqAIAIEi3ArgCAAjA2_aBpQgDAAAAGFugh8XvNzvsGr_bZQAAAAAAAAAAZv9n_2hCRGZmaUEsAABqv4AAAGu_gAAAbOoGAPAWABd0BK0YDFYXELMDAAAAuPv____XA8mRYeIybny7jXMxc41sho1jM9x4VquVwzkbeQzb2zhC0x0v2QbuA5nC3-75W14mg4Rl9vsOCsrp6TG7_EW-22V4-Fz2m7DFaDWZbJbD2XIxGQxHw9FofwK4HOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEJ2Q42kxWo91qN1kOJ6PRbDPZIEWrVrPRZjBczSaz3W41HAyXoxFStGYxm0wWs9FytxksJ6PBcDIcIkzsVsbZyjBYK0wWw1q0WnnWysVuuJY4l5PdarfZGHaDtej1Mf12m8nMstqiYIDFXgQX6UTs8tz-nsPfc_pZ3jLLYDUaLWaziViiOVmkE9ll3xwZJi7jxrfbOBcz18hm2Dg2w41ntVo5nLORx7Bv7FbG2cowWCtMFsNatFp51srFbriWOJeT3Wq32Rh2g7Xo9TH9dpvJzLLaN2aL4Wo4G0wW-8ZsMVwNZ4PJYt-hM3xXn7PRlpkuPUJv4Ra97WTmg8JlsHh_EtNi2p0dPL_f0WlTv5RFnVF4-R69BoXn4DGNl7fasbx9NtPHYUIRSwSni3QiehlPF7FE8rRIJxrnajMcWUajhXE2W7gsE5tztBsuJq7ZbDPYWFwTsURpukgneon6jw0xGs11s7lisJxrBqsEAAAAAAAAALCEOfMmAAAAAKcB7SaT3Wq5ABR9-brAIAAAAAAAALutoK7UNJqHiscW7PLc_p7D33P6Wd4yy2A1Gi1msykDTLg0MG_2TBBrtVrWAAAAAtgAAAAB3Lp5Cwiz4gAAAALjAAAAAOQA!&excid=22&docw=0&cijs=1&nlb=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.10.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-10-248.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:42 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame E546 16 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 19:15:25 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
age: 244697
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
expires: Wed, 13 Apr 2022 19:15:25 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame E546 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 21:15:20 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
age: 323902
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
expires: Tue, 12 Apr 2022 21:15:20 GMT

GET
H3-29 200 wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js Show response
pagead2.googlesyndication.com/bg/ Frame 800E 14 KB
6 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c24a517cf3dc453e6046e54ec1f6944bd762da6fc68447fcfa84c374723bbb09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 11:40:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 12800
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5710
x-xss-protection: 0
expires: Sat, 16 Apr 2022 11:40:22 GMT

POST
H2 204 bulk Show response
trc.taboola.com/lesvospostgr-f20544166/log/3/ 0
320 B 23ms
22ms XHR
image/gif 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/lesvospostgr-f20544166/log/3/bulk?tvi2=5024&route=AM%3AAM%3AV&lti=deflated&bulkSize=7
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210414-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 17
pragma: no-cache
date: Fri, 16 Apr 2021 15:13:42 GMT
via: 1.1 varnish
server: nginx
x-timer: S1618586023.950004,VS0,VE17
x-served-by: cache-hhn11542-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.lesvospost.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H3-29 200 wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js Show response
pagead2.googlesyndication.com/bg/ Frame AB50 14 KB
6 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&gdpr=1&client=ca-pub-4266922878443074&output=html&h=250&adk=1798448534&adf=2767709707&pi=t.aa~a.2294275233~rp.4&w=325&fwrn=4&fwrnh=100&lmt=1618583784&rafmt=1&to=qs&pwprc=3593517408&psa=0&format=325x250&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021021&bpp=2&bdt=795&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&prev_fmts=0x0%2C728x90%2C450x50%2C468x60&nras=2&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=1994&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=tfgJaXE0pz&p=https%3A//www.lesvospost.com&dtd=658

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c24a517cf3dc453e6046e54ec1f6944bd762da6fc68447fcfa84c374723bbb09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 11:40:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 12800
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5710
x-xss-protection: 0
expires: Sat, 16 Apr 2022 11:40:22 GMT

GET
H3-29 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame E546 54 KB
20 KB 20ms
6ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&gdpr=1&client=ca-pub-4266922878443074&output=html&h=250&adk=1798448534&adf=2767709707&pi=t.aa~a.2294275233~rp.4&w=325&fwrn=4&fwrnh=100&lmt=1618583784&rafmt=1&to=qs&pwprc=3593517408&psa=0&format=325x250&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021021&bpp=2&bdt=795&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&prev_fmts=0x0%2C728x90%2C450x50%2C468x60&nras=2&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=1994&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=tfgJaXE0pz&p=https%3A//www.lesvospost.com&dtd=658

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

d216b8da34933ed1ba140eccb7345ec388e9200b635dec8dd917e21834f35c4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 14:58:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 925
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20914
x-xss-protection: 0
server: cafe
etag: 9171160076714409937
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 15:58:17 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0275 143 B
163 B 7ms
6ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-2500372977609723&output=html&h=600&slotname=PA_GR_SotirisOikonomou%2Flesvospost.com%2F20567447_lesvospost.com_ros_300x600&adk=3326736904&adf=946937704&pi=t.ma~as.PA_GR_SotirisOikono_&w=300&url=https%3A%2F%2Fwww.lesvospost.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021553&bpp=12&bdt=678&idt=514&shv=r20210414&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&correlator=3455979296148&frm=23&ife=1&pv=2&ga_vid=178636599.1618586020&ga_sid=1618586022&ga_hid=856319401&ga_fc=1&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=6245&biw=1600&bih=1200&isw=300&ish=600&ifk=1836693372&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C44736525%2C44740079&oid=3&pvsid=2612572080098448&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w96yl9i833u5&btvi=1&fsb=1&dtd=607
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnaFtvl-usS89_Dwem0OJxcgX82zk1PD6Ca6ujk0eYnCCxzn5zZ_w9cvI1ONFs; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-2500372977609723&output=html&h=600&slotname=PA_GR_SotirisOikonomou%2Flesvospost.com%2F20567447_lesvospost.com_ros_300x600&adk=3326736904&adf=946937704&pi=t.ma~as.PA_GR_SotirisOikono_&w=300&url=https%3A%2F%2Fwww.lesvospost.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021553&bpp=12&bdt=678&idt=514&shv=r20210414&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&correlator=3455979296148&frm=23&ife=1&pv=2&ga_vid=178636599.1618586020&ga_sid=1618586022&ga_hid=856319401&ga_fc=1&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=6245&biw=1600&bih=1200&isw=300&ish=600&ifk=1836693372&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C44736525%2C44740079&oid=3&pvsid=2612572080098448&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w96yl9i833u5&btvi=1&fsb=1&dtd=607

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 16 Apr 2021 14:23:25 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3017
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 4A0B 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7238e646ebf0f256adb3e1f6de04b6f8f3b2a6f93ee2b32fc3f44dea5095e89e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 content14_10_18m.js Show response
vidstat.taboola.com/ 37 KB
8 KB 6ms
6ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/content14_10_18m.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_5_3/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:43 GMT
via: 1.1 e0064d0a2437e206ed082e1fa1cdae61.cloudfront.net (CloudFront), 1.1 varnish
age: 3344475
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 7638
x-served-by: cache-hhn11542-HHN
last-modified: Sun, 14 Oct 2018 13:31:31 GMT
server: AmazonS3
x-timer: S1618586023.083125,VS0,VE0
etag: "d8d81221ec6e604811ce469d899c9c8b"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: omj5vaGwuVO0u1DUElZ04p0xjblvLHfKzDESlIUndnM3CZOy52LCcg==
x-cache-hits: 812765

GET
H2 200 oppsula.js Show response
vidstat.taboola.com/oppsula/1.3.8/ 15 KB
5 KB 6ms
6ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/oppsula/1.3.8/oppsula.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_5_3/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f60c4600705d04f5c55db54f646fec728f9458c4fbba35adb4ac114077cb2391

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:43 GMT
via: 1.1 c05282a87474a55ae2a8dd2aa77d1233.cloudfront.net (CloudFront), 1.1 varnish
age: 2850118
x-cache: Miss from cloudfront, HIT
content-encoding: gzip
content-length: 5164
x-served-by: cache-hhn11542-HHN
last-modified: Tue, 14 Apr 2020 06:07:12 GMT
server: AmazonS3
x-timer: S1618586023.086340,VS0,VE0
etag: "328b70146f77a19d2bc0172c656d921e"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: mX0WwlTmUO4x6xuR8DDLZg909FJ4TvyaVteRGEevDZZ-WfTsdjHQoQ==
x-cache-hits: 908798

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v12.1.4/ 546 KB
112 KB 6ms
6ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.1.4/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_5_3/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 720ddd4787fb99b285d201418703a00279cbe51d5adcd297a939c2ad2a58800a

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:43 GMT
via: 1.1 varnish
age: 540711
x-amz-meta-mtime: 1618045252
x-cache: HIT
x-amz-meta-ctime: 1618045266
x-amz-meta-mode: 33188
content-encoding: br
content-length: 113985
x-amz-id-2: MeZfd1q7qUwBDHWk30RIpj9dFcpk4uQUeWomXghP6UtCRk6vGsX9gCzCbeUJKcp/NTpkCjhl2Dk=
x-served-by: cache-hhn11542-HHN
accept-ranges: bytes
last-modified: Sat, 10 Apr 2021 09:01:07 GMT
server: AmazonS3-br
x-timer: S1618586023.113202,VS0,VE0
etag: "547cdf029ce8d527d430f333e6085e25"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: E8G0BQYVV975SPKT
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-headers: *
x-cache-hits: 240872

GET
H2 200 sync Show response
am-match.taboola.com/ Frame A9C3 602 B
687 B 16ms
16ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V7DVMCFgN0Dan7hUxe7wR0Dan7hUxe7wUAAAAGBuIHHbVbUVaMzYqymCwGw9Vut1wtdqPlbLKaDQdD6KjdirJibFaUxWQxGK52u-VoMZkNNqPlZLeaAsgU_nbP3_IyGSQss993UFBOT4_Z5S_y3S7Dw-dywwaaTofPda_X_X53sctz-3sOf8_prvG7_XIAAAAAeADomp6B-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAUDgY1QCA4mA41936shsdrs_L7g8AgIcCEAAAAQwSgAOa6RIAE7WeEwAAAAAAAAAAlv____-YAXurOZkBfdLgHoAHH4AHooLUIkYAAAAAkExtHkeTOqGyqAIAIEi3ArgCAAjA2_aBpQgDAAAAGFugh8XvNzvsGr_bZQAAAAAAAAAAZv9n_2hCRGZmaUEsAABqv4AAAGu_gAAAbOoGAPAWABd0BK0YDFYXELMDAAAAuPv____XA8mRYeIybny7jXMxc41sho1jM9x4VquVwzkbeQzb2zhC0x0v2QbuA5nC3-75W14mg4Rl9vsOCsrp6TG7_EW-22V4-Fz2m7DFaDWZbJbD2XIxGQxHw9FofwK4HOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEJ2Q42kxWo91qN1kOJ6PRbDPZIEWrVrPRZjBczSaz3W41HAyXoxFStGYxm0wWs9FytxksJ6PBcDIcIkzsVsbZyjBYK0wWw1q0WnnWysVuuJY4l5PdarfZGHaDtej1Mf12m8nMstqiYIDFXgQX6UTs8tz-nsPfc_pZ3jLLYDUaLWaziViiOVmkE9ll3xwZJi7jxrfbOBcz18hm2Dg2w41ntVo5nLORx7Bv7FbG2cowWCtMFsNatFp51srFbriWOJeT3Wq32Rh2g7Xo9TH9dpvJzLLaN2aL4Wo4G0wW-8ZsMVwNZ4PJYt-hM3xXn7PRlpkuPUJv4Ra97WTmg8JlsHh_EtNi2p0dPL_f0WlTv5RFnVF4-R69BoXn4DGNl7fasbx9NtPHYUIRSwSni3QiehlPF7FE8rRIJxrnajMcWUajhXE2W7gsE5tztBsuJq7ZbDPYWFwTsURpukgneon6jw0xGs11s7lisJxrBqsEAAAAAAAAALCEOfMmAAAAAKcB7SaT3Wq5ABR9-brAIAAAAAAAALutoK7UNJqHiscW7PLc_p7D33P6Wd4yy2A1Gi1msykDTLg0MG_2TBBrtVrWAAAAAtgAAAAB3Lp5Cwiz4gAAAALjAAAAAOQA!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_5_3/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 50968fc609d43d4b7df4dd3bc1627a974e1a692e975c6828ab16f7249bd9f46e

Request headers

:method: GET
:authority: am-match.taboola.com
:scheme: https
:path: /sync?dast=V7DVMCFgN0Dan7hUxe7wR0Dan7hUxe7wUAAAAGBuIHHbVbUVaMzYqymCwGw9Vut1wtdqPlbLKaDQdD6KjdirJibFaUxWQxGK52u-VoMZkNNqPlZLeaAsgU_nbP3_IyGSQss993UFBOT4_Z5S_y3S7Dw-dywwaaTofPda_X_X53sctz-3sOf8_prvG7_XIAAAAAeADomp6B-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAUDgY1QCA4mA41936shsdrs_L7g8AgIcCEAAAAQwSgAOa6RIAE7WeEwAAAAAAAAAAlv____-YAXurOZkBfdLgHoAHH4AHooLUIkYAAAAAkExtHkeTOqGyqAIAIEi3ArgCAAjA2_aBpQgDAAAAGFugh8XvNzvsGr_bZQAAAAAAAAAAZv9n_2hCRGZmaUEsAABqv4AAAGu_gAAAbOoGAPAWABd0BK0YDFYXELMDAAAAuPv____XA8mRYeIybny7jXMxc41sho1jM9x4VquVwzkbeQzb2zhC0x0v2QbuA5nC3-75W14mg4Rl9vsOCsrp6TG7_EW-22V4-Fz2m7DFaDWZbJbD2XIxGQxHw9FofwK4HOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEJ2Q42kxWo91qN1kOJ6PRbDPZIEWrVrPRZjBczSaz3W41HAyXoxFStGYxm0wWs9FytxksJ6PBcDIcIkzsVsbZyjBYK0wWw1q0WnnWysVuuJY4l5PdarfZGHaDtej1Mf12m8nMstqiYIDFXgQX6UTs8tz-nsPfc_pZ3jLLYDUaLWaziViiOVmkE9ll3xwZJi7jxrfbOBcz18hm2Dg2w41ntVo5nLORx7Bv7FbG2cowWCtMFsNatFp51srFbriWOJeT3Wq32Rh2g7Xo9TH9dpvJzLLaN2aL4Wo4G0wW-8ZsMVwNZ4PJYt-hM3xXn7PRlpkuPUJv4Ra97WTmg8JlsHh_EtNi2p0dPL_f0WlTv5RFnVF4-R69BoXn4DGNl7fasbx9NtPHYUIRSwSni3QiehlPF7FE8rRIJxrnajMcWUajhXE2W7gsE5tztBsuJq7ZbDPYWFwTsURpukgneon6jw0xGs11s7lisJxrBqsEAAAAAAAAALCEOfMmAAAAAKcB7SaT3Wq5ABR9-brAIAAAAAAAALutoK7UNJqHiscW7PLc_p7D33P6Wd4yy2A1Gi1msykDTLg0MG_2TBBrtVrWAAAAAtgAAAAB3Lp5Cwiz4gAAAALjAAAAAOQA!&excid=22&docw=0&cijs=1&nlb=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.lesvospost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.lesvospost.com/

Response headers

server: nginx
date: Fri, 16 Apr 2021 15:13:43 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3402

POST
H3-29 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 4A0B 0
20 B 40ms
40ms Other
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLepkOeGg_ACFYkf0wodp60OmA&gqi=pql5YKWzCs-M-waHxaq4BA&layout=/sadbundle/%24csp%253Der3%24/5099600406695979504/index.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 15:13:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 4B00 9 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5099600406695979504/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 12:33:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9616
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 17 Apr 2021 12:33:27 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 4B00 22 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5099600406695979504/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 18:54:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73146
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 16 Apr 2021 18:54:37 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 4B00 20 KB
1 KB 16ms
15ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic&cb=1615544558

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5099600406695979504/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5e0d7c507cf900775df1d347c362c6ab870162905b31ca3b2b4afd5f73fad98f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 16 Apr 2021 14:18:00 GMT
server: ESF
date: Fri, 16 Apr 2021 15:13:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 16 Apr 2021 15:13:43 GMT

GET
H2 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 4B00 57 KB
23 KB 36ms
14ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5099600406695979504/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Apr 2021 15:13:43 GMT

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
703 B 6ms
6ms Image
image/png 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 27515
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: 3fxKGKGG7x9smUgGRZY3/0rYOUUaxLooyKppUJbwjC3F0De0S2w7jAiA03CoGdM8qf9YzUtHXMg=
x-served-by: cache-hhn11542-HHN
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1618586023.237776,VS0,VE0
date: Fri, 16 Apr 2021 15:13:43 GMT
x-amz-request-id: BZA2MM8GAVQZA74K
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 79
x-cache-hits: 43502

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3F3E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

24ms
24ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&gdpr=1&client=ca-pub-4266922878443074&output=html&h=250&adk=2398528108&adf=3389349890&pi=t.aa~a.1098341321~rp.4&w=325&fwrn=4&fwrnh=100&lmt=1618583784&rafmt=1&to=qs&pwprc=3593517408&psa=0&format=325x250&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021021&bpp=1&bdt=795&idt=1&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&prev_fmts=0x0%2C728x90%2C450x50%2C468x60%2C325x250%2C325x250%2C325x250&nras=5&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=4057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=1&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=UuEOv4NAXb&p=https%3A//www.lesvospost.com&dtd=688

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnaFtvl-usS89_Dwem0OJxcgX82zk1PD6Ca6ujk0eYnCCxzn5zZ_w9cvI1ONFs; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 16 Apr 2021 15:13:43 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 16-Apr-2021 15:14:43 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 16 Apr 2021 15:13:43 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 16 Apr 2021 15:13:43 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js Show response
pagead2.googlesyndication.com/bg/ Frame BB1A 14 KB
6 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&gdpr=1&client=ca-pub-4266922878443074&output=html&h=250&adk=2398528108&adf=3389349890&pi=t.aa~a.1098341321~rp.4&w=325&fwrn=4&fwrnh=100&lmt=1618583784&rafmt=1&to=qs&pwprc=3593517408&psa=0&format=325x250&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021021&bpp=1&bdt=795&idt=1&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&prev_fmts=0x0%2C728x90%2C450x50%2C468x60%2C325x250%2C325x250%2C325x250&nras=5&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=4057&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=1&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=UuEOv4NAXb&p=https%3A//www.lesvospost.com&dtd=688

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c24a517cf3dc453e6046e54ec1f6944bd762da6fc68447fcfa84c374723bbb09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 11:40:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 12801
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5710
x-xss-protection: 0
expires: Sat, 16 Apr 2022 11:40:22 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 80 KB
26 KB 74ms
23ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.28.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:43 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 09:52:27 GMT
server: nginx
etag: W/"605322db-14013"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Sat, 17 Apr 2021 15:13:43 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame E546 0
331 B 915ms
365ms Ping
image/gif 2c0f:fb50:4002:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~knkgbsnt&ctx=2&gqid=pal5YJqXKrnI-waw3rjoDQ&qqid=CKaG8-aGg_ACFYc90wod33cFwQ&met.4=fb.qp~lb.wq~ol.yg~bdt.-14f~bpp.-ia~dtd.-2~dt.-ic&met.3=739.wq~740.wz~555.xn~556.xn_1~749.ya_6~738.yg~740.yx~740.yx~740.yy~735.14c_1~740.14f~740.18x~113.1be_5~112.1bd_7&met.1=1.knkgbrch~6.0~7.0~8.0~9.0~10.0~12.1~13.kd~14.ke~15.mu~16.wq~17.wq~18.wq~19.y5~20.y5~21.yg&met.7=CAUQCBgBMN8FONgJaAFw3QV4hcsBgAHuygGIAcD9BLABAbgBAw~CBIQBxgBIPQGKPQGMIMHOA9o9QZwggd46QSAAc4EiAGgH6oBEAoOUm9ib3RvOjQwMCw1MDCwAQG4AQM~CBwQChgBIMAHKMAHMMoHOAlowwdwyQd4jQeAAfIGiAHtC7ABAbgBAw~CBwQChgBIMAHKMAHMMkHOAlowwdwyQd45DeAAck3iAHtiQGwAQG4AQM~CBwQChgBIMUHKMUHMM8HOApoxgdwzgd4sgqAAZcKiAHRE7ABAbgBAw~CCoQChgBIMUHKMUHMNgHOBI~CBwQChgBIMUHKMUHMM4HOAhoxgdwzAd4_SuAAeIriAGVZbABAbgBAw~CBsQBhgBIMUHKMUHMNUHOBA~CBsQChgBIMYHKMYHMM4HOAg~CBcQAhgBIN8HKN8HMOYHOAdo4Adw5gd462yAAc9siAHPbLABAbgBAw~CCEQBBgBIK8IKK8IMOAIODFosAhw3wh4EbABAbgBAw~CBMQAhgBINUJKNUJMNwJOAdo1glw3Al4x3yAAbB8iAGwfKoBDAoGcm9ib3RvEBsYArABAbgBAw~CBMQAhgBINYJKNYJMN4JOAlo1glw3Al433qAAch6iAHIeqoBDAoGcm9ib3RvEBsYArABAbgBAw~CCgQChgBIIUKKIUKMJsKOBZAhgpIhgpQhgpYkwpghgpokwpwmQp4zqMBgAGyowGIAcevA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2c0f:fb50:4002:804::2003 , Kenya, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 15:13:44 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 97b5a36b242fc3b19096f05589656eff.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5099600406695979504/ Frame 4B00 82 KB
82 KB 9ms
8ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5099600406695979504/97b5a36b242fc3b19096f05589656eff.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5099600406695979504/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f774365fcbd352acf09229d291d4f92c348dbae7bc2ed2ac0d7dea21c5942e3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 477515
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84227
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 10:24:08 GMT
server: sffe
date: Sun, 11 Apr 2021 02:35:08 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Apr 2022 02:35:08 GMT

GET
H3-29 200 imagesxjktmq5mnelcqh1ekjab.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5099600406695979504/ Frame 4B00 4 KB
4 KB 8ms
7ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5099600406695979504/imagesxjktmq5mnelcqh1ekjab.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5099600406695979504/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00851c7f94d0ab84b4a7125294366e22ccfcfe65166faf123d0cecd1abe8590a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 129524
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4189
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 10:24:08 GMT
server: sffe
date: Thu, 15 Apr 2021 03:14:59 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Apr 2022 03:14:59 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 4B00 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic&cb=1615544558

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:00 GMT
server: sffe
age: 450605
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15056
x-xss-protection: 0
expires: Mon, 11 Apr 2022 10:03:38 GMT

GET
H3-29 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 4B00 14 KB
14 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic&cb=1615544558

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 23:50:57 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
age: 141766
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
expires: Thu, 14 Apr 2022 23:50:57 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BCC9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

26ms
25ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&gdpr=1&client=ca-pub-4266922878443074&output=html&h=250&adk=2326970725&adf=2827123698&pi=t.aa~a.748759278~rp.4&w=325&fwrn=4&fwrnh=100&lmt=1618583784&rafmt=1&to=qs&pwprc=3593517408&psa=0&format=325x250&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021021&bpp=1&bdt=796&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&prev_fmts=0x0%2C728x90%2C450x50%2C468x60%2C325x250%2C325x250&nras=4&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=3742&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=qO4wlJG25i&p=https%3A//www.lesvospost.com&dtd=678

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnaFtvl-usS89_Dwem0OJxcgX82zk1PD6Ca6ujk0eYnCCxzn5zZ_w9cvI1ONFs; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 16 Apr 2021 15:13:43 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 16-Apr-2021 15:14:43 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 16 Apr 2021 15:13:43 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 16 Apr 2021 15:13:43 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js Show response
pagead2.googlesyndication.com/bg/ Frame 0D67 14 KB
6 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&gdpr=1&client=ca-pub-4266922878443074&output=html&h=250&adk=2326970725&adf=2827123698&pi=t.aa~a.748759278~rp.4&w=325&fwrn=4&fwrnh=100&lmt=1618583784&rafmt=1&to=qs&pwprc=3593517408&psa=0&format=325x250&url=https%3A%2F%2Fwww.lesvospost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618586021021&bpp=1&bdt=796&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ded55da207a2c072f-2220556a93a7000f%3AT%3D1618586020%3ART%3D1618586020%3AS%3DALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw&prev_fmts=0x0%2C728x90%2C450x50%2C468x60%2C325x250%2C325x250&nras=4&correlator=3455979296148&frm=20&pv=1&ga_vid=178636599.1618586020&ga_sid=1618586021&ga_hid=1085585887&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=3742&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=2592789604545969&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=qO4wlJG25i&p=https%3A//www.lesvospost.com&dtd=678

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c24a517cf3dc453e6046e54ec1f6944bd762da6fc68447fcfa84c374723bbb09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 11:40:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 12801
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5710
x-xss-protection: 0
expires: Sat, 16 Apr 2022 11:40:22 GMT

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame A9C3 43 B
182 B 104ms
98ms Image
image/gif 2600:1f18:612b:4216:d315:ab3a:faf3:d624
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7DVMCFgN0Dan7hUxe7wR0Dan7hUxe7wUAAAAGBuIHHbVbUVaMzYqymCwGw9Vut1wtdqPlbLKaDQdD6KjdirJibFaUxWQxGK52u-VoMZkNNqPlZLeaAsgU_nbP3_IyGSQss993UFBOT4_Z5S_y3S7Dw-dywwaaTofPda_X_X53sctz-3sOf8_prvG7_XIAAAAAeADomp6B-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAUDgY1QCA4mA41936shsdrs_L7g8AgIcCEAAAAQwSgAOa6RIAE7WeEwAAAAAAAAAAlv____-YAXurOZkBfdLgHoAHH4AHooLUIkYAAAAAkExtHkeTOqGyqAIAIEi3ArgCAAjA2_aBpQgDAAAAGFugh8XvNzvsGr_bZQAAAAAAAAAAZv9n_2hCRGZmaUEsAABqv4AAAGu_gAAAbOoGAPAWABd0BK0YDFYXELMDAAAAuPv____XA8mRYeIybny7jXMxc41sho1jM9x4VquVwzkbeQzb2zhC0x0v2QbuA5nC3-75W14mg4Rl9vsOCsrp6TG7_EW-22V4-Fz2m7DFaDWZbJbD2XIxGQxHw9FofwK4HOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEJ2Q42kxWo91qN1kOJ6PRbDPZIEWrVrPRZjBczSaz3W41HAyXoxFStGYxm0wWs9FytxksJ6PBcDIcIkzsVsbZyjBYK0wWw1q0WnnWysVuuJY4l5PdarfZGHaDtej1Mf12m8nMstqiYIDFXgQX6UTs8tz-nsPfc_pZ3jLLYDUaLWaziViiOVmkE9ll3xwZJi7jxrfbOBcz18hm2Dg2w41ntVo5nLORx7Bv7FbG2cowWCtMFsNatFp51srFbriWOJeT3Wq32Rh2g7Xo9TH9dpvJzLLaN2aL4Wo4G0wW-8ZsMVwNZ4PJYt-hM3xXn7PRlpkuPUJv4Ra97WTmg8JlsHh_EtNi2p0dPL_f0WlTv5RFnVF4-R69BoXn4DGNl7fasbx9NtPHYUIRSwSni3QiehlPF7FE8rRIJxrnajMcWUajhXE2W7gsE5tztBsuJq7ZbDPYWFwTsURpukgneon6jw0xGs11s7lisJxrBqsEAAAAAAAAALCEOfMmAAAAAKcB7SaT3Wq5ABR9-brAIAAAAAAAALutoK7UNJqHiscW7PLc_p7D33P6Wd4yy2A1Gi1msykDTLg0MG_2TBBrtVrWAAAAAtgAAAAB3Lp5Cwiz4gAAAALjAAAAAOQA!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:d315:ab3a:faf3:d624 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:43 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame A9C3 70 B
264 B 34ms
29ms Image
image/gif 54.72.59.228
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7DVMCFgN0Dan7hUxe7wR0Dan7hUxe7wUAAAAGBuIHHbVbUVaMzYqymCwGw9Vut1wtdqPlbLKaDQdD6KjdirJibFaUxWQxGK52u-VoMZkNNqPlZLeaAsgU_nbP3_IyGSQss993UFBOT4_Z5S_y3S7Dw-dywwaaTofPda_X_X53sctz-3sOf8_prvG7_XIAAAAAeADomp6B-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAUDgY1QCA4mA41936shsdrs_L7g8AgIcCEAAAAQwSgAOa6RIAE7WeEwAAAAAAAAAAlv____-YAXurOZkBfdLgHoAHH4AHooLUIkYAAAAAkExtHkeTOqGyqAIAIEi3ArgCAAjA2_aBpQgDAAAAGFugh8XvNzvsGr_bZQAAAAAAAAAAZv9n_2hCRGZmaUEsAABqv4AAAGu_gAAAbOoGAPAWABd0BK0YDFYXELMDAAAAuPv____XA8mRYeIybny7jXMxc41sho1jM9x4VquVwzkbeQzb2zhC0x0v2QbuA5nC3-75W14mg4Rl9vsOCsrp6TG7_EW-22V4-Fz2m7DFaDWZbJbD2XIxGQxHw9FofwK4HOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEJ2Q42kxWo91qN1kOJ6PRbDPZIEWrVrPRZjBczSaz3W41HAyXoxFStGYxm0wWs9FytxksJ6PBcDIcIkzsVsbZyjBYK0wWw1q0WnnWysVuuJY4l5PdarfZGHaDtej1Mf12m8nMstqiYIDFXgQX6UTs8tz-nsPfc_pZ3jLLYDUaLWaziViiOVmkE9ll3xwZJi7jxrfbOBcz18hm2Dg2w41ntVo5nLORx7Bv7FbG2cowWCtMFsNatFp51srFbriWOJeT3Wq32Rh2g7Xo9TH9dpvJzLLaN2aL4Wo4G0wW-8ZsMVwNZ4PJYt-hM3xXn7PRlpkuPUJv4Ra97WTmg8JlsHh_EtNi2p0dPL_f0WlTv5RFnVF4-R69BoXn4DGNl7fasbx9NtPHYUIRSwSni3QiehlPF7FE8rRIJxrnajMcWUajhXE2W7gsE5tztBsuJq7ZbDPYWFwTsURpukgneon6jw0xGs11s7lisJxrBqsEAAAAAAAAALCEOfMmAAAAAKcB7SaT3Wq5ABR9-brAIAAAAAAAALutoK7UNJqHiscW7PLc_p7D33P6Wd4yy2A1Gi1msykDTLg0MG_2TBBrtVrWAAAAAtgAAAAB3Lp5Cwiz4gAAAALjAAAAAOQA!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.59.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-59-228.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 15:13:43 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 sync Show response
pixel.advertising.com/ups/58166/ Frame A9C3 0
124 B 11ms
7ms Script
text/plain 52.57.10.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel.advertising.com/ups/58166/sync?gdpr=1&uid=&_origin=1&us_privacy=1---&redir=true

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.10.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-10-248.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:43 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0275
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

30ms
29ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnaFtvl-usS89_Dwem0OJxcgX82zk1PD6Ca6ujk0eYnCCxzn5zZ_w9cvI1ONFs; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 16 Apr 2021 15:13:43 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 16-Apr-2021 15:14:43 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 16 Apr 2021 15:13:43 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 16 Apr 2021 15:13:43 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame C566
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=238dfffd-ebbf-4620-b44f-d3923d61c7e4
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=238dfffd-ebbf-4620-b44f-d3923d61c7e4&tbid=a50a3f05-b281-4395-b88b-f7289e5a7605-tuct7732f27&query=taboola_hm%3D238dfffd-ebbf-...

0
77 B

15ms
14ms

Image
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=238dfffd-ebbf-4620-b44f-d3923d61c7e4&tbid=a50a3f05-b281-4395-b88b-f7289e5a7605-tuct7732f27&query=taboola_hm%3D238dfffd-ebbf-4620-b44f-d3923d61c7e4&isDirect=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:43 GMT
via: 1.1 varnish
server: nginx
x-timer: S1618586024.841573,VS0,VE8
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11542-HHN

Redirect headers

location: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=238dfffd-ebbf-4620-b44f-d3923d61c7e4&tbid=a50a3f05-b281-4395-b88b-f7289e5a7605-tuct7732f27&query=taboola_hm%3D238dfffd-ebbf-4620-b44f-d3923d61c7e4&isDirect=0
tbl-x-upstream: 10.41.22.181:10213
date: Fri, 16 Apr 2021 15:13:43 GMT
server: nginx
x-fastly-to-nlb-rtt: 18065

GET
H2 200 sd
u.openx.net/w/1.0/ Frame C566 43 B
122 B 31ms
24ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/sd?id=543998486&val=17e86e00-adb0-45e3-9178-b9927573c070-tuct7732f25&gdpr=1&gdpr_consent=
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.205.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 15:13:43 GMT
via: 1.1 google
server: OXGW/16.205.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame C566 0
239 B 48ms
11ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/gif

GET
H2

204

/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame C566
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=xvmguBMl3UC8&ev=1&orig=trc&pid=562107

0
219 B

15ms
15ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=xvmguBMl3UC8&ev=1&orig=trc&pid=562107
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.22.181:10213
date: Fri, 16 Apr 2021 15:13:43 GMT
server: nginx
x-fastly-to-nlb-rtt: 19222

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=xvmguBMl3UC8&ev=1&orig=trc&pid=562107
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-7c488d4f5b-fdrx6
expires: -1

GET
H/1.1 200
OK getuidnb
ib.adnxs.com/ Frame C566 43 B
691 B 26ms
11ms Image
image/gif 37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Apr 2021 15:13:43 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 535.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.208:80
AN-X-Request-Uuid: 7128d36e-03ec-4e7b-a7b2-a33230319f6f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame C566
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEBELKl6VzQMlzduKSBE4-mQ&google_cver=1

0
205 B

14ms
14ms

Image
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEBELKl6VzQMlzduKSBE4-mQ&google_cver=1
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Fri, 16 Apr 2021 15:13:43 GMT
via: 1.1 varnish
server: nginx
x-timer: S1618586024.740979,VS0,VE8
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11542-HHN

Redirect headers

pragma: no-cache
date: Fri, 16 Apr 2021 15:13:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEBELKl6VzQMlzduKSBE4-mQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Pug
simage2.pubmatic.com/AdServer/ Frame C566 42 B
805 B 110ms
24ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=17e86e00-adb0-45e3-9178-b9927573c070-tuct7732f25:$UID
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Apr 2021 15:13:43 GMT
X-lat: lhrpug015:0:345
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame C566
Redirect Chain

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D1%26gdpr_consent%3D&orig=trc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=1&gdpr_consent=&google_hm=a50a3f05-b281-4395-b88b-f7289e5a7605-tuct7732f27

170 B
188 B

16ms
16ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=1&gdpr_consent=&google_hm=a50a3f05-b281-4395-b88b-f7289e5a7605-tuct7732f27

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 15:13:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=1&gdpr_consent=&google_hm=a50a3f05-b281-4395-b88b-f7289e5a7605-tuct7732f27
tbl-x-upstream: 10.40.0.199:10213
date: Fri, 16 Apr 2021 15:13:43 GMT
server: nginx
x-fastly-to-nlb-rtt: 18640

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame C566
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=c7b44c42-0dc0-4f60-aee4-58d1fe2111ed

0
55 B

14ms
14ms

Image
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=c7b44c42-0dc0-4f60-aee4-58d1fe2111ed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Fri, 16 Apr 2021 15:13:43 GMT
via: 1.1 varnish
server: nginx
x-timer: S1618586024.817385,VS0,VE8
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11542-HHN

Redirect headers

pragma: no-cache
date: Fri, 16 Apr 2021 15:13:43 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=c7b44c42-0dc0-4f60-aee4-58d1fe2111ed
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame C566
Redirect Chain

https://ce.lijit.com/merge?pid=42&3pid=17e86e00-adb0-45e3-9178-b9927573c070-tuct7732f25&us_privacy=&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=42&3pid=17e86e00-adb0-45e3-9178-b9927573c070-tuct7732f25&us_privacy=&gdpr=1&gdpr_consent=&dnr=1

0
433 B

23ms
23ms

Image
text/plain

216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=42&3pid=17e86e00-adb0-45e3-9178-b9927573c070-tuct7732f25&us_privacy=&gdpr=1&gdpr_consent=&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Apr 2021 15:13:43 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 16 Apr 2021 15:13:43 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=42&3pid=17e86e00-adb0-45e3-9178-b9927573c070-tuct7732f25&us_privacy=&gdpr=1&gdpr_consent=&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2 200 rtset
bh.contextweb.com/bh/ Frame C566 49 B
397 B 277ms
92ms Image
image/gif 198.148.27.140
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=17e86e00-adb0-45e3-9178-b9927573c070-tuct7732f25

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-stage-0
expires: -1

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame C566 43 B
697 B 52ms
17ms Image
image/gif 185.86.138.144
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=17e86e00-adb0-45e3-9178-b9927573c070-tuct7732f25&gdpr=1&gdpr_consent=
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.144 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 15:13:43 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 204 put
e1.emxdgt.com/ Frame C566 0
59 B 56ms
14ms Image
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d41&uid=17e86e00-adb0-45e3-9178-b9927573c070-tuct7732f25
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:43 GMT
content-length: 0
content-type: text/html

GET
H2

200

/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame C566
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=38299ff9-a339-4d43-bdda-6aa70a2ee761

0
228 B

17ms
15ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=38299ff9-a339-4d43-bdda-6aa70a2ee761
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.34.222:10213
date: Fri, 16 Apr 2021 15:13:43 GMT
server: nginx
x-fastly-to-nlb-rtt: 18065

Redirect headers

pragma: no-cache
x-errorlevel: 0
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=38299ff9-a339-4d43-bdda-6aa70a2ee761
cache-control: no-cache
date: Fri, 16 Apr 2021 15:13:43 GMT
server-processing-duration-in-ticks: 2074
content-type: text/html; charset=utf-8
content-length: 222
expires: Fri, 16 Apr 2021 00:00:00 GMT

GET

6.gif
id5-sync.com/c/464/101/2/ Frame C566
Redirect Chain

https://id5-sync.com/s/464/9.gif?puid=17e86e00-adb0-45e3-9178-b9927573c070-tuct7732f25&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
https://id5-sync.com/c/464/464/7/1.gif?puid=17e86e00-adb0-45e3-9178-b9927573c070-tuct7732f25&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOOixkwAqbioBG3ttv63lQkV6zXy_mfpKrD9Y0WA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D...
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOOixkwAqbioBG3ttv63lQkV6zXy_mfpKrD9Y0WA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fp...
https://id5-sync.com/cq/464/124/6/2.gif?puid=3b014ffa-acc9-4c66-becf-bf2ffc1f9bc4&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F5%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
https://id5-sync.com/c/464/441/5/3.gif?puid=e_725087b5-18a8-4637-aba8-e9dbec8ba594&gdpr=1&gdpr_consent=
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESELSuoLcNlqVvC6AhY9In4nc&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0Rv...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcookie-matching.mediarithmics.com%2Finput%3Fkey%3DAPX%26apx_uid%3D%24UID%26opid%3Dapx%26ops%3D%26utidl%3Dtech%3Agoo%3ACAESELSuoLcNlqVvC6AhY9In4...
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=6870985880746624017&opid=apx&ops=&utidl=tech:goo:CAESELSuoLcNlqVvC6AhY9In4nc&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0a...
https://id5-sync.com/qp/18.gif?puid=vec%3A16947198268&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/3/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/3/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://id5-sync.com/c/464/19/3/5.gif?puid=3cf91f79db337ee7e7ec8ad90a4f470e&gdpr=1&gdpr_consent=
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/464/101/2/6.gif?puid=f00341ca-f3ea-49d4-bed6-4b6996632f7e&gdpr=1&gdpr_consent=

0
0

GET
H2

204

rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame C566
Redirect Chain

https://s.c.appier.net/taboola
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=dYGPkGqVA_OYRemaqKl5YA

0
219 B

15ms
15ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=dYGPkGqVA_OYRemaqKl5YA
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.34.222:10213
date: Fri, 16 Apr 2021 15:13:44 GMT
server: nginx
x-fastly-to-nlb-rtt: 18673

Redirect headers

location: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=dYGPkGqVA_OYRemaqKl5YA
date: Fri, 16 Apr 2021 15:13:44 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 110
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame C566 35 B
380 B 357ms
90ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName: Track003-dc3
Pragma: no-cache
Date: Fri, 16 Apr 2021 15:12:47 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H2 200 sync
x.bidswitch.net/ Frame C566 43 B
146 B 23ms
7ms Image
image/gif 3.124.165.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=taboola&gdpr=1&gdpr_consent=
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.165.65 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:43 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame E1C2
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=238dfffd-ebbf-4620-b44f-d3923d61c7e4
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=238dfffd-ebbf-4620-b44f-d3923d61c7e4&tbid=a50a3f05-b281-4395-b88b-f7289e5a7605-tuct7732f27&query=taboola_hm%3D238dfffd-ebbf-...

0
52 B

15ms
14ms

Image
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=238dfffd-ebbf-4620-b44f-d3923d61c7e4&tbid=a50a3f05-b281-4395-b88b-f7289e5a7605-tuct7732f27&query=taboola_hm%3D238dfffd-ebbf-4620-b44f-d3923d61c7e4&isDirect=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:43 GMT
via: 1.1 varnish
server: nginx
x-timer: S1618586024.907693,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11542-HHN

Redirect headers

location: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=238dfffd-ebbf-4620-b44f-d3923d61c7e4&tbid=a50a3f05-b281-4395-b88b-f7289e5a7605-tuct7732f27&query=taboola_hm%3D238dfffd-ebbf-4620-b44f-d3923d61c7e4&isDirect=0
tbl-x-upstream: 10.41.34.222:10213
date: Fri, 16 Apr 2021 15:13:43 GMT
server: nginx
x-fastly-to-nlb-rtt: 17244

GET
H2 200 sd
u.openx.net/w/1.0/ Frame E1C2 43 B
106 B 15ms
15ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/sd?id=543998486&val=17e86e00-adb0-45e3-9178-b9927573c070-tuct7732f25&gdpr=1&gdpr_consent=
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.205.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 15:13:43 GMT
via: 1.1 google
server: OXGW/16.205.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame E1C2 0
239 B 13ms
12ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/gif

GET
H2

204

/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame E1C2
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=BZoO8kRz6m22&ev=1&orig=trc&pid=562107

0
219 B

16ms
15ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=BZoO8kRz6m22&ev=1&orig=trc&pid=562107
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.14.127:10213
date: Fri, 16 Apr 2021 15:13:43 GMT
server: nginx
x-fastly-to-nlb-rtt: 19222

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=BZoO8kRz6m22&ev=1&orig=trc&pid=562107
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-7c488d4f5b-p7n7w
expires: -1

GET
H/1.1 200
OK getuidnb
ib.adnxs.com/ Frame E1C2 43 B
691 B 10ms
10ms Image
image/gif 37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Apr 2021 15:13:43 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 535.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.200:80
AN-X-Request-Uuid: ab5495fa-cb67-4f8e-8908-538c5dc5bb95
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame E1C2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEBELKl6VzQMlzduKSBE4-mQ&google_cver=1

0
69 B

14ms
14ms

Image
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEBELKl6VzQMlzduKSBE4-mQ&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Fri, 16 Apr 2021 15:13:43 GMT
via: 1.1 varnish
server: nginx
x-timer: S1618586024.840122,VS0,VE8
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11542-HHN

Redirect headers

pragma: no-cache
date: Fri, 16 Apr 2021 15:13:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEBELKl6VzQMlzduKSBE4-mQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Pug
simage2.pubmatic.com/AdServer/ Frame E1C2 42 B
805 B 25ms
24ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=17e86e00-adb0-45e3-9178-b9927573c070-tuct7732f25:$UID
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Apr 2021 15:13:43 GMT
X-lat: lhrpug014:0:360
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame E1C2
Redirect Chain

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D1%26gdpr_consent%3D&orig=trc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=1&gdpr_consent=&google_hm=a50a3f05-b281-4395-b88b-f7289e5a7605-tuct7732f27

170 B
188 B

17ms
16ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=1&gdpr_consent=&google_hm=a50a3f05-b281-4395-b88b-f7289e5a7605-tuct7732f27

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 15:13:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=1&gdpr_consent=&google_hm=a50a3f05-b281-4395-b88b-f7289e5a7605-tuct7732f27
tbl-x-upstream: 10.41.22.84:10213
date: Fri, 16 Apr 2021 15:13:43 GMT
server: nginx
x-fastly-to-nlb-rtt: 17244

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame E1C2
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=c7b44c42-0dc0-4f60-aee4-58d1fe2111ed

0
57 B

15ms
14ms

Image
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=c7b44c42-0dc0-4f60-aee4-58d1fe2111ed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Fri, 16 Apr 2021 15:13:43 GMT
via: 1.1 varnish
server: nginx
x-timer: S1618586024.838444,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11542-HHN

Redirect headers

pragma: no-cache
date: Fri, 16 Apr 2021 15:13:43 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=c7b44c42-0dc0-4f60-aee4-58d1fe2111ed
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET
H/1.1 200
OK merge
ce.lijit.com/ Frame E1C2 43 B
687 B 23ms
22ms Image
image/gif 216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=42&3pid=17e86e00-adb0-45e3-9178-b9927573c070-tuct7732f25&us_privacy=&gdpr=1&gdpr_consent=
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Apr 2021 15:13:43 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2 200 rtset
bh.contextweb.com/bh/ Frame E1C2 49 B
406 B 92ms
91ms Image
image/gif 198.148.27.140
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=17e86e00-adb0-45e3-9178-b9927573c070-tuct7732f25

Requested by

Host: www.lesvospost.com
URL: https://www.lesvospost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-7c488d4f5b-gxw7t
expires: -1

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame E1C2 43 B
438 B 18ms
18ms Image
image/gif 185.86.138.144
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=17e86e00-adb0-45e3-9178-b9927573c070-tuct7732f25&gdpr=1&gdpr_consent=
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.144 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 15:13:43 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 204 put
e1.emxdgt.com/ Frame E1C2 0
22 B 7ms
7ms Image
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d41&uid=17e86e00-adb0-45e3-9178-b9927573c070-tuct7732f25
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:43 GMT
content-length: 0
content-type: text/html

GET
H2

200

/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame E1C2
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=38299ff9-a339-4d43-bdda-6aa70a2ee761

0
228 B

15ms
15ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=38299ff9-a339-4d43-bdda-6aa70a2ee761
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.14.127:10213
date: Fri, 16 Apr 2021 15:13:43 GMT
server: nginx
x-fastly-to-nlb-rtt: 16575

Redirect headers

pragma: no-cache
x-errorlevel: 0
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=38299ff9-a339-4d43-bdda-6aa70a2ee761
cache-control: no-cache
date: Fri, 16 Apr 2021 15:13:43 GMT
server-processing-duration-in-ticks: 4021
content-type: text/html; charset=utf-8
content-length: 222
expires: Fri, 16 Apr 2021 00:00:00 GMT

GET

/
loadus.exelator.com/load/ Frame E1C2
Redirect Chain

https://id5-sync.com/s/464/9.gif?puid=17e86e00-adb0-45e3-9178-b9927573c070-tuct7732f25&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOOixkwAqbioBG3ttv63lQkV6zXy_mfpKrD9Y0WA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D...
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOOixkwAqbioBG3ttv63lQkV6zXy_mfpKrD9Y0WA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fp...
https://id5-sync.com/cq/464/124/6/2.gif?puid=3b014ffa-acc9-4c66-becf-bf2ffc1f9bc4&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F5%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
https://id5-sync.com/c/464/441/5/3.gif?puid=e_91301c49-7ff4-43bb-ba3e-0fb6187b0b1c&gdpr=1&gdpr_consent=
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESELSuoLcNlqVvC6AhY9In4nc&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0Rv...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcookie-matching.mediarithmics.com%2Finput%3Fkey%3DAPX%26apx_uid%3D%24UID%26opid%3Dapx%26ops%3D%26utidl%3Dtech%3Agoo%3ACAESELSuoLcNlqVvC6AhY9In4...
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=8557192939574286957&opid=apx&ops=&utidl=tech:goo:CAESELSuoLcNlqVvC6AhY9In4nc&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0a...
https://id5-sync.com/qp/18.gif?puid=vec%3A16947478757&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/3/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/3/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://id5-sync.com/c/464/19/3/5.gif?puid=3cf91f79db337ee7e7ec8ad90a4f470e&gdpr=1&gdpr_consent=
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/464/101/2/6.gif?puid=1ef01894-7836-46ee-a461-7d5a1f1b4efa&gdpr=1&gdpr_consent=
https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F103%2F1%2F7.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D

0
0

GET
H2

204

rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame E1C2
Redirect Chain

https://s.c.appier.net/taboola
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=xrkIOLkGCM60frcUqKl5YA

0
219 B

15ms
15ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=xrkIOLkGCM60frcUqKl5YA
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.22.181:10213
date: Fri, 16 Apr 2021 15:13:44 GMT
server: nginx
x-fastly-to-nlb-rtt: 18673

Redirect headers

location: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=xrkIOLkGCM60frcUqKl5YA
date: Fri, 16 Apr 2021 15:13:44 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 110
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame E1C2 35 B
380 B 281ms
90ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName: Track004-dc3
Pragma: no-cache
Date: Fri, 16 Apr 2021 15:12:47 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H2 200 sync
x.bidswitch.net/ Frame E1C2 43 B
145 B 7ms
7ms Image
image/gif 3.124.165.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=taboola&gdpr=1&gdpr_consent=
Requested by: Host: www.lesvospost.com
URL: https://www.lesvospost.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.165.65 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:43 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 18ms
17ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210414&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e91fb2b59c35d5085cc05365ca0f870ce128865162a8df9d0873095f9017886

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 16 Apr 2021 15:13:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7062
x-xss-protection: 0

GET
H3-29 200 wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js Show response
pagead2.googlesyndication.com/bg/ Frame 4B00 14 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c24a517cf3dc453e6046e54ec1f6944bd762da6fc68447fcfa84c374723bbb09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 11:40:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 12801
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5710
x-xss-protection: 0
expires: Sat, 16 Apr 2022 11:40:22 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Fri, 16 Apr 2021 15:13:43 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 98DA 0
150 B 66ms
22ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.lesvospost.com&gdpr=1&gdpr_consent=

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=www.lesvospost.com&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.lesvospost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=38299ff9-a339-4d43-bdda-6aa70a2ee761
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.lesvospost.com/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 2197
date: Fri, 16 Apr 2021 15:13:42 GMT
content-length: 0

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 80 KB
26 KB 68ms
23ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:43 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 09:52:27 GMT
server: nginx
etag: W/"605322db-14013"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Sat, 17 Apr 2021 15:13:43 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame A71D 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.lesvospost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.lesvospost.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Fri, 16 Apr 2021 15:03:36 GMT
expires: Sat, 16 Apr 2022 15:03:36 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 607
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js Show response
pagead2.googlesyndication.com/bg/ Frame A71D 14 KB
6 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c24a517cf3dc453e6046e54ec1f6944bd762da6fc68447fcfa84c374723bbb09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 11:40:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 12801
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5710
x-xss-protection: 0
expires: Sat, 16 Apr 2022 11:40:22 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D74C 0
20 B 49ms
48ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210414&jk=2612572080098448&bg=!8vGl8bXNAAZUuIlwVLg7ACkAdvg8WgvUhsSqP8le7PGhxENDWDEyjA7EdYG7qXyxlCM5csQ2tRKnlAIAAAJ-UgAAAAtoAQeZAkYbp6M8kdibxSGruPq-5OqSPFdvnChtsyQSScE8M1IC3_Jsr1NSqlSKNQ56bJc4adaIcaDmo_LcmGjsz53lOF6NqQh0eAI7gM7BDo0dCFBeZXEhkRx4vd7oDGu5K88B2QOAk8F5X99DPJTCq5VST9YhY7tZ4qwfCB6vV--_JnVcngTPvWf2HjcLwQj4tf1iU8x_2tfFOFFoP8K7dWN1azTFQW3LFu5_Uj5A2gYW0CMkRXyAHvlqSa-ftyOc7nRqSgrOFcB6gwuNN2ygZ9BJm-vd7opD1hbrxnxDJ_2F-7zApZLD0H6VRQ2KbYRt5ouD2C_4CGOaodUlUhL1GEK3QjjQXrsrupN-WyCBqI1dhhqBv8X0TH94AOs0S7UgoSl23l_ozBbmzMH2Sm47k1JJD8OP86WjC5p4AGryM5MhIvVz7e1_eBd76taW3K3NWjmQBcCy90_8LtaCvjoP8AUGOTDGpDvyLfnrF5H6-mDKCzTUNtfOQL_skbApiWblKIZdnVlwu7HBjINiMdtxaCZ0Q4HO6CeyLACy881fcmvlyj4dDjb1vgV7CeK83V6pRnTesK5xBbOUxENxi_LnAWH_PQ7ks8hkzJH6C9yyNiUgFeU_nZF0OIzff5AzSApvwKHO6LdLzSp46DPsmCvsBzsa4l2ccGCiQ1ju3SkwF3OOokwopwmQ2hKhqOvm5z6WW42eb7ukMH7hFR7P8MxidIcYYf-fNCfatTleqkrflvqbvKLZ-SKw-EBqbvqTjA2Jfe0UgZ57uP6vvNM

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 15:13:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210414&jk=2592789604545969&bg=!0NOl05fNAAZUuIlwVLg7ACkAdvg8WujXVONzm1SzIseWyA_98Arl698_JA-vv-YRcGQlIeasEaGd_gIAAABlUgAAAAxoAQcKAO6EqfBFQ5n9cwmjrXDLZZHAgSQhIOuGG4fydI1WcKndXCPbGJUPCXDfy2Oqv0gj6C0tN0w0QmR8jpb4bFa970q7J5ihXs_bdMfFlofPIZeKBApPsBFfbqH7-IQ2RXx1iU76sJL3BLY77c8ET4XVN2U_ZCHgAMCZt3ixce07a9GGAk3Jk88vHAwTjSNfNMqhcPMevFdgxsyrLu1mVWR2KZOmqYNbuN907diuEjnQYnot6QIa-Zg03n3uaH4pJzGRj37i1dbWTVwqhiz-6wkYICtVZgUgMYhuxgqUR4WKmDU8egfN7PI7MZt5Quwfk1b9mQIkWAQJ96DNBpix9ce7H-8S3hjoaY6PPHS7IVjnU_7OvMWYOcxfHbMH-Pmmdg919ZzWMLswjkApg778LKGfHJ2vu3POCd4QgwUEfZJf8Ya2MFmqeJ2-d6apWAxVgtYqGRaCC6qbAwZXsPp8twWMHAZCjwTGlXYY5EFAAeu3qK4rFEAJF5uNmYW57MVKNEbQwqjGPIzTL6qE69j_NKrPsrdgY7CAyGZfIK0sa7LZiC4deUn6NgNI3kuvfYvMEl7vGBC3uKALDC366g5pnBDb_dy5ZxbZRBu2MfEsZioU1KKAVWQhoYcKEMHW20kzYoFuOjcFAf5lvkbf4k8uVsSrBe9t8lU6Smlo8ucAGBO0Gazty-NdEoLbwOIW96Ro6Ui-GA0nWepjTbIpMVY7g17mxeM7EP0EXB-KIgyGEOm84BNDceHsJsalSgBLxhzHiJJt2sJvix5leiuI6TLE_noN2UPhl2gtN7d7yLMwe9qSNlNY_fvES3-K3_KPn87LBmd-a-Qz3Zuacl4K6uncBUVQ9K3mRlw9yTwLrHz0NxwXu72UMHDVsPUZDNFIMgfR3C8vDY5clSAb_Qb0Qe4xS011KBCkmEZ4eARu06Lx1q7-ZLIZO3HFGDUWrPotcm9Oy_3E_AL9v44fBprOZt_awk2KKpuxdAz3RG2nNCqEyo5_M9gDMObbSCLAJh8a5tKlbp6YRUUUy_7zC8fGRhrbOjb0S1JEFiQF3Mg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 15:13:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ImgSync
image8.pubmatic.com/AdServer/ 0
75 B 53ms
11ms Image
text/plain 185.64.189.216
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=156400&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.216 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Apr 2021 15:13:43 GMT
Content-Length: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=aab12007-56b9-4b7e-b570-1ed0b579538e&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELZ65v2W6LCSiB3_Kk-Q3WQ&google_cver=1

43 B
106 B

16ms
14ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELZ65v2W6LCSiB3_Kk-Q3WQ&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.205.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 15:13:44 GMT
via: 1.1 google
server: OXGW/16.205.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 16 Apr 2021 15:13:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELZ65v2W6LCSiB3_Kk-Q3WQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 quantumdex Show response
sync.quantumdex.io/usersync/ Frame 1C11 3 KB
1 KB 147ms
140ms Document
text/html 2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/quantumdex
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.28.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7b09ff84d6843ad13ad61e99dec617fda5e939ee2701b9812746a098acc99ec

Request headers

:method: GET
:authority: sync.quantumdex.io
:scheme: https
:path: /usersync/quantumdex
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.lesvospost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=82f1941a-da6d-4e4f-81e2-35f651ad673a
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.lesvospost.com/

Response headers

date: Fri, 16 Apr 2021 15:13:45 GMT
content-type: text/html
set-cookie: __cfduid=d605c00d854f60047df3056c7a5eea5861618586024; expires=Sun, 16-May-21 15:13:44 GMT; path=/; domain=.quantumdex.io; HttpOnly; SameSite=Lax uid=82f1941a-da6d-4e4f-81e2-35f651ad673a; expires=Thu, 06 May 2021 15:13:44 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
cf-request-id: 097cd7d3d800004ea9a0272000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jZNnaHeRDToP3qGUbcvJt40Oh9pqfL0QFuODP3y3WiJ8ySnDMx%2FUBY9Q%2FKe%2ByCt%2F2IPGwEnko1tZ6F4rLoPPvqFaT0LApWKxHhc5AbUkCG2mRzevh2qxWEIUOUFapkc%3D"}],"group":"cf-nel"}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 640e5bffcece4ea9-FRA
content-encoding: br

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame F7DB 52 KB
17 KB 24ms
9ms Document
text/html 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.28.4.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.lesvospost.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: uuid2=8557192939574286957
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.lesvospost.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Sat, 17 Apr 2021 04:57:33 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Fri, 16 Apr 2021 15:13:44 GMT
Age: 36973
X-Served-By: cache-lga13625-LGA, cache-fra19131-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 314490
X-Timer: S1618586025.931345,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 / Show response
spl.zeotap.com/ Frame 6CFE 8 KB
2 KB 42ms
26ms Document
text/html 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.28.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd486becf782b0d2a778378dc5a587be49ca55ef73e131e322159c11a1c7f8ed

Request headers

:method: GET
:authority: spl.zeotap.com
:scheme: https
:path: /?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.lesvospost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.lesvospost.com/

Response headers

date: Fri, 16 Apr 2021 15:13:44 GMT
content-type: text/html
set-cookie: __cfduid=daecb0540ad9d2bf409dc8a6981f124391618586024; expires=Sun, 16-May-21 15:13:44 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax zc=0665d433-7ea7-4e7e-76a7-d961871cf8c6; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure zsc=%A0q%E7J7%96%8D%FAC%F0%1F%D2%F02%3F%04%D4%FB%C3%AC%CFX%13%92%7BK%87%26m%B6X%EAI%2B%A4%88+%1Bu%23%8C%9F%83%B69F%23%C8k%26%06%C0%DF%A9z%BB%1B%E6%EB%BA%92dxPLx%07%81%81%87Z%16jQ%2FqV67%8B%8C%BA%D9%AE%E0%F2%14%FD%13%C7G%BFn%EB2%1E%A2K%E20%85%A8%D3My%3E6%08%EDX97%0B%87%F0%BE%E8%1C%FF%F6%2FE%804%12%EF%E9%B3%21%05%B5%D6%E3-H%E0Q-%A74-%94%FD%AA%3A%9D%0B%13%24%10%2F%16%ADAgRz%95%1A%C6%F1%A5E%CAwm%EEh; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://www.lesvospost.com
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
cf-request-id: 097cd7d3e600004e978d381000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 640e5bffde734e97-FRA
content-encoding: br

GET
H2

200

um
u-ams02.e-planning.net/
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3Df8c2be3be15bf66f%26uid%3D%24UID
https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=f8c2be3be15bf66f&uid=b8c9529c4e410f234956ecf3

42 B
104 B

43ms
13ms

Image
image/gif

5.178.65.246
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=f8c2be3be15bf66f&uid=b8c9529c4e410f234956ecf3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:45 GMT
server: openresty
content-type: image/gif

Redirect headers

Date: Fri, 16 Apr 2021 15:13:44 GMT
Server: nginx
Location: https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=f8c2be3be15bf66f&uid=b8c9529c4e410f234956ecf3
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

um
sync.e-planning.net/
Redirect Chain

https://sync.1rx.io/usersync2/eplanning
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1725787304
https://sync.1rx.io/usersync/tradedesk/c7b44c42-0dc0-4f60-aee4-58d1fe2111ed
https://sync.targeting.unrulymedia.com/csync/RX-7ad6275b-de39-4dad-bbce-57c0af398fbf-003?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3DRX-7ad6275b-de39-4dad-bbce-57c0af398fbf-003%26dc%3D1079...
https://sync.e-planning.net/um?uid=RX-7ad6275b-de39-4dad-bbce-57c0af398fbf-003&dc=1079cc634ca638f8&iss=1

42 B
104 B

46ms
15ms

Image
image/gif

46.249.52.248
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.e-planning.net/um?uid=RX-7ad6275b-de39-4dad-bbce-57c0af398fbf-003&dc=1079cc634ca638f8&iss=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:45 GMT
server: openresty
content-type: image/gif

Redirect headers

Date: Fri, 16 Apr 2021 15:13:45 GMT
Server: Tengine
ETag: RX7ad6275bde394dadbbce57c0af398fbf003
Transfer-Encoding: chunked
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location: https://sync.e-planning.net/um?uid=RX-7ad6275b-de39-4dad-bbce-57c0af398fbf-003&dc=1079cc634ca638f8&iss=1
Connection: keep-alive
Content-Type: text/html

GET
H/1.1 400
Request failed due to privacy signals getuid
ib.adnxs.com/ Frame 6CFE 0
0 6ms
5ms Image
text/html 37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 6CFE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-44...
https://mwzeom.zeotap.com/mw?google_gid=CAESEJWpeaOxXlqByutWiIEsxyk&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c...

95 B
318 B

28ms
27ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEJWpeaOxXlqByutWiIEsxyk&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:45 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 640e5c002f154e97-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 097cd7d41500004e97c6968000000001

Redirect headers

pragma: no-cache
date: Fri, 16 Apr 2021 15:13:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEJWpeaOxXlqByutWiIEsxyk&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zdid=1361
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 470
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 6CFE
Redirect Chain

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
https://mwzeom.zeotap.com/mw?cid=5613bf21-9ec6-11eb-88cf-7ead74e47c78&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54...

95 B
179 B

25ms
24ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=5613bf21-9ec6-11eb-88cf-7ead74e47c78&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:45 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 640e5c005f7c4e97-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 097cd7d43400004e97772cc000000001

Redirect headers

date: Fri, 16 Apr 2021 15:13:44 GMT
via: 1.1 google
server: Jetty(9.4.28.v20200408)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://mwzeom.zeotap.com/mw?cid=5613bf21-9ec6-11eb-88cf-7ead74e47c78&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zdid=1361
alt-svc: clear
content-length: 0

GET
H2 403 /
dmp.adform.net/serving/cookie/match/ Frame 6CFE 0
331 B 100ms
31ms Image
text/plain 37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 15:13:45 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 6CFE
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0665d433-7ea7-4e7e-76a7-d961871cf8c6%26reqId%3D3...
https://mwzeom.zeotap.com/mw?cid=c7b44c42-0dc0-4f60-aee4-58d1fe2111ed&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54...

95 B
284 B

27ms
27ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=c7b44c42-0dc0-4f60-aee4-58d1fe2111ed&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:45 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 640e5c004f524e97-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 097cd7d42a00004e9785b37000000001

Redirect headers

pragma: no-cache
date: Fri, 16 Apr 2021 15:13:44 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://mwzeom.zeotap.com/mw?cid=c7b44c42-0dc0-4f60-aee4-58d1fe2111ed&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zdid=1361
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 481

GET
H2 200 cm
trc.taboola.com/sg/zeotap/1/ Frame 6CFE 0
77 B 22ms
17ms Image
text/plain 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Fri, 16 Apr 2021 15:13:44 GMT
via: 1.1 varnish
server: nginx
x-timer: S1618586025.973148,VS0,VE8
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11542-HHN

GET
H/1.1 200
OK u
dmp.v.fwmrm.net/ad/ Frame 6CFE 0
361 B 44ms
12ms Image
text/html 154.57.158.51
FREEWHEEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.57.158.51 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS: amsadvip2.fwmrm.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Apr 2021 15:13:45 GMT
Cache-Control: no-store
Expires: 0
Content-Type: text/html
Content-Length: 0
P3P: policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"

GET
H/1.1 200
OK UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 6CFE 0
240 B 102ms
24ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0665d433-7ea7-4e7e-76a7-d961871cf8c6%26reqId%3D33c62c76-e358-4f54-4474-21449698e52e%26zdid%3D1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Apr 2021 15:13:45 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 6CFE
Redirect Chain

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zdid=1361
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zdid=136...
https://mwzeom.zeotap.com/mw?cid=a40cdc85-cd44-4dea-a0ca-ced3610433ff&zpartnerid=317&gdpr=1&gdpr_consent=

95 B
179 B

22ms
21ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=a40cdc85-cd44-4dea-a0ca-ced3610433ff&zpartnerid=317&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:45 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 640e5c00d8734e97-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 097cd7d48500004e97671b4000000001

Redirect headers

pragma: no-cache
date: Fri, 16 Apr 2021 15:13:45 GMT
server: Apache-Coyote/1.1
location: https://mwzeom.zeotap.com/mw?cid=a40cdc85-cd44-4dea-a0ca-ced3610433ff&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 6CFE
Redirect Chain

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=0665d433-7ea7-4e7e-76a7-d961871cf8c6&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=0665d433-7ea7-4e7e-76a7-d961871cf8c6&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
https://mwzeom.zeotap.com/mw?cid=69214828943758635161664202064406352624&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-...

95 B
179 B

26ms
26ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=69214828943758635161664202064406352624&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:45 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 640e5c01090b4e97-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 097cd7d4a100004e977b383000000001

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: twuHrwI/RYo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://mwzeom.zeotap.com/mw?cid=69214828943758635161664202064406352624&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zdid=1361
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 /
loadeu.exelator.com/load/ Frame 6CFE 0
608 B 13ms
6ms Image
text/plain 18.198.69.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:44 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 6CFE
Redirect Chain

https://bn01.er.bemail.it/zeotap.php?_bid=0665d433-7ea7-4e7e-76a7-d961871cf8c6&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-...
https://mwzeom.zeotap.com/mw?cid=BE1-2021041617-78023-0.959468001618586024-a8f6154513a83536a7d88971a25b1794&zdid=533&env=mWeb

95 B
179 B

26ms
26ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=BE1-2021041617-78023-0.959468001618586024-a8f6154513a83536a7d88971a25b1794&zdid=533&env=mWeb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:45 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 640e5c00a82a4e97-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 097cd7d46c00004e9795a2d000000001

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=BE1-2021041617-78023-0.959468001618586024-a8f6154513a83536a7d88971a25b1794&zdid=533&env=mWeb
Date: Fri, 16 Apr 2021 15:13:44 GMT
Server: nginx/1.10.2
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Transfer-Encoding: chunked
Content-Type: text/html

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 6CFE
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
https://mwzeom.zeotap.com/mw?cid=6951774043137898649&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-...

95 B
179 B

23ms
22ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=6951774043137898649&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:45 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 640e5c005f8d4e97-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 097cd7d43800004e97cb2a4000000001

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=6951774043137898649&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zdid=1361
Date: Fri, 16 Apr 2021 15:13:45 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 6CFE
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=0665d433-7ea7-4e7e-76a7-d961871cf8c6
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=0665d433-7ea7-4e7e-76a7-d961871cf8c6

95 B
427 B

14ms
14ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=0665d433-7ea7-4e7e-76a7-d961871cf8c6

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Jetty(9.4.28.v20200408) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:45 GMT
via: 1.1 google
server: Jetty(9.4.28.v20200408)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/png
alt-svc: clear
content-length: 95

Redirect headers

date: Fri, 16 Apr 2021 15:13:44 GMT
via: 1.1 google
server: Jetty(9.4.28.v20200408)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=0665d433-7ea7-4e7e-76a7-d961871cf8c6
alt-svc: clear
content-length: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 6CFE
Redirect Chain

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=0665d433-7ea7-4e7e-76a7-d961871cf8c6&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=0665d433-7ea7-4e7e-76a7-d961871cf8c6&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://mwzeom.zeotap.com/mw?webouuid=Y/AVScLVs/BMaDEsymyv.e&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f...

95 B
179 B

22ms
21ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?webouuid=Y/AVScLVs/BMaDEsymyv.e&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:45 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 640e5c007fc64e97-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 097cd7d44800004e97d42a4000000001

Redirect headers

pragma: no-cache
date: Fri, 16 Apr 2021 15:13:45 GMT
via: 1.1 google
last-modified: Fri, 16 Apr 2021 15:13:45 GMT
server: nginx/1.12.0
location: https://mwzeom.zeotap.com/mw?webouuid=Y/AVScLVs/BMaDEsymyv.e&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zdid=1361
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 2.gif
dmp.theadex.com/d/949/i/ Frame 6CFE 36 B
378 B 49ms
12ms Image
image/gif 89.163.159.103
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=0665d433-7ea7-4e7e-76a7-d961871cf8c6&axd_pid=175
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 89.163.159.103 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx /
Resource Hash: 204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 15:13:45 GMT
server: nginx
p3p: CP="CAO PSAa PSDa IVAa IVDa OUR UNI COM NAV"
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
content-length: 36
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 6CFE
Redirect Chain

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=0665d433-7ea7-4e7e-76a7-d961871cf8c6?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
https://mwzeom.zeotap.com/mw?pid=3cf91f79db337ee7e7ec8ad90a4f470e&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e3...

95 B
179 B

32ms
32ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?pid=3cf91f79db337ee7e7ec8ad90a4f470e&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:45 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 640e5c00e8bb4e97-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 097cd7d49300004e97aaa25000000001

Redirect headers

pragma: no-cache
date: Fri, 16 Apr 2021 15:13:45 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://mwzeom.zeotap.com/mw?pid=3cf91f79db337ee7e7ec8ad90a4f470e&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zdid=1361
cache-control: no-cache
x-server: 10.45.18.169
content-length: 0
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 6CFE
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
https://mwzeom.zeotap.com/mw?cid=y-aTsxxoxE2opyco3M_OsZqjkz6nBuNmYfYQ--~A&zpartnerid=570&env=mWeb

95 B
229 B

28ms
26ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=y-aTsxxoxE2opyco3M_OsZqjkz6nBuNmYfYQ--~A&zpartnerid=570&env=mWeb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:45 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 640e5c01399c4e97-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 097cd7d4c200004e9797a07000000001

Redirect headers

date: Fri, 16 Apr 2021 15:13:45 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: text/html;charset=utf-8
location: https://mwzeom.zeotap.com/mw?cid=y-aTsxxoxE2opyco3M_OsZqjkz6nBuNmYfYQ--~A&zpartnerid=570&env=mWeb
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 6CFE
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zd...
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=T4GVYPfMHYCdHyqamsw5vg98AWB2HcqU%2BS41iYitP1U%3D

95 B
179 B

36ms
35ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=T4GVYPfMHYCdHyqamsw5vg98AWB2HcqU%2BS41iYitP1U%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:45 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 640e5c00f8e64e97-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 097cd7d49800004e97ce1f1000000001

Redirect headers

pragma: no-cache
date: Fri, 16 Apr 2021 15:13:45 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=T4GVYPfMHYCdHyqamsw5vg98AWB2HcqU%2BS41iYitP1U%3D
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2 200 v2
odr.mookie1.com/t/ Frame 6CFE 43 B
324 B 33ms
15ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=0665d433-7ea7-4e7e-76a7-d961871cf8c6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 15:13:45 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 6CFE 0
338 B 88ms
29ms Image
text/plain 3.248.155.244
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.155.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-155-244.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:45 GMT
cache-control: private, no-cache, no-store
x-request-time: D=36 t=1618586025
x-served-by: beacon-n015-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 /
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 6CFE 95 B
360 B 1277ms
4ms Image
image/png 168.119.149.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=0665d433-7ea7-4e7e-76a7-d961871cf8c6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.119.149.178 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.178.149.119.168.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:46 GMT
server: nginx/1.10.3
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/png

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 6CFE
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YHmpqQAAJzHoBwAC&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-214...

95 B
179 B

26ms
25ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YHmpqQAAJzHoBwAC&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zdid=1361&_test=YHmpqQAAJzHoBwAC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:45 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 640e5c020b7e4e97-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 097cd7d54100004e9785b4f000000001

Redirect headers

pragma: no-cache
date: Fri, 16 Apr 2021 15:13:45 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1618586025.275900,VS0,VE0
x-served-by: cache-fra19158-FRA
x-cache: HIT
location: https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YHmpqQAAJzHoBwAC&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zdid=1361&_test=YHmpqQAAJzHoBwAC
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 6CFE
Redirect Chain

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://mwzeom.zeotap.com/mw?cid=472b6079-a9a9-4f00-a1dd-34d7ff3af5d3&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c7...

95 B
259 B

33ms
32ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=472b6079-a9a9-4f00-a1dd-34d7ff3af5d3&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:45 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 640e5c0139984e97-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 097cd7d4c100004e97ce1f6000000001

Redirect headers

Date: Fri, 16 Apr 2021 15:13:45 GMT
Server: MT3 3660 495c301 master cdg-pixel-x9
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://mwzeom.zeotap.com/mw?cid=472b6079-a9a9-4f00-a1dd-34d7ff3af5d3&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zdid=1361
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Fri, 16 Apr 2021 15:15:11 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 6CFE
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zdid=1361
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698...

0
337 B

30ms
30ms

Image
text/plain

3.248.155.244
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zdid=1361
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.155.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-155-244.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:45 GMT
cache-control: private, no-cache, no-store
x-request-time: D=478 t=1618586025
x-served-by: beacon-n004-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zdid=1361
date: Fri, 16 Apr 2021 15:13:45 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a007-ash-prod.krxd.net

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame 6CFE
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=0665d433-7ea7-4e7e-76a7-d961871cf8c6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a...
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=0665d433-7ea7-4e7e-76a7-d961871cf8c6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a...

43 B
433 B

34ms
34ms

Image
image/gif

52.95.118.60
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=0665d433-7ea7-4e7e-76a7-d961871cf8c6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zdid=1361&dcc=t
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Apr 2021 15:13:45 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 16 Apr 2021 15:13:45 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=0665d433-7ea7-4e7e-76a7-d961871cf8c6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zdid=1361&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 6CFE
Redirect Chain

https://tags.bluekai.com/site/87734?id=0665d433-7ea7-4e7e-76a7-d961871cf8c6&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK...
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734

95 B
179 B

27ms
27ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:45 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 640e5c024c1d4e97-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 097cd7d56c00004e977f02e000000001

Redirect headers

Location: https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Date: Fri, 16 Apr 2021 15:13:45 GMT
Connection: keep-alive
Content-Length: 0
BK-Server: 9fc7
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2 200 zeo
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/ Frame 6CFE 0
38 B 93ms
28ms Image
text/plain 52.210.236.221
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D0665d433-7ea7-4e7e-76a7-d961871cf8c6%26reqId%3D33c62c76-e358-4f54-4474-21449698e52e%26zdid%3D1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.236.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:45 GMT
content-length: 0

GET
H2 200 cmp.min.js Show response
spl.zeotap.com/ Frame 6CFE 557 B
580 B 36ms
34ms Script
text/plain 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 516de79c4babb9b05b6437d64c8ceb1a24d13e9571d5bde42641558f100a1146

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 640e5c000ee84e97-FRA
date: Fri, 16 Apr 2021 15:13:44 GMT
via: 1.1 google
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
content-encoding: br
access-control-allow-headers: *
cf-request-id: 097cd7d40b00004e978ab37000000001

GET
H2 204 cmp
spl.zeotap.com/ Frame 6CFE 0
0 23ms
23ms Document
text/plain 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zdid=1361&cmp=0
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: spl.zeotap.com
:scheme: https
:path: /cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=0665d433-7ea7-4e7e-76a7-d961871cf8c6&reqId=33c62c76-e358-4f54-4474-21449698e52e&zdid=1361&cmp=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: zc=0665d433-7ea7-4e7e-76a7-d961871cf8c6; zsc=%A0q%E7J7%96%8D%FAC%F0%1F%D2%F02%3F%04%D4%FB%C3%AC%CFX%13%92%7BK%87%26m%B6X%EAI%2B%A4%88+%1Bu%23%8C%9F%83%B69F%23%C8k%26%06%C0%DF%A9z%BB%1B%E6%EB%BA%92dxPLx%07%81%81%87Z%16jQ%2FqV67%8B%8C%BA%D9%AE%E0%F2%14%FD%13%C7G%BFn%EB2%1E%A2K%E20%85%A8%D3My%3E6%08%EDX97%0B%87%F0%BE%E8%1C%FF%F6%2FE%804%12%EF%E9%B3%21%05%B5%D6%E3-H%E0Q-%A74-%94%FD%AA%3A%9D%0B%13%24%10%2F%16%ADAgRz%95%1A%C6%F1%A5E%CAwm%EEh
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

date: Fri, 16 Apr 2021 15:13:45 GMT
set-cookie: __cfduid=d4cb95cebff374b5da0928bce35c06aeb1618586025; expires=Sun, 16-May-21 15:13:45 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://spl.zeotap.com
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
cf-request-id: 097cd7d42f00004e976f1b9000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 640e5c004f6a4e97-FRA

GET
H2

200

setuid
sync.quantumdex.io/ Frame 1C11
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8557192939574286957

43 B
332 B

142ms
142ms

Image
image/gif

2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8557192939574286957
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LUBmBtjAA9b5doq5xOoEpyJIG8LQWldcQDsaXeD7uz1pWnYU01N1v2bK03WOYWnEnhnSjTmhlL5aw7vNS4BcZJFy0n267Avv4mnb7Se1x2kHGaB9DnLQDBy9hb8%2Btxc%3D"}],"group":"cf-nel"}
content-type: image/gif
cf-ray: 640e5c00b9114ea9-FRA
content-length: 43
cf-request-id: 097cd7d47600004ea9f514f000000001

Redirect headers

Pragma: no-cache
Date: Fri, 16 Apr 2021 15:13:45 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 535.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.241:80
AN-X-Request-Uuid: 5f74ae5f-db5a-46ae-b0b6-10701d75c616
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8557192939574286957
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 1C11
Redirect Chain

https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Damx-rtb%26uid%3D
https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%3FA%3D693c2491-3703-42c4-8734-305a4cb3b6d0%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1...
https://prebid.a-mo.net/cchain/0?A=693c2491-3703-42c4-8734-305a4cb3b6d0&bidder=appnexus&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%3D&uid=8557192939574286957
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%3FA%3D693c2491-3703-42c4-8734-305a4cb3b6d0%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlc...
https://prebid.a-mo.net/cchain/1?A=693c2491-3703-42c4-8734-305a4cb3b6d0&bidder=sovrn&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0=&uid=b8c9529c4e410f234956ecf3
https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%3FA%3D693c2491-3703-42c4-8734-305a4cb3b6d0%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW...
https://prebid.a-mo.net/cchain/2?A=693c2491-3703-42c4-8734-305a4cb3b6d0&bidder=index_rtb&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%3D&uid=YHmpqailla-DpNX6bC9o8QAA%...
https://sync.quantumdex.io/setuid?bidder=amx-rtb&uid=693c2491-3703-42c4-8734-305a4cb3b6d0

43 B
339 B

144ms
143ms

Image
image/gif

2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=amx-rtb&uid=693c2491-3703-42c4-8734-305a4cb3b6d0
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OnFm%2FHn6%2BrZmO2JSOqTdB11%2F7oZ6QnrpNUhKGU3V0yQ370ndBkkN%2FFBIWreAHyOXTaxFU1vQH%2F1ouq5TtoGmAmivxwT1AW2oB6Akznfd5raCpdiuHkvk9KZQQbLKJC4%3D"}],"group":"cf-nel"}
content-type: image/gif
cf-ray: 640e5c034ec64ea9-FRA
content-length: 43
cf-request-id: 097cd7d60a00004ea98a962000000001

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=amx-rtb&uid=693c2491-3703-42c4-8734-305a4cb3b6d0
date: Fri, 16 Apr 2021 15:13:45 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 1C11
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
https://sync.quantumdex.io/setuid?bidder=between&uid=b9174655-a9ba-526a-928d-8cb7f2f4251e

43 B
352 B

144ms
144ms

Image
image/gif

2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=between&uid=b9174655-a9ba-526a-928d-8cb7f2f4251e
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=X%2Bkp5aIMwVQWXOqqpVp49s%2BARKyPcbbVGUXugTJbSCg4d0M3vAkHQVtQveENT%2Fnis6VZ3rft4sSI5n0Vt1tXddMHPJHofKfEZUxwyNaHUhp8%2F%2B2VYtZ1apBYAEJeXN8%3D"}],"group":"cf-nel"}
content-type: image/gif
cf-ray: 640e5c00f9884ea9-FRA
content-length: 43
cf-request-id: 097cd7d49a00004ea9ab80b000000001

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=between&uid=b9174655-a9ba-526a-928d-8cb7f2f4251e
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 1C11
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=8557192939574286957

43 B
328 B

145ms
139ms

Image
image/gif

2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=8557192939574286957
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BtTtDVj5Y8rDQY8x%2B7CPSKckrT03gvZtFQK%2BhYtEF7ZQXOaQuj28RGYOy9YzJyRoW4f%2Fg47J4E8mtxrAhNyRa0vGaqZ6wGFB7XNNjjqeiaPPc1TXkKKD7zu6ZZsaOQg%3D"}],"group":"cf-nel"}
content-type: image/gif
cf-ray: 640e5c00c93f4ea9-FRA
content-length: 43
cf-request-id: 097cd7d48100004ea9da281000000001

Redirect headers

Pragma: no-cache
Date: Fri, 16 Apr 2021 15:13:45 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 535.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.232:80
AN-X-Request-Uuid: 8a7b0f32-7226-4218-b05e-bbadd1a3ea0c
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=8557192939574286957
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 1C11
Redirect Chain

https://ms.quantumdex.io/user/sync/quantumdex
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=5e55cab3-750d-4145-b73d-2e403ecdd163

43 B
432 B

146ms
146ms

Image
image/gif

2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=5e55cab3-750d-4145-b73d-2e403ecdd163
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wYytPVdHqvqGchftDD50KIB1bh95cX5OfteoIKsQmQIYyJo3kfWQ1Eziza06y2InQLNISAwYA%2BxCcW%2FpvvQqSif3blG2b6mUJdXv16rHTzkLLCNN7cb95nIz4RazT68%3D"}],"group":"cf-nel"}
content-type: image/gif
cf-ray: 640e5c017a9c4ea9-FRA
content-length: 43
cf-request-id: 097cd7d4e800004ea9b601d000000001

Redirect headers

date: Fri, 16 Apr 2021 15:13:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=u8XQVfCPPBOKI4dHfHdnzHV4nh%2B8KSyidKnGWMus0HDpZ%2FT%2BEJUm%2FBV8z2cFSHcLEqRyU8sSWOWUgF9Gf28458BEzQYCJFmrGAKPkatv0Tqok0fgZOHnZGBbbvBs"}],"group":"cf-nel"}
location: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=5e55cab3-750d-4145-b73d-2e403ecdd163
cf-ray: 640e5c00b9064ea9-FRA
content-length: 0
cf-request-id: 097cd7d47100004ea9949e5000000001

GET
H2

200

setuid
sync.quantumdex.io/ Frame 1C11
Redirect Chain

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP5621f05b-9ec6-11eb-806c-02dd2047314c
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP5621f05b-9ec6-11eb-806c-02dd2047314c

43 B
468 B

142ms
141ms

Image
image/gif

2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP5621f05b-9ec6-11eb-806c-02dd2047314c
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uQ%2BkItG8uGa%2ByNEVsYI7MqEUb7jkMcbncZ70Eglj%2F04bfP8pl%2FAnt2PQYdaMNwIG8nQbxCCVYeqkq2q%2FD%2Fi2o4s9taTsveke%2BxXF27aovgWe9zZxpAe5YT0fum%2FAPgI%3D"}],"group":"cf-nel"}
content-type: image/gif
cf-ray: 640e5c00f9854ea9-FRA
content-length: 43
cf-request-id: 097cd7d49900004ea9d2a20000000001

Redirect headers

Date: Fri, 16 Apr 2021 15:13:45 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP5621f05b-9ec6-11eb-806c-02dd2047314c
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 1C11
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-dgNO9b9E2uGAfC0SCWugV66XO2WWcN9jyTczBv8-~A

43 B
328 B

140ms
139ms

Image
image/gif

2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-dgNO9b9E2uGAfC0SCWugV66XO2WWcN9jyTczBv8-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hLUmjB0pinWpeDQ%2F5mCY3ihCVPDiIPK6%2Fn4VO8zH7%2BIeplKNH7u0F8QJKbVIcQxc4D3fzObRl%2FnaiusjxTWfHm4M3qDZrFvjNrgTbfgcb26V5%2FNlNVns11O9koRJHUU%3D"}],"group":"cf-nel"}
content-type: image/gif
cf-ray: 640e5c00d9524ea9-FRA
content-length: 43
cf-request-id: 097cd7d48a00004ea9a0280000000001

Redirect headers

Date: Fri, 16 Apr 2021 15:13:45 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-dgNO9b9E2uGAfC0SCWugV66XO2WWcN9jyTczBv8-~A
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 1C11
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=b8c9529c4e410f234956ecf3

43 B
329 B

138ms
138ms

Image
image/gif

2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=b8c9529c4e410f234956ecf3
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hlc7u%2Ba3gOmlOoCknOXk%2FbkVuZdHJYpIe%2F2IE9LWDs0ESDjp8sVlmHQLexrKy%2BxvMt8fKkVyelzNfyhyDS3Qq7PHNWGqISFREyXYCX7yxF1zIwWBbuCdO6ljUva2kgU%3D"}],"group":"cf-nel"}
content-type: image/gif
cf-ray: 640e5c00d9484ea9-FRA
content-length: 43
cf-request-id: 097cd7d48500004ea9cab31000000001

Redirect headers

Date: Fri, 16 Apr 2021 15:13:45 GMT
Server: nginx
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=b8c9529c4e410f234956ecf3
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 303B
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1

2 KB
3 KB

22ms
21ms

Document
text/html

184.30.24.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c83fbf58a483f5cc2be50fadc59f507dcb5a84316d931f443fcf471a08b7d274

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YHmpqailla-DpNX6bC9o8QAA; CMPS=3226
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 230|241|45|39|206|65|8|190
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1724
Expires: Fri, 16 Apr 2021 15:13:45 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 16 Apr 2021 15:13:45 GMT
Connection: keep-alive
Set-Cookie: CMID=YHmpqailla-DpNX6bC9o8QAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 16 Apr 2022 15:13:45 GMT CMPS=3226;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 15 Jul 2021 15:13:45 GMT CMPRO=1177;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 15 Jul 2021 15:13:45 GMT CMST=YHmpqWB5qakA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 17 Apr 2021 15:13:45 GMT CMRUM3=2d6079a9a905a0&e66079a9a927600&f16079a9a905a0&416079a9a905a0&ce6079a9a905a00&be6079a9a905a0&086079a9a905a00&276079a9a90b40;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 16 Apr 2022 15:13:45 GMT

Redirect headers

Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Fri, 16 Apr 2021 15:13:45 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 16 Apr 2021 15:13:45 GMT
Connection: keep-alive
Set-Cookie: CMID=YHmpqailla-DpNX6bC9o8QAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 16 Apr 2022 15:13:45 GMT CMPS=3226;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 15 Jul 2021 15:13:45 GMT

GET
H2 204 d
ic.tynt.com/r/ Frame D0BE 0
0 336ms
110ms Document
text/plain 208.100.17.184
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ic.tynt.com/r/d?m=xch&rt=html&id=zzz000000000002zzz&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.184 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash

Request headers

:method: GET
:authority: ic.tynt.com
:scheme: https
:path: /r/d?m=xch&rt=html&id=zzz000000000002zzz&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

server: nginx/1.16.1
date: Fri, 16 Apr 2021 15:13:45 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 1734 2 KB
818 B 27ms
7ms Document
text/html 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2bb78272a859ca6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 2357 8 KB
3 KB 27ms
8ms Document
text/html 184.30.24.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KRTBCOOKIE_1235=23226-17e86e00-adb0-45e3-9178-b9927573c070-tuct7732f25:$UID; PugT=1618586023; PUBMDCID=3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=138750
Expires: Sun, 18 Apr 2021 05:46:15 GMT
Date: Fri, 16 Apr 2021 15:13:45 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame D6F8 38 KB
14 KB 8ms
7ms Document
text/html 184.30.24.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KRTBCOOKIE_1235=23226-17e86e00-adb0-45e3-9178-b9927573c070-tuct7732f25:$UID; PugT=1618586023; PUBMDCID=3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D

Response headers

Last-Modified: Wed, 14 Apr 2021 09:18:30 GMT
ETag: "13006b6-98c2-5bfeb3aef82b4"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14060
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=134159
Expires: Sun, 18 Apr 2021 04:29:44 GMT
Date: Fri, 16 Apr 2021 15:13:45 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame D6F8 0
75 B 25ms
24ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=32351338&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Apr 2021 15:13:43 GMT
Content-Length: 0

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 303B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YHmpqailla_DpNX6bC9o8QAABJkAAAIB
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEFx2ej_JDE3qeC2_8oHVnuA&google_cver=1

43 B
315 B

12ms
12ms

Image
image/gif

184.30.24.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEFx2ej_JDE3qeC2_8oHVnuA&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Apr 2021 15:13:45 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Fri, 16 Apr 2021 15:13:45 GMT

Redirect headers

pragma: no-cache
date: Fri, 16 Apr 2021 15:13:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEFx2ej_JDE3qeC2_8oHVnuA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 303B
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YHmpqailla_DpNX6bC9o8QAABJkAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YHmpqailla_DpNX6bC9o8QAABJkAAAIB&dcc=t

43 B
433 B

90ms
89ms

Image
image/gif

72.21.206.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YHmpqailla_DpNX6bC9o8QAABJkAAAIB&dcc=t
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: 206-140.amazon.com
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Apr 2021 15:13:45 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 16 Apr 2021 15:13:45 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YHmpqailla_DpNX6bC9o8QAABJkAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 303B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YHmpqailla-DpNX6bC9o8QAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEE9d-oQSu9w6Bhm_zKsLOUA&google_cver=1

43 B
1002 B

16ms
15ms

Image
image/gif

184.30.24.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEE9d-oQSu9w6Bhm_zKsLOUA&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Apr 2021 15:13:45 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 16 Apr 2021 15:13:45 GMT

Redirect headers

pragma: no-cache
date: Fri, 16 Apr 2021 15:13:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEE9d-oQSu9w6Bhm_zKsLOUA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 303B 70 B
264 B 33ms
29ms Image
image/gif 54.72.59.228
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YHmpqailla-DpNX6bC9o8QAA&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.59.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-59-228.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 15:13:45 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

YHmpqailla_DpNX6bC9o8QAABJkAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 303B
Redirect Chain

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YHmpqailla_DpNX6bC9o8QAABJkAAAIB
https://pr-bh.ybp.yahoo.com/sync/casale/YHmpqailla_DpNX6bC9o8QAABJkAAAIB

43 B
919 B

100ms
33ms

Image
image/gif

2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YHmpqailla_DpNX6bC9o8QAABJkAAAIB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:45 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Fri, 16 Apr 2021 15:13:45 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://pr-bh.ybp.yahoo.com/sync/casale/YHmpqailla_DpNX6bC9o8QAABJkAAAIB
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

rum
dsum.casalemedia.com/ Frame 303B
Redirect Chain

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1618672425&gdpr=1

43 B
315 B

30ms
13ms

Image
image/gif

184.30.24.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1618672425&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Apr 2021 15:13:45 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Fri, 16 Apr 2021 15:13:45 GMT

Redirect headers

location: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1618672425&gdpr=1
pragma: no-cache
date: Fri, 16 Apr 2021 15:13:45 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
content-length: 0
expires: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 303B
Redirect Chain

https://beacon.lynx.cognitivlabs.com/ix.gif
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=91be952d-bb99-4d4d-8153-9c75f57e3cb5&expiration=1650122025

43 B
1 KB

16ms
15ms

Image
image/gif

184.30.24.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=91be952d-bb99-4d4d-8153-9c75f57e3cb5&expiration=1650122025
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Apr 2021 15:13:45 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 16 Apr 2021 15:13:45 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=91be952d-bb99-4d4d-8153-9c75f57e3cb5&expiration=1650122025
date: Fri, 16 Apr 2021 15:13:45 GMT
server: Kestrel
content-length: 0

GET
H/1.1 400
Request failed due to privacy signals getuid
ib.adnxs.com/ Frame 303B 0
0 13ms
11ms Image
text/html 37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 setuid
sync.quantumdex.io/ Frame 303B 43 B
431 B 140ms
138ms Image
image/gif 2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=YHmpqailla_DpNX6bC9o8QAABJkAAAIB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 15:13:45 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0IB4PJMVgDnV5Bq1egNWP0rSImqQ5cviv%2FJYdoE%2FO7Mupyht15rni3BWnisMnMsd2MfjYV6fErSgLam8OskXelEDp6Sj7RsCLusNLcDGFU5nos5EXI4ZQFCyEhjw0ms%3D"}],"group":"cf-nel"}
content-type: image/gif
cf-ray: 640e5c0119df4ea9-FRA
content-length: 43
cf-request-id: 097cd7d4b400004ea9c51ea000000001

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 4 KB
3 KB 56ms
56ms XHR
application/json 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=354&height=199&pubid=169497&tagid=953497&crid=6148915&noaop=3&sortOrderType=0&cb=1618586027782&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1056001&pt=907179971&tz=120&viewable=true&ddast=V7DVMCFgN0Dan7hUxe7wR0Dan7hUxe7wUAAAAGBuIHHbVbUVaMzYqymCwGw9Vut1wtdqPlbLKaDQdD6KjdirJibFaUxWQxGK52u-VoMZkNNqPlZLeaAsgU_nbP3_IyGSQss993UFBOT4_Z5S_y3S7Dw-dywwaaTofPda_X_X53sctz-3sOf8_prvG7_XIAAAAAeADomp6B-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAUDgY1QCA4mA41936shsdrs_L7g8AgIcCEAAAAQwSgAOa6RIAE7WeEwAAAAAAAAAAlv____-YAXurOZkBfdLgHoAHH4AHooLUIkYAAAAAkExtHkeTOqGyqAIAIEi3ArgCAAjA2_aBpQgDAAAAGFugh8XvNzvsGr_bZQAAAAAAAAAAZv9n_2hCRGZmaUEsAABqv4AAAGu_gAAAbOoGAPAWABd0BK0YDFYXELMDAAAAuPv____XA8mRYeIybny7jXMxc41sho1jM9x4VquVwzkbeQzb2zhC0x0v2QbuA5nC3-75W14mg4Rl9vsOCsrp6TG7_EW-22V4-Fz2m7DFaDWZbJbD2XIxGQxHw9FofwK4HOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEJ2Q42kxWo91qN1kOJ6PRbDPZIEWrVrPRZjBczSaz3W41HAyXoxFStGYxm0wWs9FytxksJ6PBcDIcIkzsVsbZyjBYK0wWw1q0WnnWysVuuJY4l5PdarfZGHaDtej1Mf12m8nMstqiYIDFXgQX6UTs8tz-nsPfc_pZ3jLLYDUaLWaziViiOVmkE9ll3xwZJi7jxrfbOBcz18hm2Dg2w41ntVo5nLORx7Bv7FbG2cowWCtMFsNatFp51srFbriWOJeT3Wq32Rh2g7Xo9TH9dpvJzLLaN2aL4Wo4G0wW-8ZsMVwNZ4PJYt-hM3xXn7PRlpkuPUJv4Ra97WTmg8JlsHh_EtNi2p0dPL_f0WlTv5RFnVF4-R69BoXn4DGNl7fasbx9NtPHYUIRSwSni3QiehlPF7FE8rRIJxrnajMcWUajhXE2W7gsE5tztBsuJq7ZbDPYWFwTsURpukgneon6jw0xGs11s7lisJxrBqsEAAAAAAAAALCEOfMmAAAAAKcB7SaT3Wq5ABR9-brAIAAAAAAAALutoK7UNJqHiscW7PLc_p7D33P6Wd4yy2A1Gi1msykDTLg0MG_2TBBrtVrWAAAAAtgAAAAB3Lp5Cwiz4gAAAALjAAAAAOQA!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&dtagid=2517565&dpubid=472275&abtst=adh5c-1_vA!insc_vA!nrlc_vA!spa2_vB!sre_vB!ufm_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.lesvospost.com&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.1.4/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d62c3b6954bf377b24d8348d46a6fb0e52d0ed8e2b2e3dea4533bbc178a179a9

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

date: Fri, 16 Apr 2021 15:13:47 GMT
content-encoding: gzip
access-control-allow-origin: https://www.lesvospost.com
machineid: 1453
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn11542-HHN
pragma: no-cache
server: nginx
x-timer: S1618586028.787688,VS0,VE50
vary: Accept-Encoding
content-type: application/json;charset=utf-8
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <https://vast.emxdgt.com>; rel=preconnect
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK vtag Show response
vast.emxdgt.com/ 27 B
334 B 452ms
180ms XHR
application/xml 54.236.141.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.emxdgt.com/vtag?tagid=122918&mimes=video/mp4&protocols=2&w=354&h=199&placement=3&linearity=1&skip=0&playbackmethod=1&boxingallowed=1&cb=R0.1618586027848&device.ip=144.76.109.30&device.ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&site.ref=https://www.lesvospost.com&site.domain=https%3A%2F%2Fwww.lesvospost.com&gdpr=1&us_privacy=1---&minduration=2&maxduration=120&minbitrate=200&maxbitrate=30000
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.1.4/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.236.141.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Fri, 16 Apr 2021 15:13:47 GMT
Content-Type: application/xml
Access-Control-Allow-Origin: https://www.lesvospost.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Access-Control-Allow-Headers: security, Content-Type
Content-Length: 27

POST
H2 200 OpportunityServlet Show response
am-vid-events.taboola.com/ 1 B
123 B 44ms
16ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-vid-events.taboola.com/OpportunityServlet
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.1.4/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

access-control-allow-origin: https://www.lesvospost.com
date: Fri, 16 Apr 2021 15:13:48 GMT
access-control-allow-credentials: true
server: nginx
content-length: 1

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 1 KB
1002 B 65ms
63ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=354&height=199&pubid=169497&tagid=953497&crid=6148915&noaop=3&sortOrderType=0&cb=1618586032787&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1056001&pt=907179971&tz=120&viewable=true&ddast=V7DVMCFgN0Dan7hUxe7wR0Dan7hUxe7wUAAAAGBuIHHbVbUVaMzYqymCwGw9Vut1wtdqPlbLKaDQdD6KjdirJibFaUxWQxGK52u-VoMZkNNqPlZLeaAsgU_nbP3_IyGSQss993UFBOT4_Z5S_y3S7Dw-dywwaaTofPda_X_X53sctz-3sOf8_prvG7_XIAAAAAeADomp6B-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAUDgY1QCA4mA41936shsdrs_L7g8AgIcCEAAAAQwSgAOa6RIAE7WeEwAAAAAAAAAAlv____-YAXurOZkBfdLgHoAHH4AHooLUIkYAAAAAkExtHkeTOqGyqAIAIEi3ArgCAAjA2_aBpQgDAAAAGFugh8XvNzvsGr_bZQAAAAAAAAAAZv9n_2hCRGZmaUEsAABqv4AAAGu_gAAAbOoGAPAWABd0BK0YDFYXELMDAAAAuPv____XA8mRYeIybny7jXMxc41sho1jM9x4VquVwzkbeQzb2zhC0x0v2QbuA5nC3-75W14mg4Rl9vsOCsrp6TG7_EW-22V4-Fz2m7DFaDWZbJbD2XIxGQxHw9FofwK4HOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEJ2Q42kxWo91qN1kOJ6PRbDPZIEWrVrPRZjBczSaz3W41HAyXoxFStGYxm0wWs9FytxksJ6PBcDIcIkzsVsbZyjBYK0wWw1q0WnnWysVuuJY4l5PdarfZGHaDtej1Mf12m8nMstqiYIDFXgQX6UTs8tz-nsPfc_pZ3jLLYDUaLWaziViiOVmkE9ll3xwZJi7jxrfbOBcz18hm2Dg2w41ntVo5nLORx7Bv7FbG2cowWCtMFsNatFp51srFbriWOJeT3Wq32Rh2g7Xo9TH9dpvJzLLaN2aL4Wo4G0wW-8ZsMVwNZ4PJYt-hM3xXn7PRlpkuPUJv4Ra97WTmg8JlsHh_EtNi2p0dPL_f0WlTv5RFnVF4-R69BoXn4DGNl7fasbx9NtPHYUIRSwSni3QiehlPF7FE8rRIJxrnajMcWUajhXE2W7gsE5tztBsuJq7ZbDPYWFwTsURpukgneon6jw0xGs11s7lisJxrBqsEAAAAAAAAALCEOfMmAAAAAKcB7SaT3Wq5ABR9-brAIAAAAAAAALutoK7UNJqHiscW7PLc_p7D33P6Wd4yy2A1Gi1msykDTLg0MG_2TBBrtVrWAAAAAtgAAAAB3Lp5Cwiz4gAAAALjAAAAAOQA!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&dtagid=2517565&dpubid=472275&abtst=adh5c-1_vA!insc_vA!nrlc_vA!spa2_vB!sre_vB!ufm_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.lesvospost.com&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.1.4/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 39392ec430e0be42a9625d91f17635091080b36f35541fe081c84d4a88b5083d

Request headers

Referer: https://www.lesvospost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 15:13:52 GMT
content-encoding: gzip
server: nginx
machineid: 1472
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.lesvospost.com
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: id5-sync.com
URL: https://id5-sync.com/c/464/101/2/6.gif?puid=f00341ca-f3ea-49d4-bed6-4b6996632f7e&gdpr=1&gdpr_consent=

Domain: loadus.exelator.com
URL: https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F103%2F1%2F7.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D

Verdicts & Comments Add Verdict or Comment

407 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.taboola.com/	1970-01-20 02:22:02	Name: t_gid Value: a50a3f05-b281-4395-b88b-f7289e5a7605-tuct7732f27
.lesvospost.com/	1970-01-19 17:36:26	Name: _gat_gtag_UA_128776493_28 Value: 1
www.lesvospost.com/	1970-01-19 17:36:33	Name: __vliIPL Value: {"value":["2a01:4f8:192:5414::2"],"expiredAt":1618593220852}
.lesvospost.com/	1970-01-20 11:07:38	Name: _ga Value: GA1.2.178636599.1618586020
.lesvospost.com/	1970-01-19 17:36:26	Name: _gat_gtag_UA_162918491_1 Value: 1
.lesvospost.com/	1970-01-20 02:58:02	Name: __gads Value: ID=ed55da207a2c072f-2220556a93a7000f:T=1618586020:RT=1618586020:S=ALNI_MbuKXu_2B_QY4pPAlrmGUQjpcdwhw
www.lesvospost.com/	1970-01-20 02:22:02	Name: trc_cookie_storage Value: lesvospostgr-f20544166%253Asession-data%3Dv2_9d0be8c77c91f5df0c138c355ea96dc0_17e86e00-adb0-45e3-9178-b9927573c070-tuct7732f25_1618586021_1618586021_CNawjgYQ-ftRGP7a-tmNLyABKAEwODib4wlAgooQSMzK2QNQpewQWABgAGixr-m1yv33zq0B%7Ctaboola%2520global%253Alocal-storage-keys%3D%255B%2522lesvospostgr-f20544166%253Asession-data%2522%252C%2522taboola%2520global%253Alspb%2522%252C%2522taboola%2520global%253Auser-id%2522%255D%7Ctaboola%2520global%253Alspb%3DCwsIQhCRnWoMCwjDARCRnWoMCwiJARCRnWoMCwiRARCRnWoMCwggEJGdagwLCKEBEJGdagwLCKIBEJGdagwLCCQQkZ1qDAsIJxCRnWoMCwirARCRnWoMCwitARCRnWoMCwiuARCRnWoMCwiwARCRnWoMCwiyARCRnWoMCwi1ARCRnWoMCwi2ARCRnWoMCwg7EJGdagwLCD8Q0YZqDAwTFA%7Ctaboola%2520global%253Auser-id%3D17e86e00-adb0-45e3-9178-b9927573c070-tuct7732f25
.lesvospost.com/	1970-01-19 17:36:26	Name: _gat_gtag_UA_33165999_1 Value: 1
.lesvospost.com/	1970-01-19 17:36:26	Name: _gat_blogger Value: 1
.doubleclick.net/	1970-01-19 17:36:26	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 02:58:02	Name: IDE Value: AHWqTUnaFtvl-usS89_Dwem0OJxcgX82zk1PD6Ca6ujk0eYnCCxzn5zZ_w9cvI1ONFs
www.lesvospost.com/	1970-01-19 21:15:26	Name: hstpconfig Value: eyJJRCI6IjYyNTI1NDkxdWk2MDc5YTlhNWVjYTQzIiwiQ1RSIjoiREUiLCJSZWdpb24iOm51bGwsIkJyb3dzZXIiOiJDaHJvbWUiLCJQbGF0Zm9ybSI6IldpbmRvd3MiLCJNb2JpbGUiOjAsIkJvdCI6MCwicmVtb3RlX2FkZHIiOjI0MjA5Mjc3NzQsIkxhc3RVcGRhdGUiOjE2MTg1ODYwMjEsIm5vY2FjaGUiOnRydWV9
.lesvospost.com/	1970-01-19 17:37:52	Name: _gid Value: GA1.2.630202238.1618586020
www.lesvospost.com/	1970-01-20 02:22:02	Name: _pubcid Value: f4adb891-4ca8-4f50-9510-faf6a5934139
www.lesvospost.com/	1970-01-19 18:19:38	Name: _pbjs_userid_consent_data Value: 6115677930566742

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api	error	URL: https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js(Line 439) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://assets.vlitag.com/prebid/default/prebid-v4.28.4.js(Line 1) Message: fun-hooks: referenced 'registerAdserver' but it was never created

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
15.taboola.com
2.bp.blogspot.com
3.bp.blogspot.com
4.bp.blogspot.com
aa.agkn.com
aax-eu.amazon-adsystem.com
aboutads.quantcast.com
acdn.adnxs.com
ads.betweendigital.com
ads.projectagoraservices.com
ads.pubmatic.com
ads.us.e-planning.net
adservice.google.com
adservice.google.de
aghtag.tech
agorahtag.tech
ajax.googleapis.com
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
ap.lijit.com
asrv.dalecta.com
assets.vlitag.com
bcp.crwdcntrl.net
beacon.krxd.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
bn01.er.bemail.it
bttrack.com
c2shb.ssp.yahoo.com
c3.taboola.com
casale-match.dotomi.com
cdn.jsdelivr.net
cdn.onesignal.com
cdn.taboola.com
ce.lijit.com
clevernt.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
csi.gstatic.com
dis.criteo.com
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e1.emxdgt.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
eu-u.openx.net
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
go.linkwi.se
googleads.g.doubleclick.net
gr.k24.net
gum.criteo.com
hbopenbid.pubmatic.com
i.postimg.cc
ib.adnxs.com
ic.tynt.com
id5-sync.com
idsync.frontend.weborama.fr
image6.pubmatic.com
image8.pubmatic.com
images.taboola.com
imagizer.imageshack.com
imasdk.googleapis.com
img.youtube.com
imprammp.taboola.com
lesvospost.com
loadeu.exelator.com
loadus.exelator.com
match.adsrvr.org
match.taboola.com
maxcdn.bootstrapcdn.com
ms.quantumdex.io
mwzeom.zeotap.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.advertising.com
pixel.mathtag.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prg.smartadserver.com
projectagora-483829-hdb.adomik.com
projectagora-d.openx.net
projectagora.net
projectagoralibs.com
resources.blogblog.com
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
rules.quantcount.com
s.amazon-adsystem.com
s.c.appier.net
s0.2mdn.net
s20.postimg.cc
scontent-frt3-1.xx.fbcdn.net
scontent-frx5-1.xx.fbcdn.net
secure.quantserve.com
securepubads.g.doubleclick.net
services.vlitag.com
simage2.pubmatic.com
spl.zeotap.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
stats.vlitag.com
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.e-planning.net
sync.quantumdex.io
sync.richaudience.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.tidaltv.com
taboola-supply-partners.tremorhub.com
tag.vlitag.com
tags.bluekai.com
tpc.googlesyndication.com
trc.taboola.com
u-ams02.e-planning.net
u.openx.net
ui.clevernt.com
ups.analytics.yahoo.com
us-u.openx.net
useast.quantumdex.io
usermatch.krxd.net
vast.emxdgt.com
vidstat.taboola.com
wf.taboola.com
worldstatistics.live
www.blogger.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.lesvospost.com
www.weather.gr
x.bidswitch.net
id5-sync.com
loadus.exelator.com
108.129.18.26
136.144.59.88
139.162.78.222
141.226.228.48
142.250.74.194
144.76.151.218
148.69.64.109
151.1.205.165
151.101.13.108
151.101.14.49
151.139.128.11
154.57.158.51
168.119.149.178
172.93.106.42
178.250.0.165
178.250.2.151
18.156.0.31
18.156.12.32
18.195.155.181
18.198.69.109
184.30.20.207
184.30.24.198
184.30.24.241
185.64.189.112
185.64.189.216
185.64.190.78
185.64.190.80
185.86.138.122
185.86.138.144
188.42.191.196
192.132.33.46
198.148.27.140
199.232.137.44
208.100.17.184
212.124.125.232
212.82.100.182
213.19.147.151
213.19.162.61
216.239.32.21
216.52.2.30
23.79.152.128
2600:1f18:612b:4216:d315:ab3a:faf3:d624
2600:9000:215d:2600:6:44e3:f8c0:93a1
2606:4700:10::6816:1957
2606:4700:20::681a:b75
2606:4700:20::681a:fee
2606:4700:20::ac43:47f1
2606:4700:3030::6815:1b4
2606:4700:3032::6815:4ae4
2606:4700:3032::ac43:9028
2606:4700::6812:bcf
2606:4700::6812:e234
2606:4700:e4::ac40:a817
2606:4700:e6::ac40:ce03
2620:116:800d:21:36a9:ecb:e518:b308
2a00:1288:110:c305::8000
2a00:1450:4001:801::2001
2a00:1450:4001:802::2002
2a00:1450:4001:808::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2009
2a00:1450:4001:810::2002
2a00:1450:4001:810::200a
2a00:1450:4001:810::200e
2a00:1450:4001:812::200e
2a00:1450:4001:813::2001
2a00:1450:4001:813::2004
2a00:1450:4001:827::2003
2a00:1450:4001:827::200e
2a00:1450:4001:828::2006
2a00:1450:4001:828::200e
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2008
2a00:1450:4001:82b::200e
2a00:1450:400c:c0c::9a
2a00:1450:400d:802::2013
2a02:2638::1c
2a02:2638::3
2a02:26f0:6c00::210:ba19
2a02:fa8:8806:16::1400
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:1b::621
2a05:d018:24:b002:28a5:2c7e:9fea:57ab
2c0f:fb50:4002:804::2003
3.124.165.65
3.248.155.244
3.91.110.183
34.205.120.60
34.98.64.218
34.98.67.61
35.201.81.244
35.227.248.159
37.157.6.241
37.252.173.62
44.238.171.100
46.249.52.248
5.135.83.165
5.178.65.246
51.89.9.253
52.18.91.199
52.210.236.221
52.28.203.152
52.48.137.92
52.56.207.211
52.57.10.248
52.95.118.60
54.236.141.192
54.72.59.228
62.138.3.139
69.173.144.138
72.21.206.140
85.114.159.118
89.163.159.103
00048eb167da1b28c814a97ac7cd34a076fda2da88e598957ed959342eaf1f88
00851c7f94d0ab84b4a7125294366e22ccfcfe65166faf123d0cecd1abe8590a
00dd73eea0213d99a6ab3f5dd9e7674e0900f1256dbae7763d79be52e0975a26
011c465c920ceddeb661878d9ad7490a95fd97fd6794b11299d381a6fdd12bf9
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
01fb007658893ebe6f95e8bb6131b9db619386f6e5dc1450d5721b6914d0b580
03edaa40fd1e88b0f0bb6f5bca45869085be41864d322923bbc43171d8bc9da8
04b24cc75d726600ecd77219c27bcba8a1e4d100c3dd411a2ea30e0167b414ee
04fc05ff456138a15ce9396621206f508d5df68c54e19a81d8208c7387e3f66d
0515eaffee9906a354265eee7b6f7c91f82eab546802a559ef0d018a04a211d9
0516d2b936b00d0675fa4cfe7f1491c644238b1e5e24aa7790f3494cdab1b45c
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
089ea9b286315b596869da62bbc40127610f5354b720b1d4ed07651355552878
0a9ee0d7919721366efcf13a3ccec37c59c9b445ae750f0df1a721ff8995b1dd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c7a1dc6469a054cbf9c0323ec711201c7044a39d2fbed8a9284b5e16b8a1f2f
0cb646c33e77fd757658d11be453504768c9271a26661e1f3935df180edcc3fe
0e2a08220f75e632e283d4e5017317ec1ae0110d434e482bf49f274327af7771
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f810ffb779e42ee8f8690694073077d83e91ed67472a33e23017774e6ba119e
105fb48017d5e034107656dcaf5befeb991458a8f7651013e6f3e54faa5c7163
10f7af8eb8c08ccd0deca5deb8570b830c0c4a1ad5972c9e6a1ab2b35c85e9d7
118ef4b8b0868d3add637750755925e49f9dcba912970b3844d49c0b66023f25
11d5cc5bb3db6c56fb91f9068e7f4741f6212c8e2e5546b17039c1c58720fb83
140f2b4dff854d6ce68e069b181c535a8d7e8db80a324bc57247858f2393b2b7
14baf65f98771ec6e66301dc126e06cea79b2ebfc70be3c643191a983913795b
156b8dbaa490336512bd6de0c09eaebc403d9d36eb7633ef36f7ca55abc64fb2
1574e89f09d15f5c0b502e03318bf8e42f6993bc76761f01d4189d9c7cac1a2f
15928aa05f60c793d4dfcdc4ed2ffad125b78face4c755cb5c2bec4d381e935e
16605e492d3addd06caaa8baf36cc5a356d8b4abfd833a052818e0bea04602ef
175493a651edf46ab1e23534dad05def10110f6c6f438902d48455adb28325a4
17aa888b8a7fc3f4ddd1c0cbc1ef4db979eb983907e0cb70610996cb6bbd85b7
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18979dd7475f72edf96842b322c74d8c5b6ac769e3609f2fa45965ed455bdd9d
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
1a3b640207b648723376e64fcc33cc8c6de02633d1ef4ff017123b1068c8257b
1b037f59834a166a176b1cdec7f74061887a924672fc12f91e22ca4e3988caed
1b351fa9d77775c9d6dae4fff748bd8d48aa5b8739a91ac8d88b303543b58c20
1d1b3ecc80188e431bcd2242fd0169fd3df8dcaf617e830c9a9a882428a603c3
1d7b50b44b0b035afe34a18fb604f9776861b8060a3fa6d1e1e59648ee81f1e7
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223
20ab3aac6505edc7d73698c81e45c77d9b1e21b59afd5efe3935f93e8a0c46db
22ca5e3dcd26fa66a4af4b4a5d47a6a3a17f4cb9abdd03707901758b28f5c1d6
231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
23634b9b80a566829011d0b066f6078b85fe3e93315ab29c140ffd0f8e5b8cb3
2376c40adbaa139441759e36747e36d8d95026d9b311a9f9afde9f607c147b1c
27acf60a8f511dd22fa1fc50df42fd6c7971e791355f5dbb86862cde0fa229cd
28956d838bd65826c260b45e97953c40e698c6e47afe74cbc412eec05ab80f86
29b35d6a7b3b5156da11a74721596f096eefae472539f6fe06241ce5a3fd302d
29fc5b9a94f839cef13dd75ff9ed5e5a9c5c7a3bb0e7c980f6f24cef8363a06b
2dfb1150e2232de4473e166a50d319e9966000a357b2e56819afbc78f672665f
2e4d26ad8a054d6c74e9b4dd9bd7f65bb8be1697743cf2dbe6bff108a1aee496
2e5ea97e63f72883f2164652a906fb09137146f98cbe60a4412d24d5bd614260
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3033e61cf89b83c12f2f39e698935be2ffe83671f5833c78687b52569a93292a
303fcac4d8aa919d458b2637bd478efeb0ea24d612ff44ab37e7fa712ae05db0
32b230d01303b7b1763352a90256948c744e4f90e60a5ae1c76db9bca9721c67
32da83762f5b3767f23a6760d121590fc7eb9f3ec8027ea7dd00d21d2f1fe7b0
3716361a23e636468cc0af4b9fdd1e55b31755e30929f206e4b02848c2adf877
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3894d2eb2667643c9d9ed1a3a08bdde5ccaf07f03fbb81617f31093870a85734
39392ec430e0be42a9625d91f17635091080b36f35541fe081c84d4a88b5083d
3b2738076279a02dfda00b02f8ee435e9cebb77b535a6b9dfe21b5523a5cde08
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d85a7748bb5279ef3552e94fd5f758df812eba4fc42fa2eac4db369b24d0350
3dc4a10a1238b107391c97d6468090642d21a62d29bb69157edea66cff3aae5f
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f88cc8f57ab0f23ad64ae4f1cf09c7147bf8cbc62422718326b468c7ccaa3f0
3fa2d05c853e9ae626a42e17be01f3959480d9a36518b9f35c7647750dab6fff
455c01f1fff28b043ffaca56767be56b110f78ffb266c5cec7f0410d81e32216
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
47dd28fb8b57ab237856647805db9c3a6f5724759abc07c57750f56cbd0912ed
47e374ec834e51726978de301336ab9a19476541ed3a3ee5217f259b4abc1ef4
482b277a815fb1fcf7091fa4e0162bc8073e900aaccfbf9210d890043f72874d
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48f56ff39dc6ddf06ccf10a1151c48e59589ede6c373c3d882f9bff6834ba2d4
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4a2688c788cffbc1b255da8c1548382d75366dc36ff6cf23361f88c6124da58d
4a5b3992ca4cc6a7c8d3096c013f476f4c28d9bc5fb940ca464bff737f8cc4f1
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e5b79f48d701b1282f8ebf77b51e70b6e22ae8fc0b87c2bcf344d354e606040
4e7681cdfb27c5d0457c58c9f0fe26a68bbf6a8dc88defd3c43826adb1fe6ca8
501ed9ef4682a19fca8242ec5d9a7f438373c3e5b7dc8a1978d62aa2e44706d0
507af6e7229f0834c3b41dc93853faf44a431d2ab733ebb4d080d782990190e0
50968fc609d43d4b7df4dd3bc1627a974e1a692e975c6828ab16f7249bd9f46e
516de79c4babb9b05b6437d64c8ceb1a24d13e9571d5bde42641558f100a1146
517033d5233fec94018014ded2b86935c494879463c2b6c349cbde4116af83b9
52dfbd3ec677b9d1c994c06fd3efe95824f388702a6948b86fcf710d7f041fec
53a25ec3114fb90ff5b7c82f36b6ed226932ea0f96ecbe82b682fffe4db1ac1d
53e311f0874d2b4a544b744f817ebbb4e4d074974e347ab14d18f13bf3cce1ac
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55ce686f9256bf07e0d155afac1ce00f254e31fa1b0042bb3afa2bafbe5a92ae
56877b7b26a3ff60e4afe81644be06429e8f450441600fe6923e7cb301371eaf
576912d0643a9d6e706008e998a946afb1724f927a3279ddae5eae1ca442254d
58e3050a628e286ec70c942b73dd1a748463ff59d00980862e77a367ac9a3033
5afa8ecd8438b9e76791a7dc14cfa98cc0037cd136cd98adf53c5fe28c977fca
5c1c30811521e2a8e3f1f66d6e550b2d48a250cd11b81223180c9b3fb2f29c3b
5e0d7c507cf900775df1d347c362c6ab870162905b31ca3b2b4afd5f73fad98f
5eb74e538da40f058d710504252a7b1037f099a186089fcf999b823eaf646a34
5fbf862e5bba81178f9115e527f2482c8b37b938caa2a8c0e87ccdcbb68945fe
5fdce75968f9bc865f70cc8dba5ec8d2cd048f90ad462ecac42e3746b3d3c38e
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
6220b122e560f7cda912ba312d59f6967fb215d1555016492ddc70749dc05c9e
6258018e9f890f2383a09a2be6df7792affd977d856e7247ace8341f5b5487f0
62bf6cfaacf92939d73d883acb99a73f449053d821927bcf647573b103b8791b
634d997e3d40e6b42551c231d7a68a57a730de073fbd7c0b4f97a3ebfe94d162
63dcc4ba7cdaf9808806eb018a10cdb871bb17e0dc45e172a8b7c8d31db5ad07
640baa85cb7f6335e644e7be870bdd65cdd6218fc2c41c53b0c96fc4b8e756cb
641e03dfeee60c05e0794bace5fc58d2fba409fee529a114459e44cee0d9d069
645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e
670a99331339865a5bd9b014d1b488e4f5a2679fef46b48ccfc4bf813ff8a3f8
678c6f27ab4bf3e51e2a640bea1dc6ea18c4ad930445ed24aca8eac488208523
67e672d03a71e70b7ad6c8e15bb763d2c183add9afd117f6a3392c6cdf57f250
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6849914dd6d3c5ae1f3a482daddf2970252be53e7a5e075022addcd7250e319b
6ad2b7a09587300eec580303a45f75396d489cf9d2e005fe832946b41f3cbe1b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b46e1b285f4b27c8e7acc470434345bad828f62046689c958e3fc400409478a
6b6c587f1f167176407970bd1eb39a6b9946015b59b2a88ef4a16ee83f599408
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c9b3337ebf2d05f8889104f56dbcd3502f1019ff124c62a8e20267a84256d0d
6de694411559a3cd2c88b9093fd12636a211450059fc17111a40f6178d6d325f
6e91fb2b59c35d5085cc05365ca0f870ce128865162a8df9d0873095f9017886
6f774365fcbd352acf09229d291d4f92c348dbae7bc2ed2ac0d7dea21c5942e3
6fafee9bc87610abe7dfb0c8dca6f00d8735b08de860bcd337ef1161eac74198
6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8
70b68a598dd39dbb1c8a33a37984e1ff89f66ed748cab2a600a219f0e988f588
70d46d744c542536b97c68743ace9647ceaaec14ef278f99f5c012b9b1d82aa3
7198e7606463c04883065030ea386dafd096dd85865ddb29c04d54e5f21af52f
71be5063dbca0403121fa756d123869f756b9c926e7f1048ffd63d4f39a382ff
71c4b30297d9bdb7cb86ac97d51da83189497ad76ccbda18c03357c1776eff62
71c53a6dc52c85c1e951b4adaca85ad5edafd885c9458fadb264cec9820937ef
71ff8d97d0931376ea79e119463c520f59dedae4603a719bc6d6dc2af628dbaa
720ddd4787fb99b285d201418703a00279cbe51d5adcd297a939c2ad2a58800a
7237f9cf9ebbb0d3d59948a1f6c9951f89b9e2cca391c1e1ead79579709ce826
7238e646ebf0f256adb3e1f6de04b6f8f3b2a6f93ee2b32fc3f44dea5095e89e
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
74e1cf077493c33fe895c7ce5732cda76b195e2d357d928f094bc3367cc7a75f
74f7a661dfad6247cc977f7042ee2e3db5d5f78d1d0b7987569821dfd445da25
75bda79381d0f3e8fef483deb525dbbb64997a751a33e3901f3e62bc555501df
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
76d293cad87de584b5105472b9672fb1460dcf35f82079e274e44a47860bf700
77e2d8059be3a0e9e44e010a36c3d71a6d82338005af65412305819209d77e78
7853200e05269cae96d8b4cf59ade608d389b2ebdc8304213974137d858aa214
789a93f4315357995e96053e32ee793d6b12f592fad617bb04f795c750f0c3bf
78a4cb01e307cd106b8cad0036aa78ff2bbb02d35c3b0f6b4a167fdf95aca97c
79e442cf2a8991d16e820ccbf828d1311b801a9bf79668ad7ca691787fcbcb8d
7a91bab37802bad93fbfd8836d11f2621246b53ced7f7bb8103d118ab8a7df93
7ea2085cac3ba0f9b236009e07b3f904924d59538a74c907d4dc061eb34890fc
801ffc320183425aad8f1d94a5b76c6cadb00703f12ccd83dd997cd941c520cd
80d0a278e7a208ae2bd234aafcbdece69e63c9bf11e800d0ab5fa3c82176cf2c
81b22760cce8dd062a425d14f6da60ddcb0bcdd50e3d7c54275ce261eae2bb40
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
847eb5078a68fe834f84d51a8d1906edeb9f375a23dcd6718b5fb89fa16b150f
84c4abb64955e84e02e985168f426c4890d2baf1a1ce3eef71b70d67f7a0ac97
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
856e7166e8ea9008f32335f2af3876070d610d3d26c8dda9859a331802906c6d
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b1194a5cefabdf321fc7d9ed5789d0b49be37140078156df8bb1333f91086dd
8b15c7505e832ec990b2f7a80a1577ffcf66a4122b8fa8814d5b59177488dd6c
8bceff48ae2e2eb5f5a3a7dc1b4a2f90c366c8a658f6b7fb4e7c5f78376af1dd
8d3b9e1ac7e5c6d9d971546c23ade5667688baf326915c5254b2168a6e44121d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8fe95ed82316f41fc254976a669bbd733c4e868a444b3efe41dcad06ecc3b068
90d9ef8c1c8b1ff449ca2517b22a3e66e471e9a2ca9030db9a8c4a2b4c63fcd1
91b22851c0d52521114606346f08cf00767ea9762670852c3228155937d83d67
921618f1f093751ac7c8dc9f32623be2d70a6f10ce189ada1d2c56969bf34da6
921d43949ea26ab6125b2b0b2b9a0f9ece1ede4cc84c4633e724f639f1e65e15
92f74453146e050ed1349fc991c368328e868927546bc7e5de0b07bf7ea9b75e
942ae0caaeaeec2723babec056b0dbea180b49252a4883230336284e1c26bf64
94e13fbd5c955852d1ae9a7dae9ef1cfae7505c8a223031a0b30957a8cac095c
95724c93f5c328900b9d677071d142073c3cfdd732f1e123a5a063c26d7a6ed1
95f66b0fd918f7a6d36f22a9ac49210439d74085bf0fedd1dec6061918f20c1c
96642bff840db61fdbe29fdbfb2a9fd901243d2078ee9fcb4652482263b2fb60
969d3f3813f31f47f6195326b5e38b78fa9617ad087ffc76363dec762924dd02
9779abefda7b000a239972765b930aeebbfcba2627619c096e6ecf36d009efa0
9a7aa1c3a9ca8ac0a27e300bb780d16ba63f0e3c42caa4c9ae6a231c2b1d99ee
9addf628b00a42c0154778559569ea23ffee4251278e3ba3e611cb821f964d58
9bab745b2e102c688fe770454824ee61afe0ba505716540e92bd136db6a7fd68
9c1e39e1e86b810dc7d7e06e37b70bbbfcb5ed5a1d2a78ceddb014239cdecfe9
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9c5a06ff8fdcf3995db8fe89759fdf77b7bb7d37e3a360c64137861e2804033c
9dad959b2d401cfcb10dc6643290c98b61306c756ed036158b65ecf8223c033e
9dc620d3e3b611e48851005f75f2172bb52fcdbf18a204844ac69fc9fb358a0e
9ea163fc89a710178afdb645913b470f90f92307a1d79e54ae2c3c990eddb596
9ecce716e8b230e76d24eca6ed50c459fad8162459fc92d0d408ff345e60fe98
9f3d07899de17fe2c8b2c4ab4bea994d3be570900f4f5813b7e2ba7d02b5d934
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a197610cd4b5d62dbbba6035d66f389eb8b79c078de7aefee4d64bb086b53963
a1b11818c028d63bac545285bca5da170958e5a0dff92c90f3037255d2ee41c1
a2916bfb49135f53adcd1d1cdcf777a5bfdee73aeaaaa5e3424dd94babfce84e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
a66838c6a12efc10ee34d2fd7495e58de6d062bf43884afe62080aebc0a2ab1e
a693e4d7cd47242a3f5baa645ab34ff4702f8a0b545337ce2e122680ff36b0a8
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a7672a3ba717159720f08b0b0886db53f1baee0e95f2077ba48cf1386b2720f9
a777470be96e0486e6625547314c59230fc78ba0d3ba71286b8f225450b826e7
a7e3fe6c9d3f3a1fa4e3da6ec4ae40292ef104acc9e7268a1cb66e8fa9bb6fdb
a91dc6d20f073f121fd45c14faf35257d2c34bed5059b7284482b011b63165bd
a9a538a14d116961e3ca69233333c9532a9d11d5d0325ce2458b284f726330bf
a9e402d2d19f1057cdea09b2152d8cfd35664182564595e19bb83916c1f00201
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa373e385a25b9de6c36e9b9d044279beeed499118c8a203133db841c364540f
aa7c984cd510935c132345bc7d579dfcde68742f7b11b599b905310f7164718c
ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9
abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340
ac09583c3281ce2c2489e77f6c0a63988a731449a9ddf4927144c137a98d5fd0
ad71faa702baaac4c60abd3df4b3b16bb9e251140d6678b277f0b123f0dd6bdf
ad81822765ae270ca1a4cf78b5e3fcec0204810aa5e59b6e1bb2440a674dbb3e
ae1c612707ba384af73f3395ce704f043d423bb8db74f7c798efc496d59b63d5
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0584eda330990d96e24a3ce45213508cf035adf65610ea1b94ab29106e6a82d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1c07b9f6ebe826cfee9806cc3bb4aa452c8ddc8b7044be3469039efe1708950
b244536cfc5bbb3292e727403f3ed77c386dba2d701b79383a872df02fae64c8
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b5090bbe9aa9debe429b3923e7089d218d6a329bf013e4142ce8248f7e11d53a
b5d7707ea8fc00aae40bf500ac7498d7f32f6b1bbff7b4fde976a40345eb5f9d
b80d2d0f6e446987fa27b4bb582b284cf539823a23dff41800b4fdcaac3aaed2
b80f9996f4ee83ac7e0cdc7b04f9e4150a90d41bbf901e7ea4a646d53f334a92
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bb717e2fc2c27aca64c8feeb4b82181cf3591cb8897440973f96c8d3bc36bd6f
bbb1142c50cc7b3830be3efdab1c855a1d7fec27ca6f3da4ff7a00f0a900a295
bd8bb06175d47d9ed8059051fa9c7b8157187c74f6d4af8eb25bbcfb14035b48
be270dd94c4a946a3437bddd8bd5714825212fe40529408f6e6c49d30e0149aa
befc7b427a145283d6380d5fb0bbb3611b1ef7a759261bb284dc25c46587bdb5
bf37e672439e11e3923977a85fedbcd493299cdec845d13c52e574d148aef36a
c1a892623b93f1af72766b261dafd330d7942c9664b4e0f1066446912f8f92be
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c231a52c44abf40216cbaff402e811240e43d1e9227be1cadc31325340bf1342
c24a517cf3dc453e6046e54ec1f6944bd762da6fc68447fcfa84c374723bbb09
c2fa0e79389ec8b51915a9e8b2a4496d07e33533926ab6a042a8b3231c124fe1
c31d34c789260a55001e77a569636bc6e9bf1bad692b3555617dbb1b6a5ca60c
c5a6257af7e1933c81565bc8bac9632a01b7966aadfc68e52f1468aa22a369e0
c5d33a380a26e353e2a0659060b3e80c0dc937f0f718860d93c13352c2c8ef84
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c6a305cd9f8592bbd50ddd47eb5af53952b97937e9b0c4df40498f7140ff8a49
c72133b1ceaccc156dc1632eb31d31eddfeaa671bd00e7488d425427e5d80a7b
c7a91e8ae78a2017b775f76cad66241ca3c2728228866622dc90cad71144e245
c7b2c7e96305d2c4e5652d080f8f474c704794ceaeca567d6ad4feaa8b67c79b
c81714a5c1dfb92d005e947249bf03b0e6867603c2ae773a1a3819e1d7db419f
c83fbf58a483f5cc2be50fadc59f507dcb5a84316d931f443fcf471a08b7d274
c8774b4b740a1c2ed2cb38c541b891be94475cb3201cb4c281939af6765625e3
ca0a6fcfb74a4f343761942c073ddc1f2c0271526ec4b496116af2e07f336b42
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cbbf6f25e279c8a05e8feb887f2d0022fa0ac2da117fd72246f6026f7ab526dc
cc04b20954bed0b68c5bb28805c4eb86970bf82a1634c45cc61a6f7c6bd2ac4e
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cc7fe287d717079384d94a1efb30eb76ea57e427b352c31f2a0249fc98ed66a0
cd488888454da96b9f3cc9629f20e99d3be07e2cc069973d46fe35e65cfc4e95
ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9
cf0c8bdcbaafb1702fd4cd12c26ff3e2694965c2810d84912ee5f67777dcdf16
cf2757527a305899906518510dd36fb962fa787542e6a525aa883ac54754288e
cf36f3295881d2714bf0f509f0126886b4b6190d2e1c90245e032d20797f0763
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
d216b8da34933ed1ba140eccb7345ec388e9200b635dec8dd917e21834f35c4b
d2315903f9fb90d18a5134cf4f60eb43d224b80c0c0c84c70dd679097bd42a96
d2c34f3973b6190f592b06da3bc5a790fb38b1fb005645956d51dc155c7a2085
d2c75110209654664dce2025452826501a6aacaa6a438e9390839927389813e9
d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d
d56de139eb2e387c34290153ffda2abfd1fc5a8e78440e36748df70c34abe605
d5ef592059912a574227dc788690420fdcf315af5ddc1375ab531ebddc5628ec
d603cc6d4801aa6808c773003c71522b6a1f935bc9328519fa81bfe871c6a09c
d62c3b6954bf377b24d8348d46a6fb0e52d0ed8e2b2e3dea4533bbc178a179a9
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d79700c0a360190d64f1a1deb4281b5ade95e5497fb144a63eaec5f1e0248c96
d7b09ff84d6843ad13ad61e99dec617fda5e939ee2701b9812746a098acc99ec
d9084c8d15d1443f22f31d7724ae80d662d69d384d206213458cc784ebd3bf9a
d9f443d0d6d75daae15b6fcae01674823809f098353c4c3b6a82578581f8f8be
da09704d64b7e8739508285a0c85200b37642661bb062a45aeaea0748891df5d
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dbeb241324f4c3e889518c86ec74c1f6f634fff0c6f23f8c5af28273b8f31112
dc2eff1a5631c967c9ade832f1c4411b737b8aa858d8930fa52cb1488fbb83af
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e01e867985df5cd6d952607e7c1c4dfd633b7964924d3e4c0785a50938d5ad4e
e31d63bac7431603691f015f94dbcee7a82fbddd4716e63f5f0cae7a4139e293
e336344e654c2a3bd8281e95f6c59616f094be194d74ed5f56470884e6f7698d
e397a3bbb67e88a554f4744781cf9d48ba1c01649f78276674e346baf6bc94fa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55ce4ed005132a6dce244be5bd696b695fb58b95c7244c13ba654c9faff6d1b
e60fe13d4a8e3267af57110cee0436555ffe1b45166d56e7c8560d61eaa84aa4
e7c4340eef6f19d3c07e7898acb1df91b7fc0b65ccf9b758371d591bf7d160b6
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
e8a032bf16d01ff45fade0d210f93016e22f1db752d4f4974c45f68f72602170
e9469a0dd82a9305059a1efd7a1ec92896bc5a85fe0376b771a040ab91de6782
ecc91e233a5495faee6dfe61e18d4544e889d34a2987d7c2be19fbe7f089fec0
ecdc9018319b4c5dd1275190313ad73a92b4bc6610eaddb9ad8fff8d6556dbba
ef0957cbf988fc87222c3e3761dc43198572596b8b39baa9f3f2a96dc358504c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef396978bdcb6cf292b7b97c1785d61478eb3282d99aa937f2994c80afc1c230
f06d3f996f14d9eafe4948d8008cebd9cdba0c85cf71cdc09b46fa74cc68d52b
f1706524f839a1c3f97ba644ce838fa4138bcfd2e062ef898cdca31eef692fce
f3e7e84a9247e2cbb12fcb52dd0afe3232325a13e01fc59652ad7fb3c8d5d664
f487a829418d1768e30d6026435768bf9bf366e6ee029bd7967f5243641f861c
f4abe8ed89d52c5605bfc39c969c9c22191d3648e07266713d4f234d556a0ac1
f4cbd223a6696df35733d838a354811a1ffa1d2d7c27c5de21a14b4a6f6b9917
f60c4600705d04f5c55db54f646fec728f9458c4fbba35adb4ac114077cb2391
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
f870819040947d6cd2340f2f5a6eb7035037f0b708e6312c5b6d9cc96c062d98
fb15c45f6a1d5aae6fd72fcfcc697b906fd1d759d8cda9dbb488265f0aff3bce
fb6f66254eeec009f4f2bb2bbacc848ae9afa12bbfcce06b0120f22ba4144d05
fc2e7f76a869333d2cafa51346648fcaaa7e70e901a330580a9fb0ddd744d94d
fd486becf782b0d2a778378dc5a587be49ca55ef73e131e322159c11a1c7f8ed
ff35395d737f58417c911c0f32b21f1c581565227b042df486e9cdbfad6344a3
ff874444f9b4d8ecbf95e7a1f8b97782e7d2719d315bc62c23e6cd8012a2bbbb
ffbf16cd924b6917b1f857c7d0add07417bc4e2a9b8dad63a5d732851450d6d1

www.lesvospost.com Open in urlscan Pro 2a00:1450:400d:802::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

497 Requests

99 %HTTPS

41 %IPv6

92 Domains

157 Subdomains

98 IPs

13 Countries

10458 kBTransfer

20031 kBSize

15 Cookies

34 Outgoing links

Page URL History

Redirected requests

497 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.lesvospost.com Open in urlscan Pro
2a00:1450:400d:802::2013 Public Scan

Screenshot
Live screenshot

Full Image

497
Requests

99 %
HTTPS

41 %
IPv6

92
Domains

157
Subdomains

98
IPs

13
Countries

10458 kB
Transfer

20031 kB
Size

15
Cookies

497 HTTP transactions
6 data transactions