s45725.p1364.sites.pressdns.com Open in urlscan Pro
18.133.176.247 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://s45725.p1364.sites.pressdns.com/
Submission: On February 16 via api (February 16th 2024, 3:46:30 am UTC) from US — Scanned from US

Summary HTTP 131 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 34 IPs in 5 countries across 28 domains to perform 131 HTTP transactions. The main IP is 18.133.176.247, located in London, United Kingdom and belongs to AMAZON-02, US. The main domain is s45725.p1364.sites.pressdns.com.
TLS certificate: Issued by R3 on February 15th 2024. Valid for: 3 months.

This is the only time s45725.p1364.sites.pressdns.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	18.133.176.247 18.133.176.247	16509 (AMAZON-02) (AMAZON-02)
43	18.164.124.36 18.164.124.36	16509 (AMAZON-02) (AMAZON-02)
3	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.64.206.38 172.64.206.38	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	142.251.41.2 142.251.41.2	15169 (GOOGLE) (GOOGLE)
1	142.251.40.202 142.251.40.202	15169 (GOOGLE) (GOOGLE)
2	142.251.41.10 142.251.41.10	15169 (GOOGLE) (GOOGLE)
1	23.218.10.35 23.218.10.35	16625 (AKAMAI-AS) (AKAMAI-AS)
3	23.47.169.117 23.47.169.117	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.226.34.23 13.226.34.23	16509 (AMAZON-02) (AMAZON-02)
1	23.51.57.131 23.51.57.131	16625 (AKAMAI-AS) (AKAMAI-AS)
1	72.21.81.200 72.21.81.200	15133 (EDGECAST) (EDGECAST)
2	142.251.40.168 142.251.40.168	15169 (GOOGLE) (GOOGLE)
2	130.211.29.114 130.211.29.114	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 9	34.117.77.79 34.117.77.79	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	142.251.40.131 142.251.40.131	15169 (GOOGLE) (GOOGLE)
1	151.101.194.217 151.101.194.217	54113 (FASTLY) (FASTLY)
2	151.101.194.27 151.101.194.27	54113 (FASTLY) (FASTLY)
5	35.244.232.184 35.244.232.184	15169 (GOOGLE) (GOOGLE)
2	35.241.15.240 35.241.15.240	15169 (GOOGLE) (GOOGLE)
8	142.250.81.225 142.250.81.225	15169 (GOOGLE) (GOOGLE)
2	23.51.57.155 23.51.57.155	16625 (AKAMAI-AS) (AKAMAI-AS)
4	23.199.49.95 23.199.49.95	() ()
9	142.250.80.98 142.250.80.98	15169 (GOOGLE) (GOOGLE)
2 2	35.244.154.8 35.244.154.8	15169 (GOOGLE) (GOOGLE)
2 2	34.229.3.43 34.229.3.43	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.210.199.77 34.210.199.77	16509 (AMAZON-02) (AMAZON-02)
2 2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2 3	3.232.64.79 3.232.64.79	14618 (AMAZON-AES) (AMAZON-AES)
1	13.225.214.80 13.225.214.80	16509 (AMAZON-02) (AMAZON-02)
1	78.46.117.148 78.46.117.148	24940 (HETZNER-AS) (HETZNER-AS)
5	142.250.65.206 142.250.65.206	15169 (GOOGLE) (GOOGLE)
2 4	142.250.65.194 142.250.65.194	15169 (GOOGLE) (GOOGLE)
1	20.108.190.38 20.108.190.38	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	65.108.188.9 65.108.188.9	24940 (HETZNER-AS) (HETZNER-AS)
1	142.250.176.196 142.250.176.196	15169 (GOOGLE) (GOOGLE)
131	34

3 18.133.176.247 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-133-176-247.eu-west-2.compute.amazonaws.com

s45725.p1364.sites.pressdns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
international-adviser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 18.164.124.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-124-36.jfk50.r.cloudfront.net

s45725.pcdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.206.38 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.251.41.2 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.202 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.41.10 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.218.10.35 (Mount Prospect, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-10-35.deploy.static.akamaitechnologies.com

cloud.typography.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.47.169.117 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-169-117.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.34.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-34-23.ewr53.r.cloudfront.net

s31888.pcdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.51.57.131 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-51-57-131.deploy.static.akamaitechnologies.com

players.brightcove.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.21.81.200 (United States)

ASN15133 (EDGECAST, US)

mktdplp102cdn.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.168 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.29.114 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 114.29.211.130.bc.googleusercontent.com

cdn.perfdrive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 34.117.77.79 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 79.77.117.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.131 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.217 (United States)

ASN54113 (FASTLY, US)

vjs.zencdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.27 (United States)

ASN54113 (FASTLY, US)

edge.api.brightcove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.244.232.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.232.244.35.bc.googleusercontent.com

metrics.brightcove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.241.15.240 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 240.15.241.35.bc.googleusercontent.com

cas.avalon.perfdrive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.81.225 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f1.1e100.net

f11f9dbf54b266fa319e4a51551c5a9c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.51.57.155 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-51-57-155.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.199.49.95 (Secaucus, United States)

ASN- ()
PTR: a23-199-49-95.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.80.98 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.154.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.154.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.229.3.43 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-229-3-43.compute-1.amazonaws.com

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.210.199.77 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-210-199-77.us-west-2.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.232.64.79 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-64-79.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.214.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-80.ewr50.r.cloudfront.net

cf-images.eu-west-1.prod.boltdns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.46.117.148 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.148.117.46.78.clients.your-server.de

cdn.cookie-script.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.65.206 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.65.194 (Plainview, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.108.190.38 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

d6cba395a2c04672b102e97fac33544f.svc.dynamics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.108.188.9 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.9.188.108.65.clients.your-server.de

consent.cookie-script.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.176.196 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	pcdn.co s45725.pcdn.co s31888.pcdn.co	861 KB
21	googlesyndication.com 2 redirects f11f9dbf54b266fa319e4a51551c5a9c.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 158 pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 ade.googlesyndication.com — Cisco Umbrella Rank: 307	310 KB
9	ml314.com 3 redirects ml314.com — Cisco Umbrella Rank: 2124	12 KB
9	teads.tv a.teads.tv — Cisco Umbrella Rank: 1469 sync.teads.tv — Cisco Umbrella Rank: 1531 t.teads.tv — Cisco Umbrella Rank: 3168	138 KB
8	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 213	184 KB
7	brightcove.com edge.api.brightcove.com — Cisco Umbrella Rank: 5851 metrics.brightcove.com — Cisco Umbrella Rank: 3441	4 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45	22 KB
4	perfdrive.com cdn.perfdrive.com — Cisco Umbrella Rank: 21038 cas.avalon.perfdrive.com — Cisco Umbrella Rank: 9516	10 KB
3	eyeota.net 2 redirects ps.eyeota.net — Cisco Umbrella Rank: 1188	2 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 434 fonts.googleapis.com — Cisco Umbrella Rank: 48	35 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 257	24 KB
2	cookie-script.com cdn.cookie-script.com — Cisco Umbrella Rank: 27057 consent.cookie-script.com — Cisco Umbrella Rank: 48306	23 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 389	697 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 250	1 KB
2	exelator.com 2 redirects loadus.exelator.com — Cisco Umbrella Rank: 1548	2 KB
2	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 493	836 B
2	gstatic.com fonts.gstatic.com	96 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 52	187 KB
2	pressdns.com s45725.p1364.sites.pressdns.com	24 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	dynamics.com d6cba395a2c04672b102e97fac33544f.svc.dynamics.com	591 B
1	boltdns.net cf-images.eu-west-1.prod.boltdns.net — Cisco Umbrella Rank: 20874	39 KB
1	zencdn.net vjs.zencdn.net — Cisco Umbrella Rank: 5993	7 KB
1	azureedge.net mktdplp102cdn.azureedge.net — Cisco Umbrella Rank: 44216	3 KB
1	brightcove.net players.brightcove.net — Cisco Umbrella Rank: 3243	224 KB
1	international-adviser.com international-adviser.com — Cisco Umbrella Rank: 815719	9 KB
1	typography.com cloud.typography.com — Cisco Umbrella Rank: 8319	248 B
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1212	10 KB
131	28

	Domain	Requested by
43	s45725.pcdn.co	s45725.p1364.sites.pressdns.com s45725.pcdn.co
9	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.googletagmanager.com pagead2.googlesyndication.com tpc.googlesyndication.com
9	ml314.com	3 redirects s45725.p1364.sites.pressdns.com ml314.com
8	securepubads.g.doubleclick.net	s45725.p1364.sites.pressdns.com s45725.pcdn.co securepubads.g.doubleclick.net pagead2.googlesyndication.com
7	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
5	metrics.brightcove.com	s45725.p1364.sites.pressdns.com
4	ade.googlesyndication.com	2 redirects s45725.p1364.sites.pressdns.com
4	t.teads.tv	s45725.p1364.sites.pressdns.com
3	ps.eyeota.net	2 redirects s45725.p1364.sites.pressdns.com
3	a.teads.tv	s45725.p1364.sites.pressdns.com a.teads.tv
3	cdnjs.cloudflare.com	s45725.p1364.sites.pressdns.com
2	match.adsrvr.org	2 redirects
2	dpm.demdex.net	1 redirects s45725.p1364.sites.pressdns.com
2	loadus.exelator.com	2 redirects
2	idsync.rlcdn.com	2 redirects
2	sync.teads.tv	a.teads.tv
2	cas.avalon.perfdrive.com	cdn.perfdrive.com
2	edge.api.brightcove.com	players.brightcove.net
2	fonts.gstatic.com	fonts.googleapis.com
2	cdn.perfdrive.com	s45725.p1364.sites.pressdns.com
2	www.googletagmanager.com	s45725.p1364.sites.pressdns.com www.googletagmanager.com
2	fonts.googleapis.com	s45725.p1364.sites.pressdns.com
2	s45725.p1364.sites.pressdns.com	s45725.p1364.sites.pressdns.com
1	www.google.com	tpc.googlesyndication.com
1	consent.cookie-script.com	cdn.cookie-script.com
1	d6cba395a2c04672b102e97fac33544f.svc.dynamics.com	s45725.p1364.sites.pressdns.com
1	cdn.cookie-script.com	www.googletagmanager.com
1	cf-images.eu-west-1.prod.boltdns.net	s45725.p1364.sites.pressdns.com
1	f11f9dbf54b266fa319e4a51551c5a9c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	vjs.zencdn.net	players.brightcove.net
1	mktdplp102cdn.azureedge.net	s45725.p1364.sites.pressdns.com
1	players.brightcove.net	s45725.p1364.sites.pressdns.com
1	international-adviser.com	s45725.p1364.sites.pressdns.com
1	s31888.pcdn.co	s45725.p1364.sites.pressdns.com
1	cloud.typography.com	s45725.p1364.sites.pressdns.com
1	ajax.googleapis.com	s45725.p1364.sites.pressdns.com
1	use.fontawesome.com	s45725.p1364.sites.pressdns.com
131	38

This site contains links to these domains. Also see Links.

Domain
www.linkedin.com
twitter.com
www.futureadvisoryforum.com
bestpracticeawards.co.uk
www.expertinvestoreurope.com
fundselectorasia.com
international-adviser.com
esgclarity.com
www.markallengroup.com
cookie-script.com
automattic.com
policies.google.com

Subject Issuer	Validity	Valid
s45725.p1364.sites.pressdns.com R3	`2024-02-15` - `2024-05-15`	3 months	crt.sh
pcdn.co Amazon RSA 2048 M01	`2023-08-12` - `2024-09-08`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.typography.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-03-04`	a year	crt.sh
teads.tv R3	`2024-01-22` - `2024-04-21`	3 months	crt.sh
international-adviser.com R3	`2023-12-24` - `2024-03-23`	3 months	crt.sh
players.brightcove.net DigiCert TLS RSA SHA256 2020 CA1	`2023-05-30` - `2024-05-30`	a year	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2023-05-05` - `2024-04-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.perfdrive.com Go Daddy Secure Certificate Authority - G2	`2023-09-21` - `2024-09-26`	a year	crt.sh
event-horizon.gcp.bomm.in GTS CA 1D4	`2024-01-01` - `2024-03-31`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
vjs.zencdn.net GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-06-03` - `2024-07-04`	a year	crt.sh
brightcove.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-12-14` - `2025-01-14`	a year	crt.sh
metrics.brightcove.com GTS CA 1D4	`2024-01-21` - `2024-04-20`	3 months	crt.sh
cas.avalon.perfdrive.com Go Daddy Secure Certificate Authority - G2	`2023-07-24` - `2024-08-05`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.prod.boltdns.net Amazon RSA 2048 M02	`2023-09-20` - `2024-10-19`	a year	crt.sh
*.cookie-script.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-11` - `2024-07-25`	10 months	crt.sh
*.svc.dynamics.com Microsoft Azure RSA TLS Issuing CA 03	`2023-12-31` - `2024-12-25`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://s45725.p1364.sites.pressdns.com/
Frame ID: 08F32B595C58DFDA5423D9290823131F
Requests: 114 HTTP requests in this frame

Frame: https://f11f9dbf54b266fa319e4a51551c5a9c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4A121991F70D57CA53E61972EDB141C6
Requests: 1 HTTP requests in this frame

Frame: https://sync.teads.tv/wigo-no-slot
Frame ID: 712277BFBE0E4EC863C66802EE8EB57D
Requests: 1 HTTP requests in this frame

Frame: https://sync.teads.tv/wigo-no-slot
Frame ID: 8573E25F7DB25C9E21252A0B49C62AC1
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvU_ywHledw9_dtOw_CJ4sgpUFSvifQD1hDK06-LUPN6VDFXYjpbldXFwFr0prKVvZZMAXhGhksc_2a6AUBKDRnJMx5Y7ZNgKJv1wFUBZuVLenHpeeqIMH8ggrapq_AvZZI9M2zwwyplOChcxABFKHV02LotGLXBPvlsME9bFc9_mK-EY1S5HXztJsSqZd8QAayiqla47TPg4FtyN2p-RTt4E1OzoHGrb-5YsjvlUr21gFucSw--84_LJtoAQejb9rwhb0UNUGMY5mmhZ5LoKwrrIWo-pk5lKALD05NkygXsraqlHclgSOIKHfGKQWg8hzlPe_n_VhM0wt5478trwNoJHECCCqSEGNOjoVBywS4NkdO8E_Q_cPzuDI-VbrxWDs&sai=AMfl-YTM_cDaMoBJ6wdVUoFC30lqKpn8VHh3AzWDdaO_acPjcICVHqKH9N-gwWLoTup6VquC4wM5bKKklU3ZjcENfVfkVTTql1Mr2kBVYrD-fgDiXHCXZywacFjMO2HR13VQ8omZOeM59jXIKI241QKkq5WE&sig=Cg0ArKJSzIXJ9wtM6N_iEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: E8A1674861948D4284A7060917EE5B44
Requests: 7 HTTP requests in this frame

Frame: https://ml314.com/utsync.ashx?eid=91050&et=0&dc=IA-IAHouse&cb=1220608186&gdpr=&gdpr_consent=
Frame ID: F6C55948130CF0DF110913DD39B41672
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 62EA946A50F1FC8F566DCD0C182459A4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 58BFF444BC92A4F1BD86E29C474926E4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

International Adviser | The leading website for IFAs who distribute international fund, life & banking products to high net worth individuals

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

131
Requests

92 %
HTTPS

0 %
IPv6

28
Domains

38
Subdomains

34
IPs

5
Countries

2229 kB
Transfer

5505 kB
Size

19
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://www.linkedin.com/company/international-adviser

Search URL Search Domain Scan URL

URL: https://twitter.com/IntAdviser

Search URL Search Domain Scan URL

URL: https://www.futureadvisoryforum.com/
Title: FAF Online

Search URL Search Domain Scan URL

URL: https://bestpracticeawards.co.uk/bestpracticeawards2023/en/page/home
Title: Best Practice Awards

Search URL Search Domain Scan URL

URL: https://www.expertinvestoreurope.com/
Title: More news from EI

Search URL Search Domain Scan URL

URL: https://fundselectorasia.com/
Title: More news from FSA

Search URL Search Domain Scan URL

URL: https://international-adviser.com/
Title: More news from IA

Search URL Search Domain Scan URL

URL: https://esgclarity.com/
Title: More news from ESG Clarity

Search URL Search Domain Scan URL

URL: https://www.markallengroup.com/cookie-policy
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://www.markallengroup.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.markallengroup.com/terms-and-conditions
Title: Terms and conditions

Search URL Search Domain Scan URL

URL: https://cookie-script.com/privacy-policy.html
Title: CookieScript

Search URL Search Domain Scan URL

URL: https://automattic.com/privacy/
Title: Automattic Inc.

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Google LLC

Search URL Search Domain Scan URL

URL: https://cookie-script.com/cookie-report?identifier=1daeac14fd72d4665e6cc2e6963bfa45
Title: report

Search URL Search Domain Scan URL

URL: https://cookie-script.com/
Title: CookieScript

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 102

https://idsync.rlcdn.com/395886.gif?partner_uid=3642102412317032484 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzY0MjEwMjQxMjMxNzAzMjQ4NBAAGg0Ij7W7rgYSBQjoBxAAQgBKAA HTTP 307
https://ml314.com/csync.ashx?fp=d0769d87a22db7562f42ba8e8872463419f7f256fb6c5c88eeba50ccb7882134f4cb09cee1a4f8eb&person_id=3642102412317032484&eid=50082

Request Chain 103

https://loadus.exelator.com/load/?p=204&g=1170&j=0&redirect=https%3A%2F%2Fml314.com%2Fcsync.ashx%3Fperson_id%3D3642102412317032484%26eid%3D50596%26fp%3D HTTP 302
https://loadus.exelator.com/load/?p=204&g=1170&j=0&redirect=https%3A%2F%2Fml314.com%2Fcsync.ashx%3Fperson_id%3D3642102412317032484%26eid%3D50596%26fp%3D&xl8blockcheck=1 HTTP 302
https://ml314.com/csync.ashx?person_id=3642102412317032484&eid=50596&fp=983fd52b8791005ce2da89e54046c08b&gdpr=&gdpr_consent=

Request Chain 104

https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3642102412317032484&redir= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3642102412317032484&redir=

Request Chain 105

https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
https://ml314.com/utsync.ashx?eid=53819&et=0&fp=764f1ef0-4cc7-4241-b535-3df1f94696f9&gdpr=0&gdpr_consent= HTTP 302
https://ml314.com/csync.ashx?fp=764f1ef0-4cc7-4241-b535-3df1f94696f9&person_id=3642102412317032484&eid=53819

Request Chain 106

https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif HTTP 302
https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2L-PJnH5-QBYJxj62mCWeuwX2IFh67dlCYQ30kZXJNTE&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referrer_pid%3Dr8hrb20 HTTP 302
https://ml314.com/csync.ashx?fp=2L-PJnH5-QBYJxj62mCWeuwX2IFh67dlCYQ30kZXJNTE&person_id=3642102412317032484&eid=50052&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referrer_pid%3Dr8hrb20 HTTP 302
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20

Request Chain 118

https://ade.googlesyndication.com/ddm/activity/src=10309074;type=invmedia;cat=bonhi003;ord=3646304227108;npa=1;pscdl=denied;gtm=45He42e0v79627532za200;gcs=G101;gcd=13p3t3p3p5;dma_cps=-;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fs45725.p1364.sites.pressdns.com%2F HTTP 302
https://ade.googlesyndication.com/ddm/activity/src=10309074;dc_pre=CKmPtrT5roQDFd7QTwIdI90P-Q;type=invmedia;cat=bonhi003;ord=3646304227108;npa=1;pscdl=denied;gtm=45He42e0v79627532za200;gcs=G101;gcd=13p3t3p3p5;dma_cps=-;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fs45725.p1364.sites.pressdns.com%2F

Request Chain 119

https://ade.googlesyndication.com/ddm/activity/src=13039151;type=invmedia;cat=ma_in0;ord=5679840436441;npa=1;pscdl=denied;gtm=45He42e0v79627532za200;gcs=G101;gcd=13p3t3p3p5;dma_cps=-;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fs45725.p1364.sites.pressdns.com%2F HTTP 302
https://ade.googlesyndication.com/ddm/activity/src=13039151;dc_pre=CM-KtrT5roQDFZbQTwIdlOUOag;type=invmedia;cat=ma_in0;ord=5679840436441;npa=1;pscdl=denied;gtm=45He42e0v79627532za200;gcs=G101;gcd=13p3t3p3p5;dma_cps=-;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fs45725.p1364.sites.pressdns.com%2F

131 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
s45725.p1364.sites.pressdns.com/ 98 KB
20 KB 1154ms
640ms Document
text/html 18.133.176.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s45725.p1364.sites.pressdns.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.133.176.247 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-133-176-247.eu-west-2.compute.amazonaws.com

Software

Pagely-ARES/1.20.1 /

Resource Hash

a1fd50e0a4461cb310c60f4c0cf40fc857ad6b13f3118b955c0a6ff2c256e65b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-length: 20151
content-type: text/html; charset=UTF-8
date: Fri, 16 Feb 2024 03:46:13 GMT
link: <https://s45725.p1364.sites.pressdns.com/wp-json/>; rel="https://api.w.org/"
server: Pagely-ARES/1.20.1
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-gateway-cache-key: 1708040398.375|standard|https|s45725.p1364.sites.pressdns.com|||/
x-gateway-cache-status: BYPASS
x-gateway-request-id: bdeb26b7345ee1f0972657efd4ef3353
x-gateway-skip-cache: 1
x-xss-protection: 1; mode=block

GET
H2 200 style.min.css
s45725.pcdn.co/wp-includes/css/dist/block-library/ 108 KB
15 KB 4426ms
1051ms Stylesheet
text/css 18.164.124.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s45725.pcdn.co/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-36.jfk50.r.cloudfront.net

Software

Pagely-ARES/1.20.1 /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 e4139980c923137f619eb979df36e416.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
x-cache: Miss from cloudfront
content-length: 14501
x-xss-protection: 1; mode=block
x-gateway-cache-status: BYPASS
x-gateway-request-id: 51cc66049265257e613d119c19954655
last-modified: Tue, 30 Jan 2024 22:25:41 GMT
server: Pagely-ARES/1.20.1
etag: "1ae43-610313e10e340-gzip"
x-frame-options: SAMEORIGIN
x-gateway-skip-cache: 1
content-type: text/css
x-gateway-cache-key: 0||https|s45725.p1364.sites.pressdns.com|||/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3
cache-control: max-age=2592000
vary: Accept-Encoding,Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: vsgZWZ_ILf48aptd-l3ZmWbg581X6AeCJ3G-766Okvh6Yp1ABVtXEw==
expires: Sun, 17 Mar 2024 03:46:17 GMT

GET
H2 200 style.css
s45725.pcdn.co/wp-content/plugins/last-word-gallery/css/ 1 KB
1 KB 3995ms
620ms Stylesheet
text/css 18.164.124.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s45725.pcdn.co/wp-content/plugins/last-word-gallery/css/style.css?ver=1.0.0

Requested by

Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-36.jfk50.r.cloudfront.net

Software

Pagely-ARES/1.20.1 /

Resource Hash

0e04ac50ed2b3281f320105c72b5bca8aad2c04ce48f5a388e72776cf258aacb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 e4139980c923137f619eb979df36e416.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
x-cache: Miss from cloudfront
content-length: 359
x-xss-protection: 1; mode=block
x-gateway-cache-status: BYPASS
x-gateway-request-id: 85549d89ff1dd4e3e30cb17f15ff8da9
last-modified: Thu, 16 Nov 2023 10:46:40 GMT
server: Pagely-ARES/1.20.1
etag: "4b3-60a42bc179738-gzip"
x-frame-options: SAMEORIGIN
x-gateway-skip-cache: 1
content-type: text/css
x-gateway-cache-key: 0||https|s45725.p1364.sites.pressdns.com|||/wp-content/plugins/last-word-gallery/css/style.css?ver=1.0.0
cache-control: max-age=2592000
vary: Accept-Encoding,Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: N1fz4d8-hamN_M3lfEAxo4ue4E7enRPXt1oRhItmhTEAOUTzzuW2rA==
expires: Sun, 17 Mar 2024 03:46:17 GMT

GET
H2 200 js-calendar.min.css
s45725.pcdn.co/wp-content/themes/ia-new/inc/assets/css/ 9 KB
3 KB 3975ms
602ms Stylesheet
text/css 18.164.124.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s45725.pcdn.co/wp-content/themes/ia-new/inc/assets/css/js-calendar.min.css?ver=6.4.3

Requested by

Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-36.jfk50.r.cloudfront.net

Software

Pagely-ARES/1.20.1 /

Resource Hash

224c50b6b6a51c70877b885041e0591886d66106c673acd7d8ecf075dd376fad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 e4139980c923137f619eb979df36e416.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
x-cache: Miss from cloudfront
content-length: 2030
x-xss-protection: 1; mode=block
x-gateway-cache-status: BYPASS
x-gateway-request-id: f0a027fb6854ceb19666cd7964f4ce43
last-modified: Thu, 16 Nov 2023 10:46:48 GMT
server: Pagely-ARES/1.20.1
etag: "2258-60a42bc985097-gzip"
x-frame-options: SAMEORIGIN
x-gateway-skip-cache: 1
content-type: text/css
x-gateway-cache-key: 0||https|s45725.p1364.sites.pressdns.com|||/wp-content/themes/ia-new/inc/assets/css/js-calendar.min.css?ver=6.4.3
cache-control: max-age=2592000
vary: Accept-Encoding,Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: lj-dG77tnhySMEpFQK964UHifS8omi12ro6JbBErWqQN7W028VN7Vw==
expires: Sun, 17 Mar 2024 03:46:17 GMT

GET
H2 200 bootstrap.min.css
s45725.pcdn.co/wp-content/themes/ia-new/inc/assets/css/ 138 KB
21 KB 4108ms
735ms Stylesheet
text/css 18.164.124.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s45725.pcdn.co/wp-content/themes/ia-new/inc/assets/css/bootstrap.min.css?ver=6.4.3

Requested by

Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-36.jfk50.r.cloudfront.net

Software

Pagely-ARES/1.20.1 /

Resource Hash

31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 e4139980c923137f619eb979df36e416.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
x-cache: Miss from cloudfront
content-length: 21086
x-xss-protection: 1; mode=block
x-gateway-cache-status: BYPASS
x-gateway-request-id: a795f7b35572891011ba8c183c18ed1e
last-modified: Thu, 16 Nov 2023 10:46:48 GMT
server: Pagely-ARES/1.20.1
etag: "22682-60a42bc9840f7-gzip"
x-frame-options: SAMEORIGIN
x-gateway-skip-cache: 1
content-type: text/css
x-gateway-cache-key: 0||https|s45725.p1364.sites.pressdns.com|||/wp-content/themes/ia-new/inc/assets/css/bootstrap.min.css?ver=6.4.3
cache-control: max-age=2592000
vary: Accept-Encoding,Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: NzEucN54oZ5Xz-1MySAu4SOem6n8n-2mPoLDj8YG6INXeZT7-LEetA==
expires: Sun, 17 Mar 2024 03:46:17 GMT

GET
H2 200 flexslider.css
cdnjs.cloudflare.com/ajax/libs/flexslider/2.7.1/ 7 KB
2 KB 283ms
76ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/flexslider/2.7.1/flexslider.css?ver=6.4.3

Requested by

Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

097e44806c9d8c7c557cf573402b566f893c6efc1addf6e8d9dad744ba18d29f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 203587
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1300
last-modified: Mon, 04 May 2020 16:10:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5e-1b19"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=swNCOKjHAf6RqMSBkkgBqncXktme2TE7TVqRDwr3rOgcb2oZrnTHEH6%2FThnuSPhGag8dY%2F3kXGvmF2iVkJZasgZPaAOiEuCXAjn45YASaq%2Fvf3k4GQcJT84pfOPHnOkKd%2BR8%2FjNw"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8562cd64a8f014dc-LAX
expires: Wed, 05 Feb 2025 03:46:13 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.1.0/css/ 45 KB
10 KB 3412ms
155ms Stylesheet
text/css 172.64.206.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css?ver=6.4.3
Requested by: Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.206.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:44:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1399897
etag: W/"826c57385f3d35cfed5478ba7b1f5c03"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TH%2BXd9i93HcOqmOKZXw82Mw1PESI%2FdCLZoHazTbDLcaUgoqsg6lVQq2ajt%2FyQK6QLRCmQzA2mAgJI9AijEopndEbxxtJ6YqT6epIbyke15I7t4RnG29LeAjzzaP62jP%2BCXGrks2O"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 8562cd784d1e0cab-LAX
alt-svc: h3=":443"; ma=86400

GET
H2 200 stylesheet.css
s45725.pcdn.co/wp-content/themes/ia-new/inc/assets/fonts/ 1 KB
917 B 4052ms
682ms Stylesheet
text/css 18.164.124.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s45725.pcdn.co/wp-content/themes/ia-new/inc/assets/fonts/stylesheet.css?ver=6.4.3

Requested by

Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-36.jfk50.r.cloudfront.net

Software

Pagely-ARES/1.20.1 /

Resource Hash

91538a0e3e8f604d74b7aac52aa39d0758e565f614ff71755b652ab466b4f229

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 e4139980c923137f619eb979df36e416.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
x-cache: Miss from cloudfront
content-length: 243
x-xss-protection: 1; mode=block
x-gateway-cache-status: BYPASS
x-gateway-request-id: bd980b31e2f9d67f98db204111c82636
last-modified: Thu, 16 Nov 2023 10:46:48 GMT
server: Pagely-ARES/1.20.1
etag: "4b5-60a42bc989eb7-gzip"
x-frame-options: SAMEORIGIN
x-gateway-skip-cache: 1
content-type: text/css
x-gateway-cache-key: 0||https|s45725.p1364.sites.pressdns.com|||/wp-content/themes/ia-new/inc/assets/fonts/stylesheet.css?ver=6.4.3
cache-control: max-age=2592000
vary: Accept-Encoding,Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: jFqTptWDMBgDKrw58CAmsmxJcHLgJOYwLR9OMVUCc-EwuAeyAeX-_g==
expires: Sun, 17 Mar 2024 03:46:17 GMT

GET
H2 200 style.css
s45725.pcdn.co/wp-content/themes/ia-new/ 74 KB
15 KB 4419ms
1049ms Stylesheet
text/css 18.164.124.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s45725.pcdn.co/wp-content/themes/ia-new/style.css?ver=3.1.19

Requested by

Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-36.jfk50.r.cloudfront.net

Software

Pagely-ARES/1.20.1 /

Resource Hash

528a3314b1e07eb8cdc3a54ed16bdcceafeddb8a79adf1ccc45b3658b0c3d3bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 e4139980c923137f619eb979df36e416.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
x-cache: Miss from cloudfront
content-length: 14626
x-xss-protection: 1; mode=block
x-gateway-cache-status: BYPASS
x-gateway-request-id: f39d7843efc0b12d995af9f798705dba
last-modified: Thu, 16 Nov 2023 10:46:48 GMT
server: Pagely-ARES/1.20.1
etag: "1274a-60a42bc9775d6-gzip"
x-frame-options: SAMEORIGIN
x-gateway-skip-cache: 1
content-type: text/css
x-gateway-cache-key: 0||https|s45725.p1364.sites.pressdns.com|||/wp-content/themes/ia-new/style.css?ver=3.1.19
cache-control: max-age=2592000
vary: Accept-Encoding,Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: 9k3yk_vbsLzefrs0OGccleVIt69Q1bMFBxIFaprrFxU34FLPZv-kIA==
expires: Sun, 17 Mar 2024 03:46:17 GMT

GET
H2 200 default.css
s45725.pcdn.co/wp-content/plugins/tablepress/css/build/ 6 KB
3 KB 3976ms
607ms Stylesheet
text/css 18.164.124.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s45725.pcdn.co/wp-content/plugins/tablepress/css/build/default.css?ver=2.2.5

Requested by

Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-36.jfk50.r.cloudfront.net

Software

Pagely-ARES/1.20.1 /

Resource Hash

8c10bfd761676feda6e280e0d31794b1a8d21279f437ddb817a708d6fe0b72db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 e4139980c923137f619eb979df36e416.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
x-cache: Miss from cloudfront
content-length: 2454
x-xss-protection: 1; mode=block
x-gateway-cache-status: BYPASS
x-gateway-request-id: 896f81512b63eab1d1b751a0a0eb0faf
last-modified: Tue, 30 Jan 2024 11:40:03 GMT
server: Pagely-ARES/1.20.1
etag: "17cb-61028392502a2-gzip"
x-frame-options: SAMEORIGIN
x-gateway-skip-cache: 1
content-type: text/css
x-gateway-cache-key: 0||https|s45725.p1364.sites.pressdns.com|||/wp-content/plugins/tablepress/css/build/default.css?ver=2.2.5
cache-control: max-age=2592000
vary: Accept-Encoding,Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: 6qYiZfKxrwit6eqssHtvLQRwsRL_Dc8CwYZjHf8A8PEpUauhiBv2og==
expires: Sun, 17 Mar 2024 03:46:17 GMT

GET
H2 200 tmm_style.css
s45725.pcdn.co/wp-content/plugins/team-members/inc/css/ 6 KB
2 KB 4051ms
683ms Stylesheet
text/css 18.164.124.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s45725.pcdn.co/wp-content/plugins/team-members/inc/css/tmm_style.css?ver=6.4.3

Requested by

Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-36.jfk50.r.cloudfront.net

Software

Pagely-ARES/1.20.1 /

Resource Hash

aa683a5b00b7585a336a6977c3d8556ba84762e70257084a3e37c01e68ee956e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 e4139980c923137f619eb979df36e416.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
x-cache: Miss from cloudfront
content-length: 1460
x-xss-protection: 1; mode=block
x-gateway-cache-status: BYPASS
x-gateway-request-id: ccda3600e355697d5492401c0992461b
last-modified: Mon, 12 Feb 2024 23:53:23 GMT
server: Pagely-ARES/1.20.1
etag: "17a9-61137fba86bed-gzip"
x-frame-options: SAMEORIGIN
x-gateway-skip-cache: 1
content-type: text/css
x-gateway-cache-key: 0||https|s45725.p1364.sites.pressdns.com|||/wp-content/plugins/team-members/inc/css/tmm_style.css?ver=6.4.3
cache-control: max-age=2592000
vary: Accept-Encoding,Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: SIDNIHwDaW9KePBr9ngTmXdPM1suny7YYSbFLv8EOyPwBEcyBrV68A==
expires: Sun, 17 Mar 2024 03:46:17 GMT

GET
H2 200 app.js Show response
s45725.pcdn.co/wp-content/plugins/mag-registration-main/js/ 3 KB
2 KB 3957ms
589ms Script
application/javascript 18.164.124.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s45725.pcdn.co/wp-content/plugins/mag-registration-main/js/app.js?ver=5.3.0

Requested by

Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-36.jfk50.r.cloudfront.net

Software

Pagely-ARES/1.20.1 /

Resource Hash

1a49d89ef20c4fc49c0d4085bccaa9030d332156da9607787448b7ed54ef5b66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 e4139980c923137f619eb979df36e416.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
x-cache: Miss from cloudfront
content-length: 1153
x-xss-protection: 1; mode=block
x-gateway-cache-status: BYPASS
x-gateway-request-id: 4271955cf2477c490956293c68054464
last-modified: Thu, 16 Nov 2023 10:46:40 GMT
server: Pagely-ARES/1.20.1
etag: "c3b-60a42bc1a65f9-gzip"
x-frame-options: SAMEORIGIN
x-gateway-skip-cache: 1
content-type: application/javascript
x-gateway-cache-key: 0||https|s45725.p1364.sites.pressdns.com|||/wp-content/plugins/mag-registration-main/js/app.js?ver=5.3.0
cache-control: max-age=2592000
vary: Accept-Encoding,Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: hGLW6frAwFot7b1pU716dOPS_6tG42yI95Zv07fZYlDBhzMtSATa-g==
expires: Sun, 17 Mar 2024 03:46:17 GMT

GET
H2 200 jquery.validate.min.js Show response
s45725.pcdn.co/wp-content/plugins/last-word-site/js/ 23 KB
8 KB 4047ms
681ms Script
application/javascript 18.164.124.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s45725.pcdn.co/wp-content/plugins/last-word-site/js/jquery.validate.min.js?ver=6.4.3

Requested by

Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-36.jfk50.r.cloudfront.net

Software

Pagely-ARES/1.20.1 /

Resource Hash

17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 e4139980c923137f619eb979df36e416.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
x-cache: Miss from cloudfront
content-length: 7502
x-xss-protection: 1; mode=block
x-gateway-cache-status: BYPASS
x-gateway-request-id: 24b69e9d24a11902cf7fd6790b3c2155
last-modified: Thu, 16 Nov 2023 10:46:40 GMT
server: Pagely-ARES/1.20.1
etag: "5add-60a42bc17a6d8-gzip"
x-frame-options: SAMEORIGIN
x-gateway-skip-cache: 1
content-type: application/javascript
x-gateway-cache-key: 0||https|s45725.p1364.sites.pressdns.com|||/wp-content/plugins/last-word-site/js/jquery.validate.min.js?ver=6.4.3
cache-control: max-age=2592000
vary: Accept-Encoding,Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: 8uSqI3pdFjqlzCUD-byPQQYaLqbtNMcBffvwz6vYo9_Y7Q6qaDNZzQ==
expires: Sun, 17 Mar 2024 03:46:17 GMT

GET
H2 200 jquery.steps.min.js Show response
s45725.pcdn.co/wp-content/plugins/last-word-site/js/ 14 KB
5 KB 3985ms
619ms Script
application/javascript 18.164.124.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s45725.pcdn.co/wp-content/plugins/last-word-site/js/jquery.steps.min.js?ver=6.4.3

Requested by

Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-36.jfk50.r.cloudfront.net

Software

Pagely-ARES/1.20.1 /

Resource Hash

c9459a9e11e4c63fb7a30d2a644e80b733fc9599302ef3da8142cbe8f9d9333d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 e4139980c923137f619eb979df36e416.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
x-cache: Miss from cloudfront
content-length: 4916
x-xss-protection: 1; mode=block
x-gateway-cache-status: BYPASS
x-gateway-request-id: 416ba7528f96e19a6ee1a668201da8e5
last-modified: Thu, 16 Nov 2023 10:46:40 GMT
server: Pagely-ARES/1.20.1
etag: "3621-60a42bc17a6d8-gzip"
x-frame-options: SAMEORIGIN
x-gateway-skip-cache: 1
content-type: application/javascript
x-gateway-cache-key: 0||https|s45725.p1364.sites.pressdns.com|||/wp-content/plugins/last-word-site/js/jquery.steps.min.js?ver=6.4.3
cache-control: max-age=2592000
vary: Accept-Encoding,Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: ptbw0KJFFbELAJHObnmFvQTFsrpmMloZp86eRc4FHlw6HIcA3H95nw==
expires: Sun, 17 Mar 2024 03:46:17 GMT

GET
H2 200 jquery.min.js Show response
s45725.pcdn.co/wp-includes/js/jquery/ 86 KB
30 KB 4125ms
760ms Script
application/javascript 18.164.124.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s45725.pcdn.co/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-36.jfk50.r.cloudfront.net

Software

Pagely-ARES/1.20.1 /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 e4139980c923137f619eb979df36e416.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
x-cache: Miss from cloudfront
content-length: 30368
x-xss-protection: 1; mode=block
x-gateway-cache-status: BYPASS
x-gateway-request-id: 4bdf9bc6e686c8c93e6437c6f15b1645
last-modified: Tue, 30 Jan 2024 22:25:41 GMT
server: Pagely-ARES/1.20.1
etag: "15601-610313e10e340-gzip"
x-frame-options: SAMEORIGIN
x-gateway-skip-cache: 1
content-type: application/javascript
x-gateway-cache-key: 0||https|s45725.p1364.sites.pressdns.com|||/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
cache-control: max-age=2592000
vary: Accept-Encoding,Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: nnyqoogRcsS79r4GDlmjqxx5u3k3TffEP4IpCYHfy7sOXIcz7LClLA==
expires: Sun, 17 Mar 2024 03:46:17 GMT

GET
H2 200 jquery-migrate.min.js Show response
s45725.pcdn.co/wp-includes/js/jquery/ 13 KB
5 KB 4068ms
704ms Script
application/javascript 18.164.124.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s45725.pcdn.co/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-36.jfk50.r.cloudfront.net

Software

Pagely-ARES/1.20.1 /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 e4139980c923137f619eb979df36e416.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
x-cache: Miss from cloudfront
content-length: 4872
x-xss-protection: 1; mode=block
x-gateway-cache-status: BYPASS
x-gateway-request-id: d4bd694ba6c3acf2a45ad876ada9cd96
last-modified: Tue, 30 Jan 2024 22:25:41 GMT
server: Pagely-ARES/1.20.1
etag: "3509-610313e10e340-gzip"
x-frame-options: SAMEORIGIN
x-gateway-skip-cache: 1
content-type: application/javascript
x-gateway-cache-key: 0||https|s45725.p1364.sites.pressdns.com|||/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
cache-control: max-age=2592000
vary: Accept-Encoding,Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: BAz94gd_z7PVCQAvF_j_O_dEgc7mC7kJfp0kU8lKAj3365b_rvdBdw==
expires: Sun, 17 Mar 2024 03:46:17 GMT

GET
H2 200 ad-serve.js Show response
s45725.pcdn.co/wp-content/themes/ia-new/inc/assets/js/ 22 B
686 B 4060ms
696ms Script
application/javascript 18.164.124.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s45725.pcdn.co/wp-content/themes/ia-new/inc/assets/js/ad-serve.js?ver=6.4.3

Requested by

Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-36.jfk50.r.cloudfront.net

Software

Pagely-ARES/1.20.1 /

Resource Hash

d66c76d71727f9df7079aea53d245c09112a330c581a3b857aea7aabc25aa25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 e4139980c923137f619eb979df36e416.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
x-gateway-cache-status: BYPASS
x-gateway-request-id: eabf788dcb97cde725c2ed14b5b47a12
last-modified: Thu, 16 Nov 2023 10:46:48 GMT
server: Pagely-ARES/1.20.1
etag: W/"16-60a42bc98dd37"
x-frame-options: SAMEORIGIN
x-gateway-skip-cache: 1
content-type: application/javascript
x-gateway-cache-key: 0||https|s45725.p1364.sites.pressdns.com|||/wp-content/themes/ia-new/inc/assets/js/ad-serve.js?ver=6.4.3
cache-control: max-age=2592000
vary: Accept-Encoding
x-amz-cf-id: G2klXKxNRalHyaBwo440YHVQddAH6i_ShnEn6PmKCqUiQT95CPYxHQ==
expires: Sun, 17 Mar 2024 03:46:17 GMT

GET
H2 200 dtct.js Show response
s45725.pcdn.co/wp-content/themes/ia-new/inc/assets/js/ 5 KB
2 KB 4062ms
698ms Script
application/javascript 18.164.124.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s45725.pcdn.co/wp-content/themes/ia-new/inc/assets/js/dtct.js?ver=6.4.3

Requested by

Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-36.jfk50.r.cloudfront.net

Software

Pagely-ARES/1.20.1 /

Resource Hash

a41b4f74700e186484f97238f4ffa14fbb9c07d7b79572d6ef0e95d764bceadd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 e4139980c923137f619eb979df36e416.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
x-cache: Miss from cloudfront
content-length: 1571
x-xss-protection: 1; mode=block
x-gateway-cache-status: BYPASS
x-gateway-request-id: 113ea4b62b11b29c76a4130b2feb9770
last-modified: Thu, 16 Nov 2023 10:46:48 GMT
server: Pagely-ARES/1.20.1
etag: "13da-60a42bc98dd37-gzip"
x-frame-options: SAMEORIGIN
x-gateway-skip-cache: 1
content-type: application/javascript
x-gateway-cache-key: 0||https|s45725.p1364.sites.pressdns.com|||/wp-content/themes/ia-new/inc/assets/js/dtct.js?ver=6.4.3
cache-control: max-age=2592000
vary: Accept-Encoding,Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: uJCVBSRrcQcDNLk3zFVaXj0Tr5PXJzUxC5cB70eTPRs4c96uvYMhdg==
expires: Sun, 17 Mar 2024 03:46:17 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 96 KB
29 KB 469ms
182ms Script
text/javascript 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

cafe /

Resource Hash

9ac7bef190fc41c61ce3fbaf4c9b6526b184728c210283e7298fac75fdd9f51e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29180
x-xss-protection: 0
server: cafe
etag: 188 / 19769 / 31081207 / config-hash: 7618136491434172592
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 16 Feb 2024 03:46:21 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 94 KB
33 KB 7969ms
216ms Script
text/javascript 142.251.40.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

Requested by

Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.202 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f10.1e100.net

Software

sffe /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 08:58:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67657
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33434
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 08:58:44 GMT

GET
H2 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.10.6/ 35 KB
12 KB 393ms
198ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.10.6/moment.min.js

Requested by

Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

800c7773f0574b5b5573bd89af3cc8b0fc6bb368d6fbde8f7ccf97c30bdbf699

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3228385
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 11606
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-8a57"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i0RcP6CgezgdrakV%2F%2FGaHJ1fDs7oEtypx%2F3DWk4AzMJM7aZKkYu7plpGf%2B7ZNwrLmRLcNJmGCGl3qF96gaTcwRNZMgIL4MkpdFjzYsNto%2BQde6AID%2FcnadkXD%2B6PP3kt%2FY4WMgxe"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8562cd64a8f314dc-LAX
expires: Wed, 05 Feb 2025 03:46:13 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 1773ms
157ms Stylesheet
text/css 142.251.41.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700

Requested by

Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.10 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f10.1e100.net

Software

ESF /

Resource Hash

4e6a06d2689dfb3ef55c8699b1842e7b1f31354d85396a4f8bc1f5c637fa0fc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 16 Feb 2024 03:46:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 16 Feb 2024 02:56:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 16 Feb 2024 03:46:15 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
725 B 1776ms
161ms Stylesheet
text/css 142.251.41.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Vollkorn:400,600,700

Requested by

Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.10 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f10.1e100.net

Software

ESF /

Resource Hash

431c5b2934ddad8350917836e05ec96384af9169ef2419a0c4969d1a87198931

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 16 Feb 2024 03:46:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 16 Feb 2024 03:46:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 16 Feb 2024 03:46:15 GMT

GET
H/1.1 200
OK fonts.css
cloud.typography.com/6660074/7138392/css/ 17 B
248 B 508ms
200ms Stylesheet
text/css 23.218.10.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud.typography.com/6660074/7138392/css/fonts.css
Requested by: Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.10.35 Mount Prospect, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-10-35.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: f2e53e56c4c3f42d0f7654ddedfa5cb642a4c2a6389435c6e4ae65fbfafd9f12

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Fri, 16 Feb 2024 03:46:14 GMT
Cache-Control: max-age=300
Server: AkamaiNetStorage
Connection: keep-alive
ETag: "f130fd70bd4cfa88cacd6d9b4c8c0f19:1596717132"
Content-Length: 17
Content-Type: text/css

GET
H2 200 tag Show response
a.teads.tv/page/52910/ 770 B
791 B 560ms
199ms Script
application/javascript 23.47.169.117
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/52910/tag
Requested by: Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.169.117 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-169-117.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 776fd23892c09215b5858d555ac63a59eed7676c5c5c8cb2c7b92c88a3b2ff89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:21 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate, no-store
access-control-allow-credentials: true
content-length: 482
expires: 0

GET
H2 200 tag Show response
a.teads.tv/page/52909/ 775 B
795 B 204ms
204ms Script
application/javascript 23.47.169.117
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/52909/tag
Requested by: Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.169.117 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-169-117.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 04aba69af561f3698587eddbfe1afb6d702325d1affdf51dfa94cdfd7ba5a390

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:21 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate, no-store
access-control-allow-credentials: true
content-length: 486
expires: 0

GET
H2 200 logo.svg
s45725.pcdn.co/wp-content/themes/ia-new/inc/assets/img/ 6 KB
3 KB 655ms
653ms Image
image/svg+xml 18.164.124.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s45725.pcdn.co/wp-content/themes/ia-new/inc/assets/img/logo.svg

Requested by

Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-36.jfk50.r.cloudfront.net

Software

Pagely-ARES/1.20.1 /

Resource Hash

655d8d7bc8ae094727fe72255c28af8024b4b7fec6496cb695459a4debfcd582

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 e4139980c923137f619eb979df36e416.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
x-gateway-cache-status: BYPASS
x-gateway-request-id: 15d68275e0771e2eb523af651419b1af
last-modified: Thu, 16 Nov 2023 10:46:48 GMT
server: Pagely-ARES/1.20.1
etag: W/"1807-60a42bc98bdf7"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
x-gateway-skip-cache: 1
x-gateway-cache-key: 0||https|s45725.p1364.sites.pressdns.com|||/wp-content/themes/ia-new/inc/assets/img/logo.svg
cache-control: max-age=2592000
vary: Accept-Encoding
x-amz-cf-id: JxKN53kwNSr1eUGe54BaYyyXlyjXAOiLyrAAWH8hOSD9zgpMB2JkGQ==
expires: Sun, 17 Mar 2024 03:46:17 GMT

GET
H2 200 IA.jfif
s45725.p1364.sites.pressdns.com/wp-content/themes/ia-new/inc/assets/img/ 4 KB
4 KB 238ms
210ms Image
text/plain 18.133.176.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s45725.p1364.sites.pressdns.com/wp-content/themes/ia-new/inc/assets/img/IA.jfif

Requested by

Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.133.176.247 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-133-176-247.eu-west-2.compute.amazonaws.com

Software

Pagely-ARES/1.20.1 /

Resource Hash

2f92ca87669524ac358f92072749cefbb4352ab63feb4bd63dca14078cfa40d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-gateway-request-id: c59221ccd93f01fe582a17b49aafa1db
date: Fri, 16 Feb 2024 03:46:13 GMT
x-content-type-options: nosniff
last-modified: Thu, 16 Nov 2023 10:46:48 GMT
server: Pagely-ARES/1.20.1
etag: "ef4-60a42bc989eb7"
x-frame-options: SAMEORIGIN
x-gateway-skip-cache: 1
x-gateway-cache-key: 0|standard|https|s45725.p1364.sites.pressdns.com|||/wp-content/themes/ia-new/inc/assets/img/IA.jfif
accept-ranges: bytes
content-length: 3828
x-xss-protection: 1; mode=block
x-gateway-cache-status: BYPASS

GET
H2 200 search.svg
s45725.pcdn.co/wp-content/themes/ia-new/inc/assets/img/ 409 B
985 B 578ms
576ms Image
image/svg+xml 18.164.124.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s45725.pcdn.co/wp-content/themes/ia-new/inc/assets/img/search.svg

Requested by

Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-36.jfk50.r.cloudfront.net

Software

Pagely-ARES/1.20.1 /

Resource Hash

00f4ebf3f370b6ace4af5422fbbb3a163521911bda5f080a1e58075f9ac18c6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 e4139980c923137f619eb979df36e416.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
x-gateway-cache-status: BYPASS
x-gateway-request-id: b08a34f34930a7721d1b61ac3d19f2b1
last-modified: Thu, 16 Nov 2023 10:46:48 GMT
server: Pagely-ARES/1.20.1
etag: W/"199-60a42bc98cd97"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
x-gateway-skip-cache: 1
x-gateway-cache-key: 0||https|s45725.p1364.sites.pressdns.com|||/wp-content/themes/ia-new/inc/assets/img/search.svg
cache-control: max-age=2592000
vary: Accept-Encoding
x-amz-cf-id: 75CUV7M3132OEb2QJqBmOafQIAWYwumWeq6ZQPhB-Tj1Q2s_uyxW2g==
expires: Sun, 17 Mar 2024 03:46:17 GMT

GET
H2 404 Regulation-bricks.jpg
s45725.pcdn.co/wp-content/uploads/2020/10/ 0
0 4407ms
1052ms Image
text/html 18.164.124.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s45725.pcdn.co/wp-content/uploads/2020/10/Regulation-bricks.jpg
Requested by: Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-36.jfk50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H2 404 Business-people-640-by-410.jpg
s45725.pcdn.co/wp-content/uploads/2020/02/ 0
0 907ms
906ms Image
text/html 18.164.124.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s45725.pcdn.co/wp-content/uploads/2020/02/Business-people-640-by-410.jpg
Requested by: Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-36.jfk50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H2 200 UK-percentage.jpg
s45725.pcdn.co/wp-content/uploads/2024/02/ 168 KB
169 KB 392ms
384ms Image
image/jpeg 18.164.124.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s45725.pcdn.co/wp-content/uploads/2024/02/UK-percentage.jpg

Requested by

Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-36.jfk50.r.cloudfront.net

Software

Pagely-ARES/1.20.1 /

Resource Hash

f16409c837b39c6ca49ee587bbf2baf3839cab24030460b9a4148ab67cfd18f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:21 GMT
via: 1.1 e4139980c923137f619eb979df36e416.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: JFK50-P7
x-cache: Miss from cloudfront
content-length: 172415
x-xss-protection: 1; mode=block
x-gateway-cache-status: BYPASS
x-gateway-request-id: b94b2d06b1455ffa2e1d234b4318402d
last-modified: Thu, 15 Feb 2024 10:04:10 GMT
server: Pagely-ARES/1.20.1
etag: "2a17f-61168bfb36670"
x-frame-options: SAMEORIGIN
x-gateway-skip-cache: 1
content-type: image/jpeg
x-gateway-cache-key: 0||https|s45725.p1364.sites.pressdns.com|||/wp-content/uploads/2024/02/UK-percentage.jpg
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: I1mtLkaz9X_tak7TV44fL1i5y84Ia9o6OgoEPjLk9TWiVyaB_NRjtg==
expires: Sun, 17 Mar 2024 03:46:21 GMT

GET
H2 200 Multi-asset-diversification-2024.jpg
s45725.pcdn.co/wp-content/uploads/2024/01/ 133 KB
133 KB 391ms
383ms Image
image/jpeg 18.164.124.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s45725.pcdn.co/wp-content/uploads/2024/01/Multi-asset-diversification-2024.jpg

Requested by

Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-36.jfk50.r.cloudfront.net

Software

Pagely-ARES/1.20.1 /

Resource Hash

0e57ab0131f21ff8d96bf519e20231051d9c008e375e9936b697d535d779b652

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:21 GMT
via: 1.1 e4139980c923137f619eb979df36e416.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: JFK50-P7
x-cache: Miss from cloudfront
content-length: 135834
x-xss-protection: 1; mode=block
x-gateway-cache-status: BYPASS
x-gateway-request-id: 8d25177e093ad0f46d0225d01c851c20
last-modified: Mon, 15 Jan 2024 15:33:31 GMT
server: Pagely-ARES/1.20.1
etag: "2129a-60efdbc73c977"
x-frame-options: SAMEORIGIN
x-gateway-skip-cache: 1
content-type: image/jpeg
x-gateway-cache-key: 0||https|s45725.p1364.sites.pressdns.com|||/wp-content/uploads/2024/01/Multi-asset-diversification-2024.jpg
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: Gu4ZFczSqucTVNzpNYodC_rY2pW0jX5I77D0VFK11wBMhW1R33qDoQ==
expires: Sun, 17 Mar 2024 03:46:21 GMT

GET
H2 200 Clipboard-suit-survey-2024.jpg
s45725.pcdn.co/wp-content/uploads/2024/02/ 129 KB
129 KB 353ms
345ms Image
image/jpeg 18.164.124.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s45725.pcdn.co/wp-content/uploads/2024/02/Clipboard-suit-survey-2024.jpg

Requested by

Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-36.jfk50.r.cloudfront.net

Software

Pagely-ARES/1.20.1 /

Resource Hash

7a678156c3af2aa51ca8cb839b6163328c3f90259824815aa4c7d5e8e748db4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:21 GMT
via: 1.1 e4139980c923137f619eb979df36e416.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: JFK50-P7
x-cache: Miss from cloudfront
content-length: 131814
x-xss-protection: 1; mode=block
x-gateway-cache-status: BYPASS
x-gateway-request-id: 219d62c6cae4e326bbfd02ff622cb8bd
last-modified: Wed, 14 Feb 2024 12:31:26 GMT
server: Pagely-ARES/1.20.1
etag: "202e6-61156b0867ac7"
x-frame-options: SAMEORIGIN
x-gateway-skip-cache: 1
content-type: image/jpeg
x-gateway-cache-key: 0||https|s45725.p1364.sites.pressdns.com|||/wp-content/uploads/2024/02/Clipboard-suit-survey-2024.jpg
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: 1vWPipFoP4tQtp9ogjEEABr42IHdqx9qDIlvA6tP8wRVRDRYEOwVsA==
expires: Sun, 17 Mar 2024 03:46:21 GMT

GET
H2 404 Up-arrows-colourful.jpg
s45725.pcdn.co/wp-content/uploads/2019/10/ 0
0 902ms
896ms Image
text/html 18.164.124.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s45725.pcdn.co/wp-content/uploads/2019/10/Up-arrows-colourful.jpg
Requested by: Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-36.jfk50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H2 404 risk-control-monitor-plan.jpg
s45725.pcdn.co/wp-content/uploads/2020/02/ 0
0 583ms
577ms Image
text/html 18.164.124.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s45725.pcdn.co/wp-content/uploads/2020/02/risk-control-monitor-plan.jpg
Requested by: Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-36.jfk50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H2 200 Platforms-IA-2024.jpg
s45725.pcdn.co/wp-content/uploads/2024/02/ 221 KB
222 KB 411ms
406ms Image
image/jpeg 18.164.124.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s45725.pcdn.co/wp-content/uploads/2024/02/Platforms-IA-2024.jpg

Requested by

Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-36.jfk50.r.cloudfront.net

Software

Pagely-ARES/1.20.1 /

Resource Hash

80de92b8d873472e0a0c17696c0e5544d45854bd7db3b1cad0808cb3767c80d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:21 GMT
via: 1.1 e4139980c923137f619eb979df36e416.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: JFK50-P7
x-cache: Miss from cloudfront
content-length: 226065
x-xss-protection: 1; mode=block
x-gateway-cache-status: BYPASS
x-gateway-request-id: 6e433551e1e7954a9fe09d8c502cc418
last-modified: Thu, 08 Feb 2024 11:49:37 GMT
server: Pagely-ARES/1.20.1
etag: "37311-610dd67f053ed"
x-frame-options: SAMEORIGIN
x-gateway-skip-cache: 1
content-type: image/jpeg
x-gateway-cache-key: 0||https|s45725.p1364.sites.pressdns.com|||/wp-content/uploads/2024/02/Platforms-IA-2024.jpg
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: 4GJveVUB1jVTVshdQwbs1JZ4FqWP8L9iproP8IfTIPkHWewfZao9Pw==
expires: Sun, 17 Mar 2024 03:46:21 GMT

GET
H2 404 queue-people-silhouette.jpg
s45725.pcdn.co/wp-content/uploads/2019/09/ 0
0 736ms
731ms Image
text/html 18.164.124.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s45725.pcdn.co/wp-content/uploads/2019/09/queue-people-silhouette.jpg
Requested by: Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-36.jfk50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H2 404 Time-for-change-Why-I-became-a-financial-adviser-333x307.jpg
s45725.pcdn.co/wp-content/uploads/2021/01/ 0
0 630ms
625ms Image
text/html 18.164.124.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s45725.pcdn.co/wp-content/uploads/2021/01/Time-for-change-Why-I-became-a-financial-adviser-333x307.jpg
Requested by: Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-36.jfk50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H2 200 expertinvestor3.png
s45725.pcdn.co/wp-content/themes/ia-new/inc/assets/img/ 10 KB
11 KB 338ms
334ms Image
image/png 18.164.124.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s45725.pcdn.co/wp-content/themes/ia-new/inc/assets/img/expertinvestor3.png

Requested by

Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-36.jfk50.r.cloudfront.net

Software

Pagely-ARES/1.20.1 /

Resource Hash

67ca3d182db1e8d47eb628ce7ad15959ca46eea38f5b6fedfdc07c81b665ccf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:21 GMT
via: 1.1 e4139980c923137f619eb979df36e416.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: JFK50-P7
x-cache: Miss from cloudfront
content-length: 10259
x-xss-protection: 1; mode=block
x-gateway-cache-status: BYPASS
x-gateway-request-id: f983ed02a7a576f9760e51a9327879ee
last-modified: Thu, 16 Nov 2023 10:46:48 GMT
server: Pagely-ARES/1.20.1
etag: "2813-60a42bc98ae57"
x-frame-options: SAMEORIGIN
x-gateway-skip-cache: 1
content-type: image/png
x-gateway-cache-key: 0||https|s45725.p1364.sites.pressdns.com|||/wp-content/themes/ia-new/inc/assets/img/expertinvestor3.png
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: BqUAb7JR-AEcUHurAUw0f4bdebfVgbWI4FkDKbaQ1zpzLHndWE0huQ==
expires: Sun, 17 Mar 2024 03:46:21 GMT

GET
H2 200 funselectorasia.png
s45725.pcdn.co/wp-content/themes/ia-new/inc/assets/img/ 13 KB
13 KB 346ms
342ms Image
image/png 18.164.124.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s45725.pcdn.co/wp-content/themes/ia-new/inc/assets/img/funselectorasia.png

Requested by

Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-36.jfk50.r.cloudfront.net

Software

Pagely-ARES/1.20.1 /

Resource Hash

77673cf384e24d9ecf8fda2bdb258eb04deb486fe73fba32d00e5482ccdc3928

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:21 GMT
via: 1.1 e4139980c923137f619eb979df36e416.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: JFK50-P7
x-cache: Miss from cloudfront
content-length: 12876
x-xss-protection: 1; mode=block
x-gateway-cache-status: BYPASS
x-gateway-request-id: 92349df216a254a903daa7fb24e7a297
last-modified: Thu, 16 Nov 2023 10:46:48 GMT
server: Pagely-ARES/1.20.1
etag: "324c-60a42bc98ae57"
x-frame-options: SAMEORIGIN
x-gateway-skip-cache: 1
content-type: image/png
x-gateway-cache-key: 0||https|s45725.p1364.sites.pressdns.com|||/wp-content/themes/ia-new/inc/assets/img/funselectorasia.png
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: BPCCjaQkvEISqsXZa4YiSxaMURsvxu8NNaTKqvdOpDBVekUT1L3gaw==
expires: Sun, 17 Mar 2024 03:46:21 GMT

GET
H2 200 intrnational.png
s45725.pcdn.co/wp-content/themes/ia-new/inc/assets/img/ 13 KB
14 KB 340ms
336ms Image
image/png 18.164.124.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s45725.pcdn.co/wp-content/themes/ia-new/inc/assets/img/intrnational.png

Requested by

Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-36.jfk50.r.cloudfront.net

Software

Pagely-ARES/1.20.1 /

Resource Hash

5f67e565d8c1815569f01cb2b5a7a7ea228b12f7da6d0b40d23ae69b88008aad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:21 GMT
via: 1.1 e4139980c923137f619eb979df36e416.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: JFK50-P7
x-cache: Miss from cloudfront
content-length: 13740
x-xss-protection: 1; mode=block
x-gateway-cache-status: BYPASS
x-gateway-request-id: 27b59565f579a3c3034fb53d3a3289f0
last-modified: Thu, 16 Nov 2023 10:46:48 GMT
server: Pagely-ARES/1.20.1
etag: "35ac-60a42bc98bdf7"
x-frame-options: SAMEORIGIN
x-gateway-skip-cache: 1
content-type: image/png
x-gateway-cache-key: 0||https|s45725.p1364.sites.pressdns.com|||/wp-content/themes/ia-new/inc/assets/img/intrnational.png
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: uXcKWHhQPSa25vIM7xp4E86crK6tMyu5mDI6A-XWZf911J8GS2FT_A==
expires: Sun, 17 Mar 2024 03:46:21 GMT

GET
H2 200 cropped-cropped-MicrosoftTeams-image-300x56-1.png
s31888.pcdn.co/wp-content/uploads/2021/10/ 6 KB
7 KB 1720ms
142ms Image
image/png 13.226.34.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s31888.pcdn.co/wp-content/uploads/2021/10/cropped-cropped-MicrosoftTeams-image-300x56-1.png
Requested by: Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.34.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-23.ewr53.r.cloudfront.net
Software: Pagely-ARES/1.20.1 /
Resource Hash: 7be449b0d24ef10754dd9f2a933d6b2983a80af270cff690024e6ec50fa7e4ab

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 09:53:21 GMT
via: 1.1 2ef71b29bcfbfc8755cad5f92a3c329a.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
age: 1187582
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 6121
x-gateway-cache-status: MISS
x-gateway-request-id: 262528a8c4811ceb875bff7357286407
last-modified: Fri, 02 Jun 2023 14:15:23 GMT
server: Pagely-ARES/1.20.1
etag: "cb54cb4b87362211d779cab03c918485"
x-gateway-skip-cache: 0
content-type: image/png
x-gateway-cache-key: 1706600952.463||https|esgclarity.com|||/wp-content/uploads/2021/10/cropped-cropped-MicrosoftTeams-image-300x56-1.png
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: J2ze9JvSxGVg5cSjxQes_-lc0yIPCOQEphq_V0FfdPvW9zySzkJtVA==
expires: Sun, 03 Mar 2024 09:53:21 GMT

GET
H2 200 MA_FinancialMedia_OFFICIAL-e1677673833249.png
international-adviser.com/wp-content/uploads/2023/03/ 9 KB
9 KB 1921ms
324ms Image
image/png 18.133.176.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://international-adviser.com/wp-content/uploads/2023/03/MA_FinancialMedia_OFFICIAL-e1677673833249.png
Requested by: Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.133.176.247 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-133-176-247.eu-west-2.compute.amazonaws.com
Software: Pagely-ARES/1.20.1 /
Resource Hash: 2ddd01080b6f7e1e61e9f6f47bbe396d0158fd242b8d71b1f8862553c7801dc6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sun, 17 Mar 2024 03:42:17 GMT
x-gateway-request-id: 7708623156077829fcdc37d802e69fac
date: Fri, 16 Feb 2024 03:46:23 GMT
last-modified: Wed, 30 Aug 2023 18:21:30 GMT
server: Pagely-ARES/1.20.1
etag: "79efc9b2f3346db791ee48b25516674e"
x-amz-server-side-encryption: AES256
x-gateway-skip-cache: 0
content-type: image/png
x-gateway-cache-key: 1708007760.217||https|international-adviser.com|||/wp-content/uploads/2023/03/MA_FinancialMedia_OFFICIAL-e1677673833249.png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9157
x-gateway-cache-status: HIT

GET
H/1.1 200
OK index.min.js Show response
players.brightcove.net/1452496661001/SygnIkV9Z_default/ 835 KB
224 KB 831ms
257ms Script
application/javascript 23.51.57.131
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://players.brightcove.net/1452496661001/SygnIkV9Z_default/index.min.js
Requested by: Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.57.131 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-57-131.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a3c7621448d29da0f1cb1b199e3e6e50dc5452681cd621a9159cb7cab5d47738

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id: kOobJ_mbBFRs81OYX3tFmNBTZFKpOPto
Content-Encoding: gzip
Date: Fri, 16 Feb 2024 03:46:18 GMT
x-amz-request-id: 56TJ9MPNET6B0F0R
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 228454
x-amz-id-2: EzzEzmqCKlSG/2dB2INOZdU5bdGm7Bp1agMgBLHfSu7Lr8aN4pnIWCGK9QJxrTR5r8C17JgniIw=
X-BCOV-Response-Mode: 1
X-Served-By: cache-iad-kiad7000077-IAD
Last-Modified: Thu, 27 Jul 2023 17:26:27 GMT
Server: AmazonS3
X-Timer: S1690482012.756832,VS0,VE33
ETag: "e3b9ed090557f594704413e29231c2fd"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=44
Accept-Ranges: bytes
X-Cache-Hits: 0

GET
H2 200 gtm4wp-form-move-tracker.js Show response
s45725.pcdn.co/wp-content/plugins/duracelltomi-google-tag-manager/dist/js/ 1 KB
1016 B 521ms
517ms Script
application/javascript 18.164.124.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s45725.pcdn.co/wp-content/plugins/duracelltomi-google-tag-manager/dist/js/gtm4wp-form-move-tracker.js?ver=1.20

Requested by

Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-36.jfk50.r.cloudfront.net

Software

Pagely-ARES/1.20.1 /

Resource Hash

8b851243dfb01d421b9ad1b062622a23f230c32184a70c07b6e75908bf682961

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 e4139980c923137f619eb979df36e416.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
x-cache: Miss from cloudfront
content-length: 313
x-xss-protection: 1; mode=block
x-gateway-cache-status: BYPASS
x-gateway-request-id: 89534097458d6ca5deb91787c0bd3492
last-modified: Mon, 05 Feb 2024 23:45:30 GMT
server: Pagely-ARES/1.20.1
etag: "472-610ab0e92c925-gzip"
x-frame-options: SAMEORIGIN
x-gateway-skip-cache: 1
content-type: application/javascript
x-gateway-cache-key: 0||https|s45725.p1364.sites.pressdns.com|||/wp-content/plugins/duracelltomi-google-tag-manager/dist/js/gtm4wp-form-move-tracker.js?ver=1.20
cache-control: max-age=2592000
vary: Accept-Encoding,Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: VN7CZc6LD1GoCRgncir9KO6gozaQnOr8Gu0LK66ZXKhRSzrR3WMm3g==
expires: Sun, 17 Mar 2024 03:46:18 GMT

GET
H2 200 popper.min.js Show response
s45725.pcdn.co/wp-content/themes/ia-new/inc/assets/js/ 19 KB
7 KB 526ms
526ms Script
application/javascript 18.164.124.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s45725.pcdn.co/wp-content/themes/ia-new/inc/assets/js/popper.min.js?ver=6.4.3

Requested by

Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-36.jfk50.r.cloudfront.net

Software

Pagely-ARES/1.20.1 /

Resource Hash

a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 e4139980c923137f619eb979df36e416.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
x-cache: Miss from cloudfront
content-length: 6911
x-xss-protection: 1; mode=block
x-gateway-cache-status: BYPASS
x-gateway-request-id: 3940703ad1309f870bd35621a7a97c61
last-modified: Thu, 16 Nov 2023 10:46:48 GMT
server: Pagely-ARES/1.20.1
etag: "4af4-60a42bc992b57-gzip"
x-frame-options: SAMEORIGIN
x-gateway-skip-cache: 1
content-type: application/javascript
x-gateway-cache-key: 0||https|s45725.p1364.sites.pressdns.com|||/wp-content/themes/ia-new/inc/assets/js/popper.min.js?ver=6.4.3
cache-control: max-age=2592000
vary: Accept-Encoding,Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: 4OnCUdIh0P6UJ31OiPncIQGDw1FB-1p5uWFfXw2RejN6tjPYaeR5Hw==
expires: Sun, 17 Mar 2024 03:46:19 GMT

GET
H2 200 bootstrap.min.js Show response
s45725.pcdn.co/wp-content/themes/ia-new/inc/assets/js/ 50 KB
14 KB 337ms
336ms Script
application/javascript 18.164.124.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s45725.pcdn.co/wp-content/themes/ia-new/inc/assets/js/bootstrap.min.js?ver=6.4.3

Requested by

Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-36.jfk50.r.cloudfront.net

Software

Pagely-ARES/1.20.1 /

Resource Hash

c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 e4139980c923137f619eb979df36e416.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
x-cache: Miss from cloudfront
content-length: 14048
x-xss-protection: 1; mode=block
x-gateway-cache-status: BYPASS
x-gateway-request-id: 76f8fae7e1d2f21d297da75b4839dd63
last-modified: Thu, 16 Nov 2023 10:46:48 GMT
server: Pagely-ARES/1.20.1
etag: "c62b-60a42bc98fc77-gzip"
x-frame-options: SAMEORIGIN
x-gateway-skip-cache: 1
content-type: application/javascript
x-gateway-cache-key: 0||https|s45725.p1364.sites.pressdns.com|||/wp-content/themes/ia-new/inc/assets/js/bootstrap.min.js?ver=6.4.3
cache-control: max-age=2592000
vary: Accept-Encoding,Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: obCYDjine1IDT4CyNqN8-CajtvCgunt2brLuPOMMxv3TrXlQFTmvuw==
expires: Sun, 17 Mar 2024 03:46:19 GMT

GET
H2 200 js-calendar.min.js Show response
s45725.pcdn.co/wp-content/themes/ia-new/inc/assets/js/ 17 KB
5 KB 244ms
243ms Script
application/javascript 18.164.124.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s45725.pcdn.co/wp-content/themes/ia-new/inc/assets/js/js-calendar.min.js?ver=6.4.3

Requested by

Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-36.jfk50.r.cloudfront.net

Software

Pagely-ARES/1.20.1 /

Resource Hash

9ed131436981a042a3fce673f9d57376538d3d6e9e5e62fe59718ee2e0f667cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 e4139980c923137f619eb979df36e416.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
x-cache: Miss from cloudfront
content-length: 4744
x-xss-protection: 1; mode=block
x-gateway-cache-status: BYPASS
x-gateway-request-id: 15f7afaf3e186d8a8e5ee2ff3a960fde
last-modified: Thu, 16 Nov 2023 10:46:48 GMT
server: Pagely-ARES/1.20.1
etag: "449b-60a42bc991bb7-gzip"
x-frame-options: SAMEORIGIN
x-gateway-skip-cache: 1
content-type: application/javascript
x-gateway-cache-key: 0||https|s45725.p1364.sites.pressdns.com|||/wp-content/themes/ia-new/inc/assets/js/js-calendar.min.js?ver=6.4.3
cache-control: max-age=2592000
vary: Accept-Encoding,Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: sXP8T1GL7B2WRVCKpzENnaAld8kFy5tYpRiqQ14l7Z6aYcFgZ_D7kg==
expires: Sun, 17 Mar 2024 03:46:19 GMT

GET
H2 200 brightcove-video.js Show response
s45725.pcdn.co/wp-content/themes/ia-new/inc/assets/js/ 1 KB
1 KB 530ms
529ms Script
application/javascript 18.164.124.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s45725.pcdn.co/wp-content/themes/ia-new/inc/assets/js/brightcove-video.js?ver=6.4.3

Requested by

Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-36.jfk50.r.cloudfront.net

Software

Pagely-ARES/1.20.1 /

Resource Hash

414e4f8a7da6fa14bbce47a0c472e4bb432dd8c799bffcbd766a52852e19356a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 e4139980c923137f619eb979df36e416.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
x-cache: Miss from cloudfront
content-length: 459
x-xss-protection: 1; mode=block
x-gateway-cache-status: BYPASS
x-gateway-request-id: c8c9f22630f8e127637fda0db28b5907
last-modified: Thu, 16 Nov 2023 10:46:48 GMT
server: Pagely-ARES/1.20.1
etag: "432-60a42bc990c17-gzip"
x-frame-options: SAMEORIGIN
x-gateway-skip-cache: 1
content-type: application/javascript
x-gateway-cache-key: 0||https|s45725.p1364.sites.pressdns.com|||/wp-content/themes/ia-new/inc/assets/js/brightcove-video.js?ver=6.4.3
cache-control: max-age=2592000
vary: Accept-Encoding,Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: JeAFBtMi9x4H5FkaC-6uSD6cjiM0gyQEHluZu6bJUiUxh-_VlzFXFA==
expires: Sun, 17 Mar 2024 03:46:19 GMT

GET
H2 200 jquery.flexslider.js Show response
cdnjs.cloudflare.com/ajax/libs/flexslider/2.7.1/ 56 KB
10 KB 92ms
87ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/flexslider/2.7.1/jquery.flexslider.js?ver=6.4.3

Requested by

Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc5b609fa1561b05956f1f2cfa0d82542c316d748819a613ccfa28035fd89c6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1136297
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10295
last-modified: Mon, 04 May 2020 16:10:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5e-dec2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LjJekI5WnWANyumvQgWwftO31EchATeDut1IM7%2FF7jj1Xm46SZtQCwRL5kLt%2FVt%2FzhRVtWASMoamCAH%2F9HWmTScXiFDV7kcoHMzoXWYfr2cuSsyG9KTJn4H3UBcJNrqEoIhUSDZl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8562cd88999114dc-LAX
expires: Wed, 05 Feb 2025 03:46:19 GMT

GET
H2 200 theme-script.js Show response
s45725.pcdn.co/wp-content/themes/ia-new/inc/assets/js/ 11 KB
3 KB 240ms
239ms Script
application/javascript 18.164.124.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s45725.pcdn.co/wp-content/themes/ia-new/inc/assets/js/theme-script.js?ver=3.1.19

Requested by

Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-36.jfk50.r.cloudfront.net

Software

Pagely-ARES/1.20.1 /

Resource Hash

3440165fb993f0625450291ae2235d59c3eb9ac6a148922d585cbe844954ecc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 e4139980c923137f619eb979df36e416.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
x-cache: Miss from cloudfront
content-length: 2762
x-xss-protection: 1; mode=block
x-gateway-cache-status: BYPASS
x-gateway-request-id: 8eb5ac0bd8a6e9831f532668725b22ba
last-modified: Thu, 15 Feb 2024 14:36:18 GMT
server: Pagely-ARES/1.20.1
etag: "2a13-6116c8ce1fe05-gzip"
x-frame-options: SAMEORIGIN
x-gateway-skip-cache: 1
content-type: application/javascript
x-gateway-cache-key: 0||https|s45725.p1364.sites.pressdns.com|||/wp-content/themes/ia-new/inc/assets/js/theme-script.js?ver=3.1.19
cache-control: max-age=2592000
vary: Accept-Encoding,Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: zKakkehi2VQuECDXJDUOEUdTEioWWLD5kCvyL3YxJLz_AiB7sw4H6Q==
expires: Sun, 17 Mar 2024 03:46:19 GMT

GET
H2 200 skip-link-focus-fix.min.js Show response
s45725.pcdn.co/wp-content/themes/ia-new/inc/assets/js/ 325 B
935 B 250ms
249ms Script
application/javascript 18.164.124.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s45725.pcdn.co/wp-content/themes/ia-new/inc/assets/js/skip-link-focus-fix.min.js?ver=20151215

Requested by

Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-36.jfk50.r.cloudfront.net

Software

Pagely-ARES/1.20.1 /

Resource Hash

53f829ae556bf7011727483015d83a98bcdb4b5796eecb728827c1282c971536

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 e4139980c923137f619eb979df36e416.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
x-cache: Miss from cloudfront
content-length: 242
x-xss-protection: 1; mode=block
x-gateway-cache-status: BYPASS
x-gateway-request-id: 6650e6e606841541404333eb16c5d351
last-modified: Thu, 16 Nov 2023 10:46:48 GMT
server: Pagely-ARES/1.20.1
etag: "145-60a42bc992b57-gzip"
x-frame-options: SAMEORIGIN
x-gateway-skip-cache: 1
content-type: application/javascript
x-gateway-cache-key: 0||https|s45725.p1364.sites.pressdns.com|||/wp-content/themes/ia-new/inc/assets/js/skip-link-focus-fix.min.js?ver=20151215
cache-control: max-age=2592000
vary: Accept-Encoding,Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: CrozBR3LbeJBMkfTvoZjQMITgItek5eVdNU2MVkoCKRGPsEBkLUqKA==
expires: Sun, 17 Mar 2024 03:46:20 GMT

GET
H2 200 ws-tracking.js Show response
mktdplp102cdn.azureedge.net/public/latest/js/ 5 KB
3 KB 655ms
76ms Script
application/x-javascript 72.21.81.200
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://mktdplp102cdn.azureedge.net/public/latest/js/ws-tracking.js?v=1.70.1097.0
Requested by: Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.21.81.200 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (laa/7B79) /
Resource Hash: 6f1c07a738cbcde2320c75ce8b9e2f52898cc362fbb1e1eae82c71ab48aabeef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 16 Feb 2024 03:46:20 GMT
content-encoding: gzip
content-md5: FjqakIjSeEkZwkM9tXKB2Q==
age: 133786
x-cache: HIT
content-length: 2325
x-ms-lease-status: unlocked
last-modified: Tue, 14 Feb 2023 10:25:54 GMT
server: ECAcc (laa/7B79)
etag: 0x8DB0E75DA74C34C
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: a74952fe-e01e-0055-7853-5f4328000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

GET
BLOB 200
OK 814d570d-fccf-4d87-a720-6378407dcaef
https://s45725.p1364.sites.pressdns.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://s45725.p1364.sites.pressdns.com/814d570d-fccf-4d87-a720-6378407dcaef
Requested by: Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

HEAD
H2 200 ppub_config
securepubads.g.doubleclick.net/pagead/ 0
0 634ms
170ms Fetch
application/json 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=staging.international-adviser.com
Requested by: Host: s45725.pcdn.co
URL: https://s45725.pcdn.co/wp-content/themes/ia-new/inc/assets/js/dtct.js?ver=6.4.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s40-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 275 KB
95 KB 1770ms
172ms Script
application/javascript 142.251.40.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P3KT4QH

Requested by

Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.168 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

93b71a00804e2dc3cbba1165192b22bec97173b14f41a4e542cebfd501e37a8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96988
x-xss-protection: 0
last-modified: Fri, 16 Feb 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 16 Feb 2024 03:46:23 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/ 430 KB
135 KB 146ms
144ms Script
text/javascript 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js?cb=31081207

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

cafe /

Resource Hash

b085792cba4cacf7144409083b663be6d15686af10d7b3a1293aea5b7d9b3932

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 01:44:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7286
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138611
x-xss-protection: 0
server: cafe
etag: 13668746270024245435
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 15 Feb 2025 01:44:55 GMT

GET
H2 200 xray.js Show response
cdn.perfdrive.com/aperture/ 2 KB
1 KB 305ms
79ms Script
application/javascript 130.211.29.114
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.perfdrive.com/aperture/xray.js
Requested by: Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.29.114 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 114.29.211.130.bc.googleusercontent.com
Software: nginx/1.24.0 /
Resource Hash: 43589ba59da28a72ed7a6f7d2c56b83cd1b2466a9520f9848517935089405a56

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:54:38 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 25 Oct 2023 04:29:10 GMT
server: nginx/1.24.0
age: 3104
etag: W/"65389996-861"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 820

GET
H2 200 aperture.js Show response
cdn.perfdrive.com/aperture/ 26 KB
8 KB 309ms
84ms Script
application/javascript 130.211.29.114
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.perfdrive.com/aperture/aperture.js
Requested by: Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.29.114 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 114.29.211.130.bc.googleusercontent.com
Software: nginx/1.24.0 /
Resource Hash: 9fb91ff0e8c179aea40dbe6842b36fd201654f5647c21dcec41fd18be535d506

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:13:04 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 25 Oct 2023 04:29:09 GMT
server: nginx/1.24.0
age: 1998
etag: W/"65389995-6844"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7938

GET
H2 200 tag.aspx Show response
ml314.com/ 31 KB
10 KB 310ms
82ms Script
application/javascript 34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?151
Requested by: Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2fe03efc1e879c2c5bd27bf86f71ad3790b0d6765498480f4c8071fa7f59051

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:41:19 GMT
via: 1.1 google
content-encoding: br
age: 303
x-guploader-uploadid: ABPtcPpQngzXaZVK56TFMlvT8UJeNqa1jiyI9tBjiTt1pQYMJTCI5Ney-oV4rYX-FwY336ROAng
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10218
last-modified: Mon, 18 Dec 2023 20:13:43 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-hash: crc32c=P2fgBQ==, md5=IwpC9BBrIFbFRmT73giztw==
x-goog-generation: 1702930423872068
content-language: en
content-type: application/javascript
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 32241
accept-ranges: bytes
cache-id: LAX-278c7c

GET
H2 200 linkedin-foot.svg
s45725.pcdn.co/wp-content/themes/ia-new/inc/assets/img/ 1001 B
1 KB 329ms
328ms Image
image/svg+xml 18.164.124.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s45725.pcdn.co/wp-content/themes/ia-new/inc/assets/img/linkedin-foot.svg

Requested by

Host: s45725.pcdn.co
URL: https://s45725.pcdn.co/wp-content/themes/ia-new/style.css?ver=3.1.19

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-36.jfk50.r.cloudfront.net

Software

Pagely-ARES/1.20.1 /

Resource Hash

faba76bde99c7a880e0fe7de841c32bdea640b4e2d2926b7d743242cef8ff298

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.pcdn.co/wp-content/themes/ia-new/style.css?ver=3.1.19
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 e4139980c923137f619eb979df36e416.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
x-gateway-cache-status: BYPASS
x-gateway-request-id: 29db58ee46f00a11eade52e82fba318d
last-modified: Thu, 16 Nov 2023 10:46:48 GMT
server: Pagely-ARES/1.20.1
etag: W/"3e9-60a42bc98bdf7"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
x-gateway-skip-cache: 1
x-gateway-cache-key: 0||https|s45725.p1364.sites.pressdns.com|||/wp-content/themes/ia-new/inc/assets/img/linkedin-foot.svg
cache-control: max-age=2592000
vary: Accept-Encoding
x-amz-cf-id: Hw6ynGfmsx20FljRB7VAPJrwYttqWhIUjwIIYB30AV3wI_nF18F_fQ==
expires: Sun, 17 Mar 2024 03:46:21 GMT

GET
H2 200 twiiter-foot.svg
s45725.pcdn.co/wp-content/themes/ia-new/inc/assets/img/ 785 B
1 KB 487ms
486ms Image
image/svg+xml 18.164.124.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s45725.pcdn.co/wp-content/themes/ia-new/inc/assets/img/twiiter-foot.svg

Requested by

Host: s45725.pcdn.co
URL: https://s45725.pcdn.co/wp-content/themes/ia-new/style.css?ver=3.1.19

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-36.jfk50.r.cloudfront.net

Software

Pagely-ARES/1.20.1 /

Resource Hash

0cdc68bd3f1d0db7b397ac706f8ce95c92065d92352c8cc7cd9e27b2c5adfbc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.pcdn.co/wp-content/themes/ia-new/style.css?ver=3.1.19
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 e4139980c923137f619eb979df36e416.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
x-gateway-cache-status: BYPASS
x-gateway-request-id: 6787dff1fb0ec9e4e640e85f5fc89da7
last-modified: Thu, 16 Nov 2023 10:46:48 GMT
server: Pagely-ARES/1.20.1
etag: W/"311-60a42bc989eb7"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
x-gateway-skip-cache: 1
x-gateway-cache-key: 0||https|s45725.p1364.sites.pressdns.com|||/wp-content/themes/ia-new/inc/assets/img/twiiter-foot.svg
cache-control: max-age=2592000
vary: Accept-Encoding
x-amz-cf-id: QvyLPxBgapA7gPp0oIyuN58Y28mVdv2civRbyhX3yXFpMot0h978GA==
expires: Sun, 17 Mar 2024 03:46:22 GMT

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 0yb9GDoxxrvAnPhYGxkpaE0.woff2
fonts.gstatic.com/s/vollkorn/v23/ 45 KB
46 KB 1715ms
144ms Font
font/woff2 142.251.40.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/vollkorn/v23/0yb9GDoxxrvAnPhYGxkpaE0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Vollkorn:400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f3.1e100.net

Software

sffe /

Resource Hash

bb27b60db2c5fb11d568ae6cf79a8977df9796a2cfcd37b46162a49b09b96c01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s45725.p1364.sites.pressdns.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 06:07:59 GMT
x-content-type-options: nosniff
age: 77904
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46448
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:26:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 06:07:59 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 50 KB
50 KB 1810ms
240ms Font
font/woff2 142.251.40.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f3.1e100.net

Software

sffe /

Resource Hash

517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s45725.p1364.sites.pressdns.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 20:34:33 GMT
x-content-type-options: nosniff
age: 25910
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51404
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:52:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 20:34:33 GMT

GET
H2 404 Time-for-change-Why-I-became-a-financial-adviser-333x307.jpg
s45725.pcdn.co/wp-content/uploads/2021/01/ 0
0 686ms
685ms Image
text/html 18.164.124.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s45725.pcdn.co/wp-content/uploads/2021/01/Time-for-change-Why-I-became-a-financial-adviser-333x307.jpg
Requested by: Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-36.jfk50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H2 200 teads-format.min.js Show response
a.teads.tv/media/format/v3/ 590 KB
135 KB 230ms
221ms Script
text/javascript 23.47.169.117
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/page/52910/tag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.169.117 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-169-117.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 55de5a2d9adffe22845ba86ef57f2d89062437586363056394ab6bebc18e675e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:22 GMT
content-encoding: br
last-modified: Thu, 15 Feb 2024 15:31:32 GMT
x-amz-request-id: AFBM4TTNTWTA3H8R
etag: "3ca7988316ff8f5fe19ae53f4a87cd43"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, must-revalidate, max-age=1800, no-transform
x-bucket: b
accept-ranges: bytes
content-length: 137976
x-amz-id-2: MKZg/tF5jMjmekeyXOk/UQGnHlBDcE8jZckvT1fDjhftVpqR5gwgmJoPlOCAdo6jVnMwkNj45WU=
expires: Fri, 16 Feb 2024 04:16:22 GMT

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 play.svg
s45725.pcdn.co/wp-content/themes/ia-new/inc/assets/img/ 831 B
1 KB 281ms
273ms Image
image/svg+xml 18.164.124.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s45725.pcdn.co/wp-content/themes/ia-new/inc/assets/img/play.svg

Requested by

Host: s45725.pcdn.co
URL: https://s45725.pcdn.co/wp-content/themes/ia-new/style.css?ver=3.1.19

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-36.jfk50.r.cloudfront.net

Software

Pagely-ARES/1.20.1 /

Resource Hash

96c40b9d7f855ce8f32967008869b16e08612f8ffb160d1986609606b29dbd4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.pcdn.co/wp-content/themes/ia-new/style.css?ver=3.1.19
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 e4139980c923137f619eb979df36e416.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
x-gateway-cache-status: BYPASS
x-gateway-request-id: dd49a69a17143b8feb5d0ae8d894d935
last-modified: Thu, 16 Nov 2023 10:46:48 GMT
server: Pagely-ARES/1.20.1
etag: W/"33f-60a42bc98cd97"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
x-gateway-skip-cache: 1
x-gateway-cache-key: 0||https|s45725.p1364.sites.pressdns.com|||/wp-content/themes/ia-new/inc/assets/img/play.svg
cache-control: max-age=2592000
vary: Accept-Encoding
x-amz-cf-id: 3E-JyQqO_x0VQE4IhfZtxtTH6n1NVeZfCGDEHKna0J8-YJMjtk389A==
expires: Sun, 17 Mar 2024 03:46:22 GMT

GET
H2 200 newsletter.svg
s45725.pcdn.co/wp-content/themes/ia-new/inc/assets/img/ 903 B
1 KB 282ms
274ms Image
image/svg+xml 18.164.124.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s45725.pcdn.co/wp-content/themes/ia-new/inc/assets/img/newsletter.svg

Requested by

Host: s45725.pcdn.co
URL: https://s45725.pcdn.co/wp-content/themes/ia-new/style.css?ver=3.1.19

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-36.jfk50.r.cloudfront.net

Software

Pagely-ARES/1.20.1 /

Resource Hash

30579de4c65b8f3b10107cc6a39606479b8a9cf4799b571c89abf8934d3a4a7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.pcdn.co/wp-content/themes/ia-new/style.css?ver=3.1.19
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 e4139980c923137f619eb979df36e416.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
x-gateway-cache-status: BYPASS
x-gateway-request-id: e14a9f0a315364e0085127c2016e0530
last-modified: Thu, 16 Nov 2023 10:46:48 GMT
server: Pagely-ARES/1.20.1
etag: W/"387-60a42bc98bdf7"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
x-gateway-skip-cache: 1
x-gateway-cache-key: 0||https|s45725.p1364.sites.pressdns.com|||/wp-content/themes/ia-new/inc/assets/img/newsletter.svg
cache-control: max-age=2592000
vary: Accept-Encoding
x-amz-cf-id: yvxCcyBQHShf2ETjoix3BcRhJaFIfFFxXPEAMSO-hT3smUKzuzTRlQ==
expires: Sun, 17 Mar 2024 03:46:22 GMT

GET
H2 200 vtt.global.min.js Show response
vjs.zencdn.net/vttjs/0.15.3/ 21 KB
7 KB 1411ms
77ms Script
application/javascript 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vjs.zencdn.net/vttjs/0.15.3/vtt.global.min.js
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/1452496661001/SygnIkV9Z_default/index.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2782883aa2e55fe305dd71c4b8a79cdecd0e3c7b62880f7adf37aafb33739a4a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-served-by: cache-bur-kbur8200038-BUR
date: Fri, 16 Feb 2024 03:46:23 GMT
content-encoding: gzip
last-modified: Wed, 11 May 2022 18:56:37 GMT
etag: "9ab357d51e365493dab6cf243489069b"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 7354
x-cache-hits: 51332

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4735c4e647a5fbf02419108212b4a35c4462430a862cc3d30577eb2e6eb7d9d9

Request headers

Referer
Origin: https://s45725.p1364.sites.pressdns.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 6336190066112 Show response
edge.api.brightcove.com/playback/v1/accounts/1452496661001/videos/ 3 KB
4 KB 77ms
77ms XHR
application/json 151.101.194.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/1452496661001/videos/6336190066112
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/1452496661001/SygnIkV9Z_default/index.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0e768d9c0c4a72a95934a6a75e8be98290e6f0bdb5adeb47f9a76524bf1b0964

Request headers

Accept: application/json;pk=BCpkADawqM3ydeIVi5BU3KjTuwFOt9MSpyGehlIC13XzyL-WF76xYgjdH6JFJqh69Cm_V71eRJ4xA4BFi6cMFUHrr_FuJsEYLjKS9OGcvmlzcqcPGdTXYeTI87STN1AyA03C_NZorqHJRCrR
Referer: https://s45725.p1364.sites.pressdns.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

bc-override-client-ip: 104.166.80.177
date: Fri, 16 Feb 2024 03:46:23 GMT
powered-from: us-west-2a
bcov-request-id: d120eec0-77d1-42a9-92b4-feb3b223199a
via: 1.1 varnish
age: 246
policy-key-accountid: 1452496661001
x-cache: HIT
powered-by: BC
content-length: 3443
x-served-by: cache-bur-kbur8200091-BUR
policy-key-raw: BCpkADawqM3ydeIVi5BU3KjTuwFOt9MSpyGehlIC13XzyL-WF76xYgjdH6JFJqh69Cm_V71eRJ4xA4BFi6cMFUHrr_FuJsEYLjKS9OGcvmlzcqcPGdTXYeTI87STN1AyA03C_NZorqHJRCrR
x-timer: S1708055183.481271,VS0,VE1
access-control-allow-methods: HEAD,GET,OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
cache-control: max-age=0, no-cache, no-store
account-status: APPROVED
accept-ranges: bytes
access-control-allow-headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
x-cache-hits: 1

GET
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
295 B 1326ms
124ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
date: Fri, 16 Feb 2024 03:46:23 GMT
via: 1.1 google
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: must-revalidate,no-cache,no-store
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
88 B 1327ms
125ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
date: Fri, 16 Feb 2024 03:46:23 GMT
via: 1.1 google
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: must-revalidate,no-cache,no-store
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
88 B 1218ms
126ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=d7b997767a1e94e3e1875db&account=1452496661001&destination=https%3A%2F%2Fs45725.p1364.sites.pressdns.com%2F&platform_version=6.67.7&player=players.brightcove.com%2F1452496661001%2FSygnIkV9Z_default&player_name=IA%20Video%20Player%20(Non%20Autoplay)&source=&autoplay=false&ads_enabled=false&usage=inpage-embed&event=player_load&time=1708055182279&qos.performance.memory.jsHeapSizeLimit=3760000000&qos.performance.memory.usedJSHeapSize=10000000&qos.performance.memory.totalJSHeapSize=10000000&qos.performance.navigation.redirectCount=0&qos.performance.navigation.type=0&qos.performance.navigation.directedMigration=false&qos.performance.timing.loadEventEnd=0&qos.performance.timing.loadEventStart=0&qos.performance.timing.domComplete=0&qos.performance.timing.domContentLoadedEventEnd=0&qos.performance.timing.domContentLoadedEventStart=0&qos.performance.timing.domInteractive=0&qos.performance.timing.domLoading=1708055173632&qos.performance.timing.responseEnd=1708055173671&qos.performance.timing.responseStart=1708055173625&qos.performance.timing.requestStart=1708055172984&qos.performance.timing.secureConnectionStart=1708055172588&qos.performance.timing.connectEnd=1708055172984&qos.performance.timing.connectStart=1708055172499&qos.performance.timing.domainLookupEnd=1708055172499&qos.performance.timing.domainLookupStart=1708055172499&qos.performance.timing.fetchStart=1708055172470&qos.performance.timing.redirectEnd=0&qos.performance.timing.redirectStart=0&qos.performance.timing.unloadEventEnd=0&qos.performance.timing.unloadEventStart=0&qos.performance.timing.navigationStart=1708055172470&qos.player.dimensions=%5B%5B1708055182278%2C%220x0%22%2C%22728.328x364.156%22%5D%5D&qos.player.pixelratio=%5B%5B1708055182278%2C1%5D%5D&qos.player.screendimensions=%5B%5B1708055182278%2C%221600x1200%22%5D%5D&seq=2

Requested by

Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
date: Fri, 16 Feb 2024 03:46:23 GMT
via: 1.1 google
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: must-revalidate,no-cache,no-store
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 jsdata Show response
cas.avalon.perfdrive.com/ 316 B
461 B 1052ms
79ms XHR
text/plain 35.241.15.240
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cas.avalon.perfdrive.com/jsdata?
Requested by: Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/aperture/aperture.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.15.240 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 240.15.241.35.bc.googleusercontent.com
Software: /
Resource Hash: d5702bd4ad102b6232b7355b2f314df4e80fe760d803677cdec8b914b08123c0

Request headers

Referer: https://s45725.p1364.sites.pressdns.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
x-response-time: 1ms
date: Fri, 16 Feb 2024 03:46:23 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316
content-type: text/plain; charset=UTF-8

POST
H2 200 jsdata Show response
cas.avalon.perfdrive.com/ 211 B
264 B 1051ms
80ms XHR
text/plain 35.241.15.240
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cas.avalon.perfdrive.com/jsdata?
Requested by: Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/aperture/aperture.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.15.240 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 240.15.241.35.bc.googleusercontent.com
Software: /
Resource Hash: 3cfd23428f140e499134b06f5c341dd214553743b1742ba7441e5d80e778c28b

Request headers

Referer: https://s45725.p1364.sites.pressdns.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
x-response-time: 1ms
date: Fri, 16 Feb 2024 03:46:23 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 211
content-type: text/plain; charset=UTF-8

GET
H2 200 utsync.ashx Show response
ml314.com/ 647 B
1 KB 125ms
119ms Script
application/javascript 34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=68409&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fs45725.p1364.sites.pressdns.com%2F&pv=1708055182414_k0r95k6q1&bl=en-us&cb=7412596&return=&ht=&d=&dc=&si=1708055182414_k0r95k6q1&cid=&s=1600x1200&rp=&v=2.5.5.72
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?151
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 8b1e84b9ec7e769ee2ef2c1ea823178738bce355e3d81af31f6758f5f3e76861

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 03:46:22 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: application/javascript
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H2 200 wp-emoji-release.min.js Show response
s45725.pcdn.co/wp-includes/js/ 18 KB
6 KB 243ms
240ms Script
application/javascript 18.164.124.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s45725.pcdn.co/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-36.jfk50.r.cloudfront.net

Software

Pagely-ARES/1.20.1 /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 e4139980c923137f619eb979df36e416.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
x-cache: Miss from cloudfront
content-length: 5039
x-xss-protection: 1; mode=block
x-gateway-cache-status: BYPASS
x-gateway-request-id: 88fa51ad3bbff3edfef8b78e81bc7dba
last-modified: Tue, 30 Jan 2024 22:25:41 GMT
server: Pagely-ARES/1.20.1
etag: "4904-610313e10e340-gzip"
x-frame-options: SAMEORIGIN
x-gateway-skip-cache: 1
content-type: application/javascript
x-gateway-cache-key: 0||https|s45725.p1364.sites.pressdns.com|||/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3
cache-control: max-age=2592000
vary: Accept-Encoding,Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: Po5khe5fsBkG8ri9IX7nf7lhE_T7fvYWdc_QWxDkg2rxlucnxMLdUA==
expires: Sun, 17 Mar 2024 03:46:22 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 94 KB
20 KB 237ms
236ms Fetch
text/plain 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3028719351804375&correlator=1590981466377684&eid=31079956%2C31081256%2C31081207%2C31079527&output=ldjh&gdfp_req=1&vrg=202402130101&ptt=17&impl=fifs&iu_parts=22894175110%2CMFM_IA%2CMFM_IA_SiteLogo%2CMFM_IA_INTERSTITIAL%2CMFM_IA_SEARCH_BAR%2CMFM_IA_BB%2CMFM_IA_BB_TOP%2CMFM_IA_HPU%2CMFM_IA_HPU_HPU_1%2CMFM_IA_MPU%2CMFM_IA_MPU_MPU_1%2CMFM_IA_HPU_HPU_2%2CMFM_IA_BB_BOT%2CMFM_IA_1x1&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2F6%2C%2F0%2F1%2F7%2F8%2C%2F0%2F1%2F9%2F10%2C%2F0%2F1%2F7%2F11%2C%2F0%2F1%2F5%2F12%2C%2F0%2F1%2F13&prev_iu_szs=293x55%2C1x1%2C1x1%7C320x50%7C279x142%7C300x55%2C970x250%7C970x90%7C728x90%2C300x600%7C300x250%2C300x250%2C300x600%7C300x250%2C970x250%7C970x90%7C728x90%2C1x1&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1708055182629&lmt=1708055182&adxs=160%2C0%2C160%2C315%2C1100%2C1100%2C1100%2C175%2C0&adys=12%2C304%2C74%2C360%2C730%2C1030%2C1288%2C3036%2C304&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0%7C0%7C0%7C1%7C2%7C0&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fs45725.p1364.sites.pressdns.com%2F&vis=1&psz=293x-1%7C1600x3548%7C1310x-1%7C1600x50%7C282x808%7C282x808%7C282x250%7C1250x2941%7C1600x3548&msz=293x-1%7C1600x0%7C1280x-1%7C1600x50%7C300x250%7C300x250%7C300x250%7C1250x50%7C1600x0&fws=512%2C0%2C512%2C0%2C0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=948352875.1708055183&ga_sid=1708055183&ga_hid=1089216509&ga_fc=false&dlt=1708055173632&idt=8871&prev_scp=%7C%7Crefresh%3Dtrue%26refresh_count%3D0%7Crefresh%3Dtrue%26refresh_count%3D0%7Crefresh%3Dtrue%26refresh_count%3D0%7Crefresh%3Dtrue%26refresh_count%3D0%7Crefresh%3Dtrue%26refresh_count%3D0%7Crefresh%3Dtrue%26refresh_count%3D0%7C&cust_params=Page%3Dhome%252Cfront-page%26Category%3D%26category%3D%26postID%3D45141%26PostType%3Dpost%26Domain%3DInternational%2520Adviser%26test%3Dtrue&adks=100716814%2C4007352123%2C3435986450%2C2127146396%2C2227146939%2C3795494312%2C2046109751%2C468471597%2C2041280744&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js?cb=31081207

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

cafe /

Resource Hash

8e17a8129e6db3a6203db77ae9a9a4205302511d2ce216d9985b6d4379d9837f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20061
x-xss-protection: 0
google-lineitem-id: 6291135543,-2,-2,-2,6261348130,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138432370714,-2,-2,-2,138427701839,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://s45725.p1364.sites.pressdns.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f11f9dbf54b266fa319e4a51551c5a9c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4A12 6 KB
3 KB 473ms
156ms Document
text/html 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f11f9dbf54b266fa319e4a51551c5a9c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js?cb=31081207

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s45725.p1364.sites.pressdns.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 03:46:23 GMT
expires: Sat, 15 Feb 2025 03:46:23 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 200 6336190066112
edge.api.brightcove.com/playback/v1/accounts/1452496661001/videos/ Frame 0
0 1280ms
75ms Preflight 151.101.194.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/1452496661001/videos/6336190066112
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: accept
Access-Control-Request-Method: GET
Origin: https://s45725.p1364.sites.pressdns.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
access-control-allow-methods: HEAD,GET,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
access-control-max-age: 86400
cache-control: max-age=0, no-cache, no-store
content-length: 0
date: Fri, 16 Feb 2024 03:46:23 GMT
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-bur-kbur8200091-BUR
x-timer: S1708055183.404148,VS0,VE0

GET
H2 200 wigo-no-slot Show response
sync.teads.tv/ Frame 7122 325 B
477 B 525ms
148ms Document
text/html 23.51.57.155
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.teads.tv/wigo-no-slot
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.57.155 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-57-155.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: d85f6474893e823b6eb6ce2ad936235ff13be5d10d1c1dba6517f6dd3a731c59

Request headers

Referer: https://s45725.p1364.sites.pressdns.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-length: 325
content-type: text/html; charset=UTF-8
date: Fri, 16 Feb 2024 03:46:23 GMT
expires: Fri, 16 Feb 2024 03:46:23 GMT
pragma: no-cache
server: pekko-http/1.0.0

GET
H2 200 track
t.teads.tv/ 23 B
104 B 521ms
156ms Image
image/gif 23.199.49.95

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=647b0dc1-c517-49de-aaf0-59ee012c92f0&pageId=52910&pid=57975&debug_metadata=BDqJQjCiLA&fv=1329&ts=1708055183356&f=1&referer=https%3A%2F%2Fs45725.p1364.sites.pressdns.com%2F
Requested by: Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.199.49.95 Secaucus, United States, ASN (),
Reverse DNS: a23-199-49-95.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:23 GMT
cache-control: private, max-age=3666
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
134 B 557ms
192ms Image
image/gif 23.199.49.95

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=noSlot-selector&env=js-web&auctid=647b0dc1-c517-49de-aaf0-59ee012c92f0&pageId=52910&pid=57975&fv=1329&ts=1708055183365&f=1&referer=https%3A%2F%2Fs45725.p1364.sites.pressdns.com%2F
Requested by: Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.199.49.95 Secaucus, United States, ASN (),
Reverse DNS: a23-199-49-95.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Fri, 16 Feb 2024 03:46:23 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

GET
H2 200 wigo-no-slot Show response
sync.teads.tv/ Frame 8573 325 B
477 B 488ms
146ms Document
text/html 23.51.57.155
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.teads.tv/wigo-no-slot
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.57.155 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-57-155.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: d85f6474893e823b6eb6ce2ad936235ff13be5d10d1c1dba6517f6dd3a731c59

Request headers

Referer: https://s45725.p1364.sites.pressdns.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-length: 325
content-type: text/html; charset=UTF-8
date: Fri, 16 Feb 2024 03:46:23 GMT
expires: Fri, 16 Feb 2024 03:46:23 GMT
pragma: no-cache
server: pekko-http/1.0.0

GET
H2 200 track
t.teads.tv/ 23 B
104 B 482ms
154ms Image
image/gif 23.199.49.95

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=afc042ea-c9a4-4a1a-a854-e986fe0fbf49&pageId=52909&pid=57974&debug_metadata=EW4YQPwZao&fv=1329&ts=1708055183401&f=1&referer=https%3A%2F%2Fs45725.p1364.sites.pressdns.com%2F
Requested by: Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.199.49.95 Secaucus, United States, ASN (),
Reverse DNS: a23-199-49-95.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:23 GMT
cache-control: private, max-age=3666
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
134 B 434ms
151ms Image
image/gif 23.199.49.95

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=noSlot-selector&env=js-web&auctid=afc042ea-c9a4-4a1a-a854-e986fe0fbf49&pageId=52909&pid=57974&fv=1329&ts=1708055183404&f=1&referer=https%3A%2F%2Fs45725.p1364.sites.pressdns.com%2F
Requested by: Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.199.49.95 Secaucus, United States, ASN (),
Reverse DNS: a23-199-49-95.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Fri, 16 Feb 2024 03:46:23 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E8A1 0
0 208ms
207ms Fetch
image/gif 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvU_ywHledw9_dtOw_CJ4sgpUFSvifQD1hDK06-LUPN6VDFXYjpbldXFwFr0prKVvZZMAXhGhksc_2a6AUBKDRnJMx5Y7ZNgKJv1wFUBZuVLenHpeeqIMH8ggrapq_AvZZI9M2zwwyplOChcxABFKHV02LotGLXBPvlsME9bFc9_mK-EY1S5HXztJsSqZd8QAayiqla47TPg4FtyN2p-RTt4E1OzoHGrb-5YsjvlUr21gFucSw--84_LJtoAQejb9rwhb0UNUGMY5mmhZ5LoKwrrIWo-pk5lKALD05NkygXsraqlHclgSOIKHfGKQWg8hzlPe_n_VhM0wt5478trwNoJHECCCqSEGNOjoVBywS4NkdO8E_Q_cPzuDI-VbrxWDs&sai=AMfl-YTM_cDaMoBJ6wdVUoFC30lqKpn8VHh3AzWDdaO_acPjcICVHqKH9N-gwWLoTup6VquC4wM5bKKklU3ZjcENfVfkVTTql1Mr2kBVYrD-fgDiXHCXZywacFjMO2HR13VQ8omZOeM59jXIKI241QKkq5WE&sig=Cg0ArKJSzIXJ9wtM6N_iEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 16 Feb 2024 03:46:23 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/ Frame E8A1 3 KB
2 KB 441ms
143ms Script
text/javascript 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js?cb=31081207

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 16:01:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42303
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Feb 2024 16:01:20 GMT

GET
H2 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame E8A1 204 KB
62 KB 439ms
142ms Script
text/javascript 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js?cb=31081207

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:31:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 884
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 16 Feb 2024 04:31:39 GMT

GET
H2 200 11307068007457182348
tpc.googlesyndication.com/simgad/ Frame E8A1 3 KB
3 KB 442ms
146ms Image
image/png 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11307068007457182348

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js?cb=31081207

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

sffe /

Resource Hash

4a2f5e442356345cdc2a0ee22cb911d6f8d96518ab54865065b15b16baafa45d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sat, 15 Feb 2025 01:26:42 GMT
date: Fri, 16 Feb 2024 01:26:42 GMT
x-content-type-options: nosniff
age: 8381
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2711
x-xss-protection: 0
last-modified: Wed, 03 May 2023 14:24:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 utsync.ashx
ml314.com/ Frame F6C5 43 B
0 125ms
123ms Fetch
image/gif 34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?eid=91050&et=0&dc=IA-IAHouse&cb=1220608186&gdpr=&gdpr_consent=
Requested by: Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 03:46:23 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: image/gif
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0,Sat, 17 Feb 2024 03:46:23 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F6C5 0
0 209ms
206ms Fetch
image/gif 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssTJKx9dy5HGi2Vhna5uDhyFDcFPnUwlEyzJqu1-OxCCCleg3P1k2yEXB9_h_dKhDMYCNcNx6Gg1VETFIqUYCLq4s6N2c8DHRafI6NPkZWVctGnSlUsHvQP4hbPko76-gebjLx6RVqP4aBBWwpse-wgL0A0OFCxnWAHYd1hq8oc_X0Ush8TQ5tsbKO2s1ghHsA7mwYX6q02EMtq2psBQDU5BKx_UXqduNgQDZQZ6wgFXVJEHUETFXyXXRNf44irDW1W0o0LJkmur2PyvXJ5W-4jk6f0-8PdHoSekgIwGgSYhD2qKIx1FijIg6JCxDeCg7EMDu4T2u28tSFxxz23RntHko66KaQ_KfgeFyQ1Qh74xUVa3Ky_GuXCtW5eQEu1tsNhY31kUra4I2UuNnE&sai=AMfl-YRAKAegid5hfI6jvOk1eJf9YkFwH5jkwzf8cTMLMgJfh9j4bfx3gp8iaCi5JmKYvzKmmccMNLvTdI5nFC0TKG-sL8nLNn0qc0VM031eFZTyaSC7m0RF3PmbZnyHGgl3WxD_TUgMqdF7Y4fxByAPJZcb&sig=Cg0ArKJSzIf42WxQpTFEEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 16 Feb 2024 03:46:23 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/ Frame F6C5 3 KB
1 KB 419ms
144ms Script
text/javascript 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js?cb=31081207

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 16:01:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42303
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Feb 2024 16:01:20 GMT

GET
H2 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame F6C5 204 KB
61 KB 571ms
297ms Script
text/javascript 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js?cb=31081207

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:31:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 884
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 16 Feb 2024 04:31:39 GMT

GET
H2 200 11672758859099419280
tpc.googlesyndication.com/simgad/ Frame F6C5 138 KB
138 KB 425ms
151ms Image
image/png 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11672758859099419280

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js?cb=31081207

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

sffe /

Resource Hash

ac0a3a7150503125d08fdddd769fb42a339bd83c99d48eef5b4bec50ca239d0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sat, 15 Feb 2025 01:26:42 GMT
date: Fri, 16 Feb 2024 01:26:42 GMT
x-content-type-options: nosniff
age: 8381
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140894
x-xss-protection: 0
last-modified: Wed, 29 Mar 2023 15:29:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame E8A1 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0af10536915f530fa1f75ca4abfcc1c3c5ae05cbaa48b4511959a7f018508a32

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame F6C5 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 79d01b7dd9b473b138e598f07af078b360f09ab234026e564b5a04696c4f0eee

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

csync.ashx
ml314.com/
Redirect Chain

https://idsync.rlcdn.com/395886.gif?partner_uid=3642102412317032484
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzY0MjEwMjQxMjMxNzAzMjQ4NBAAGg0Ij7W7rgYSBQjoBxAAQgBKAA
https://ml314.com/csync.ashx?fp=d0769d87a22db7562f42ba8e8872463419f7f256fb6c5c88eeba50ccb7882134f4cb09cee1a4f8eb&person_id=3642102412317032484&eid=50082

43 B
56 B

128ms
127ms

Image
image/gif

34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=d0769d87a22db7562f42ba8e8872463419f7f256fb6c5c88eeba50ccb7882134f4cb09cee1a4f8eb&person_id=3642102412317032484&eid=50082
Requested by: Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/
Protocol: H3
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sat, 17 Feb 2024 03:46:24 GMT
date: Fri, 16 Feb 2024 03:46:24 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

Redirect headers

date: Fri, 16 Feb 2024 03:46:23 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ml314.com/csync.ashx?fp=d0769d87a22db7562f42ba8e8872463419f7f256fb6c5c88eeba50ccb7882134f4cb09cee1a4f8eb&person_id=3642102412317032484&eid=50082
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

csync.ashx
ml314.com/
Redirect Chain

https://loadus.exelator.com/load/?p=204&g=1170&j=0&redirect=https%3A%2F%2Fml314.com%2Fcsync.ashx%3Fperson_id%3D3642102412317032484%26eid%3D50596%26fp%3D
https://loadus.exelator.com/load/?p=204&g=1170&j=0&redirect=https%3A%2F%2Fml314.com%2Fcsync.ashx%3Fperson_id%3D3642102412317032484%26eid%3D50596%26fp%3D&xl8blockcheck=1
https://ml314.com/csync.ashx?person_id=3642102412317032484&eid=50596&fp=983fd52b8791005ce2da89e54046c08b&gdpr=&gdpr_consent=

43 B
56 B

125ms
125ms

Image
image/gif

34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?person_id=3642102412317032484&eid=50596&fp=983fd52b8791005ce2da89e54046c08b&gdpr=&gdpr_consent=
Requested by: Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/
Protocol: H3
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sat, 17 Feb 2024 03:46:24 GMT
date: Fri, 16 Feb 2024 03:46:24 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

Redirect headers

date: Fri, 16 Feb 2024 03:46:24 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://ml314.com/csync.ashx?person_id=3642102412317032484&eid=50596&fp=983fd52b8791005ce2da89e54046c08b&gdpr=&gdpr_consent=
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H2

200

demconf.jpg
dpm.demdex.net/
Redirect Chain

https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3642102412317032484&redir=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3642102412317032484&redir=

42 B
717 B

110ms
108ms

Image
image/gif

34.210.199.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3642102412317032484&redir=

Requested by

Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/

Protocol

Server

34.210.199.77 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-210-199-77.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

dcs: dcs-prod-usw2-1-v051-083cf89ba.edge-usw2.demdex.com 2 ms
pragma: no-cache
date: Fri, 16 Feb 2024 03:46:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: vCDKo8f7Rlk=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-usw2-2-v051-03191c500.edge-usw2.demdex.com 0 ms
pragma: no-cache
date: Fri, 16 Feb 2024 03:46:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: XmJVCppXTGw=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3642102412317032484&redir=
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3

200

csync.ashx
ml314.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1
https://ml314.com/utsync.ashx?eid=53819&et=0&fp=764f1ef0-4cc7-4241-b535-3df1f94696f9&gdpr=0&gdpr_consent=
https://ml314.com/csync.ashx?fp=764f1ef0-4cc7-4241-b535-3df1f94696f9&person_id=3642102412317032484&eid=53819

43 B
56 B

136ms
136ms

Image
image/gif

34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=764f1ef0-4cc7-4241-b535-3df1f94696f9&person_id=3642102412317032484&eid=53819
Requested by: Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/
Protocol: H3
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sat, 17 Feb 2024 03:46:24 GMT
date: Fri, 16 Feb 2024 03:46:24 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 16 Feb 2024 03:46:24 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: image/gif
location: https://ml314.com/csync.ashx?fp=764f1ef0-4cc7-4241-b535-3df1f94696f9&person_id=3642102412317032484&eid=53819
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
x-cloud-trace-context: 6495a32a014d716507c1a2a6d210027d
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: 0,Sat, 17 Feb 2024 03:46:24 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif
https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif
https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2L-PJnH5-QBYJxj62mCWeuwX2IFh67dlCYQ30kZXJNTE&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referrer_p...
https://ml314.com/csync.ashx?fp=2L-PJnH5-QBYJxj62mCWeuwX2IFh67dlCYQ30kZXJNTE&person_id=3642102412317032484&eid=50052&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referre...
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20

70 B
440 B

136ms
135ms

Image
image/gif

3.232.64.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
Requested by: Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/
Protocol: HTTP/1.1
Server: 3.232.64.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-232-64-79.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/gif
Date: Fri, 16 Feb 2024 03:46:24 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

date: Fri, 16 Feb 2024 03:46:24 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: image/gif
location: https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
x-cloud-trace-context: 9b4d951bb011c1ea40335906161f4b77
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Sat, 17 Feb 2024 03:46:24 GMT

GET
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
88 B 127ms
123ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
date: Fri, 16 Feb 2024 03:46:23 GMT
via: 1.1 google
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: must-revalidate,no-cache,no-store
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 200
OK image.jpg
cf-images.eu-west-1.prod.boltdns.net/v1/jit/1452496661001/296f08cc-07d7-4441-8dd8-bfd2f09ccb77/main/1280x720/2m17s994ms/match/ 38 KB
39 KB 486ms
142ms Image
image/jpeg 13.225.214.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.eu-west-1.prod.boltdns.net/v1/jit/1452496661001/296f08cc-07d7-4441-8dd8-bfd2f09ccb77/main/1280x720/2m17s994ms/match/image.jpg
Requested by: Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.214.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-214-80.ewr50.r.cloudfront.net
Software: / BC
Resource Hash: ff2d9b181f3e591b9858296cc57c21f6757f15094d679834df591e15b21dc5b0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Fri, 29 Dec 2023 21:59:11 GMT
Via: 1.1 64142199656297b56ef863f9ccc0c102.cloudfront.net (CloudFront)
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Amz-Cf-Pop: EWR50-C1
X-Powered-From: gantry
X-Powered-By: BC
Age: 4168033
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
X-Amz-Cf-Id: Eoag7jeenAJMCxN72d4uPXzwkhEUmUExPYCzS59kYLfzYOwvmy_2GQ==
Expires: Sun, 29 Dec 2024 21:59:11 GMT

GET
BLOB 200
OK 16ab60a8-94b3-4d04-bf48-d4b095a485b3
https://s45725.p1364.sites.pressdns.com/ 7 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://s45725.p1364.sites.pressdns.com/16ab60a8-94b3-4d04-bf48-d4b095a485b3
Requested by: Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5593812ed51f4f2de527010b8ae1f0fa41ffd0186000b950ee0e30d4690aa442

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Length: 6656
Content-Type: application/javascript

GET
BLOB 200
OK ba582903-eb3b-4a3c-a918-141c9859f672
https://s45725.p1364.sites.pressdns.com/ 87 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://s45725.p1364.sites.pressdns.com/ba582903-eb3b-4a3c-a918-141c9859f672
Requested by: Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6816657afeabeef8907b45d01159e45d49419032d962da519da70aed08ca1c7c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Length: 88599
Content-Type: application/javascript

GET
BLOB 200
OK c5354c7e-6675-4403-a417-8f1a0b991640
https://s45725.p1364.sites.pressdns.com/ 87 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://s45725.p1364.sites.pressdns.com/c5354c7e-6675-4403-a417-8f1a0b991640
Requested by: Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6816657afeabeef8907b45d01159e45d49419032d962da519da70aed08ca1c7c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Length: 88599
Content-Type: application/javascript

GET
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
88 B 124ms
123ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
date: Fri, 16 Feb 2024 03:46:23 GMT
via: 1.1 google
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: must-revalidate,no-cache,no-store
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 28b9c2ac1cf2079bcc90f679b496038a.js Show response
cdn.cookie-script.com/s/ 129 KB
23 KB 815ms
223ms Script
application/javascript 78.46.117.148
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cookie-script.com/s/28b9c2ac1cf2079bcc90f679b496038a.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3KT4QH
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.46.117.148 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.148.117.46.78.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 41fcee2f5f670babbcc59fbea5a66e596c307ba5c1c6437e14fd28daad6c9ddd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:24 GMT
content-encoding: gzip
last-modified: Fri, 02 Feb 2024 20:19:20 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"7618986e6e578bdfa6ccf96539972ec5"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 281 KB
92 KB 167ms
166ms Script
application/javascript 142.251.40.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZNP13DXR6R&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3KT4QH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.168 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

4da6c9bb3ea287ffa1deef9064a487790188a0265c47f0604c2ccb885b4b551a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94378
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 16 Feb 2024 03:46:23 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 437ms
142ms Script
text/javascript 142.250.65.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3KT4QH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.206 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 16 Feb 2024 01:51:42 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 6882
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 16 Feb 2024 03:51:42 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame E8A1 0
0 205ms
203ms Fetch
image/gif 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvxZn4D0iKJdJ5k2i2wNtBvx2qZ771Duv6aWZTSqr1WQTiYNEw7uKudylml_PrvIpC5-Cclj921GLY-SQW8vUlyhbwjDBRX6-ex6V0JZKRAIa_7uv7EuszAecDNxTWvIQiUbNYFu3Q5xfgiRIfQlKVNSdkfUh6GQPXGJ4ER4xIoK0kYp29Zl2fMYwo6ekQkJPzigO9j6pIJAZTYSbBVEhs8xt29QpPfu1TfPqNMDy3hehGLcLAOdjwZgOY0sGveWWc7qXg4u-cQBKLQTvRUQT0j578GtVOoo9ZtfZ0_HFJp7dC-nHJs_cHhGQ5tjD7IyvxPgS1mBmmLR4dOY09hvQvEvqbkzAqhNPNS9wOgJTF6tyZu0IJd49hhXoiGvYUCxwkJ2w&sai=AMfl-YTDMz9Ne3-8YUjBWbkzU2kAXh1K5qRPG1WrLSKMQRlqp258pta4s4IKRWg0aDmrpLUFcA4UMORiRLQCG-1poHJaJPRJraV0HAr9QpN0yJYK9KdBlsNn65qNdBGHO-xD2mTl4VIQtl2vo6xmFeGtMrN8&sig=Cg0ArKJSzKfJGwRUT7LCEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 16 Feb 2024 03:46:24 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame F6C5 0
0 205ms
204ms Fetch
image/gif 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuytSX9taeBnAUFNKawiUORyvZDh75F0X5kPMtQH-iiUFOo40eT25j1_CrP8RLZilbCM7oQKJgDahV1YvsPU8LfdNIY4k9T8cgT47-D6rmv_3_gnmnXXs4EMhZiQI8TW3qyh4W2tJGHZLkoKR7JV_CCDV-4STty9VGfudvolQTe8iRporppjU5udmfqpWjtwnTs6UP7f85A9h49QLv5gwYethL01aojVANBy4CBsWD2_VWdNRPgh4RZUMZPHMrA_KXp1LFkiZbDdESte3QPVzOW3hLtz55hqRph5InzkhzfgfrTKA56_bTVFMZb-XnhajtEH8C5odeRF0et0N1RZYNlOvLoINx0V4Gom7n0YWnqkA9xVSQGd-Hcv7yyTw-_JrMmLwbn2IdZ5VREUv1N1A&sai=AMfl-YThjq3o2ZfuboBonlV21Yy7h5e5AO5Xtnsp2l9hfFBjy92G8URDESWjod4XwoUF-aQDPBoAs1_mViLeLRZAzMwBvwrBELUrCJj87JBCusxouGASBfznxJFcPGfAA184W4DTRrAsLst9b0C1MaJ3UyCJ&sig=Cg0ArKJSzLkdd4g6gKDJEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 16 Feb 2024 03:46:24 GMT

GET
H2

200

src=10309074;dc_pre=CKmPtrT5roQDFd7QTwIdI90P-Q;type=invmedia;cat=bonhi003;ord=3646304227108;npa=1;pscdl=denied;gtm=45He42e0v79627532za200;gcs=G101;gcd=13p3t3p3p5;dma_cps=-;dma=0;uaa=;uab=;uafvl=;ua...
ade.googlesyndication.com/ddm/activity/
Redirect Chain

https://ade.googlesyndication.com/ddm/activity/src=10309074;type=invmedia;cat=bonhi003;ord=3646304227108;npa=1;pscdl=denied;gtm=45He42e0v79627532za200;gcs=G101;gcd=13p3t3p3p5;dma_cps=-;dma=0;uaa=;u...
https://ade.googlesyndication.com/ddm/activity/src=10309074;dc_pre=CKmPtrT5roQDFd7QTwIdI90P-Q;type=invmedia;cat=bonhi003;ord=3646304227108;npa=1;pscdl=denied;gtm=45He42e0v79627532za200;gcs=G101;gcd...

42 B
118 B

174ms
173ms

Image
image/gif

142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/src=10309074;dc_pre=CKmPtrT5roQDFd7QTwIdI90P-Q;type=invmedia;cat=bonhi003;ord=3646304227108;npa=1;pscdl=denied;gtm=45He42e0v79627532za200;gcs=G101;gcd=13p3t3p3p5;dma_cps=-;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fs45725.p1364.sites.pressdns.com%2F?

Requested by

Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/

Protocol

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 03:46:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 16 Feb 2024 03:46:24 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://ade.googlesyndication.com/ddm/activity/src=10309074;dc_pre=CKmPtrT5roQDFd7QTwIdI90P-Q;type=invmedia;cat=bonhi003;ord=3646304227108;npa=1;pscdl=denied;gtm=45He42e0v79627532za200;gcs=G101;gcd=13p3t3p3p5;dma_cps=-;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fs45725.p1364.sites.pressdns.com%2F?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

src=13039151;dc_pre=CM-KtrT5roQDFZbQTwIdlOUOag;type=invmedia;cat=ma_in0;ord=5679840436441;npa=1;pscdl=denied;gtm=45He42e0v79627532za200;gcs=G101;gcd=13p3t3p3p5;dma_cps=-;dma=0;uaa=;uab=;uafvl=;uamb...
ade.googlesyndication.com/ddm/activity/
Redirect Chain

https://ade.googlesyndication.com/ddm/activity/src=13039151;type=invmedia;cat=ma_in0;ord=5679840436441;npa=1;pscdl=denied;gtm=45He42e0v79627532za200;gcs=G101;gcd=13p3t3p3p5;dma_cps=-;dma=0;uaa=;uab...
https://ade.googlesyndication.com/ddm/activity/src=13039151;dc_pre=CM-KtrT5roQDFZbQTwIdlOUOag;type=invmedia;cat=ma_in0;ord=5679840436441;npa=1;pscdl=denied;gtm=45He42e0v79627532za200;gcs=G101;gcd=1...

42 B
107 B

177ms
175ms

Image
image/gif

142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/src=13039151;dc_pre=CM-KtrT5roQDFZbQTwIdlOUOag;type=invmedia;cat=ma_in0;ord=5679840436441;npa=1;pscdl=denied;gtm=45He42e0v79627532za200;gcs=G101;gcd=13p3t3p3p5;dma_cps=-;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fs45725.p1364.sites.pressdns.com%2F?

Requested by

Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/

Protocol

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 03:46:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 16 Feb 2024 03:46:24 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://ade.googlesyndication.com/ddm/activity/src=13039151;dc_pre=CM-KtrT5roQDFZbQTwIdlOUOag;type=invmedia;cat=ma_in0;ord=5679840436441;npa=1;pscdl=denied;gtm=45He42e0v79627532za200;gcs=G101;gcd=13p3t3p3p5;dma_cps=-;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fs45725.p1364.sites.pressdns.com%2F?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 143ms
142ms Script
text/javascript 142.250.65.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.206 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f14.1e100.net

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:13:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1977
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 16 Feb 2024 04:13:27 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
182 B 157ms
156ms Ping
text/plain 142.250.65.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-ZNP13DXR6R&gtm=45je42e0v880950167z879627532za200&_p=1708055178101&gcs=G101&gcd=13p3t3p3p5&npa=1&dma_cps=-&dma=0&gdid=dMmY1Mm&cid=948352875.1708055183&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=denied&_s=1&sid=1708055184&sct=1&seg=0&dl=https%3A%2F%2Fs45725.p1364.sites.pressdns.com%2F&dt=International%20Adviser%20%7C%20The%20leading%20website%20for%20IFAs%20who%20distribute%20international%20fund%2C%20life%20%26%20banking%20products%20to%20high%20net%20worth%20individuals&en=page_view&_fv=1&_ss=1&tfd=12123
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZNP13DXR6R&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.65.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s72-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 03:46:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://s45725.p1364.sites.pressdns.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 landing
pagead2.googlesyndication.com/pagead/ 42 B
227 B 174ms
171ms Ping
image/gif 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/landing?gcs=G101&gcd=13p3t3p3p5&rnd=1736204772.1708055185&url=https%3A%2F%2Fs45725.p1364.sites.pressdns.com%2F&dma_cps=-&dma=0&npa=1&gtm=45He42e0n81P3KT4QHv79627532za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3KT4QH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 03:46:24 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
93 B 157ms
156ms XHR
text/plain 142.250.65.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1089216509&t=pageview&_s=1&dl=https%3A%2F%2Fs45725.p1364.sites.pressdns.com%2F&ul=en-us&de=UTF-8&dt=International%20Adviser%20%7C%20The%20leading%20website%20for%20IFAs%20who%20distribute%20international%20fund%2C%20life%20%26%20banking%20products%20to%20high%20net%20worth%20individuals&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aChAgEAjEAAAICAAIg~&cid=948352875.1708055183&tid=UA-4633467-9&_gid=1896848385.1708055185&_slc=1&gtm=45He42e0n81P3KT4QHv79627532za200&cd12=null&gcs=G101&gcd=13p3t3p3p5&dma_cps=-&dma=0&npa=1&z=737335890

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.206 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://s45725.p1364.sites.pressdns.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 03:46:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://s45725.p1364.sites.pressdns.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E8A1 42 B
64 B 497ms
209ms Fetch
image/gif 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssWvGtAdSLhApD-K2CdwNpUBuzaHtVIIBffcT-upGECKy4Hw0GqaO9fPU84Q6OgKpaZJRr-uhwh6uknlzXCgNhWI3iteTDMtGg8fWa9oq_-PYzedk03oK7rQ_ykmonl3E4xFNkVRkVqrsCSM-ITNyHtVWaLtesTCEI&sig=Cg0ArKJSzG63bvkYhnbIEAE&id=lidar2&mcvt=1000&p=11,160,66,453&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240215&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=100716814&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=398798400&rst=1708055183487&rpt=676&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 03:46:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 WaBbwGGI
d6cba395a2c04672b102e97fac33544f.svc.dynamics.com/t/v/QO1hOUo33pO3EGhRA-12Wz9w2NgJHRluTYMy0HwWOLM/HWW2nlCIVAUXjfGx4f8J2dqqQh6C-YdFGsRCP2En/ 49 B
591 B 971ms
341ms Image
image/jpeg 20.108.190.38
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d6cba395a2c04672b102e97fac33544f.svc.dynamics.com/t/v/QO1hOUo33pO3EGhRA-12Wz9w2NgJHRluTYMy0HwWOLM/HWW2nlCIVAUXjfGx4f8J2dqqQh6C-YdFGsRCP2En/WaBbwGGI?ad=https%3A%2F%2Fs45725.p1364.sites.pressdns.com%2F&rf=&id=1150570540

Requested by

Host: s45725.p1364.sites.pressdns.com
URL: https://s45725.p1364.sites.pressdns.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.108.190.38 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 16 Feb 2024 03:46:25 GMT
x-content-type-options: nosniff
server: Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
x-servicefabricrequestid: 22fc6cd2-3857-4e0b-8a38-1d0a7ebd154b, 0627142b-99ff-44a3-bfe8-4197713816fe
content-type: image/jpeg
x-activity-id: 30bc322f-37d7-40c6-8ae4-f1d576859570
x-ms-activity-id: 30bc322f-37d7-40c6-8ae4-f1d576859570
content-length: 49
api-deprecated: False

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 419ms
179ms XHR
application/json 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202402130101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js?cb=31081207

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

8234967ba5c37cd1c3ffd3265073a442df3c167a24ddf584b1c0fab7b57a1ba5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12233
x-xss-protection: 0

GET
H2 200 analytics Show response
consent.cookie-script.com/ 47 B
453 B 1076ms
598ms XHR
application/json 65.108.188.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookie-script.com/analytics?action=firstshown&time=1708055185269&script=28b9c2ac1cf2079bcc90f679b496038a&category=
Requested by: Host: cdn.cookie-script.com
URL: https://cdn.cookie-script.com/s/28b9c2ac1cf2079bcc90f679b496038a.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 65.108.188.9 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.9.188.108.65.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 07952ca832c677aad73562479a3008fc3aea7469617c34570b423f1e820cda92

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:26 GMT
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: FRA60-P3
x-amzn-trace-id: Root=1-65ceda91-5ad33ac771d2df4c40ad1733;Parent=2a6a99b7e926b8f8;Sampled=0;lineage=a8669a4e:0
x-amzn-requestid: 223cf294-4bbf-4e7a-9644-622dbc2cd491
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: TNcW2FgejoEEj5g=
content-length: 47
x-amz-cf-id: P1y1jzqwnGZqZ3x2HbAM-BZ9zkZvxC6zEQOuKmM8CdvWZ1b-0qn8Dw==

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 143ms
143ms Image
image/gif 142.250.65.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1089216509&t=event&ni=1&_s=2&dl=https%3A%2F%2Fs45725.p1364.sites.pressdns.com%2F&ul=en-us&de=UTF-8&dt=International%20Adviser%20%7C%20The%20leading%20website%20for%20IFAs%20who%20distribute%20international%20fund%2C%20life%20%26%20banking%20products%20to%20high%20net%20worth%20individuals&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Cookie-Script&ea=firstshown&_u=aDhAgEAjEAAAICAAIg~&cid=948352875.1708055183&tid=UA-4633467-9&_gid=1896848385.1708055185&gtm=45He42e0n81P3KT4QHv79627532za200&cd12=null&gcs=G101&gcd=13p3t3p3p5&dma_cps=-&dma=0&npa=1&z=463314701

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.206 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Feb 2024 22:00:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 20767
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F6C5 42 B
64 B 361ms
210ms Fetch
image/gif 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuBCUNNUSnE4pT7JuSwAVUS6It2B9E4s01T4opojyVckw_kireJpxm8c3Z-KrAzlRo7F-GnODFoMT63ckRt3-eT_W-V9bjQ8czCihraWFaVUsOju_F3lwo6EpfDqzOl66XscSIILb7lKgMU_7xdE17chI_4JEra0pQ&sig=Cg0ArKJSzOzGWFuLNgDJEAE&id=lidar2&mcvt=1044&p=580,1100,1181,1400&mtos=1044,1044,1044,1044,1044&tos=1044,0,0,0,0&v=20240215&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2227146939&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=398798400&rst=1708055183508&rpt=751&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 03:46:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 162ms
160ms Script
text/javascript 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js?cb=31081207

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 16 Feb 2024 03:46:25 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 62EA 13 KB
5 KB 143ms
142ms Document
text/html 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s45725.p1364.sites.pressdns.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 90068
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Feb 2024 02:45:17 GMT
expires: Fri, 14 Feb 2025 02:45:17 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 58BF 829 B
1 KB 464ms
169ms Document
text/html 142.250.176.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f4.1e100.net

Software

GSE /

Resource Hash

8924d07d38ed72d5e65b0af41ff05253d476971b532eacd8eec25d657b311f77

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6uucnIguKql31vWpcatyMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://s45725.p1364.sites.pressdns.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-6uucnIguKql31vWpcatyMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 03:46:26 GMT
expires: Fri, 16 Feb 2024 03:46:26 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame 62EA 39 KB
15 KB 145ms
145ms Script
text/javascript 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 02:46:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89985
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Feb 2025 02:46:41 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 58BF 0
0 212ms
207ms Image
text/html 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202402130101&jk=3028719351804375&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s36-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 62EA 0
10 B 146ms
141ms Image
text/plain 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?kpesGQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s74-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:46:26 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 209ms
207ms Image
text/html 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202402130101&jk=3028719351804375&bg=!ODulO3TNAAZN4L4YbeA7ADQBe5WfOMQFtgGjRHdqTwxwatb8FqBIRv7B6j75fn6TLUGwEbYcSaY75tkYhcuTMfGgOsyQAgAAANZSAAAAFmgBBwoAoRs4LMpxzLBOr1V6yD5akdKItWWwlKaZrD9GX_BDAVFMLjpd8Q6RfiBjKUbiBvoogtvJtGxkEmOrPyaEPtkbdTshyPK41QBBLX2oXyl570VI9wgVlbj1VNH6FTQarqRcrTObVpx4LyjM5JXPTjMvm31YpJPB8hb0earm72E-jVYOqGqxepfWL0JC2d2BM8X6lLP7F-Gat9a4MgIbddPiFKaRmQLT1iCNxVcdD9eCwwZSnAsuBZB95oVJ3GsM73qZNoHPoxTA9yOx5B-LucmdaFIbrRk-Mvnld7QU3G7WPwPvC6hWZoEDIwfp1Dxtewifeqee1MmZ0rwq-a7IbJmUdAT3pwm436LN0eDQ-inDyfd8h0FnjBIEin4h34svkO3RZ-VuMiEnN7y8ggnoZCwSOCubChnwefo9kKbO2PUu601Yb4wlEWPbjgwl_KaxS_InmXWl3kyte5GbJZIWwR_wEIfRjcPI1htAtlVnsLuWEiK8IzTm3ZyRDCExLYKUsktajO53gnF_lY-IGROoFH_g7dnvS6CmY4tavbClwSBmImSD7fbPSyULooWo-0ilcVcayXGnlvF8GQ0xPOi_qNcVO5hOSJsyFfumAlCuTfE66a0AxtWGgj9TQJ98j8WrGhzhRQlD0G1y225BDSrX8aCcb0Gq5xOKxQqyVQblyAlbKfUKIsFTDaL2OJTCfndtrdbqWnGZSmFX1xwkUMAlmbbYRo2FMJ_eSAP3LejteJXodlePVAJW8Zo63DDF-z39BK6382SuAZZ5Lmg8XPg92YNqcA_PwErCmCwM48MxCmVoGsvmI-nhPAWRsL_d1BN9IlgQWh7TskOdbAibSs5lrUJQC8AiQq5HjT5h2XVs-ntL95GeTF7zmSK7S6Ty-jEc8WmpVYZhNbV7ShJ1D9Ekw__-Jl2WBOnAj2rRonem0kRFqf0O0eE8vXO6fNdt3oaka4f1UgRJ4uMIh9oLwH-T8oaJHVVxJ_B39vduxvYCOtfDlUiudmPtcDrU2YW_SQuBMnlBXPCXQU0BD6qqDBzaERq_7Cekxo7WT2TCmnFPgKztacsWtz4vhjbhoYCX4Tf2LTMIxHzPMvU7mUDsyHVuQcJ_f1fMxjxzn5JWyeG3cemt8HpRVi0jV5OLiHNWoAJncC69ocz8tjpJIK39epnu-dNk3MltP0xw5zuH
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s36-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s45725.p1364.sites.pressdns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

111 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ml314.com/	1970-01-20 18:27:35	Name: u Value: aHR0cHM6Ly9zNDU3MjUucDEzNjQuc2l0ZXMucHJlc3NkbnMuY29tLw%3D%3D
.ml314.com/	1970-01-21 03:14:37	Name: pi Value: 3642102412317032484
.ml314.com/	1970-01-20 18:47:44	Name: tp Value: 4%253B02%252F16%252F2024%2B03%253A46%253A22%253B0
.doubleclick.net/	1970-01-21 04:03:35	Name: IDE Value: AHWqTUmVyjzuiIwi_dIPqv0u8G7zWvWqZjKOY5TmB_RaBPnUGJIfHuDF6yXswjJ63Hk
.rlcdn.com/	1970-01-21 03:13:11	Name: rlas3 Value: X6ruAtqTt+9fsuc84Qu1O3ednL+bedy4QHVQk9CNoJ8=
.exelator.com/	1970-01-20 21:20:23	Name: EE Value: "983fd52b8791005ce2da89e54046c08b"
.rlcdn.com/	1970-01-20 19:53:59	Name: pxrc Value: CI+1u64GEgUI6AcQABIFCNtOEAA=
.exelator.com/	1970-01-20 21:20:23	Name: ud Value: "eJxrXxzq6XKLQcHSwjgtxdQoycLc0tDAwDQ51Sgl0cIy1dTEwMQs2cAiaXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIcEl%252BUWb6otDgxUUpaQyLSopPBR%252B7wQwAhUwp%252Bw%253D%253D"
.adsrvr.org/	1970-01-21 03:14:37	Name: TDID Value: 764f1ef0-4cc7-4241-b535-3df1f94696f9
.demdex.net/	1970-01-20 22:46:47	Name: demdex Value: 62135181353901282453730027978778515859
.adsrvr.org/	1970-01-21 03:14:37	Name: TDCPM Value: CAESFgoHZDB0cm8xahILCOLRkJP8qtc8EAUYBSABKAIyCwjUjpG_kqvXPBAFOAE.
.dpm.demdex.net/	1970-01-20 22:46:47	Name: dpm Value: 62135181353901282453730027978778515859
.eyeota.net/	1970-01-21 03:14:37	Name: mako_uid Value: 18db005c402-73e0000010a507a
.eyeota.net/	1970-01-20 18:27:35	Name: SERVERID Value: 20602~DM
.pressdns.com/	1970-01-20 18:29:01	Name: _gid Value: GA1.2.1896848385.1708055185
.pressdns.com/	1970-01-21 04:03:35	Name: _ga_ZNP13DXR6R Value: GS1.1.1708055184.1.0.1708055184.0.0.0
.pressdns.com/	1970-01-21 04:03:35	Name: _ga Value: GA1.1.948352875.1708055183
d6cba395a2c04672b102e97fac33544f.svc.dynamics.com/	1970-01-21 04:03:35	Name: 79f08280-5c63-4331-b04d-fb6f39afda51 Value: XxvPkitkeVvy5G009bSiPpEFt1AuDlh_FpJ3g8uOoXQ
d6cba395a2c04672b102e97fac33544f.svc.dynamics.com/	1969-12-31 23:59:59	Name: 319af4c0-e197-4de9-8a9b-fe98c8a2ca04 Value: XxvPkitkeVvy5G009bSiPpEFt1AuDlh_FpJ3g8uOoXQ

72 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://s45725.pcdn.co/wp-content/uploads/2020/10/Regulation-bricks.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://s45725.pcdn.co/wp-content/uploads/2020/02/Business-people-640-by-410.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://s45725.pcdn.co/wp-content/uploads/2020/02/risk-control-monitor-plan.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://s45725.pcdn.co/wp-content/uploads/2021/01/Time-for-change-Why-I-became-a-financial-adviser-333x307.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://s45725.pcdn.co/wp-content/uploads/2019/09/queue-people-silhouette.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://s45725.pcdn.co/wp-content/uploads/2021/01/Time-for-change-Why-I-became-a-financial-adviser-333x307.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://s45725.pcdn.co/wp-content/uploads/2019/10/Up-arrows-colourful.jpg Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://a.teads.tv/media/format/v3/teads-format.min.js Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s45725.p1364.sites.pressdns.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
ade.googlesyndication.com
ajax.googleapis.com
cas.avalon.perfdrive.com
cdn.cookie-script.com
cdn.perfdrive.com
cdnjs.cloudflare.com
cf-images.eu-west-1.prod.boltdns.net
cloud.typography.com
consent.cookie-script.com
d6cba395a2c04672b102e97fac33544f.svc.dynamics.com
dpm.demdex.net
edge.api.brightcove.com
f11f9dbf54b266fa319e4a51551c5a9c.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
idsync.rlcdn.com
international-adviser.com
loadus.exelator.com
match.adsrvr.org
metrics.brightcove.com
mktdplp102cdn.azureedge.net
ml314.com
pagead2.googlesyndication.com
players.brightcove.net
ps.eyeota.net
s31888.pcdn.co
s45725.p1364.sites.pressdns.com
s45725.pcdn.co
securepubads.g.doubleclick.net
sync.teads.tv
t.teads.tv
tpc.googlesyndication.com
use.fontawesome.com
vjs.zencdn.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
104.17.25.14
13.225.214.80
13.226.34.23
130.211.29.114
142.250.176.196
142.250.65.194
142.250.65.206
142.250.80.98
142.250.81.225
142.251.40.131
142.251.40.168
142.251.40.202
142.251.41.10
142.251.41.2
151.101.194.217
151.101.194.27
172.64.206.38
18.133.176.247
18.164.124.36
20.108.190.38
23.199.49.95
23.218.10.35
23.47.169.117
23.51.57.131
23.51.57.155
3.232.64.79
34.117.77.79
34.210.199.77
34.229.3.43
35.241.15.240
35.244.154.8
35.244.232.184
52.223.40.198
65.108.188.9
72.21.81.200
78.46.117.148
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
00f4ebf3f370b6ace4af5422fbbb3a163521911bda5f080a1e58075f9ac18c6e
04aba69af561f3698587eddbfe1afb6d702325d1affdf51dfa94cdfd7ba5a390
07952ca832c677aad73562479a3008fc3aea7469617c34570b423f1e820cda92
097e44806c9d8c7c557cf573402b566f893c6efc1addf6e8d9dad744ba18d29f
0af10536915f530fa1f75ca4abfcc1c3c5ae05cbaa48b4511959a7f018508a32
0cdc68bd3f1d0db7b397ac706f8ce95c92065d92352c8cc7cd9e27b2c5adfbc4
0e04ac50ed2b3281f320105c72b5bca8aad2c04ce48f5a388e72776cf258aacb
0e57ab0131f21ff8d96bf519e20231051d9c008e375e9936b697d535d779b652
0e768d9c0c4a72a95934a6a75e8be98290e6f0bdb5adeb47f9a76524bf1b0964
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50
1a49d89ef20c4fc49c0d4085bccaa9030d332156da9607787448b7ed54ef5b66
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
224c50b6b6a51c70877b885041e0591886d66106c673acd7d8ecf075dd376fad
2782883aa2e55fe305dd71c4b8a79cdecd0e3c7b62880f7adf37aafb33739a4a
29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6
2ddd01080b6f7e1e61e9f6f47bbe396d0158fd242b8d71b1f8862553c7801dc6
2f92ca87669524ac358f92072749cefbb4352ab63feb4bd63dca14078cfa40d5
30579de4c65b8f3b10107cc6a39606479b8a9cf4799b571c89abf8934d3a4a7a
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3440165fb993f0625450291ae2235d59c3eb9ac6a148922d585cbe844954ecc8
3cfd23428f140e499134b06f5c341dd214553743b1742ba7441e5d80e778c28b
414e4f8a7da6fa14bbce47a0c472e4bb432dd8c799bffcbd766a52852e19356a
41fcee2f5f670babbcc59fbea5a66e596c307ba5c1c6437e14fd28daad6c9ddd
431c5b2934ddad8350917836e05ec96384af9169ef2419a0c4969d1a87198931
43589ba59da28a72ed7a6f7d2c56b83cd1b2466a9520f9848517935089405a56
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4735c4e647a5fbf02419108212b4a35c4462430a862cc3d30577eb2e6eb7d9d9
4a2f5e442356345cdc2a0ee22cb911d6f8d96518ab54865065b15b16baafa45d
4da6c9bb3ea287ffa1deef9064a487790188a0265c47f0604c2ccb885b4b551a
4e6a06d2689dfb3ef55c8699b1842e7b1f31354d85396a4f8bc1f5c637fa0fc5
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
528a3314b1e07eb8cdc3a54ed16bdcceafeddb8a79adf1ccc45b3658b0c3d3bd
53f829ae556bf7011727483015d83a98bcdb4b5796eecb728827c1282c971536
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5593812ed51f4f2de527010b8ae1f0fa41ffd0186000b950ee0e30d4690aa442
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55de5a2d9adffe22845ba86ef57f2d89062437586363056394ab6bebc18e675e
5f67e565d8c1815569f01cb2b5a7a7ea228b12f7da6d0b40d23ae69b88008aad
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
655d8d7bc8ae094727fe72255c28af8024b4b7fec6496cb695459a4debfcd582
67ca3d182db1e8d47eb628ce7ad15959ca46eea38f5b6fedfdc07c81b665ccf6
6816657afeabeef8907b45d01159e45d49419032d962da519da70aed08ca1c7c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6f1c07a738cbcde2320c75ce8b9e2f52898cc362fbb1e1eae82c71ab48aabeef
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
77673cf384e24d9ecf8fda2bdb258eb04deb486fe73fba32d00e5482ccdc3928
776fd23892c09215b5858d555ac63a59eed7676c5c5c8cb2c7b92c88a3b2ff89
79d01b7dd9b473b138e598f07af078b360f09ab234026e564b5a04696c4f0eee
7a678156c3af2aa51ca8cb839b6163328c3f90259824815aa4c7d5e8e748db4e
7be449b0d24ef10754dd9f2a933d6b2983a80af270cff690024e6ec50fa7e4ab
800c7773f0574b5b5573bd89af3cc8b0fc6bb368d6fbde8f7ccf97c30bdbf699
80de92b8d873472e0a0c17696c0e5544d45854bd7db3b1cad0808cb3767c80d5
8234967ba5c37cd1c3ffd3265073a442df3c167a24ddf584b1c0fab7b57a1ba5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632
8924d07d38ed72d5e65b0af41ff05253d476971b532eacd8eec25d657b311f77
8b1e84b9ec7e769ee2ef2c1ea823178738bce355e3d81af31f6758f5f3e76861
8b851243dfb01d421b9ad1b062622a23f230c32184a70c07b6e75908bf682961
8c10bfd761676feda6e280e0d31794b1a8d21279f437ddb817a708d6fe0b72db
8e17a8129e6db3a6203db77ae9a9a4205302511d2ce216d9985b6d4379d9837f
91538a0e3e8f604d74b7aac52aa39d0758e565f614ff71755b652ab466b4f229
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93b71a00804e2dc3cbba1165192b22bec97173b14f41a4e542cebfd501e37a8c
96c40b9d7f855ce8f32967008869b16e08612f8ffb160d1986609606b29dbd4a
9ac7bef190fc41c61ce3fbaf4c9b6526b184728c210283e7298fac75fdd9f51e
9ed131436981a042a3fce673f9d57376538d3d6e9e5e62fe59718ee2e0f667cb
9fb91ff0e8c179aea40dbe6842b36fd201654f5647c21dcec41fd18be535d506
a1fd50e0a4461cb310c60f4c0cf40fc857ad6b13f3118b955c0a6ff2c256e65b
a3c7621448d29da0f1cb1b199e3e6e50dc5452681cd621a9159cb7cab5d47738
a41b4f74700e186484f97238f4ffa14fbb9c07d7b79572d6ef0e95d764bceadd
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
aa683a5b00b7585a336a6977c3d8556ba84762e70257084a3e37c01e68ee956e
ac0a3a7150503125d08fdddd769fb42a339bd83c99d48eef5b4bec50ca239d0d
b085792cba4cacf7144409083b663be6d15686af10d7b3a1293aea5b7d9b3932
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2fe03efc1e879c2c5bd27bf86f71ad3790b0d6765498480f4c8071fa7f59051
bb27b60db2c5fb11d568ae6cf79a8977df9796a2cfcd37b46162a49b09b96c01
c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef
c9459a9e11e4c63fb7a30d2a644e80b733fc9599302ef3da8142cbe8f9d9333d
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d5702bd4ad102b6232b7355b2f314df4e80fe760d803677cdec8b914b08123c0
d66c76d71727f9df7079aea53d245c09112a330c581a3b857aea7aabc25aa25b
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d85f6474893e823b6eb6ce2ad936235ff13be5d10d1c1dba6517f6dd3a731c59
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f16409c837b39c6ca49ee587bbf2baf3839cab24030460b9a4148ab67cfd18f7
f2e53e56c4c3f42d0f7654ddedfa5cb642a4c2a6389435c6e4ae65fbfafd9f12
faba76bde99c7a880e0fe7de841c32bdea640b4e2d2926b7d743242cef8ff298
fc5b609fa1561b05956f1f2cfa0d82542c316d748819a613ccfa28035fd89c6f
ff2d9b181f3e591b9858296cc57c21f6757f15094d679834df591e15b21dc5b0

s45725.p1364.sites.pressdns.com Open in urlscan Pro 18.133.176.247 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

131 Requests

92 %HTTPS

0 %IPv6

28 Domains

38 Subdomains

34 IPs

5 Countries

2229 kBTransfer

5505 kBSize

19 Cookies

16 Outgoing links

Redirected requests

131 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

s45725.p1364.sites.pressdns.com Open in urlscan Pro
18.133.176.247 Public Scan

Screenshot
Live screenshot

Full Image

131
Requests

92 %
HTTPS

0 %
IPv6

28
Domains

38
Subdomains

34
IPs

5
Countries

2229 kB
Transfer

5505 kB
Size

19
Cookies

131 HTTP transactions
7 data transactions