takebackday.dea.gov Open in urlscan Pro
2a02:26f0:6c00:28b::2b0e Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.deatakeback.com/
Effective URL:
https://takebackday.dea.gov/
Submission: On October 22 via manual (October 22nd 2020, 10:45:39 pm UTC) from US

Summary HTTP 116 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 28 IPs in 8 countries across 25 domains to perform 116 HTTP transactions. The main IP is 2a02:26f0:6c00:28b::2b0e, located in Ascension Island and belongs to AKAMAI-ASN1, EU. The main domain is takebackday.dea.gov.
TLS certificate: Issued by DigiCert Secure Site ECC CA-1 on August 20th 2020. Valid for: a year.

This is the only time takebackday.dea.gov was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 21	2a02:26f0:6c0... 2a02:26f0:6c00:28b::2b0e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
8	172.217.23.162 172.217.23.162	15169 (GOOGLE) (GOOGLE)
1	54.88.103.66 54.88.103.66	14618 (AMAZON-AES) (AMAZON-AES)
3 6	18.157.138.23 18.157.138.23	16509 (AMAZON-02) (AMAZON-02)
1	18.203.124.74 18.203.124.74	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:824::2008	15169 (GOOGLE) (GOOGLE)
1	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2.16.107.122 2.16.107.122	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:209... 2600:9000:2093:7200:9:2605:a100:93a1	16509 (AMAZON-02) (AMAZON-02)
1	185.33.220.242 185.33.220.242	29990 (ASN-APPNEX) (ASN-APPNEX)
6 13	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1	178.79.227.76 178.79.227.76	22822 (LLNW) (LLNW)
1 2	185.33.221.91 185.33.221.91	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	66.155.71.189 66.155.71.189	13768 (COGECO-PEER1) (COGECO-PEER1)
1 2	172.217.23.166 172.217.23.166	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:824::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:816::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:824::2002	15169 (GOOGLE) (GOOGLE)
31	2a00:1450:400... 2a00:1450:4001:81d::200e	15169 (GOOGLE) (GOOGLE)
116	28

21 2a02:26f0:6c00:28b::2b0e (Ascension Island) 1 redirects

ASN20940 (AKAMAI-ASN1, EU)

www.deatakeback.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
takebackday.dea.gov	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.23.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s22-in-f162.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.88.103.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-103-66.compute-1.amazonaws.com

pixel.logtrackback.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.157.138.23 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-138-23.eu-central-1.compute.amazonaws.com

tags.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.203.124.74 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-124-74.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.130 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.107.122 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-107-122.deploy.static.akamaitechnologies.com

storage.cloud.kargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2093:7200:9:2605:a100:93a1 (United States)

ASN16509 (AMAZON-02, US)

findtreatment.samhsa.gov	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.220.242 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 66.155.71.150 (Southampton, United Kingdom) 6 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-a.basis.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Switzerland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.79.227.76 (Italy)

ASN22822 (LLNW, US)
PTR: https-178-79-227-76.vie.llnw.net

up.pixel.ad	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.91 (Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.155.71.189 (Southampton, United Kingdom) 1 redirects

ASN13768 (COGECO-PEER1, CA)

clickserv.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.166 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s22-in-f166.1e100.net

9076792.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1a8e9bf46c7c07f3ae85b8e694e208d9.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:816::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:824::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	youtube.com img.youtube.com	343 KB
20	dea.gov takebackday.dea.gov	1 MB
13	sitescout.com 5 redirects pixel.sitescout.com clickserv.sitescout.com	3 KB
10	doubleclick.net 1 redirects securepubads.g.doubleclick.net pubads.g.doubleclick.net 9076792.fls.doubleclick.net	122 KB
8	googlesyndication.com 1a8e9bf46c7c07f3ae85b8e694e208d9.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	16 KB
6	facebook.com www.facebook.com	924 B
6	w55c.net 3 redirects tags.w55c.net	4 KB
4	facebook.net connect.facebook.net	229 KB
4	adnxs.com 1 redirects acdn.adnxs.com ib.adnxs.com secure.adnxs.com	5 KB
4	googletagmanager.com www.googletagmanager.com	120 KB
3	gstatic.com fonts.gstatic.com	40 KB
3	google-analytics.com www.google-analytics.com	19 KB
2	googletagservices.com www.googletagservices.com	56 KB
2	basis.net 2 redirects pixel-a.basis.net	177 B
2	bing.com bat.bing.com	9 KB
1	google.com adservice.google.com	832 B
1	google.ch adservice.google.ch	832 B
1	pixel.ad up.pixel.ad	1 KB
1	yahoo.com sp.analytics.yahoo.com	886 B
1	samhsa.gov findtreatment.samhsa.gov
1	kargo.com storage.cloud.kargo.com
1	adsrvr.org insight.adsrvr.org	261 B
1	logtrackback.com pixel.logtrackback.com	152 B
1	googleapis.com fonts.googleapis.com	774 B
1	deatakeback.com 1 redirects www.deatakeback.com	175 B
116	25

	Domain	Requested by
31	img.youtube.com
20	takebackday.dea.gov	takebackday.dea.gov
11	pixel.sitescout.com	4 redirects takebackday.dea.gov
6	www.facebook.com	takebackday.dea.gov
6	tags.w55c.net	3 redirects takebackday.dea.gov
5	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
5	securepubads.g.doubleclick.net	takebackday.dea.gov securepubads.g.doubleclick.net
4	connect.facebook.net	takebackday.dea.gov connect.facebook.net
4	www.googletagmanager.com	takebackday.dea.gov
3	pubads.g.doubleclick.net	takebackday.dea.gov
3	fonts.gstatic.com	fonts.googleapis.com
3	www.google-analytics.com	takebackday.dea.gov www.google-analytics.com
2	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
2	www.googletagservices.com	securepubads.g.doubleclick.net
2	9076792.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	clickserv.sitescout.com	1 redirects takebackday.dea.gov
2	secure.adnxs.com	1 redirects takebackday.dea.gov
2	pixel-a.basis.net	2 redirects
2	bat.bing.com	takebackday.dea.gov
1	1a8e9bf46c7c07f3ae85b8e694e208d9.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.ch	securepubads.g.doubleclick.net
1	up.pixel.ad	www.googletagmanager.com
1	sp.analytics.yahoo.com	takebackday.dea.gov
1	ib.adnxs.com	takebackday.dea.gov
1	findtreatment.samhsa.gov	takebackday.dea.gov
1	storage.cloud.kargo.com	takebackday.dea.gov
1	acdn.adnxs.com	takebackday.dea.gov
1	insight.adsrvr.org	takebackday.dea.gov
1	pixel.logtrackback.com	takebackday.dea.gov
1	fonts.googleapis.com	takebackday.dea.gov
1	www.deatakeback.com	1 redirects
116	32

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.dea.gov
www.getsmartaboutdrugs.gov
www.campusdrugprevention.gov
apps.deadiversion.usdoj.gov
www.deadiversion.usdoj.gov
www.justice.gov
www.usa.gov

Subject Issuer	Validity	Valid
www.dea.gov DigiCert Secure Site ECC CA-1	`2020-08-20` - `2021-08-27`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.logtrackback.com Amazon	`2020-02-07` - `2021-03-07`	a year	crt.sh
*.w55c.net Amazon	`2020-08-26` - `2021-09-26`	a year	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2020-01-02` - `2021-04-02`	a year	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
kargo.com Let's Encrypt Authority X3	`2020-10-19` - `2021-01-17`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-09-11` - `2020-12-10`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
findtreatment.samhsa.gov Entrust Certification Authority - L1K	`2019-11-09` - `2021-11-11`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.sitescout.com RapidSSL RSA CA 2018	`2020-01-15` - `2022-02-02`	2 years	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-08-01` - `2021-01-28`	6 months	crt.sh
*.pixel.ad RapidSSL RSA CA 2018	`2020-01-15` - `2022-02-02`	2 years	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.google.ch GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://takebackday.dea.gov/
Frame ID: 4DE86B361F494F10BF1215043576AD46
Requests: 103 HTTP requests in this frame

Frame: https://findtreatment.samhsa.gov/locator/widget/260
Frame ID: CEA5F966C35DA88F207D5D5AEE47799E
Requests: 1 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: 878FD9F2E32CB099ECDEEEE5A1943F65
Requests: 1 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1
Frame ID: 3D1DD39F1E4962FB5979530F0CC38757
Requests: 1 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1
Frame ID: D3580F354A5708B06DD1EDD8F48B0DB5
Requests: 1 HTTP requests in this frame

Frame: https://9076792.fls.doubleclick.net/activityi;dc_pre=COeiusCjyewCFUrXuwgd9sALVg;src=9076792;type=001;cat=rtpix0;ord=1075864740056;gtm=2wgae1;auiddc=848438560.1603406721;~oref=https%3A%2F%2Ftakebackday.dea.gov%2F
Frame ID: 80AD8FDECAE26DEAAE034DAC7062C4C7
Requests: 1 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: DFB15B147CB0D83D8A3B13AE0DD71F8A
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv4N2M2i-C5KNgQc0W2FGKKBUPGjsA2YtazQTSnIF65fJZQSxd6xuo0Itxs9It3CK5n4_xemDCzbAyQIIPjaOJvFY9_f0Qjskv__SjyVz5_9BVOwIbUz3hUf3hrzxomDq_6M2-DPGqmbegU9llDGy-DGZLUN6PAIRM7Z27CAnVTrj_SdEFF5yVqGnrMPXaA5d8KbXS_H0Q3c2UINx4J7tFFIONEiL9xO1RrE7ApgzbmP1qatMyfbJ1egpZBA6E1jYc_u272&sig=Cg0ArKJSzHrHsE3LPg-OEAE&adurl=
Frame ID: 08F5A5E1C7C36277ABF2454DE39AED95
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/218/runner.html
Frame ID: B2C9CAB3D8A75F1FDB530FE4E23F06DA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.deatakeback.com/ HTTP 301
https://takebackday.dea.gov/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

116
Requests

99 %
HTTPS

52 %
IPv6

25
Domains

32
Subdomains

28
IPs

8
Countries

2236 kB
Transfer

3876 kB
Size

14
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/deahq
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.dea.gov/take-back/docs/NTBI%20XIII%20Totals%20April%202017.pdf
Title: Click here for additional details about the 13th National Take Back Day.

Search URL Search Domain Scan URL

URL: https://www.dea.gov/take-back/docs/NTBI%20XII%20FINAL%20Totals%20October%202016.pdf
Title: Click here for additional details about the 12th National Take Back Day.

Search URL Search Domain Scan URL

URL: https://www.dea.gov/take-back/docs/NTBI%20XI%20FINAL%20Totals%20April%202016.pdf
Title: Click here for additional details about the 11th National Take Back Day.

Search URL Search Domain Scan URL

URL: https://www.getsmartaboutdrugs.gov/drugs
Title: Drug Database Find out as much as you can about illegal and legal drugs and their effects on your body and brain. The more informed you are, the more confidently you can make the right decision about drugs.

Search URL Search Domain Scan URL

URL: https://www.dea.gov/sites/default/files/2018-10/Proper%20Disposal%20Flier%20%28October%202018%29.pdf
Title: Unused Medicines Unused or expired prescription medications are a public safety issue, leading to potential accidental poisoning, misuse, and overdose. Proper disposal of unused drugs saves lives and protects the environment.

Search URL Search Domain Scan URL

URL: https://www.campusdrugprevention.gov/content/drug-scheduling-and-penalties
Title: Drug Scheduling Drugs, substances, and certain chemicals used to make drugs are classified into five (5) distinct categories or schedules depending upon the drug’s acceptable medical use and the drug’s abuse or dependency potential.

Search URL Search Domain Scan URL

URL: https://apps.deadiversion.usdoj.gov/pubdispsearch
Title: Year-Round Drug Disposal Missed Take Back Day? Click here to locate an authorized collector in your area.

Search URL Search Domain Scan URL

URL: https://www.deadiversion.usdoj.gov/drug_disposal/takeback/poc.htm
Title: Law Enforcement Agencies For law enforcement agencies that wish to host a collection site, please click here to find the POC in your area.

Search URL Search Domain Scan URL

URL: https://www.dea.gov/contact-us-0
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.justice.gov/doj/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.justice.gov/accessibility/accessibility-information
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.dea.gov/FOIA/FOIA.shtml
Title: FOIA

Search URL Search Domain Scan URL

URL: http://www.justice.gov/legalpolicies.htm
Title: Legal Policies and Disclaimers

Search URL Search Domain Scan URL

URL: http://www.justice.gov/
Title: U.S. Department of Justice

Search URL Search Domain Scan URL

URL: http://www.justice.gov/dea/
Title: U.S. Drug Enforcement Administration

Search URL Search Domain Scan URL

URL: https://www.usa.gov/
Title: USA.gov

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.deatakeback.com/ HTTP 301
https://takebackday.dea.gov/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://tags.w55c.net/rs?id=a746404ed78f4a2a896b9d6c568e1f7d&t=marketing HTTP 302
https://tags.w55c.net/rs?scc=1&id=a746404ed78f4a2a896b9d6c568e1f7d&t=marketing

Request Chain 18

https://tags.w55c.net/rs?id=4a967dd8e8f6423b8c0a3f8a3de19ea6&t=marketing HTTP 302
https://tags.w55c.net/rs?scc=1&id=4a967dd8e8f6423b8c0a3f8a3de19ea6&t=marketing

Request Chain 19

https://tags.w55c.net/rs?id=a0b2db15dc0a410fa83c548a08439da3&t=marketing HTTP 302
https://tags.w55c.net/rs?scc=1&id=a0b2db15dc0a410fa83c548a08439da3&t=marketing

Request Chain 46

https://pixel-a.basis.net/dmp/asyncPixelSync HTTP 301
https://pixel.sitescout.com/dmp/asyncPixelSync

Request Chain 48

https://pixel-a.basis.net/up/05d8b46f41331430?cntr_url=https%3A%2F%2Ftakebackday.dea.gov%2F HTTP 301
https://pixel.sitescout.com/up/05d8b46f41331430?cntr_url=https%3A%2F%2Ftakebackday.dea.gov%2F HTTP 302
https://pixel.sitescout.com/up/05d8b46f41331430?cookieQ=1&cntr_url=https%3A%2F%2Ftakebackday.dea.gov%2F

Request Chain 50

https://pixel.sitescout.com/dmp/asyncPixelSync HTTP 302
https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1

Request Chain 51

https://pixel.sitescout.com/dmp/asyncPixelSync HTTP 302
https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1

Request Chain 53

https://secure.adnxs.com/seg?add=19423968&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19423968%26t%3D2

Request Chain 54

https://pixel.sitescout.com/iap/c10a4e181b736564 HTTP 302
https://pixel.sitescout.com/iap/c10a4e181b736564?cookieQ=1

Request Chain 55

https://clickserv.sitescout.com/conv/1b184a13a6dd1e73 HTTP 302
https://clickserv.sitescout.com/conv/1b184a13a6dd1e73?cookieQ=1

Request Chain 57

https://9076792.fls.doubleclick.net/activityi;src=9076792;type=001;cat=rtpix0;ord=1075864740056;gtm=2wgae1;auiddc=848438560.1603406721;~oref=https%3A%2F%2Ftakebackday.dea.gov%2F HTTP 302
https://9076792.fls.doubleclick.net/activityi;dc_pre=COeiusCjyewCFUrXuwgd9sALVg;src=9076792;type=001;cat=rtpix0;ord=1075864740056;gtm=2wgae1;auiddc=848438560.1603406721;~oref=https%3A%2F%2Ftakebackday.dea.gov%2F

116 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
takebackday.dea.gov/
Redirect Chain

http://www.deatakeback.com/
https://takebackday.dea.gov/

59 KB
14 KB

34ms
21ms

Document
text/html

2a02:26f0:6c00:28b::2b0e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://takebackday.dea.gov/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28b::2b0e , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

d6f87d838a2c90f9b57f3f7393c72db11c1ed488ad80156f15d64f9858f22ee0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: takebackday.dea.gov
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
accept-ranges: bytes
content-encoding: gzip
content-language: en
content-type: text/html; charset=utf-8
etag: "1603401839-1"
last-modified: Thu, 22 Oct 2020 21:23:59 GMT
link: <https://takebackday.dea.gov/>; rel="canonical",<https://takebackday.dea.gov/>; rel="shortlink"
server: nginx
x-age: 187
x-ah-environment: prod
x-cache-hits: 29
x-drupal-cache: HIT
x-frame-options: SAMEORIGIN
x-generator: Drupal 7 (https://www.drupal.org)
x-request-id: v-edee93ae-14ad-11eb-ad50-af59b28275f3
content-length: 13494
cache-control: public, max-age=233
expires: Thu, 22 Oct 2020 22:49:13 GMT
date: Thu, 22 Oct 2020 22:45:20 GMT
vary: Accept-Encoding
set-cookie: ak_bmsc=F150B81B9236213535717EA24CFDAA470210BA8C07460000800B925F5014662B~plVOAv3fBeNLDUFFpnVJw17ZfAlRogZKg2xSMbcdGsA3Z7eWIidaHzvUZP7E6WVBJDHiiEB2moldsjRIkv+QlF3S81EmIdgCWryN03rV4QqakNwRabsZ/Ro99Uw2jOoYnXIDiuorWclO2/nMNOq/T20BS/m+DQgGsVjvAHuNkwR/Scvr6quBYcBafDNasKo4y4JBsvVH4yY6+OG8SJhyXJhXisA51Z3pyNEtXku2ilG+4=; expires=Fri, 23 Oct 2020 00:45:20 GMT; max-age=7200; path=/; domain=.dea.gov; HttpOnly
strict-transport-security: max-age=31536000

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://takebackday.dea.gov/
Date: Thu, 22 Oct 2020 22:45:20 GMT
Connection: keep-alive

GET
H2 200 css_xE-rWrJf-fncB6ztZfd2huxqgxu4WO-qwma6Xer30m4.css
takebackday.dea.gov/sites/default/files/css/ 7 KB
2 KB 15ms
13ms Stylesheet
text/css 2a02:26f0:6c00:28b::2b0e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://takebackday.dea.gov/sites/default/files/css/css_xE-rWrJf-fncB6ztZfd2huxqgxu4WO-qwma6Xer30m4.css

Requested by

Host: takebackday.dea.gov
URL: https://takebackday.dea.gov/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28b::2b0e , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

c44fab5ab25ff9f9dc07aced65f77686ec6a831bb858efaac266ba5deaf7d26e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 22:45:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-age: 32948
x-ah-environment: prod
content-length: 2217
x-request-id: v-0f2b30f8-0ece-11eb-8281-e71915d53415
last-modified: Thu, 01 Oct 2020 13:14:40 GMT
server: nginx
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-type: text/css
expires: Fri, 23 Oct 2020 05:41:12 GMT
cache-control: max-age=24952
accept-ranges: bytes
x-cache-hits: 6

GET
H2 200 css_21wbdNXOt6qtdOPxuKCPoGRRbfqY4SHnj2ejCLEMDv4.css
takebackday.dea.gov/sites/default/files/css/ 8 KB
2 KB 15ms
14ms Stylesheet
text/css 2a02:26f0:6c00:28b::2b0e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://takebackday.dea.gov/sites/default/files/css/css_21wbdNXOt6qtdOPxuKCPoGRRbfqY4SHnj2ejCLEMDv4.css

Requested by

Host: takebackday.dea.gov
URL: https://takebackday.dea.gov/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28b::2b0e , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

db5c1b74d5ceb7aaad74e3f1b8a08fa064516dfa98e121e78f67a308b10c0efe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 22:45:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-age: 2973
x-ah-environment: prod
content-length: 2144
x-request-id: v-a4fd6af6-0eec-11eb-949c-835b2a0bd5b2
last-modified: Thu, 01 Oct 2020 13:14:49 GMT
server: nginx
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-type: text/css
expires: Fri, 23 Oct 2020 09:19:18 GMT
cache-control: max-age=38038
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 css_PGbJgHCUCBf4dg7K9Kt8aAwsApndP4GZ9RuToPy3-Fk.css
takebackday.dea.gov/sites/default/files/css/ 494 B
537 B 22ms
21ms Stylesheet
text/css 2a02:26f0:6c00:28b::2b0e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://takebackday.dea.gov/sites/default/files/css/css_PGbJgHCUCBf4dg7K9Kt8aAwsApndP4GZ9RuToPy3-Fk.css

Requested by

Host: takebackday.dea.gov
URL: https://takebackday.dea.gov/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28b::2b0e , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

3c66c98070940817f8760ecaf4ab7c680c2c0299dd3f8199f51b93a0fcb7f859

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 22:45:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-age: 37229
x-ah-environment: prod
content-length: 250
x-request-id: v-dd5e0962-0eee-11eb-9d78-f3e3d1dbac85
last-modified: Thu, 01 Oct 2020 13:14:41 GMT
server: nginx
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-type: text/css
expires: Fri, 23 Oct 2020 07:57:45 GMT
cache-control: max-age=33145
accept-ranges: bytes
x-cache-hits: 9

GET
H2 200 css_nqgNr2bVgaX7zfqt8llJ8HmqGva5jufG99Hqpvrmtbg.css
takebackday.dea.gov/sites/default/files/css/ 324 KB
47 KB 23ms
21ms Stylesheet
text/css 2a02:26f0:6c00:28b::2b0e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://takebackday.dea.gov/sites/default/files/css/css_nqgNr2bVgaX7zfqt8llJ8HmqGva5jufG99Hqpvrmtbg.css

Requested by

Host: takebackday.dea.gov
URL: https://takebackday.dea.gov/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28b::2b0e , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

9ea80daf66d581a5fbcdfaadf25949f079aa1af6b98ee7c6f7d1eaa6fae6b5b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 22:45:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-age: 4875
x-ah-environment: prod
content-length: 47731
x-request-id: v-894f9f78-0a5e-11eb-9d17-e7b8bd9ccb41
last-modified: Fri, 09 Oct 2020 18:35:29 GMT
server: nginx
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-type: text/css
expires: Fri, 23 Oct 2020 22:44:25 GMT
cache-control: max-age=86345
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 css
fonts.googleapis.com/ 6 KB
774 B 19ms
17ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700,200

Requested by

Host: takebackday.dea.gov
URL: https://takebackday.dea.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8e0002cb9e541e2a3be87ab13deec3a1c281654ee41c6540308fb1038339fac6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 22 Oct 2020 22:45:20 GMT
server: ESF
date: Thu, 22 Oct 2020 22:45:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 22 Oct 2020 22:45:20 GMT

GET
H2 200 js_fnHW_0mczX0E3oAiDrzG0M8JopZD26c9Hx9h1WjFams.js Show response
takebackday.dea.gov/sites/default/files/js/ 123 KB
42 KB 30ms
29ms Script
text/javascript 2a02:26f0:6c00:28b::2b0e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://takebackday.dea.gov/sites/default/files/js/js_fnHW_0mczX0E3oAiDrzG0M8JopZD26c9Hx9h1WjFams.js

Requested by

Host: takebackday.dea.gov
URL: https://takebackday.dea.gov/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28b::2b0e , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

7e71d6ff499ccd7d04de80220ebcc6d0cf09a29643dba73d1f1f61d568c56a6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 22:45:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-age: 273
x-ah-environment: prod
content-length: 42662
x-request-id: v-5ec2659c-f910-11ea-a4fd-87a4a29fdbf8
last-modified: Thu, 17 Sep 2020 18:04:28 GMT
server: nginx
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-type: text/javascript
expires: Fri, 23 Oct 2020 11:08:36 GMT
cache-control: max-age=44596
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 js_rsGiM5M1ffe6EhN-RnhM5f3pDyJ8ZAPFJNKpfjtepLk.js Show response
takebackday.dea.gov/sites/default/files/js/ 6 KB
2 KB 35ms
34ms Script
text/javascript 2a02:26f0:6c00:28b::2b0e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://takebackday.dea.gov/sites/default/files/js/js_rsGiM5M1ffe6EhN-RnhM5f3pDyJ8ZAPFJNKpfjtepLk.js

Requested by

Host: takebackday.dea.gov
URL: https://takebackday.dea.gov/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28b::2b0e , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

aec1a23393357df7ba12137e46784ce5fde90f227c6403c524d2a97e3b5ea4b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 22:45:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-age: 16042
x-ah-environment: prod
content-length: 1873
x-request-id: v-4e623074-0ee6-11eb-8ba5-9fcfb469f5a8
last-modified: Thu, 01 Oct 2020 13:14:49 GMT
server: nginx
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-type: text/javascript
expires: Fri, 23 Oct 2020 01:54:59 GMT
cache-control: max-age=11379
accept-ranges: bytes
x-cache-hits: 4

GET
H2 200 js_8KBxYaEe4Q8GySDsFWcDxxmr4habYG1C6ZPaDihAmNM.js Show response
takebackday.dea.gov/sites/default/files/js/ 145 KB
28 KB 36ms
35ms Script
text/javascript 2a02:26f0:6c00:28b::2b0e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://takebackday.dea.gov/sites/default/files/js/js_8KBxYaEe4Q8GySDsFWcDxxmr4habYG1C6ZPaDihAmNM.js

Requested by

Host: takebackday.dea.gov
URL: https://takebackday.dea.gov/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28b::2b0e , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

f0a07161a11ee10f06c920ec156703c719abe2169b606d42e993da0e284098d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 22:45:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-age: 593
x-ah-environment: prod
content-length: 28475
x-request-id: v-ef7c7d9e-0c9c-11eb-a3f0-8784b1bfb5d6
last-modified: Mon, 12 Oct 2020 15:09:33 GMT
server: nginx
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-type: text/javascript
expires: Fri, 23 Oct 2020 14:30:23 GMT
cache-control: max-age=56703
accept-ranges: bytes
x-cache-hits: 7

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 52 KB
18 KB 140ms
81ms Script
text/javascript 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: takebackday.dea.gov
URL: https://takebackday.dea.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

sffe /

Resource Hash

c6eb588bf8f96c6b33e69cef1f76a480846b80fd7481550f4e223ad04fb30712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 22:45:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "671 / 991 of 1000 / last-modified: 1603404636"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17634
x-xss-protection: 0
expires: Thu, 22 Oct 2020 22:45:20 GMT

GET
H2 200 DEASeal_Bronze.png
takebackday.dea.gov/sites/default/files/ 212 KB
213 KB 11ms
11ms Image
image/png 2a02:26f0:6c00:28b::2b0e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://takebackday.dea.gov/sites/default/files/DEASeal_Bronze.png

Requested by

Host: takebackday.dea.gov
URL: https://takebackday.dea.gov/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28b::2b0e , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

dc915fd6ad3ecc0d55fae60f25bd7ac31d500ea05680a934ecdb483e4b019c95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 22:45:20 GMT
x-content-type-options: nosniff
last-modified: Wed, 27 Sep 2017 15:49:07 GMT
server: nginx
strict-transport-security: max-age=31536000
content-type: image/png
status: 200
x-ah-environment: prod
cache-control: max-age=29991
x-cache-hits: 4
x-age: 32544
accept-ranges: bytes
content-length: 217254
x-request-id: v-3c1ba230-7034-11e9-8684-73305e24d55b
expires: Fri, 23 Oct 2020 07:05:11 GMT

GET
H2 200 takeback.png
takebackday.dea.gov/sites/all/themes/takebackday/img/ 17 KB
17 KB 14ms
8ms Image
image/png 2a02:26f0:6c00:28b::2b0e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://takebackday.dea.gov/sites/all/themes/takebackday/img/takeback.png

Requested by

Host: takebackday.dea.gov
URL: https://takebackday.dea.gov/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28b::2b0e , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

9d55a25adcc25405c31ef55059e0f75b93e23bc648b02fd07180243daea79f9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 22:45:20 GMT
x-content-type-options: nosniff
last-modified: Tue, 06 Oct 2020 06:16:45 GMT
server: nginx
strict-transport-security: max-age=31536000
content-type: image/png
status: 200
x-ah-environment: prod
cache-control: max-age=76898
x-cache-hits: 1
x-age: 1632
accept-ranges: bytes
content-length: 17570
x-request-id: v-29e66e58-0ef1-11eb-bea1-77b6c8657934
expires: Fri, 23 Oct 2020 20:06:58 GMT

GET
H2 200 pill.png
takebackday.dea.gov/sites/all/themes/takebackday/img/ 21 KB
21 KB 17ms
12ms Image
image/png 2a02:26f0:6c00:28b::2b0e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://takebackday.dea.gov/sites/all/themes/takebackday/img/pill.png

Requested by

Host: takebackday.dea.gov
URL: https://takebackday.dea.gov/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28b::2b0e , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

f95486c98642d29622bee9b05a75b12f10136296b002d44979b44cdb3f876ccb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 22:45:20 GMT
x-content-type-options: nosniff
last-modified: Tue, 06 Oct 2020 06:16:45 GMT
server: nginx
strict-transport-security: max-age=31536000
content-type: image/png
status: 200
x-ah-environment: prod
cache-control: max-age=85795
x-cache-hits: 6
x-age: 25374
accept-ranges: bytes
content-length: 21541
x-request-id: v-764d7280-0ec1-11eb-8c4c-07d2a2e1cb89
expires: Fri, 23 Oct 2020 22:35:15 GMT

GET
H2 200 takebackday1.jpg
takebackday.dea.gov/sites/default/files/ 190 KB
191 KB 21ms
16ms Image
image/jpeg 2a02:26f0:6c00:28b::2b0e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://takebackday.dea.gov/sites/default/files/takebackday1.jpg

Requested by

Host: takebackday.dea.gov
URL: https://takebackday.dea.gov/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28b::2b0e , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

51bf00709d5b30037289acdf207c4a01a57fdfba43c09bb0003cf6d70866d653

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 22:45:20 GMT
x-content-type-options: nosniff
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: nginx
strict-transport-security: max-age=31536000
content-type: image/jpeg
status: 200
x-ah-environment: prod
cache-control: max-age=12417
x-cache-hits: 105
x-age: 573567
accept-ranges: bytes
content-length: 194826
x-request-id: v-9158e2c2-0ed4-11eb-907f-6f86a83a21bb
expires: Fri, 23 Oct 2020 02:12:17 GMT

GET
H2 200 doctor_and_patient2.jpg
takebackday.dea.gov/sites/default/files/styles/fiveten/public/ 24 KB
24 KB 25ms
20ms Image
image/jpeg 2a02:26f0:6c00:28b::2b0e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://takebackday.dea.gov/sites/default/files/styles/fiveten/public/doctor_and_patient2.jpg?itok=vYOmXDml

Requested by

Host: takebackday.dea.gov
URL: https://takebackday.dea.gov/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28b::2b0e , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

f8ea492dd9fcc2ad992d8d21c3577517ffb319fb6a8b1dfa5d0ad49474178066

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 22:45:20 GMT
x-content-type-options: nosniff
last-modified: Wed, 27 Sep 2017 15:47:36 GMT
server: nginx
strict-transport-security: max-age=31536000
content-type: image/jpeg
status: 200
x-ah-environment: prod
cache-control: max-age=12928
x-age: 0
accept-ranges: bytes
content-length: 24646
x-request-id: v-db65ac32-881c-11e9-bee9-2f977f1991b2
expires: Fri, 23 Oct 2020 02:20:48 GMT

GET
H2 200 Narcan_Product_Image_smaller3.jpg
takebackday.dea.gov/sites/default/files/styles/fiveten/public/ 17 KB
17 KB 30ms
25ms Image
image/jpeg 2a02:26f0:6c00:28b::2b0e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://takebackday.dea.gov/sites/default/files/styles/fiveten/public/Narcan_Product_Image_smaller3.jpg?itok=GL4zgVKC

Requested by

Host: takebackday.dea.gov
URL: https://takebackday.dea.gov/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28b::2b0e , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

42fc8447a9217db9ed731aba13676dd8e6d3cb3e39a747a38ceb66eb54d2d474

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 22:45:20 GMT
x-content-type-options: nosniff
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: nginx
strict-transport-security: max-age=31536000
content-type: image/jpeg
status: 200
x-ah-environment: prod
cache-control: max-age=12417
x-cache-hits: 106
x-age: 584235
accept-ranges: bytes
content-length: 16947
x-request-id: v-ba3ff8ba-0ebb-11eb-b23e-a7ce9d1f0de1
expires: Fri, 23 Oct 2020 02:12:17 GMT

GET
H2 200 DEAsealBW_small.png
takebackday.dea.gov/sites/default/files/ 31 KB
32 KB 36ms
31ms Image
image/png 2a02:26f0:6c00:28b::2b0e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://takebackday.dea.gov/sites/default/files/DEAsealBW_small.png

Requested by

Host: takebackday.dea.gov
URL: https://takebackday.dea.gov/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28b::2b0e , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

700722ab1f9600ed3cec35f9940eae36e7392bfd0d7d509373321c9c5129b6ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 22:45:20 GMT
x-content-type-options: nosniff
last-modified: Tue, 11 Jul 2017 15:08:40 GMT
server: nginx
strict-transport-security: max-age=31536000
content-type: image/png
status: 200
x-ah-environment: prod
cache-control: max-age=76767
x-cache-hits: 148
x-age: 1036416
accept-ranges: bytes
content-length: 32192
x-request-id: v-6cd2ad36-d3b4-11e9-9f68-9358a7c25675
expires: Fri, 23 Oct 2020 20:04:47 GMT

GET
H2 200 track
pixel.logtrackback.com/ 70 B
152 B 413ms
118ms Image
image/png 54.88.103.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.logtrackback.com/track?t=%{TOKEN}&f=collection-site-search
Requested by: Host: takebackday.dea.gov
URL: https://takebackday.dea.gov/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.88.103.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-88-103-66.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 22 Oct 2020 22:45:21 GMT
server: Apache-Coyote/1.1
content-type: image/png

GET
H/1.1

200

rs
tags.w55c.net/
Redirect Chain

https://tags.w55c.net/rs?id=a746404ed78f4a2a896b9d6c568e1f7d&t=marketing
https://tags.w55c.net/rs?scc=1&id=a746404ed78f4a2a896b9d6c568e1f7d&t=marketing

42 B
637 B

25ms
25ms

Image
image/gif

18.157.138.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.w55c.net/rs?scc=1&id=a746404ed78f4a2a896b9d6c568e1f7d&t=marketing
Requested by: Host: takebackday.dea.gov
URL: https://takebackday.dea.gov/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.138.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-138-23.eu-central-1.compute.amazonaws.com
Software: Retargeting/v2.0.30-584-gc2dd77a#rel-ec2-master i-07d45145d98f3b493@eu-central-1b@dxedge-app-eu-central-1-prod-asg /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Oct 2020 22:45:20 GMT
Server: Retargeting/v2.0.30-584-gc2dd77a#rel-ec2-master i-07d45145d98f3b493@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 22 Oct 2020 22:45:20 GMT
Server: Retargeting/v2.0.30-584-gc2dd77a#rel-ec2-master i-067897679687001ba@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://tags.w55c.net/rs?scc=1&id=a746404ed78f4a2a896b9d6c568e1f7d&t=marketing
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200

rs
tags.w55c.net/
Redirect Chain

https://tags.w55c.net/rs?id=4a967dd8e8f6423b8c0a3f8a3de19ea6&t=marketing
https://tags.w55c.net/rs?scc=1&id=4a967dd8e8f6423b8c0a3f8a3de19ea6&t=marketing

42 B
637 B

38ms
36ms

Image
image/gif

18.157.138.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.w55c.net/rs?scc=1&id=4a967dd8e8f6423b8c0a3f8a3de19ea6&t=marketing
Requested by: Host: takebackday.dea.gov
URL: https://takebackday.dea.gov/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.138.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-138-23.eu-central-1.compute.amazonaws.com
Software: Retargeting/v2.0.30-584-gc2dd77a#rel-ec2-master i-0fe9ce04a55a99577@eu-central-1a@dxedge-app-eu-central-1-prod-asg /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Oct 2020 22:45:20 GMT
Server: Retargeting/v2.0.30-584-gc2dd77a#rel-ec2-master i-0fe9ce04a55a99577@eu-central-1a@dxedge-app-eu-central-1-prod-asg
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 22 Oct 2020 22:45:20 GMT
Server: Retargeting/v2.0.30-584-gc2dd77a#rel-ec2-master i-0e85a0a3fad55fe2b@eu-central-1a@dxedge-app-eu-central-1-prod-asg
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://tags.w55c.net/rs?scc=1&id=4a967dd8e8f6423b8c0a3f8a3de19ea6&t=marketing
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200

rs
tags.w55c.net/
Redirect Chain

https://tags.w55c.net/rs?id=a0b2db15dc0a410fa83c548a08439da3&t=marketing
https://tags.w55c.net/rs?scc=1&id=a0b2db15dc0a410fa83c548a08439da3&t=marketing

42 B
637 B

39ms
38ms

Image
image/gif

18.157.138.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.w55c.net/rs?scc=1&id=a0b2db15dc0a410fa83c548a08439da3&t=marketing
Requested by: Host: takebackday.dea.gov
URL: https://takebackday.dea.gov/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.138.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-138-23.eu-central-1.compute.amazonaws.com
Software: Retargeting/v2.0.30-584-gc2dd77a#rel-ec2-master i-07d45145d98f3b493@eu-central-1b@dxedge-app-eu-central-1-prod-asg /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Oct 2020 22:45:20 GMT
Server: Retargeting/v2.0.30-584-gc2dd77a#rel-ec2-master i-07d45145d98f3b493@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 22 Oct 2020 22:45:19 GMT
Server: Retargeting/v2.0.30-584-gc2dd77a#rel-ec2-master i-0fe9ce04a55a99577@eu-central-1a@dxedge-app-eu-central-1-prod-asg
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://tags.w55c.net/rs?scc=1&id=a0b2db15dc0a410fa83c548a08439da3&t=marketing
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
insight.adsrvr.org/track/conv/ 70 B
261 B 141ms
44ms Image
image/gif 18.203.124.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/conv/?adv=o8jrth1&ct=0:76ntm32&fmt=3
Requested by: Host: takebackday.dea.gov
URL: https://takebackday.dea.gov/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.124.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-124-74.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Thu, 22 Oct 2020 22:45:20 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
19 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: takebackday.dea.gov
URL: https://takebackday.dea.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 5372
date: Thu, 22 Oct 2020 21:15:48 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Thu, 22 Oct 2020 23:15:48 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 88 KB
34 KB 41ms
18ms Script
application/javascript 2a00:1450:4001:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PMBW7V2

Requested by

Host: takebackday.dea.gov
URL: https://takebackday.dea.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e75ad80c86326c1126b3e2339d8f52b784d693c84cedc859ab2809796d1789d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 22:45:20 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34834
x-xss-protection: 0
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 22 Oct 2020 22:45:20 GMT

GET
H/1.1 200
OK pixie.js Show response
acdn.adnxs.com/dmp/up/ 7 KB
3 KB 101ms
34ms Script
application/javascript 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/up/pixie.js
Requested by: Host: takebackday.dea.gov
URL: https://takebackday.dea.gov/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3883ff2a5b46193da5464f5ae5fb94169d1361cfecedbd187439d459dc669f31

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 22 Oct 2020 22:45:20 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 May 2020 21:04:36 GMT
Server: nginx/1.13.10
ETag: "5ebdb264-1cfb"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Length: 2601
X-Akamai-Path-Stats: [1:133:4294967163]
Expires: Fri, 23 Oct 2020 22:45:22 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 70 KB
28 KB 75ms
52ms Script
application/javascript 2a00:1450:4001:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TW6KD3V

Requested by

Host: takebackday.dea.gov
URL: https://takebackday.dea.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c3f9aae39968438a3f9d19ad0efbebb91066f130aab71305719374206a3d27f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 22:45:20 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28109
x-xss-protection: 0
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 22 Oct 2020 22:45:20 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 27 KB
9 KB 45ms
28ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: takebackday.dea.gov
URL: https://takebackday.dea.gov/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 22:45:20 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 22:19:32 GMT
x-msedge-ref: Ref A: B5A9EB187D1D46968657EF9D0D484193 Ref B: FRAEDGE1512 Ref C: 2020-10-22T22:45:20Z
status: 200
etag: "0b27f152fa7d61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8454

GET
H2 403 kds-events.min.js
storage.cloud.kargo.com/kds/ 0
0 95ms
28ms Script
text/html 2.16.107.122
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.cloud.kargo.com/kds/kds-events.min.js
Requested by: Host: takebackday.dea.gov
URL: https://takebackday.dea.gov/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.107.122 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-107-122.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-max-age: 86400
access-control-allow-methods: GET,POST

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 77 KB
30 KB 36ms
23ms Script
application/javascript 2a00:1450:4001:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MJN326Q

Requested by

Host: takebackday.dea.gov
URL: https://takebackday.dea.gov/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1bad8ea727b4ffe5f7a949d563bab8e7da9586b7887447d248d36bd5a63555e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 22:45:20 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30423
x-xss-protection: 0
last-modified: Thu, 22 Oct 2020 21:41:50 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 22 Oct 2020 22:45:20 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 88 KB
23 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: takebackday.dea.gov
URL: https://takebackday.dea.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23070
x-xss-protection: 0
pragma: public
x-fb-debug: fPA/wIKFUDvD/kKllhacfeP+uLcQ5l+k6Go9mjMXa5YYGZQmyNwqeNM7GisZ1lnsthaCxByLcL4TtNO18g5GmA==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Thu, 22 Oct 2020 22:45:20 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 72 KB
28 KB 30ms
30ms Script
application/javascript 2a00:1450:4001:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NXB7R77

Requested by

Host: takebackday.dea.gov
URL: https://takebackday.dea.gov/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0db13bf18e88627fb30c5a185ac8c0c55d988b5547961b28910db5198088912c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 22:45:20 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28824
x-xss-protection: 0
last-modified: Thu, 22 Oct 2020 21:41:50 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 22 Oct 2020 22:45:20 GMT

GET
H2 200 prescription%20pills.jpg
takebackday.dea.gov/sites/all/themes/takebackday/img/ 256 KB
257 KB 45ms
43ms Image
image/jpeg 2a02:26f0:6c00:28b::2b0e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://takebackday.dea.gov/sites/all/themes/takebackday/img/prescription%20pills.jpg

Requested by

Host: takebackday.dea.gov
URL: https://takebackday.dea.gov/sites/default/files/css/css_nqgNr2bVgaX7zfqt8llJ8HmqGva5jufG99Hqpvrmtbg.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28b::2b0e , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

9db9ded2f6f95305f9a27d733bdf77552bef0d950505afc48e91b677ebbfadc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://takebackday.dea.gov/sites/default/files/css/css_nqgNr2bVgaX7zfqt8llJ8HmqGva5jufG99Hqpvrmtbg.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 22:45:20 GMT
x-content-type-options: nosniff
last-modified: Tue, 06 Oct 2020 06:00:31 GMT
server: nginx
strict-transport-security: max-age=31536000
content-type: image/jpeg
status: 200
x-ah-environment: prod
cache-control: max-age=64195
x-cache-hits: 82
x-age: 605011
accept-ranges: bytes
content-length: 262006
x-request-id: v-e9332e92-0f03-11eb-a550-23ace9b9e5d9
expires: Fri, 23 Oct 2020 16:35:15 GMT

GET
H2 200 cardboard.jpg
takebackday.dea.gov/sites/all/themes/takebackday/img/ 12 KB
12 KB 44ms
43ms Image
image/jpeg 2a02:26f0:6c00:28b::2b0e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://takebackday.dea.gov/sites/all/themes/takebackday/img/cardboard.jpg

Requested by

Host: takebackday.dea.gov
URL: https://takebackday.dea.gov/sites/default/files/css/css_nqgNr2bVgaX7zfqt8llJ8HmqGva5jufG99Hqpvrmtbg.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28b::2b0e , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

1d80facff4e17f883f87ed7a8937b1e34d821c961564ea3a402fb0f16f4d500a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://takebackday.dea.gov/sites/default/files/css/css_nqgNr2bVgaX7zfqt8llJ8HmqGva5jufG99Hqpvrmtbg.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 22:45:20 GMT
x-content-type-options: nosniff
last-modified: Tue, 06 Oct 2020 06:16:45 GMT
server: nginx
strict-transport-security: max-age=31536000
content-type: image/jpeg
status: 200
x-ah-environment: prod
cache-control: max-age=13200
x-cache-hits: 74
x-age: 497440
accept-ranges: bytes
content-length: 11874
x-request-id: v-555beadc-0ed2-11eb-833d-afa83ad74267
expires: Fri, 23 Oct 2020 02:25:20 GMT

GET
H2 200 sticker-bg.jpg
takebackday.dea.gov/sites/all/themes/takebackday/img/ 163 KB
163 KB 49ms
48ms Image
image/jpeg 2a02:26f0:6c00:28b::2b0e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://takebackday.dea.gov/sites/all/themes/takebackday/img/sticker-bg.jpg

Requested by

Host: takebackday.dea.gov
URL: https://takebackday.dea.gov/sites/default/files/css/css_nqgNr2bVgaX7zfqt8llJ8HmqGva5jufG99Hqpvrmtbg.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28b::2b0e , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

f5854727505a09439d873e602c7016ce2264ce7eb87d432939fa4c28361a7b3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://takebackday.dea.gov/sites/default/files/css/css_nqgNr2bVgaX7zfqt8llJ8HmqGva5jufG99Hqpvrmtbg.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 22:45:20 GMT
x-content-type-options: nosniff
last-modified: Tue, 06 Oct 2020 06:00:31 GMT
server: nginx
strict-transport-security: max-age=31536000
content-type: image/jpeg
status: 200
x-ah-environment: prod
cache-control: max-age=44848
x-cache-hits: 76
x-age: 531866
accept-ranges: bytes
content-length: 166434
x-request-id: v-b8214d62-0ecb-11eb-8adc-dfc2c9ff42f7
expires: Fri, 23 Oct 2020 11:12:48 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
13 KB 7ms
5ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700,200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://takebackday.dea.gov
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,700,200
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 11:20:41 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:14 GMT
server: sffe
age: 300279
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13708
x-xss-protection: 0
expires: Tue, 19 Oct 2021 11:20:41 GMT

GET
H2 200 fontawesome-webfont.woff
takebackday.dea.gov/sites/all/themes/takebackday/fonts/font-awesome/fonts/ 82 KB
82 KB 52ms
51ms Font
text/plain 2a02:26f0:6c00:28b::2b0e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://takebackday.dea.gov/sites/all/themes/takebackday/fonts/font-awesome/fonts/fontawesome-webfont.woff?v=4.1.0

Requested by

Host: takebackday.dea.gov
URL: https://takebackday.dea.gov/sites/default/files/css/css_nqgNr2bVgaX7zfqt8llJ8HmqGva5jufG99Hqpvrmtbg.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28b::2b0e , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

afe45a0fe1b54724b27dc34dba412f1b14cb209546b469b5b64c6df8ca90ee54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Origin: https://takebackday.dea.gov
Referer: https://takebackday.dea.gov/sites/default/files/css/css_nqgNr2bVgaX7zfqt8llJ8HmqGva5jufG99Hqpvrmtbg.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 22:45:20 GMT
x-content-type-options: nosniff
last-modified: Tue, 06 Oct 2020 06:16:45 GMT
server: nginx
strict-transport-security: max-age=31536000
status: 200
x-ah-environment: prod
cache-control: max-age=10217
x-cache-hits: 48
x-age: 262535
accept-ranges: bytes
content-length: 83760
x-request-id: v-32a9b75a-0ecb-11eb-84f1-af2c2e5d82d2
expires: Fri, 23 Oct 2020 01:35:37 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
13 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700,200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://takebackday.dea.gov
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,700,200
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 11:20:34 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:15 GMT
server: sffe
age: 127486
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13612
x-xss-protection: 0
expires: Thu, 21 Oct 2021 11:20:34 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_aZA3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
13 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_aZA3gnD_vx3rCs.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700,200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

101309796941cb9b2ada88c7219a0ba69d37bb42b6aa8843f1068664c3aca401

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://takebackday.dea.gov
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,700,200
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 11:22:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:51 GMT
server: sffe
age: 127395
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13540
x-xss-protection: 0
expires: Thu, 21 Oct 2021 11:22:05 GMT

GET
H2 200 260
findtreatment.samhsa.gov/locator/widget/ Frame CEA5 0
0 51ms
15ms Document
text/html 2600:9000:2093:7200:9:2605:a100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://findtreatment.samhsa.gov/locator/widget/260

Requested by

Host: takebackday.dea.gov
URL: https://takebackday.dea.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2093:7200:9:2605:a100:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maps.googleapis.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ http://www.google-analytics.com/ https://ssl.google-analytics.com/ https://www.googletagmanager.com/ http://ct1.addthis.com/static/r07/core107.js https://ct1.addthis.com/static/r07/core107.js http://cdn.printfriendly.com https://cdn.printfriendly.com https://cdn.ravenjs.com http://ct1.addthis.com/static/r07/auth015.js https://ct1.addthis.com/static/r07/auth015.js https://ds-4047.kxcdn.com/api/v3/domain_settings/a http://ct1.addthis.com/static/r07/menu160.js https://ct1.addthis.com/static/r07/menu160.js https://pf-cdn.printfriendly.com/ssl/main.js https://tagmanager.google.com/debug https://tagmanager.google.com/debug/angular-bundle.js https://tagmanager.google.com/debug/debuguiApp.js http://tagmanager.google.com/debug/api/templates http://dnn506yrbagrg.cloudfront.net/pages/scripts/0011/4190.js https://dnn506yrbagrg.cloudfront.net/pages/scripts/0011/4190.js https://dap.digitalgov.gov/Universal-Federated-Analytics-Min.js https://www.youtube.com/iframe_api https://s.ytimg.com/yts/jsbin/www-widgetapi-vflIAAJll/www-widgetapi.js https://secure.skypeassets.com/i/scom/js/skype-uri.js https://script.crazyegg.com/pages/scripts/ https://s3.amazonaws.com/trk.cetrk.com/e/t.js https://libs.cartocdn.com/ https://cartodb-libs.global.ssl.fastly.net/ https://eagletech.carto.com/
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: findtreatment.samhsa.gov
:scheme: https
:path: /locator/widget/260
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://takebackday.dea.gov/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://takebackday.dea.gov/

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 1251
server: nginx/1.18.0
date: Thu, 22 Oct 2020 17:08:06 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-frame-options: ALLOWALL
content-encoding: gzip
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maps.googleapis.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ http://www.google-analytics.com/ https://ssl.google-analytics.com/ https://www.googletagmanager.com/ http://ct1.addthis.com/static/r07/core107.js https://ct1.addthis.com/static/r07/core107.js http://cdn.printfriendly.com https://cdn.printfriendly.com https://cdn.ravenjs.com http://ct1.addthis.com/static/r07/auth015.js https://ct1.addthis.com/static/r07/auth015.js https://ds-4047.kxcdn.com/api/v3/domain_settings/a http://ct1.addthis.com/static/r07/menu160.js https://ct1.addthis.com/static/r07/menu160.js https://pf-cdn.printfriendly.com/ssl/main.js https://tagmanager.google.com/debug https://tagmanager.google.com/debug/angular-bundle.js https://tagmanager.google.com/debug/debuguiApp.js http://tagmanager.google.com/debug/api/templates http://dnn506yrbagrg.cloudfront.net/pages/scripts/0011/4190.js https://dnn506yrbagrg.cloudfront.net/pages/scripts/0011/4190.js https://dap.digitalgov.gov/Universal-Federated-Analytics-Min.js https://www.youtube.com/iframe_api https://s.ytimg.com/yts/jsbin/www-widgetapi-vflIAAJll/www-widgetapi.js https://secure.skypeassets.com/i/scom/js/skype-uri.js https://script.crazyegg.com/pages/scripts/ https://s3.amazonaws.com/trk.cetrk.com/e/t.js https://libs.cartocdn.com/ https://cartodb-libs.global.ssl.fastly.net/ https://eagletech.carto.com/
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains; preload;
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5d217f1e3e1cc27be2d78854345b4f25.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C1
x-amz-cf-id: YuSXRoRQsu0H5QW8XE1vQ2P1RmQ7eaS2G5uDFxT9TjU3TcutKuV7cw==
age: 20233

GET
H2 200 TakeBackPoster.png
takebackday.dea.gov/sites/all/themes/takebackday/img/ 100 KB
101 KB 11ms
10ms Image
image/png 2a02:26f0:6c00:28b::2b0e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://takebackday.dea.gov/sites/all/themes/takebackday/img/TakeBackPoster.png

Requested by

Host: takebackday.dea.gov
URL: https://takebackday.dea.gov/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28b::2b0e , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

a926ef9e8741305e1072abb60b2ec551fc6d98fce023b407316f637f2c7b4c31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 22:45:20 GMT
x-content-type-options: nosniff
last-modified: Tue, 06 Oct 2020 06:16:45 GMT
server: nginx
strict-transport-security: max-age=31536000
content-type: image/png
status: 200
x-ah-environment: prod
cache-control: max-age=86352
x-cache-hits: 89
x-age: 581901
accept-ranges: bytes
content-length: 102847
x-request-id: v-2bd00f28-0eb8-11eb-bd86-77c9ee395c03
expires: Fri, 23 Oct 2020 22:44:32 GMT

GET
H2 200 activity;xsp=4540534;ord=1709266934427.4248
pubads.g.doubleclick.net/ 42 B
200 B 65ms
62ms Image
image/gif 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;xsp=4540534;ord=1709266934427.4248?

Requested by

Host: takebackday.dea.gov
URL: https://takebackday.dea.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Oct 2020 22:45:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activity;xsp=4540183;ord=4629926085822.864
pubads.g.doubleclick.net/ 42 B
200 B 63ms
60ms Image
image/gif 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;xsp=4540183;ord=4629926085822.864?

Requested by

Host: takebackday.dea.gov
URL: https://takebackday.dea.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Oct 2020 22:45:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activity;xsp=4547288;ord=1197723466579.901
pubads.g.doubleclick.net/ 42 B
401 B 62ms
59ms Image
image/gif 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;xsp=4547288;ord=1197723466579.901?

Requested by

Host: takebackday.dea.gov
URL: https://takebackday.dea.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Oct 2020 22:45:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
431 B 39ms
13ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&aip=1&a=1712746068&t=pageview&_s=1&dl=https%3A%2F%2Ftakebackday.dea.gov%2F&ul=en-us&de=UTF-8&dt=Take%20Back%20Day&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=978262457&gjid=1493689610&cid=1082258526.1603406721&tid=UA-106789211-1&_gid=217948457.1603406721&_r=1&_slc=1&z=34683495

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 22 Oct 2020 22:45:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://takebackday.dea.gov
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
147 B 30ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=26096120&Ver=2&mid=711df19e-2984-4a6a-b748-8821b4b86df7&sid=43ea433014b811eb9b28674fd2f0da38&vid=43ea76e014b811eb891ead8443f702d7&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Take%20Back%20Day&p=https%3A%2F%2Ftakebackday.dea.gov%2F&r=&lt=288&evt=pageLoad&msclkid=N&sv=1&rn=20524
Requested by: Host: takebackday.dea.gov
URL: https://takebackday.dea.gov/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Thu, 22 Oct 2020 22:45:20 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 0D9925E538CD49898B90D7A18026FFE3 Ref B: FRAEDGE1512 Ref C: 2020-10-22T22:45:21Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 364237207526641 Show response
connect.facebook.net/signals/config/ 234 KB
69 KB 55ms
55ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/364237207526641?v=2.9.27&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2a267d6e773e147c3fb77446f83b36de4772b3c42da80205533fe0830fe30e3a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: gH9evttoEyWUY7WlDz0XrJ3IoB69dsVrY/yjwCTOJmdTe92hHPzUZHh01C5hjpA+awf0pKuFOqn3qQoR9q188A==
x-fb-trip-id: 664085054
date: Thu, 22 Oct 2020 22:45:21 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK pixie
ib.adnxs.com/ 42 B
357 B 136ms
36ms Image
image/gif 185.33.220.242
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/pixie?e=PageView&pi=6133a9d6-e6ef-4307-93c3-62466096152d&it=1603406721159&v=0.0.15&u=https%3A%2F%2Ftakebackday.dea.gov%2F&st=1603406721159&et=1603406721159&if=0
Requested by: Host: takebackday.dea.gov
URL: https://takebackday.dea.gov/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.220.242 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: nginx/1.17.9 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 22 Oct 2020 22:45:21 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx/1.17.9
Connection: keep-alive
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 724.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 10.2.80.148:80
Content-Length: 42
Content-Type: image/gif

GET
H2

200

asyncPixelSync
pixel.sitescout.com/dmp/ Frame 878F
Redirect Chain

https://pixel-a.basis.net/dmp/asyncPixelSync
https://pixel.sitescout.com/dmp/asyncPixelSync

0
0

43ms
42ms

Document
text/html

66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by: Host: takebackday.dea.gov
URL: https://takebackday.dea.gov/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Southampton, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash

Request headers

:method: GET
:authority: pixel.sitescout.com
:scheme: https
:path: /dmp/asyncPixelSync
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://takebackday.dea.gov/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ssi=1c80a054-d7bf-43fd-85b5-ddaa8905262b#1603406721308
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://takebackday.dea.gov/

Response headers

status: 200
cache-control: max-age=0,no-cache,no-store
pragma: no-cache
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
set-cookie: ssi=1c80a054-d7bf-43fd-85b5-ddaa8905262b#1603406721308; Domain=.sitescout.com; Expires=Fri, 22-Oct-2021 22:45:21 GMT; Path=/; Secure; SameSite=None _ssuma=eyIzNCI6MTYwMzQwNjcyMTM1MSwiMiI6MTYwMzQwNjcyMTM1MSwiNCI6MTYwMzQwNjcyMTM1MSwiMzkiOjE2MDM0MDY3MjEzNTEsIjciOjE2MDM0MDY3MjEzNTF9; Domain=.sitescout.com; Expires=Sat, 21-Nov-2020 22:45:21 GMT; Path=/; Secure; SameSite=None
content-type: text/html;charset=UTF-8
content-length: 1139
date: Thu, 22 Oct 2020 22:45:21 GMT
server: AC1.1

Redirect headers

status: 301
content-length: 0
location: https://pixel.sitescout.com/dmp/asyncPixelSync

GET
H/1.1 200
OK spp.pl
sp.analytics.yahoo.com/ 43 B
886 B 152ms
52ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10061779

Requested by

Host: takebackday.dea.gov
URL: https://takebackday.dea.gov/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 , Switzerland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 22 Oct 2020 22:45:21 GMT
X-Content-Type-Options: nosniff
Age: 0
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Thu, 22 Oct 2020 22:45:21 GMT

GET
H2

200

05d8b46f41331430
pixel.sitescout.com/up/
Redirect Chain

https://pixel-a.basis.net/up/05d8b46f41331430?cntr_url=https%3A%2F%2Ftakebackday.dea.gov%2F
https://pixel.sitescout.com/up/05d8b46f41331430?cntr_url=https%3A%2F%2Ftakebackday.dea.gov%2F
https://pixel.sitescout.com/up/05d8b46f41331430?cookieQ=1&cntr_url=https%3A%2F%2Ftakebackday.dea.gov%2F

43 B
417 B

880ms
879ms

Image
image/gif

66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/up/05d8b46f41331430?cookieQ=1&cntr_url=https%3A%2F%2Ftakebackday.dea.gov%2F
Requested by: Host: takebackday.dea.gov
URL: https://takebackday.dea.gov/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Southampton, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Oct 2020 22:45:21 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
status: 200
cache-control: max-age=0,no-cache,no-store
content-type: image/gif
content-length: 43
expires: Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

status: 302
date: Thu, 22 Oct 2020 22:45:20 GMT
server: AC1.1
content-length: 0
location: https://pixel.sitescout.com/up/05d8b46f41331430?cookieQ=1&cntr_url=https%3A%2F%2Ftakebackday.dea.gov%2F

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
26 B 13ms
13ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=1712746068&t=pageview&_s=1&dl=https%3A%2F%2Ftakebackday.dea.gov%2F&ul=en-us&de=UTF-8&dt=Take%20Back%20Day&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAAC~&jid=249727718&gjid=109864575&cid=1082258526.1603406721&tid=UA-163591755-1&_gid=217948457.1603406721&_r=1&gtm=2wgae1MJN326Q&z=1852580526

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 22 Oct 2020 22:45:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://takebackday.dea.gov
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

asyncPixelSync
pixel.sitescout.com/dmp/ Frame 3D1D
Redirect Chain

https://pixel.sitescout.com/dmp/asyncPixelSync
https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1

0
0

43ms
42ms

Document
text/html

66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1
Requested by: Host: takebackday.dea.gov
URL: https://takebackday.dea.gov/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Southampton, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash

Request headers

:method: GET
:authority: pixel.sitescout.com
:scheme: https
:path: /dmp/asyncPixelSync?cookieQ=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://takebackday.dea.gov/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ssi=1c80a054-d7bf-43fd-85b5-ddaa8905262b#1603406721308
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://takebackday.dea.gov/

Response headers

status: 200
cache-control: max-age=0,no-cache,no-store
pragma: no-cache
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
set-cookie: ssi=1c80a054-d7bf-43fd-85b5-ddaa8905262b#1603406721308; Domain=.sitescout.com; Expires=Fri, 22-Oct-2021 22:45:21 GMT; Path=/; Secure; SameSite=None _ssuma=eyIzNCI6MTYwMzQwNjcyMTM1MiwiMiI6MTYwMzQwNjcyMTM1MiwiNCI6MTYwMzQwNjcyMTM1MiwiMzkiOjE2MDM0MDY3MjEzNTIsIjciOjE2MDM0MDY3MjEzNTJ9; Domain=.sitescout.com; Expires=Sat, 21-Nov-2020 22:45:21 GMT; Path=/; Secure; SameSite=None
content-type: text/html;charset=UTF-8
content-length: 1139
date: Thu, 22 Oct 2020 22:45:20 GMT
server: AC1.1

Redirect headers

status: 302
set-cookie: ssi=29088b9d-8851-443a-8dea-fa10514db8d2#1603406721307; Domain=.sitescout.com; Expires=Fri, 22-Oct-2021 22:45:21 GMT; Path=/; Secure; SameSite=None
location: https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1
content-length: 0
date: Thu, 22 Oct 2020 22:45:20 GMT
server: AC1.1

GET
H2

200

asyncPixelSync
pixel.sitescout.com/dmp/ Frame D358
Redirect Chain

https://pixel.sitescout.com/dmp/asyncPixelSync
https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1

0
0

43ms
43ms

Document
text/html

66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1
Requested by: Host: takebackday.dea.gov
URL: https://takebackday.dea.gov/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Southampton, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash

Request headers

:method: GET
:authority: pixel.sitescout.com
:scheme: https
:path: /dmp/asyncPixelSync?cookieQ=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://takebackday.dea.gov/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ssi=1c80a054-d7bf-43fd-85b5-ddaa8905262b#1603406721308
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://takebackday.dea.gov/

Response headers

status: 200
cache-control: max-age=0,no-cache,no-store
pragma: no-cache
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
set-cookie: ssi=1c80a054-d7bf-43fd-85b5-ddaa8905262b#1603406721308; Domain=.sitescout.com; Expires=Fri, 22-Oct-2021 22:45:21 GMT; Path=/; Secure; SameSite=None _ssuma=eyIzNCI6MTYwMzQwNjcyMTM1MiwiMiI6MTYwMzQwNjcyMTM1MiwiNCI6MTYwMzQwNjcyMTM1MiwiMzkiOjE2MDM0MDY3MjEzNTIsIjciOjE2MDM0MDY3MjEzNTJ9; Domain=.sitescout.com; Expires=Sat, 21-Nov-2020 22:45:21 GMT; Path=/; Secure; SameSite=None
content-type: text/html;charset=UTF-8
content-length: 1139
date: Thu, 22 Oct 2020 22:45:20 GMT
server: AC1.1

Redirect headers

status: 302
set-cookie: ssi=1c80a054-d7bf-43fd-85b5-ddaa8905262b#1603406721308; Domain=.sitescout.com; Expires=Fri, 22-Oct-2021 22:45:21 GMT; Path=/; Secure; SameSite=None
location: https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1
content-length: 0
date: Thu, 22 Oct 2020 22:45:20 GMT
server: AC1.1

GET
H2 200 up.js Show response
up.pixel.ad/assets/ 2 KB
1 KB 132ms
43ms Script
application/javascript 178.79.227.76
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://up.pixel.ad/assets/up.js?um=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJN326Q
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.227.76 , Italy, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-227-76.vie.llnw.net
Software: AC1.1 /
Resource Hash: 5bdf1120c4df8c868092d0bcb7f2540a85456fd94cd1e1a5570c9b63906b1a5b

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 22:45:21 GMT
content-encoding: gzip
last-modified: Mon, 24 Aug 2020 15:06:26 GMT
server: AC1.1
age: 71222
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 1044
x-llid: 0c3e931d662de73e4c1f020bc2364560

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=19423968&t=2
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19423968%26t%3D2

43 B
1 KB

43ms
43ms

Image
image/gif

185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19423968%26t%3D2

Requested by

Host: takebackday.dea.gov
URL: https://takebackday.dea.gov/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Oct 2020 22:45:21 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.40:80
AN-X-Request-Uuid: 92b6be30-c587-4bf9-bd7a-160ec10fac55
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 22 Oct 2020 22:45:21 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.148:80
AN-X-Request-Uuid: 1dffbfc0-7f63-4ad2-99e8-84dfca285e5c
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19423968%26t%3D2
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

204

c10a4e181b736564
pixel.sitescout.com/iap/
Redirect Chain

https://pixel.sitescout.com/iap/c10a4e181b736564
https://pixel.sitescout.com/iap/c10a4e181b736564?cookieQ=1

0
341 B

44ms
43ms

Image
text/plain

66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/iap/c10a4e181b736564?cookieQ=1
Requested by: Host: takebackday.dea.gov
URL: https://takebackday.dea.gov/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Southampton, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Thu, 22 Oct 2020 22:45:20 GMT
cache-control: max-age=0,no-cache,no-store
expires: Tue, 11 Oct 1977 12:34:56 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"

Redirect headers

status: 302
date: Thu, 22 Oct 2020 22:45:20 GMT
server: AC1.1
content-length: 0
location: https://pixel.sitescout.com/iap/c10a4e181b736564?cookieQ=1

GET
H2

200

1b184a13a6dd1e73
clickserv.sitescout.com/conv/
Redirect Chain

https://clickserv.sitescout.com/conv/1b184a13a6dd1e73
https://clickserv.sitescout.com/conv/1b184a13a6dd1e73?cookieQ=1

43 B
417 B

964ms
963ms

Image
image/gif

66.155.71.189
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clickserv.sitescout.com/conv/1b184a13a6dd1e73?cookieQ=1
Requested by: Host: takebackday.dea.gov
URL: https://takebackday.dea.gov/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.189 Southampton, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Oct 2020 22:45:21 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
status: 200
cache-control: max-age=0,no-cache,no-store
content-type: image/gif
content-length: 43
expires: Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

status: 302
date: Thu, 22 Oct 2020 22:45:20 GMT
server: AC1.1
content-length: 0
location: https://clickserv.sitescout.com/conv/1b184a13a6dd1e73?cookieQ=1

GET
H3-Q050 200 pubads_impl_2020101901.js Show response
securepubads.g.doubleclick.net/gpt/ 274 KB
96 KB 115ms
69ms Script
text/javascript 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

sffe /

Resource Hash

426706009141ad5502475bac13c268944bc54a6e772d44bf48f653f711d5915d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 22:45:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Oct 2020 08:41:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98358
x-xss-protection: 0
expires: Thu, 22 Oct 2020 22:45:21 GMT

GET
H3-Q050

200

activityi;dc_pre=COeiusCjyewCFUrXuwgd9sALVg;src=9076792;type=001;cat=rtpix0;ord=1075864740056;gtm=2wgae1;auiddc=848438560.1603406721;~oref=https%3A%2F%2Ftakebackday.dea.gov%2F
9076792.fls.doubleclick.net/ Frame 80AD
Redirect Chain

https://9076792.fls.doubleclick.net/activityi;src=9076792;type=001;cat=rtpix0;ord=1075864740056;gtm=2wgae1;auiddc=848438560.1603406721;~oref=https%3A%2F%2Ftakebackday.dea.gov%2F?
https://9076792.fls.doubleclick.net/activityi;dc_pre=COeiusCjyewCFUrXuwgd9sALVg;src=9076792;type=001;cat=rtpix0;ord=1075864740056;gtm=2wgae1;auiddc=848438560.1603406721;~oref=https%3A%2F%2Ftakeback...

0
0

80ms
46ms

Document
text/html

172.217.23.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9076792.fls.doubleclick.net/activityi;dc_pre=COeiusCjyewCFUrXuwgd9sALVg;src=9076792;type=001;cat=rtpix0;ord=1075864740056;gtm=2wgae1;auiddc=848438560.1603406721;~oref=https%3A%2F%2Ftakebackday.dea.gov%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXB7R77

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f166.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 9076792.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=COeiusCjyewCFUrXuwgd9sALVg;src=9076792;type=001;cat=rtpix0;ord=1075864740056;gtm=2wgae1;auiddc=848438560.1603406721;~oref=https%3A%2F%2Ftakebackday.dea.gov%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://takebackday.dea.gov/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: about:blank

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Thu, 22 Oct 2020 22:45:21 GMT
expires: Thu, 22 Oct 2020 22:45:21 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 1064
x-xss-protection: 0
set-cookie: IDE=AHWqTUn10yUFDarhuBfjQWm23xMR4cG5G4UNWZUAS4N-VeiSFsqwvFEtEOkynqM6; expires=Sat, 22-Oct-2022 22:45:21 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Thu, 22 Oct 2020 22:45:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://9076792.fls.doubleclick.net/activityi;dc_pre=COeiusCjyewCFUrXuwgd9sALVg;src=9076792;type=001;cat=rtpix0;ord=1075864740056;gtm=2wgae1;auiddc=848438560.1603406721;~oref=https%3A%2F%2Ftakebackday.dea.gov%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 2308866859225289 Show response
connect.facebook.net/signals/config/ 234 KB
68 KB 50ms
49ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2308866859225289?v=2.9.27&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d2c6f27eacd2eb24a68cde9b9f11b8db7ba00514034701a3143e80b68063aa09

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 6Z6A2doOVW8Wsqj2To1f9kQXJIr2s7zHf/lKm+ya5HAM7ICIJlKDIC4Px2kndjs6rt1A5m7rqK1Y4Oau7WZxGg==
x-fb-trip-id: 664085054
date: Thu, 22 Oct 2020 22:45:21 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
378 B 20ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=364237207526641&ev=PageView&dl=https%3A%2F%2Ftakebackday.dea.gov%2F&rl=&if=false&ts=1603406721280&sw=1600&sh=1200&v=2.9.27&r=stable&ec=0&o=30&fbp=fb.1.1603406721279.1598487279&it=1603406721108&coo=false&rqm=GET

Requested by

Host: takebackday.dea.gov
URL: https://takebackday.dea.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 22:45:21 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 22 Oct 2020 22:45:21 GMT

GET
H2 200 asyncPixelSync
pixel.sitescout.com/dmp/ Frame DFB1 0
0 43ms
42ms Document
text/html 66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by: Host: takebackday.dea.gov
URL: https://takebackday.dea.gov/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Southampton, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash

Request headers

:method: GET
:authority: pixel.sitescout.com
:scheme: https
:path: /dmp/asyncPixelSync
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://takebackday.dea.gov/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ssi=1c80a054-d7bf-43fd-85b5-ddaa8905262b#1603406721308
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://takebackday.dea.gov/

Response headers

status: 200
cache-control: max-age=0,no-cache,no-store
pragma: no-cache
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
set-cookie: ssi=1c80a054-d7bf-43fd-85b5-ddaa8905262b#1603406721308; Domain=.sitescout.com; Expires=Fri, 22-Oct-2021 22:45:21 GMT; Path=/; Secure; SameSite=None _ssuma=eyIzNCI6MTYwMzQwNjcyMTM2MiwiMiI6MTYwMzQwNjcyMTM2MiwiNCI6MTYwMzQwNjcyMTM2MiwiMzkiOjE2MDM0MDY3MjEzNjIsIjciOjE2MDM0MDY3MjEzNjJ9; Domain=.sitescout.com; Expires=Sat, 21-Nov-2020 22:45:21 GMT; Path=/; Secure; SameSite=None
content-type: text/html;charset=UTF-8
content-length: 1139
date: Thu, 22 Oct 2020 22:45:20 GMT
server: AC1.1

GET
H2 200 16690cabac74c651
pixel.sitescout.com/up/ 43 B
417 B 887ms
887ms Image
image/gif 66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/up/16690cabac74c651?cntr_url=https%3A%2F%2Ftakebackday.dea.gov%2F
Requested by: Host: takebackday.dea.gov
URL: https://takebackday.dea.gov/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Southampton, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Oct 2020 22:45:21 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
status: 200
cache-control: max-age=0,no-cache,no-store
content-type: image/gif
content-length: 43
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 2277448389225101 Show response
connect.facebook.net/signals/config/ 234 KB
69 KB 56ms
55ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2277448389225101?v=2.9.27&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

997b328d4556b4596e8c788cd1a5030a90b10b4161e5fea5d4cb3ce01a7752fa

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/;
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: yRkhxHQ9P6xZIrd5hZurpta/1T2lteDCHJu4KjbyQYWZ9SJiQI/S6Ede1QzxUaHkPgiBbCGej6vQt9XcjJkcWg==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Thu, 22 Oct 2020 22:45:21 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
100 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2308866859225289&ev=PageView&dl=https%3A%2F%2Ftakebackday.dea.gov%2F&rl=&if=false&ts=1603406721345&sw=1600&sh=1200&v=2.9.27&r=stable&ec=0&o=30&fbp=fb.1.1603406721279.1598487279&it=1603406721108&coo=false&rqm=GET

Requested by

Host: takebackday.dea.gov
URL: https://takebackday.dea.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 22:45:21 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 22 Oct 2020 22:45:21 GMT

GET
H2 200 integrator.js Show response
adservice.google.ch/adsid/ 109 B
832 B 47ms
14ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=takebackday.dea.gov

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Oct 2020 22:45:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
832 B 36ms
15ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=takebackday.dea.gov

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Oct 2020 22:45:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 12 KB
6 KB 66ms
66ms XHR
text/plain 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1657154249261627&correlator=2007128703071959&output=ldjh&impl=fifs&eid=21068065%2C21067630%2C21067753%2C21068082%2C21067486%2C44729242&vrg=2020101901&guci=2.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201022&iu_parts=21674100491%2CETM.DEA&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&cookie_enabled=1&bc=31&abxe=1&lmt=1603401839&dt=1603406721434&dlt=1603406720794&idt=621&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=7332&adks=511670924&ucis=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ftakebackday.dea.gov%2F&dssz=46&icsg=1113768&mso=32&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=1x-1&ga_vid=1082258526.1603406721&ga_sid=1603406721&ga_hid=1712746068&fws=4&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

e42cfddf692d034ce9e195b297783a192d04f818730530872331dd47336abb79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 22:45:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5786
x-xss-protection: 0
google-lineitem-id: 5188893024
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138289758524
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://takebackday.dea.gov
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
1a8e9bf46c7c07f3ae85b8e694e208d9.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 72ms
38ms Other
text/html 2a00:1450:4001:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1a8e9bf46c7c07f3ae85b8e694e208d9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101901.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 26ms
5ms Other
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101901.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 /
www.facebook.com/tr/ 44 B
100 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2277448389225101&ev=PageView&dl=https%3A%2F%2Ftakebackday.dea.gov%2F&rl=&if=false&ts=1603406721448&sw=1600&sh=1200&v=2.9.27&r=stable&ec=0&o=30&fbp=fb.1.1603406721279.1598487279&it=1603406721108&coo=false&rqm=GET

Requested by

Host: takebackday.dea.gov
URL: https://takebackday.dea.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 22:45:21 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 22 Oct 2020 22:45:21 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 08F5 0
0 61ms
59ms Fetch
image/gif 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv4N2M2i-C5KNgQc0W2FGKKBUPGjsA2YtazQTSnIF65fJZQSxd6xuo0Itxs9It3CK5n4_xemDCzbAyQIIPjaOJvFY9_f0Qjskv__SjyVz5_9BVOwIbUz3hUf3hrzxomDq_6M2-DPGqmbegU9llDGy-DGZLUN6PAIRM7Z27CAnVTrj_SdEFF5yVqGnrMPXaA5d8KbXS_H0Q3c2UINx4J7tFFIONEiL9xO1RrE7ApgzbmP1qatMyfbJ1egpZBA6E1jYc_u272&sig=Cg0ArKJSzHrHsE3LPg-OEAE&adurl=

Requested by

Host: takebackday.dea.gov
URL: https://takebackday.dea.gov/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Oct 2020 22:45:21 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201020/r20110914/client/ Frame 08F5 3 KB
2 KB 27ms
12ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201020/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d2da3bdfb97c04360c684feeaac2a007c4a391f0b7623a0294f5c8eb3a91afc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 21:52:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3188
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1335
x-xss-protection: 0
server: cafe
etag: 1884878862150193934
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Nov 2020 21:52:13 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 08F5 75 KB
28 KB 65ms
44ms Script
text/javascript 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aef5db68e9c0d1d356b829a3b564e53b6af0119706fba4c7bb8c4091ae948b1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 22:45:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603280362352039"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28907
x-xss-protection: 0
expires: Thu, 22 Oct 2020 22:45:21 GMT

GET
H3-Q050 200 5666936184378406262
tpc.googlesyndication.com/simgad/ Frame 08F5 631 B
795 B 27ms
13ms Image
image/jpeg 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5666936184378406262

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 05:20:14 GMT
x-content-type-options: nosniff
age: 149107
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 631
x-xss-protection: 0
last-modified: Thu, 03 Oct 2019 18:29:40 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Oct 2021 05:20:14 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
28 KB 54ms
39ms Script
text/javascript 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c6a084d20419521fdd0a581b80e41c5d73aeafd60a0224e7776a6826060625

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 22:45:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603280362352039"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27607
x-xss-protection: 0
expires: Thu, 22 Oct 2020 22:45:21 GMT

GET
DATA 200
OK truncated
/ Frame 08F5 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8a4fe4517e1bbcc5db066b1281561f1bcc1a7a886da76394e608009be2653117

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 08F5 0
21 B 60ms
60ms Image
image/gif 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstigQxn-xKElDITFE19zesanC4cAgd18cklz_VXVcBmR7W68lxiXetgG34XJNekIoYYqPQkaGOnl0YvRxkepm9durUm1eyR9BlWVyCdC0kv5VP08CdVaZMMurh3sJj9wePmGuVpQa1_hEuTNYbm3K0EfeAe9PNq2awlyWyDXuzY-fNkXE-s8TPjNNNOjRerDDzxD4J-mZzE94_cnBpuiQKGOuAuRQmSywkIOPunVT00ZaaypsZ1r9RhjHtNsJwX0VaGM2Igmx8&sig=Cg0ArKJSzF2yOzTk60a3EAE&adurl=

Requested by

Host: takebackday.dea.gov
URL: https://takebackday.dea.gov/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Oct 2020 22:45:21 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 0.jpg
img.youtube.com/vi/yQxvua0lFFM/ 10 KB
10 KB 33ms
7ms Image
image/jpeg 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/yQxvua0lFFM/0.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05d53e6b30d23b9a7810874e17763ad58b14bcf691a8e722fc2791e2fcfe5545

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 21:36:08 GMT
x-content-type-options: nosniff
server: sffe
age: 4154
etag: "1601588551"
status: 200
content-type: image/jpeg
access-control-allow-origin: https://www.youtube.com
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10473
x-xss-protection: 0
expires: Thu, 22 Oct 2020 23:36:08 GMT

GET
H2 200 0.jpg
img.youtube.com/vi/U5CQmKlXJd8/ 10 KB
11 KB 32ms
6ms Image
image/jpeg 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/U5CQmKlXJd8/0.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c140bb03f48bcf30bb799c67c61b64f31ad28aa16bb60429a8bc71504d8b339f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
age: 6919
etag: "0"
status: 200
content-type: image/jpeg
access-control-allow-origin: https://www.youtube.com
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10488
x-xss-protection: 0
expires: Thu, 22 Oct 2020 22:50:03 GMT

GET
H2 200 0.jpg
img.youtube.com/vi/MCxt1l0tjmo/ 12 KB
12 KB 73ms
48ms Image
image/jpeg 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/MCxt1l0tjmo/0.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

957b9b88a3fea312732517592b0b7b328fce3810e09469d2b3d7bc3b2646c67a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 22:26:47 GMT
x-content-type-options: nosniff
server: sffe
age: 1115
etag: "1601589231"
status: 200
content-type: image/jpeg
access-control-allow-origin: https://www.youtube.com
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12222
x-xss-protection: 0
expires: Fri, 23 Oct 2020 00:26:47 GMT

GET
H2 200 0.jpg
img.youtube.com/vi/FdEwg0Rhluk/ 11 KB
11 KB 73ms
48ms Image
image/jpeg 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/FdEwg0Rhluk/0.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

347405cf0e6fdab868e304bac56f1d2092d4eb3c9919ae4eb5e3f1d5bbc86219

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 22:26:47 GMT
x-content-type-options: nosniff
server: sffe
age: 1115
etag: "1601589445"
status: 200
content-type: image/jpeg
access-control-allow-origin: https://www.youtube.com
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10796
x-xss-protection: 0
expires: Fri, 23 Oct 2020 00:26:47 GMT

GET
H2 200 0.jpg
img.youtube.com/vi/lt_-PUU5New/ 8 KB
8 KB 72ms
47ms Image
image/jpeg 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/lt_-PUU5New/0.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ea600e4e824725eb1f88e14401da249b32e8de34547e3d893a2ff28a464a2c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 21:19:46 GMT
x-content-type-options: nosniff
server: sffe
age: 5136
etag: "0"
status: 200
content-type: image/jpeg
access-control-allow-origin: https://www.youtube.com
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8383
x-xss-protection: 0
expires: Thu, 22 Oct 2020 23:19:46 GMT

GET
H2 200 0.jpg
img.youtube.com/vi/Ot-RJXIA1Lc/ 10 KB
10 KB 72ms
47ms Image
image/jpeg 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/Ot-RJXIA1Lc/0.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41665172fca5d226a8dcc9100a496f420a095309eacce59d90631c31ecaf6d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 22:26:47 GMT
x-content-type-options: nosniff
server: sffe
age: 1115
etag: "1601585098"
status: 200
content-type: image/jpeg
access-control-allow-origin: https://www.youtube.com
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10314
x-xss-protection: 0
expires: Fri, 23 Oct 2020 00:26:47 GMT

GET
H3-Q050 200 0.jpg
img.youtube.com/vi/VM5FzmHMb9g/ 14 KB
14 KB 76ms
23ms Image
image/jpeg 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/VM5FzmHMb9g/0.jpg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c574606c87a11d447305f17792174c6ba32b2ddc5dd3654bd4fdb5e04ffc2b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
age: 6919
etag: "0"
status: 200
content-type: image/jpeg
access-control-allow-origin: https://www.youtube.com
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14170
x-xss-protection: 0
expires: Thu, 22 Oct 2020 22:50:03 GMT

GET
H3-Q050 200 0.jpg
img.youtube.com/vi/cVyjgjVRF68/ 7 KB
7 KB 71ms
19ms Image
image/jpeg 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/cVyjgjVRF68/0.jpg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

430471bb964548b3da8538b3f0c9107f867c76944781f552f40cc30831d5c3ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
age: 6919
etag: "0"
status: 200
content-type: image/jpeg
access-control-allow-origin: https://www.youtube.com
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7164
x-xss-protection: 0
expires: Thu, 22 Oct 2020 22:50:03 GMT

GET
H3-Q050 200 0.jpg
img.youtube.com/vi/QPvfCfPjTVA/ 9 KB
9 KB 75ms
22ms Image
image/jpeg 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/QPvfCfPjTVA/0.jpg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

172e3e68d05cbbe1c9cde9ac4e419d9a9e3c12212f21d3c382a775754300fd13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 22:26:47 GMT
x-content-type-options: nosniff
server: sffe
age: 1115
etag: "0"
status: 200
content-type: image/jpeg
access-control-allow-origin: https://www.youtube.com
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9020
x-xss-protection: 0
expires: Fri, 23 Oct 2020 00:26:47 GMT

GET
H3-Q050 200 0.jpg
img.youtube.com/vi/uEZAJI3zGFI/ 8 KB
8 KB 69ms
17ms Image
image/jpeg 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/uEZAJI3zGFI/0.jpg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12169b1dd348eb7df14231281f1d0d77a6b8b272711d5afc0294205cfa521992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 21:36:08 GMT
x-content-type-options: nosniff
server: sffe
age: 4154
etag: "1587387521"
status: 200
content-type: image/jpeg
access-control-allow-origin: https://www.youtube.com
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7945
x-xss-protection: 0
expires: Thu, 22 Oct 2020 23:36:08 GMT

GET
H3-Q050 200 0.jpg
img.youtube.com/vi/LHzWgIZR-jk/ 6 KB
6 KB 70ms
17ms Image
image/jpeg 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/LHzWgIZR-jk/0.jpg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2710a3899cc9b7b18ae8e4848a70e89b8394a5c97fd97125d0d97da0a309963f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 21:19:46 GMT
x-content-type-options: nosniff
server: sffe
age: 5136
etag: "0"
status: 200
content-type: image/jpeg
access-control-allow-origin: https://www.youtube.com
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6542
x-xss-protection: 0
expires: Thu, 22 Oct 2020 23:19:46 GMT

GET
H3-Q050 200 0.jpg
img.youtube.com/vi/rI5Zh5rAdUo/ 4 KB
4 KB 69ms
16ms Image
image/jpeg 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/rI5Zh5rAdUo/0.jpg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71f286cbb2d39fe9613d55f43ae099eaf7a4d1d89c82c09363f3b90d8478b2be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 21:36:08 GMT
x-content-type-options: nosniff
server: sffe
age: 4154
etag: "0"
status: 200
content-type: image/jpeg
access-control-allow-origin: https://www.youtube.com
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3856
x-xss-protection: 0
expires: Thu, 22 Oct 2020 23:36:08 GMT

GET
H3-Q050 200 0.jpg
img.youtube.com/vi/QAC6sdOuCoo/ 5 KB
5 KB 68ms
16ms Image
image/jpeg 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/QAC6sdOuCoo/0.jpg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

296ba8fd5ac86a83b8611302f2b69277ee9129f3a1687ae64f1651c6e3ded0c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 21:00:51 GMT
x-content-type-options: nosniff
server: sffe
age: 6271
etag: "0"
status: 200
content-type: image/jpeg
access-control-allow-origin: https://www.youtube.com
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4766
x-xss-protection: 0
expires: Thu, 22 Oct 2020 23:00:51 GMT

GET
H3-Q050 200 0.jpg
img.youtube.com/vi/DkZvYXRyq1E/ 8 KB
8 KB 73ms
21ms Image
image/jpeg 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/DkZvYXRyq1E/0.jpg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6b09e85541356ef4d57c845c0e1837b70e94068cb79c009ffc777964a9561b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 21:36:08 GMT
x-content-type-options: nosniff
server: sffe
age: 4154
etag: "0"
status: 200
content-type: image/jpeg
access-control-allow-origin: https://www.youtube.com
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8391
x-xss-protection: 0
expires: Thu, 22 Oct 2020 23:36:08 GMT

GET
H3-Q050 200 0.jpg
img.youtube.com/vi/HwKSO5SPpes/ 10 KB
10 KB 73ms
21ms Image
image/jpeg 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/HwKSO5SPpes/0.jpg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecd75ecf82ccaf49e36256fb83d756b02cbd876087c0d2e50f98703618b71e72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 21:36:08 GMT
x-content-type-options: nosniff
server: sffe
age: 4154
etag: "0"
status: 200
content-type: image/jpeg
access-control-allow-origin: https://www.youtube.com
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10284
x-xss-protection: 0
expires: Thu, 22 Oct 2020 23:36:08 GMT

GET
H3-Q050 200 0.jpg
img.youtube.com/vi/EsL6WnFNuxs/ 10 KB
10 KB 71ms
19ms Image
image/jpeg 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/EsL6WnFNuxs/0.jpg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

703483fc536584c9cda247e90b1e21b4402c384c25a271402d18dc0dc05f2855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 21:36:08 GMT
x-content-type-options: nosniff
server: sffe
age: 4154
etag: "0"
status: 200
content-type: image/jpeg
access-control-allow-origin: https://www.youtube.com
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10301
x-xss-protection: 0
expires: Thu, 22 Oct 2020 23:36:08 GMT

GET
H3-Q050 200 0.jpg
img.youtube.com/vi/rbFlHq15dus/ 13 KB
13 KB 104ms
51ms Image
image/jpeg 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/rbFlHq15dus/0.jpg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78cd98fa0c84e49e56beff37d3de6c163623ecb9976816c6d14dbc7e747f1d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 21:36:08 GMT
x-content-type-options: nosniff
server: sffe
age: 4154
etag: "0"
status: 200
content-type: image/jpeg
access-control-allow-origin: https://www.youtube.com
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13329
x-xss-protection: 0
expires: Thu, 22 Oct 2020 23:36:08 GMT

GET
H3-Q050 200 0.jpg
img.youtube.com/vi/a_22kzuCOT4/ 27 KB
27 KB 116ms
63ms Image
image/jpeg 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/a_22kzuCOT4/0.jpg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

004ec09200d31dc644fa397eaf46e5866d3e3902f82ef69df791df6abad2dc96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 21:36:08 GMT
x-content-type-options: nosniff
server: sffe
age: 4154
etag: "1553746067"
status: 200
content-type: image/jpeg
access-control-allow-origin: https://www.youtube.com
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27170
x-xss-protection: 0
expires: Thu, 22 Oct 2020 23:36:08 GMT

GET
H3-Q050 200 0.jpg
img.youtube.com/vi/-etxDtDoA7w/ 8 KB
8 KB 119ms
66ms Image
image/jpeg 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/-etxDtDoA7w/0.jpg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

170f81fd18b1e8b936c9db2e5c2a1ed6e1d41629b194903ea8002368608cda3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 21:00:51 GMT
x-content-type-options: nosniff
server: sffe
age: 6271
etag: "0"
status: 200
content-type: image/jpeg
access-control-allow-origin: https://www.youtube.com
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8448
x-xss-protection: 0
expires: Thu, 22 Oct 2020 23:00:51 GMT

GET
H3-Q050 200 0.jpg
img.youtube.com/vi/04pOpN90B9M/ 4 KB
4 KB 115ms
62ms Image
image/jpeg 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/04pOpN90B9M/0.jpg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75b738f5d05cf87802f7645c63fbfc53bd6556b2e0a4a74f22d125ecf2d37aaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 21:36:08 GMT
x-content-type-options: nosniff
server: sffe
age: 4154
etag: "0"
status: 200
content-type: image/jpeg
access-control-allow-origin: https://www.youtube.com
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3935
x-xss-protection: 0
expires: Thu, 22 Oct 2020 23:36:08 GMT

GET
H3-Q050 200 0.jpg
img.youtube.com/vi/dNliicqOS5w/ 4 KB
4 KB 116ms
62ms Image
image/jpeg 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/dNliicqOS5w/0.jpg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5cd305df6f4a0a3ab95fe841d280e16f3b878a132f9bf9a72b18e65d42679417

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
age: 6919
etag: "1553724464"
status: 200
content-type: image/jpeg
access-control-allow-origin: https://www.youtube.com
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3659
x-xss-protection: 0
expires: Thu, 22 Oct 2020 22:50:03 GMT

GET
H3-Q050 200 0.jpg
img.youtube.com/vi/INkaLvOxOc4/ 5 KB
5 KB 118ms
65ms Image
image/jpeg 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/INkaLvOxOc4/0.jpg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

563c06dcdeb24b7dc8155a036b72a2f4cb2a4d9d69f4c81846ef742fd5a58032

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 22:26:47 GMT
x-content-type-options: nosniff
server: sffe
age: 1115
etag: "0"
status: 200
content-type: image/jpeg
access-control-allow-origin: https://www.youtube.com
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4707
x-xss-protection: 0
expires: Fri, 23 Oct 2020 00:26:47 GMT

GET
H3-Q050 200 0.jpg
img.youtube.com/vi/n-SvpT2qrAQ/ 11 KB
11 KB 114ms
61ms Image
image/jpeg 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/n-SvpT2qrAQ/0.jpg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

662bb5ff42520f16b028258c308d5ecbbc9c8085129b41e0443533ccff67ffb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 22:26:47 GMT
x-content-type-options: nosniff
server: sffe
age: 1115
etag: "0"
status: 200
content-type: image/jpeg
access-control-allow-origin: https://www.youtube.com
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11674
x-xss-protection: 0
expires: Fri, 23 Oct 2020 00:26:47 GMT

GET
H3-Q050 200 0.jpg
img.youtube.com/vi/k9_eXe_FXgY/ 11 KB
11 KB 115ms
62ms Image
image/jpeg 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/k9_eXe_FXgY/0.jpg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35b4e01fc96374d023f9ad5094b9c4e382d00049a641568f2199c4ed7153c0bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 21:36:08 GMT
x-content-type-options: nosniff
server: sffe
age: 4154
etag: "0"
status: 200
content-type: image/jpeg
access-control-allow-origin: https://www.youtube.com
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11561
x-xss-protection: 0
expires: Thu, 22 Oct 2020 23:36:08 GMT

GET
H3-Q050 200 0.jpg
img.youtube.com/vi/Jwj0RfOV0t4/ 11 KB
11 KB 112ms
59ms Image
image/jpeg 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/Jwj0RfOV0t4/0.jpg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6238ac76fe33cbc8771aa62bfdee7eff7474a4c86c80a17f860f0478eeab584d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
age: 6919
etag: "0"
status: 200
content-type: image/jpeg
access-control-allow-origin: https://www.youtube.com
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11502
x-xss-protection: 0
expires: Thu, 22 Oct 2020 22:50:03 GMT

GET
H3-Q050 200 0.jpg
img.youtube.com/vi/jGbDZp6dQB4/ 16 KB
16 KB 113ms
60ms Image
image/jpeg 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/jGbDZp6dQB4/0.jpg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d6e0981dfc9abc260fa1784c657ceb6c01ce4fc5060cf4fd81ef0ce338eb7f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 22:26:47 GMT
x-content-type-options: nosniff
server: sffe
age: 1115
etag: "0"
status: 200
content-type: image/jpeg
access-control-allow-origin: https://www.youtube.com
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16765
x-xss-protection: 0
expires: Fri, 23 Oct 2020 00:26:47 GMT

GET
H3-Q050 200 0.jpg
img.youtube.com/vi/6ENEmB7UAuY/ 11 KB
11 KB 114ms
61ms Image
image/jpeg 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/6ENEmB7UAuY/0.jpg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf0f5b737d4a3a758f1eaf5c3e0616a2e0f1e3062492675ee0f8e5c28c083e94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 21:36:08 GMT
x-content-type-options: nosniff
server: sffe
age: 4154
etag: "0"
status: 200
content-type: image/jpeg
access-control-allow-origin: https://www.youtube.com
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10908
x-xss-protection: 0
expires: Thu, 22 Oct 2020 23:36:08 GMT

GET
H3-Q050 200 0.jpg
img.youtube.com/vi/m9FblUKbOVo/ 17 KB
17 KB 120ms
67ms Image
image/jpeg 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/m9FblUKbOVo/0.jpg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16b50b1d7e47eec5d8b2cf7f1c0429fcc84a6f0dca81eb67d928e4ce94e2bb5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 22:26:47 GMT
x-content-type-options: nosniff
server: sffe
age: 1115
etag: "1540318193"
status: 200
content-type: image/jpeg
access-control-allow-origin: https://www.youtube.com
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17861
x-xss-protection: 0
expires: Fri, 23 Oct 2020 00:26:47 GMT

GET
H3-Q050 200 0.jpg
img.youtube.com/vi/OU0jfZt7YKM/ 14 KB
14 KB 112ms
58ms Image
image/jpeg 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/OU0jfZt7YKM/0.jpg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c17a74b4f81c98beff00dcb2c9456e23b2d1d9e4f6cec6e02bb5304fba34a897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 22:26:47 GMT
x-content-type-options: nosniff
server: sffe
age: 1115
etag: "0"
status: 200
content-type: image/jpeg
access-control-allow-origin: https://www.youtube.com
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14404
x-xss-protection: 0
expires: Fri, 23 Oct 2020 00:26:47 GMT

GET
H3-Q050 200 0.jpg
img.youtube.com/vi/4O17ihuRIUM/ 23 KB
23 KB 119ms
65ms Image
image/jpeg 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/4O17ihuRIUM/0.jpg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

558962fb116d969e82b17d11b4fc42492569113dc3175dfd0b9347b38a403dea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 21:36:08 GMT
x-content-type-options: nosniff
server: sffe
age: 4154
etag: "1538742491"
status: 200
content-type: image/jpeg
access-control-allow-origin: https://www.youtube.com
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23278
x-xss-protection: 0
expires: Thu, 22 Oct 2020 23:36:08 GMT

GET
H3-Q050 200 0.jpg
img.youtube.com/vi/FY1Jd1gyZ00/ 24 KB
24 KB 120ms
66ms Image
image/jpeg 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/FY1Jd1gyZ00/0.jpg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e791cefe9d67d0991fd3e3aa72c756852054bca9803ae57ba0c01ae1d6eb15bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
age: 6919
etag: "1538743408"
status: 200
content-type: image/jpeg
access-control-allow-origin: https://www.youtube.com
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24497
x-xss-protection: 0
expires: Thu, 22 Oct 2020 22:50:03 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 70ms
48ms XHR
application/json 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020101901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90aabd629e0522cbb08a1c0cada487d3c034e86db2cdabe70d15424ebdf4eea2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Oct 2020 22:45:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6390
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a32b89473df6ced5953684278e431ae4a01141364fab23812960a0d69c5ab3ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 22:45:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601937181905197"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6302
x-xss-protection: 0
expires: Thu, 22 Oct 2020 22:45:22 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/218/ Frame B2C9 0
0 6ms
5ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/218/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/218/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://takebackday.dea.gov/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://takebackday.dea.gov/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4867
date: Thu, 22 Oct 2020 21:55:35 GMT
expires: Fri, 22 Oct 2021 21:55:35 GMT
last-modified: Fri, 25 Sep 2020 19:26:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2987
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
223 B 39ms
39ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=218&t=2&li=gpt_2020101901&jk=1657154249261627&bg=!S0ilSGjNAAUZK2QAGViJTuk_w99n_gIAAABQUgAAAAwKAN2ifCE-UbGRYXOLTPvn3IsRx3kk2ZmNZtTCJb6h_X1QFhecydue27B5gH04aFHR_AuDQgbV5zMOBTjzhYr98pLFpHoK5JsDDIp3b4RBGCKsHtlfrtfLY4xIxphyamKHKfwSq78kOKlM6jyC-o6MdBs6PBtMubrlm3pQBWco03MTL1QZSwonuKyFtZx_nIzr0p6a6ZPiABphzBLtpqGOTv4HWPwuKCRA6fvORCDBI4gzjdNVEZAe1h-3jnvMztKixtL1gbeitqW0O4qpeafJGQFfAUsD2DEaXEGz6Ue9npkBrIif50b0rcGOtXgb-1UpRcTdEMYXxzcnhBhaY_fh-bI6yRyc0UQyA88hGE7a65eHXHdeVWP9xZEUNBbTFFi2fIKWLGfyYp17cxoxV29N6PXNiAiCnSc_3KExlboieDIKYGf7_S6CkLqHgnoQSacf0PHV06pQMY7kcRloe1FETgoJjT5Gen7bq-vXIIO5IPVdBVIWCjXNl5IAsqcbt5fcqNY-D8ZBdDhPWtCmlRlqeZnAuhpEEkC3fake3E85VXJc0cTXuVhTi2X_5ZxBYHC3GoQdK7lmux6iLqU6OL_m4-KavX1VpF0XGqhYCzAwn8sZzzJLAa02N8hh2Kdt0GriOsNFO-ySzD836-SMyvVK_clJpSc30i-N0Iygp5OcFi1nWc3D5JrhzBRkz01OwTYLYncea5wUL1TlMlFZ-bJ3uKWrP5S7WyUfmYiFV5N_FM07pCgbKQ5TKzO5cHiBIpquxTor5cmz4geaH_eaVDQjXryWd7Nh0LobbbRnwAEUroM6BrXBU9GO3x0HBBp-e_G8xBjV8GbchpyAmOhinaAD9XyqMvwJGoUvxDMs9dU-

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Oct 2020 22:45:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
146 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=364237207526641&ev=Microdata&dl=https%3A%2F%2Ftakebackday.dea.gov%2F&rl=&if=false&ts=1603406722783&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Take%20Back%20Day%22%2C%22meta%3Adescription%22%3A%22The%20National%20Prescription%20Drug%20Take%20Back%20Day%20aims%20to%20provide%20a%20safe%2C%20convenient%2C%20and%20anonymous%20means%20of%20disposing%20of%20prescription%20drugs%2C%20while%20also%20educating%20the%20general%20public%20about%20the%20potential%20for%20abuse%20and%20medications.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.27&r=stable&ec=1&o=30&fbp=fb.1.1603406721279.1598487279&it=1603406721108&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 22:45:22 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 22 Oct 2020 22:45:22 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
100 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2308866859225289&ev=Microdata&dl=https%3A%2F%2Ftakebackday.dea.gov%2F&rl=&if=false&ts=1603406722846&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Take%20Back%20Day%22%2C%22meta%3Adescription%22%3A%22The%20National%20Prescription%20Drug%20Take%20Back%20Day%20aims%20to%20provide%20a%20safe%2C%20convenient%2C%20and%20anonymous%20means%20of%20disposing%20of%20prescription%20drugs%2C%20while%20also%20educating%20the%20general%20public%20about%20the%20potential%20for%20abuse%20and%20medications.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.27&r=stable&ec=1&o=30&fbp=fb.1.1603406721279.1598487279&it=1603406721108&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 22:45:22 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 22 Oct 2020 22:45:22 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
100 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2277448389225101&ev=Microdata&dl=https%3A%2F%2Ftakebackday.dea.gov%2F&rl=&if=false&ts=1603406722950&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Take%20Back%20Day%22%2C%22meta%3Adescription%22%3A%22The%20National%20Prescription%20Drug%20Take%20Back%20Day%20aims%20to%20provide%20a%20safe%2C%20convenient%2C%20and%20anonymous%20means%20of%20disposing%20of%20prescription%20drugs%2C%20while%20also%20educating%20the%20general%20public%20about%20the%20potential%20for%20abuse%20and%20medications.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.27&r=stable&ec=1&o=30&fbp=fb.1.1603406721279.1598487279&it=1603406721108&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://takebackday.dea.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 22:45:22 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 22 Oct 2020 22:45:22 GMT

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 06:54:38	Name: IDE Value: AHWqTUlvMSJdLDF2YVemMEhmHWLwwBx-RP0pETld9b27X7AYEb9QeY-QbkvA0N2H
.sitescout.com/	1970-01-19 14:06:38	Name: _ssuma Value: eyIzNCI6MTYwMzQwNjcyMTM2MiwiNDUiOjE2MDM0MDY3MjE0OTMsIjIiOjE2MDM0MDY3MjEzNjIsIjMiOjE2MDM0MDY3MjE0OTMsIjQiOjE2MDM0MDY3MjEzNjIsIjM5IjoxNjAzNDA2NzIxMzYyLCIyOCI6MTYwMzQwNjcyMTQ5MywiNyI6MTYwMzQwNjcyMTM2MiwiMjkiOjE2MDM0MDY3MjE0OTMsIjgiOjE2MDM0MDY3MjE0OTN9
.dea.gov/	1970-01-19 22:45:02	Name: __gads Value: ID=5d2934fff808cf2f:T=1603406721:S=ALNI_MbzcHoYdCKBE5R5_hmpKlu1LtP1hg
.dea.gov/	1970-01-19 15:33:02	Name: _gcl_au Value: 1.1.848438560.1603406721
.dea.gov/	1970-01-19 13:23:26	Name: _gat_UA-163591755-1 Value: 1
.sitescout.com/	1970-01-19 22:09:02	Name: ssi Value: 64c0d13f-f33c-4f68-83e5-bab096e52276#1603406721363
.dea.gov/	1970-01-19 15:33:02	Name: _fbp Value: fb.1.1603406721279.1598487279
.dea.gov/	1970-01-19 13:24:53	Name: _uetsid Value: 43ea433014b811eb9b28674fd2f0da38
.dea.gov/	1970-01-19 13:24:53	Name: _gid Value: GA1.2.217948457.1603406721
.dea.gov/	1970-01-20 06:54:38	Name: _ga Value: GA1.2.1082258526.1603406721
.dea.gov/	1970-01-19 13:23:26	Name: _gat Value: 1
.dea.gov/	1970-01-19 13:46:50	Name: _uetvid Value: 43ea76e014b811eb891ead8443f702d7
takebackday.dea.gov/	1969-12-31 23:59:59	Name: has_js Value: 1
.dea.gov/	1970-01-19 13:23:33	Name: ak_bmsc Value: F150B81B9236213535717EA24CFDAA470210BA8C07460000800B925F5014662B~plVOAv3fBeNLDUFFpnVJw17ZfAlRogZKg2xSMbcdGsA3Z7eWIidaHzvUZP7E6WVBJDHiiEB2moldsjRIkv+QlF3S81EmIdgCWryN03rV4QqakNwRabsZ/Ro99Uw2jOoYnXIDiuorWclO2/nMNOq/T20BS/m+DQgGsVjvAHuNkwR/Scvr6quBYcBafDNasKo4y4JBsvVH4yY6+OG8SJhyXJhXisA51Z3pyNEtXku2ilG+4=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1a8e9bf46c7c07f3ae85b8e694e208d9.safeframe.googlesyndication.com
9076792.fls.doubleclick.net
acdn.adnxs.com
adservice.google.ch
adservice.google.com
bat.bing.com
clickserv.sitescout.com
connect.facebook.net
findtreatment.samhsa.gov
fonts.googleapis.com
fonts.gstatic.com
ib.adnxs.com
img.youtube.com
insight.adsrvr.org
pagead2.googlesyndication.com
pixel-a.basis.net
pixel.logtrackback.com
pixel.sitescout.com
pubads.g.doubleclick.net
secure.adnxs.com
securepubads.g.doubleclick.net
sp.analytics.yahoo.com
storage.cloud.kargo.com
tags.w55c.net
takebackday.dea.gov
tpc.googlesyndication.com
up.pixel.ad
www.deatakeback.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
172.217.23.162
172.217.23.166
178.79.227.76
18.157.138.23
18.203.124.74
185.33.220.242
185.33.221.91
2.16.107.122
2.18.232.130
212.82.100.181
2600:9000:2093:7200:9:2605:a100:93a1
2620:1ec:c11::200
2a00:1450:4001:806::200a
2a00:1450:4001:808::2003
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:816::2001
2a00:1450:4001:81d::200e
2a00:1450:4001:824::2001
2a00:1450:4001:824::2002
2a00:1450:4001:824::2008
2a02:26f0:6c00:28b::2b0e
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
54.88.103.66
66.155.71.150
66.155.71.189
004ec09200d31dc644fa397eaf46e5866d3e3902f82ef69df791df6abad2dc96
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05d53e6b30d23b9a7810874e17763ad58b14bcf691a8e722fc2791e2fcfe5545
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
0db13bf18e88627fb30c5a185ac8c0c55d988b5547961b28910db5198088912c
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
101309796941cb9b2ada88c7219a0ba69d37bb42b6aa8843f1068664c3aca401
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12169b1dd348eb7df14231281f1d0d77a6b8b272711d5afc0294205cfa521992
16b50b1d7e47eec5d8b2cf7f1c0429fcc84a6f0dca81eb67d928e4ce94e2bb5a
170f81fd18b1e8b936c9db2e5c2a1ed6e1d41629b194903ea8002368608cda3f
172e3e68d05cbbe1c9cde9ac4e419d9a9e3c12212f21d3c382a775754300fd13
1bad8ea727b4ffe5f7a949d563bab8e7da9586b7887447d248d36bd5a63555e6
1d6e0981dfc9abc260fa1784c657ceb6c01ce4fc5060cf4fd81ef0ce338eb7f2
1d80facff4e17f883f87ed7a8937b1e34d821c961564ea3a402fb0f16f4d500a
2710a3899cc9b7b18ae8e4848a70e89b8394a5c97fd97125d0d97da0a309963f
296ba8fd5ac86a83b8611302f2b69277ee9129f3a1687ae64f1651c6e3ded0c2
2a267d6e773e147c3fb77446f83b36de4772b3c42da80205533fe0830fe30e3a
347405cf0e6fdab868e304bac56f1d2092d4eb3c9919ae4eb5e3f1d5bbc86219
35b4e01fc96374d023f9ad5094b9c4e382d00049a641568f2199c4ed7153c0bd
3883ff2a5b46193da5464f5ae5fb94169d1361cfecedbd187439d459dc669f31
3c66c98070940817f8760ecaf4ab7c680c2c0299dd3f8199f51b93a0fcb7f859
41665172fca5d226a8dcc9100a496f420a095309eacce59d90631c31ecaf6d5d
426706009141ad5502475bac13c268944bc54a6e772d44bf48f653f711d5915d
42fc8447a9217db9ed731aba13676dd8e6d3cb3e39a747a38ceb66eb54d2d474
430471bb964548b3da8538b3f0c9107f867c76944781f552f40cc30831d5c3ff
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515
51bf00709d5b30037289acdf207c4a01a57fdfba43c09bb0003cf6d70866d653
558962fb116d969e82b17d11b4fc42492569113dc3175dfd0b9347b38a403dea
563c06dcdeb24b7dc8155a036b72a2f4cb2a4d9d69f4c81846ef742fd5a58032
5bdf1120c4df8c868092d0bcb7f2540a85456fd94cd1e1a5570c9b63906b1a5b
5c574606c87a11d447305f17792174c6ba32b2ddc5dd3654bd4fdb5e04ffc2b4
5cd305df6f4a0a3ab95fe841d280e16f3b878a132f9bf9a72b18e65d42679417
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
6238ac76fe33cbc8771aa62bfdee7eff7474a4c86c80a17f860f0478eeab584d
662bb5ff42520f16b028258c308d5ecbbc9c8085129b41e0443533ccff67ffb5
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
700722ab1f9600ed3cec35f9940eae36e7392bfd0d7d509373321c9c5129b6ae
703483fc536584c9cda247e90b1e21b4402c384c25a271402d18dc0dc05f2855
71f286cbb2d39fe9613d55f43ae099eaf7a4d1d89c82c09363f3b90d8478b2be
75b738f5d05cf87802f7645c63fbfc53bd6556b2e0a4a74f22d125ecf2d37aaa
78cd98fa0c84e49e56beff37d3de6c163623ecb9976816c6d14dbc7e747f1d0e
7e71d6ff499ccd7d04de80220ebcc6d0cf09a29643dba73d1f1f61d568c56a6b
8a4fe4517e1bbcc5db066b1281561f1bcc1a7a886da76394e608009be2653117
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e0002cb9e541e2a3be87ab13deec3a1c281654ee41c6540308fb1038339fac6
90aabd629e0522cbb08a1c0cada487d3c034e86db2cdabe70d15424ebdf4eea2
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
957b9b88a3fea312732517592b0b7b328fce3810e09469d2b3d7bc3b2646c67a
997b328d4556b4596e8c788cd1a5030a90b10b4161e5fea5d4cb3ce01a7752fa
9d55a25adcc25405c31ef55059e0f75b93e23bc648b02fd07180243daea79f9b
9db9ded2f6f95305f9a27d733bdf77552bef0d950505afc48e91b677ebbfadc3
9ea600e4e824725eb1f88e14401da249b32e8de34547e3d893a2ff28a464a2c8
9ea80daf66d581a5fbcdfaadf25949f079aa1af6b98ee7c6f7d1eaa6fae6b5b8
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a32b89473df6ced5953684278e431ae4a01141364fab23812960a0d69c5ab3ee
a926ef9e8741305e1072abb60b2ec551fc6d98fce023b407316f637f2c7b4c31
aec1a23393357df7ba12137e46784ce5fde90f227c6403c524d2a97e3b5ea4b9
aef5db68e9c0d1d356b829a3b564e53b6af0119706fba4c7bb8c4091ae948b1e
afe45a0fe1b54724b27dc34dba412f1b14cb209546b469b5b64c6df8ca90ee54
b6b09e85541356ef4d57c845c0e1837b70e94068cb79c009ffc777964a9561b7
bf0f5b737d4a3a758f1eaf5c3e0616a2e0f1e3062492675ee0f8e5c28c083e94
c140bb03f48bcf30bb799c67c61b64f31ad28aa16bb60429a8bc71504d8b339f
c17a74b4f81c98beff00dcb2c9456e23b2d1d9e4f6cec6e02bb5304fba34a897
c3f9aae39968438a3f9d19ad0efbebb91066f130aab71305719374206a3d27f0
c44fab5ab25ff9f9dc07aced65f77686ec6a831bb858efaac266ba5deaf7d26e
c6eb588bf8f96c6b33e69cef1f76a480846b80fd7481550f4e223ad04fb30712
d2c6f27eacd2eb24a68cde9b9f11b8db7ba00514034701a3143e80b68063aa09
d2da3bdfb97c04360c684feeaac2a007c4a391f0b7623a0294f5c8eb3a91afc4
d6f87d838a2c90f9b57f3f7393c72db11c1ed488ad80156f15d64f9858f22ee0
db5c1b74d5ceb7aaad74e3f1b8a08fa064516dfa98e121e78f67a308b10c0efe
dc915fd6ad3ecc0d55fae60f25bd7ac31d500ea05680a934ecdb483e4b019c95
e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42cfddf692d034ce9e195b297783a192d04f818730530872331dd47336abb79
e75ad80c86326c1126b3e2339d8f52b784d693c84cedc859ab2809796d1789d9
e791cefe9d67d0991fd3e3aa72c756852054bca9803ae57ba0c01ae1d6eb15bc
ecd75ecf82ccaf49e36256fb83d756b02cbd876087c0d2e50f98703618b71e72
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0a07161a11ee10f06c920ec156703c719abe2169b606d42e993da0e284098d3
f5854727505a09439d873e602c7016ce2264ce7eb87d432939fa4c28361a7b3f
f6c6a084d20419521fdd0a581b80e41c5d73aeafd60a0224e7776a6826060625
f8ea492dd9fcc2ad992d8d21c3577517ffb319fb6a8b1dfa5d0ad49474178066
f95486c98642d29622bee9b05a75b12f10136296b002d44979b44cdb3f876ccb

takebackday.dea.gov Open in urlscan Pro 2a02:26f0:6c00:28b::2b0e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

116 Requests

99 %HTTPS

52 %IPv6

25 Domains

32 Subdomains

28 IPs

8 Countries

2236 kBTransfer

3876 kBSize

14 Cookies

17 Outgoing links

Page URL History

Redirected requests

116 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

takebackday.dea.gov Open in urlscan Pro
2a02:26f0:6c00:28b::2b0e Public Scan

Screenshot
Live screenshot

Full Image

116
Requests

99 %
HTTPS

52 %
IPv6

25
Domains

32
Subdomains

28
IPs

8
Countries

2236 kB
Transfer

3876 kB
Size

14
Cookies

116 HTTP transactions
0 data transactions