www.calotteryx.com Open in urlscan Pro
142.4.208.214 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.calotteryx.com/
Submission: On July 28 via manual (July 28th 2022, 6:59:33 pm UTC) from US — Scanned from CA

Summary HTTP 207 Redirects Behaviour Indicators

Summary

This website contacted 31 IPs in 3 countries across 26 domains to perform 207 HTTP transactions. The main IP is 142.4.208.214, located in Canada and belongs to OVH, FR. The main domain is www.calotteryx.com.

This is the only time www.calotteryx.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
50	142.4.208.214 142.4.208.214	16276 (OVH) (OVH)
23	2607:f8b0:400... 2607:f8b0:4006:820::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:81c::2004	15169 (GOOGLE) (GOOGLE)
1 2	54.230.163.33 54.230.163.33	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:820::200e	15169 (GOOGLE) (GOOGLE)
15	2607:f8b0:400... 2607:f8b0:4006:80f::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.80.2 142.250.80.2	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:816::2002	15169 (GOOGLE) (GOOGLE)
25	2607:f8b0:400... 2607:f8b0:4006:816::2001	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:823::2002	15169 (GOOGLE) (GOOGLE)
3	142.250.65.162 142.250.65.162	15169 (GOOGLE) (GOOGLE)
28	2607:f8b0:400... 2607:f8b0:4006:824::2006	15169 (GOOGLE) (GOOGLE)
4 12	142.251.32.98 142.251.32.98	15169 (GOOGLE) (GOOGLE)
3 5	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	68.67.160.132 68.67.160.132	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2600:1400:d:5... 2600:1400:d:58c::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	54.200.135.15 54.200.135.15	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:809::200a	15169 (GOOGLE) (GOOGLE)
1 1	2600:9000:21d... 2600:9000:21da:1800:19:fc2c:a140:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	35.190.90.30 35.190.90.30	15169 (GOOGLE) (GOOGLE)
2 2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 2	104.36.115.113 104.36.115.113	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2600:1f18:445... 2600:1f18:445b:901:d799:937f:65e0:74fe	14618 (AMAZON-AES) (AMAZON-AES)
1 1	18.234.4.63 18.234.4.63	14618 (AMAZON-AES) (AMAZON-AES)
4	2607:f8b0:400... 2607:f8b0:4006:81c::200a	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:81f::2003	15169 (GOOGLE) (GOOGLE)
3	23.205.76.25 23.205.76.25	16625 (AKAMAI-AS) (AKAMAI-AS)
8	23.52.167.93 23.52.167.93	16625 (AKAMAI-AS) (AKAMAI-AS)
2	204.154.110.83 204.154.110.83	36062 (DOUBLE-VE...) (DOUBLE-VERIFY)
1	23.34.59.152 23.34.59.152	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2607:f8b0:400... 2607:f8b0:4006:824::2003	15169 (GOOGLE) (GOOGLE)
2	23.215.130.91 23.215.130.91	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	34.111.96.116 34.111.96.116	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:c... 2600:1901:0:cba2::	15169 (GOOGLE) (GOOGLE)
207	31

50 142.4.208.214 (Canada)

ASN16276 (OVH, FR)
PTR: ns506590.ip-142-4-208.net

www.calotteryx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2607:f8b0:4006:820::2002 (New York, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81c::2004 (New York, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.230.163.33 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-54-230-163-33.ewr53.r.cloudfront.net

scripts.chitika.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:820::200e (New York, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2607:f8b0:4006:80f::2002 (New York, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s33-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:816::2002 (New York, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2607:f8b0:4006:816::2001 (New York, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:823::2002 (New York, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.65.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2607:f8b0:4006:824::2006 (New York, United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.251.32.98 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.18.126 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 68.67.160.132 (New York, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1400:d:58c::4469 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.200.135.15 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-200-135-15.us-west-2.compute.amazonaws.com

scotiabank.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:809::200a (New York, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21da:1800:19:fc2c:a140:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.90.30 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.36.115.113 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:445b:901:d799:937f:65e0:74fe (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.234.4.63 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-234-4-63.compute-1.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81c::200a (New York, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81f::2003 (New York, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.205.76.25 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-76-25.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.52.167.93 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-167-93.deploy.static.akamaitechnologies.com

warp.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hblg.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lg3.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 204.154.110.83 (United States)

ASN36062 (DOUBLE-VERIFY, US)
PTR: nycp-phlb113.doubleverify.com

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-nyc.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.34.59.152 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-34-59-152.deploy.static.akamaitechnologies.com

qsearch-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:824::2003 (New York, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.215.130.91 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-215-130-91.deploy.static.akamaitechnologies.com

pxlclnmdecom-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.111.96.116 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 116.96.111.34.bc.googleusercontent.com

dts.clnmde.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:cba2:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

dts6.clnmde.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	calotteryx.com www.calotteryx.com	363 KB
47	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 tpc.googlesyndication.com — Cisco Umbrella Rank: 159	531 KB
29	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 56 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 296 cm.g.doubleclick.net — Cisco Umbrella Rank: 205	165 KB
28	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 273	187 KB
11	media.net contextual.media.net — Cisco Umbrella Rank: 515 warp.media.net — Cisco Umbrella Rank: 2102 hblg.media.net — Cisco Umbrella Rank: 1444 lg3.media.net — Cisco Umbrella Rank: 3431 cs.media.net — Cisco Umbrella Rank: 1487	178 KB
6	clnmde.com dts.clnmde.com — Cisco Umbrella Rank: 16501 dts6.clnmde.com — Cisco Umbrella Rank: 18030	1 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	58 KB
5	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 303 fonts.googleapis.com — Cisco Umbrella Rank: 72	10 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 531 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 460	5 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 181	213 KB
5	google.com www.google.com — Cisco Umbrella Rank: 10 adservice.google.com — Cisco Umbrella Rank: 96	2 KB
4	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 461 tps.doubleverify.com — Cisco Umbrella Rank: 464 tpsc-nyc.doubleverify.com — Cisco Umbrella Rank: 1517	110 KB
3	akamaihd.net qsearch-a.akamaihd.net — Cisco Umbrella Rank: 1729 pxlclnmdecom-a.akamaihd.net — Cisco Umbrella Rank: 11451	37 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 234	3 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 634	1 KB
2	openx.net 2 redirects rtb.openx.net — Cisco Umbrella Rank: 1686	583 B
2	demdex.net 1 redirects scotiabank.demdex.net — Cisco Umbrella Rank: 36828	2 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 226	25 KB
2	google.ca adservice.google.ca — Cisco Umbrella Rank: 12225	914 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	17 KB
2	chitika.net 1 redirects scripts.chitika.net — Cisco Umbrella Rank: 998790	745 B
1	adingo.jp 1 redirects cc.adingo.jp — Cisco Umbrella Rank: 3251	416 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1431	297 B
1	mookie1.com 1 redirects odr.mookie1.com — Cisco Umbrella Rank: 926	728 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 568	696 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 873	702 B
207	26

	Domain	Requested by
50	www.calotteryx.com	www.calotteryx.com
28	s0.2mdn.net	googleads.g.doubleclick.net s0.2mdn.net www.calotteryx.com
25	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
22	pagead2.googlesyndication.com	www.calotteryx.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
14	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.calotteryx.com
12	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net
5	dts.clnmde.com	pxlclnmdecom-a.akamaihd.net
5	www.googletagservices.com	googleads.g.doubleclick.net
4	www.gstatic.com	googleads.g.doubleclick.net
4	fonts.googleapis.com	googleads.g.doubleclick.net ajax.googleapis.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
3	lg3.media.net	googleads.g.doubleclick.net www.calotteryx.com
3	hblg.media.net	googleads.g.doubleclick.net
3	contextual.media.net	googleads.g.doubleclick.net contextual.media.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	googleads4.g.doubleclick.net	googleads.g.doubleclick.net www.calotteryx.com
3	www.google.com	www.calotteryx.com googleads.g.doubleclick.net tpc.googlesyndication.com
2	pxlclnmdecom-a.akamaihd.net	contextual.media.net pxlclnmdecom-a.akamaihd.net
2	image6.pubmatic.com	2 redirects
2	rtb.openx.net	2 redirects
2	scotiabank.demdex.net	1 redirects googleads.g.doubleclick.net
2	cdnjs.cloudflare.com	s0.2mdn.net
2	cdn.doubleverify.com	s0.2mdn.net www.calotteryx.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.ca	pagead2.googlesyndication.com
2	www.google-analytics.com	www.calotteryx.com
2	scripts.chitika.net	1 redirects www.calotteryx.com
1	tpsc-nyc.doubleverify.com	cdn.doubleverify.com
1	cs.media.net	contextual.media.net
1	dts6.clnmde.com	googleads.g.doubleclick.net
1	fonts.gstatic.com	fonts.googleapis.com
1	qsearch-a.akamaihd.net	googleads.g.doubleclick.net
1	tps.doubleverify.com	cdn.doubleverify.com
1	warp.media.net	googleads.g.doubleclick.net
1	cc.adingo.jp	1 redirects
1	ag.innovid.com	googleads.g.doubleclick.net
1	ssum-sec.casalemedia.com	1 redirects
1	odr.mookie1.com	1 redirects
1	d.agkn.com	1 redirects
1	ajax.googleapis.com	s0.2mdn.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
207	41

This site contains no links.

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2021-12-23` - `2022-12-23`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-28` - `2023-06-30`	a year	crt.sh
dts.clnmde.com GTS CA 1D4	`2022-06-09` - `2022-09-07`	3 months	crt.sh

This page contains 26 frames:

Primary Page: http://www.calotteryx.com/
Frame ID: 5193A6332A342A1546964EAA5B496A4B
Requests: 66 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220726/r20190131/zrt_lookup.html
Frame ID: BF8B554C6C082CBC86187A1FC8C1EA4E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0217567433541916&output=html&h=600&slotname=1113621453&adk=3269828215&adf=4294855720&pi=t.ma~as.1113621453&w=160&lmt=1659034766&url=http%3A%2F%2Fwww.calotteryx.com%2F&wgl=1&dt=1659034766325&bpp=14&bdt=159&idt=150&shv=r20220726&mjsv=m202207210101&ptt=5&saldr=sa&abxe=1&correlator=4418382583650&frm=20&pv=2&ga_vid=1640585551.1659034766&ga_sid=1659034766&ga_hid=236538459&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=317&ady=116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067984%2C31068585%2C31064018&oid=2&pvsid=2904366874347909&tmod=1836082873&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=ADPQBl0CVG&p=http%3A//www.calotteryx.com&dtd=184
Frame ID: 472B3F9924D469304ADDA9DD62E3741C
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0217567433541916&output=html&h=15&slotname=5600219850&adk=3853636943&adf=4292359678&pi=t.ma~as.5600219850&w=728&lmt=1659034766&url=http%3A%2F%2Fwww.calotteryx.com%2F&wgl=1&dt=1659034766343&bpp=4&bdt=177&idt=196&shv=r20220726&mjsv=m202207210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=1113621453&correlator=4418382583650&frm=20&pv=1&ga_vid=1640585551.1659034766&ga_sid=1659034766&ga_hid=236538459&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=513&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067984%2C31068585%2C31064018&oid=2&pvsid=2904366874347909&tmod=1836082873&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=DfOe1s7Anc&p=http%3A//www.calotteryx.com&dtd=202
Frame ID: A4D214EF01586C8749AAA61952648AE6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0217567433541916&output=html&h=15&slotname=5600219850&adk=3853636943&adf=4131526282&pi=t.ma~as.5600219850&w=728&lmt=1659034766&url=http%3A%2F%2Fwww.calotteryx.com%2F&wgl=1&dt=1659034766350&bpp=4&bdt=185&idt=207&shv=r20220726&mjsv=m202207210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=1113621453%2C5600219850&correlator=4418382583650&frm=20&pv=1&ga_vid=1640585551.1659034766&ga_sid=1659034766&ga_hid=236538459&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=513&ady=73&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067984%2C31068585%2C31064018&oid=2&pvsid=2904366874347909&tmod=1836082873&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=eCFW3Withk&p=http%3A//www.calotteryx.com&dtd=214
Frame ID: 10C87D1EEF0F5105A9841B8EB965910A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0217567433541916&output=html&h=15&slotname=5600219850&adk=3853636943&adf=520734591&pi=t.ma~as.5600219850&w=728&lmt=1659034766&url=http%3A%2F%2Fwww.calotteryx.com%2F&wgl=1&dt=1659034766354&bpp=2&bdt=189&idt=215&shv=r20220726&mjsv=m202207210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=1113621453%2C5600219850%2C5600219850&correlator=4418382583650&frm=20&pv=1&ga_vid=1640585551.1659034766&ga_sid=1659034766&ga_hid=236538459&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=513&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067984%2C31068585%2C31064018&oid=2&pvsid=2904366874347909&tmod=1836082873&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=FXurlIjp5s&p=http%3A//www.calotteryx.com&dtd=220
Frame ID: 7A9506A69A00FE4FC1D945F58A7B5BBC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0217567433541916&output=html&adk=1812271804&adf=3025194257&lmt=1659034766&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1048576%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.calotteryx.com%2F&ea=0&pra=5&wgl=1&dt=1659034766383&bpp=3&bdt=217&idt=201&shv=r20220726&mjsv=m202207210101&ptt=9&saldr=aa&abxe=1&prev_slotnames=1113621453%2C5600219850%2C5600219850%2C5600219850&nras=1&correlator=4418382583650&frm=20&pv=1&ga_vid=1640585551.1659034766&ga_sid=1659034766&ga_hid=236538459&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067984%2C31068585%2C31064018&oid=2&pvsid=2904366874347909&tmod=1836082873&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=5&uci=a!5&fsb=1&dtd=209
Frame ID: 5635358A967606BC4221BA40CB703458
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0217567433541916&output=html&h=60&slotname=2590354652&adk=2609542261&adf=966971807&pi=t.ma~as.2590354652&w=468&lmt=1659034766&url=http%3A%2F%2Fwww.calotteryx.com%2F&wgl=1&dt=1659034766416&bpp=13&bdt=250&idt=179&shv=r20220726&mjsv=m202207210101&ptt=5&saldr=sa&abxe=1&prev_fmts=0x0&prev_slotnames=1113621453%2C5600219850%2C5600219850%2C5600219850&nras=1&correlator=4418382583650&frm=20&pv=1&ga_vid=1640585551.1659034766&ga_sid=1659034766&ga_hid=236538459&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=652&ady=344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067984%2C31068585%2C31064018&oid=2&pvsid=2904366874347909&tmod=1836082873&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&fsb=1&xpc=lnvTIcFrTp&p=http%3A//www.calotteryx.com&dtd=186
Frame ID: BBDD37234A7C90E06504D853CE92F5E5
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0217567433541916&output=html&h=90&slotname=8636888252&adk=2846920967&adf=152940308&pi=t.ma~as.8636888252&w=728&lmt=1659034766&url=http%3A%2F%2Fwww.calotteryx.com%2F&wgl=1&dt=1659034766430&bpp=9&bdt=264&idt=175&shv=r20220726&mjsv=m202207210101&ptt=5&saldr=sa&abxe=1&prev_fmts=0x0&prev_slotnames=1113621453%2C5600219850%2C5600219850%2C5600219850%2C2590354652&nras=1&correlator=4418382583650&frm=20&pv=1&ga_vid=1640585551.1659034766&ga_sid=1659034766&ga_hid=236538459&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=522&ady=714&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067984%2C31068585%2C31064018&oid=2&pvsid=2904366874347909&tmod=1836082873&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=7&uci=a!7&fsb=1&xpc=9oPpflpkTH&p=http%3A//www.calotteryx.com&dtd=181
Frame ID: D5FC8B6C48C4BB7B2D2862CFC5DBCFA1
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjmXhCA8WYY-KPPzQEwAQ&v=APEucNU3g2ckwE1T1QC_3QSF7u47gVar1gCofM31Rm2qJksrs-RBvin8_BxFKdTVpPys_NJU1BYCkwb-E10TpZCT_hBoCYBC3Q
Frame ID: 37B66AC3C98C0CC9B31497198778BF6F
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 91BE7C3DC72B76F69178D0EF73279614
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4916229719952719872/index.html
Frame ID: 8FB71E95580F0DB63903B095CB143BE9
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 731A2B4E803AE81B2CF6EC0C3653AF42
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220726/r20110914/zrt_lookup.html?fsb=1
Frame ID: D79DF8233FADF9569BADCACD71E64764
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220726/r20110914/zrt_lookup.html?fsb=1
Frame ID: 27451E24CF1C72344C6D4260F2CFEDEE
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 41D39E45699144BBEB57212DF145E9E1
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14202341889595670528/index.html
Frame ID: 552BF6260A50CC3DEF37A1344345AACC
Requests: 13 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements2940.js
Frame ID: F3F1EAD236BC4E809285E21C5C4F946F
Requests: 3 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 287349508C2D1A40FE9C1C50D48F93E9
Requests: 7 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C4%2C20000%2C313%2C10000%2C9%2C319%2C294&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: FF0F4795483C4E23BD2CA86D3FFA01BD
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js
Frame ID: A1AD6BD4A8C89A528D551DD091CEBD88
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js
Frame ID: F75D8067D03173CBFB9A9C7C5D7720A7
Requests: 1 HTTP requests in this frame

Frame: https://pxlclnmdecom-a.akamaihd.net/javascripts/bfp_ssn.js?templateId=3
Frame ID: 84D335BAD16E04453D6925E680B69FEC
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: 98DCDEA6BE192607C12027A35CF7A69D
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 194A202FCA91AD424B52CED94BF53BBA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1B6669C1A87FD31ACCEB869ABFE869B7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

California Lottery | CA Lottery - calotteryx.com

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Chitika (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

scripts\.chitika\.net/

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Page Statistics

207
Requests

68 %
HTTPS

49 %
IPv6

26
Domains

41
Subdomains

31
IPs

3
Countries

1901 kB
Transfer

4630 kB
Size

33
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

http://scripts.chitika.net/eminimalls/amm.js HTTP 301
https://scripts.chitika.net/eminimalls/amm.js

Request Chain 41

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 44

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1257954130&utmhn=www.calotteryx.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=California%20Lottery%20%7C%20CA%20Lottery%20-%20calotteryx.com&utmhid=236538459&utmr=-&utmp=%2F&utmht=1659034766313&utmac=UA-38623554-1&utmcc=__utma%3D202592387.1640585551.1659034766.1659034766.1659034766.1%3B%2B__utmz%3D202592387.1659034766.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1844721684&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1257954130&utmhn=www.calotteryx.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=California%20Lottery%20%7C%20CA%20Lottery%20-%20calotteryx.com&utmhid=236538459&utmr=-&utmp=%2F&utmht=1659034766313&utmac=UA-38623554-1&utmcc=__utma%3D202592387.1640585551.1659034766.1659034766.1659034766.1%3B%2B__utmz%3D202592387.1659034766.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1844721684&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Request Chain 82

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP-DboZDYwWmTIfDKEM582s&google_cver=1

Request Chain 83

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YuLcjw2CJ7zoBna038bC6wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDqBIQQGweA7azwyyyzTUv8&google_cver=1

Request Chain 84

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEMLQKaV34zIBacSBsC1Kh7E&google_cver=1

Request Chain 85

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg1NjgyMzYzMTk2OTg4MjMzMw%3D%3D

Request Chain 112

https://scotiabank.demdex.net/event?d_event=imp&d_src=203093&d_creative=173744556&d_campaign=27984544&d_placement=339132495&d_site=3375178&c_advertID=6105463&d_bust=359949805 HTTP 302
https://scotiabank.demdex.net/firstevent?d_event=imp&d_src=203093&d_creative=173744556&d_campaign=27984544&d_placement=339132495&d_site=3375178&c_advertID=6105463&d_bust=359949805

Request Chain 121

https://d.agkn.com/pixel/2175/?google_gid=CAESEL0cQyrzOLYoqApnAoRq-Os&google_cver=1&google_push=AehlK4C7GULHWzI4UvsK4-NKJWi1-Xrg162Kt7EARQBotXJ1Et9N7Hhsd_sEH8rOnhlojwztgb6wRsoEKwNBGogBIDW18ZS1DBg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4C7GULHWzI4UvsK4-NKJWi1-Xrg162Kt7EARQBotXJ1Et9N7Hhsd_sEH8rOnhlojwztgb6wRsoEKwNBGogBIDW18ZS1DBg&google_hm=Q0FFU0VMMGNReXJ6T0xZb3FBcG5Bb1JxLU9z

Request Chain 122

https://odr.mookie1.com/t/v2/sync?tagid=V2_4530&src.visitorid=CAESEGIfkM_TPnAGCVnso2G9t18&google_cver=1&google_push=AehlK4DN89wNUmQlKb_2gnh0WfSWmQChvNwumx5IcmdMAloBpGUXauJm1DcqojiXdWkB0JeIu_So9pHkZrXtdKs6tt28icdWLa8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dev_dmp&google_push=AehlK4DN89wNUmQlKb_2gnh0WfSWmQChvNwumx5IcmdMAloBpGUXauJm1DcqojiXdWkB0JeIu_So9pHkZrXtdKs6tt28icdWLa8&google_hm=MTA2MDA4NDAyMDYzMTI1MzAzNjI

Request Chain 123

https://rtb.openx.net/sync/dds?google_gid=CAESEPv5WwSwV23DSObkvwbFUqg&google_cver=1&google_push=AehlK4Ct7_VqHOUNnZb5zpZBwmRWbwsstxUKXL0WgOb_OlpU2IzEQtq5NkRB1qQp5IGIL5yuJYOoa-5Kujvx1lJA5ijYDwAmHUVh HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEPv5WwSwV23DSObkvwbFUqg&google_cver=1&google_push=AehlK4Ct7_VqHOUNnZb5zpZBwmRWbwsstxUKXL0WgOb_OlpU2IzEQtq5NkRB1qQp5IGIL5yuJYOoa-5Kujvx1lJA5ijYDwAmHUVh&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4Ct7_VqHOUNnZb5zpZBwmRWbwsstxUKXL0WgOb_OlpU2IzEQtq5NkRB1qQp5IGIL5yuJYOoa-5Kujvx1lJA5ijYDwAmHUVh&google_hm=QRfVF6r6wW8kkYSQ2M9ySg==

Request Chain 124

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMkqPIogebJf79AYhg0Q5jg&google_cver=1&google_push=AehlK4AhZ0qVo5mdT4zNpSVeqoEfFyWm2f1lmbhrpka-a3dTt9VKpGD9v9XR5WQPaNQhdnOeKb9pbZ7ZeSJAWVIC6PFWMA8ih10 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMkqPIogebJf79AYhg0Q5jg&google_cver=1&google_push=AehlK4AhZ0qVo5mdT4zNpSVeqoEfFyWm2f1lmbhrpka-a3dTt9VKpGD9v9XR5WQPaNQhdnOeKb9pbZ7ZeSJAWVIC6PFWMA8ih10&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=B_EnlC9sTKGewPliDKoLvA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AehlK4AhZ0qVo5mdT4zNpSVeqoEfFyWm2f1lmbhrpka-a3dTt9VKpGD9v9XR5WQPaNQhdnOeKb9pbZ7ZeSJAWVIC6PFWMA8ih10

Request Chain 125

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEH3HW_BQF4e4cPtJ7bH7VFk&google_cver=1&google_push=AehlK4Dtag5KpPBYcpmVYQmqM2Mpjg2M9ETCr1Lnz4w7qiiRAa_lVpJBV0Gkhtf-fJr_MGTzcn5vHiUa9Wt2CI0Qnq0boRt0rS0A HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEH3HW_BQF4e4cPtJ7bH7VFk&google_hm=YuLcjw2CJ7zoBna038bC6wAAACEAAAIB&google_nid=index&google_push=AehlK4Dtag5KpPBYcpmVYQmqM2Mpjg2M9ETCr1Lnz4w7qiiRAa_lVpJBV0Gkhtf-fJr_MGTzcn5vHiUa9Wt2CI0Qnq0boRt0rS0A

Request Chain 127

https://cc.adingo.jp/adx/push/?google_gid=CAESEFM9k0oKVLHmipW2Rg4lrSM&google_cver=1&google_push=AehlK4CWKodepYjeAIIzQRxkjJRINEsAa_hGG6ZSbVI6N79_AVwkMbo8PbFzfci9jXYORTN2BxciZpKKogbNRa51Qlto5BaHG-gZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4CWKodepYjeAIIzQRxkjJRINEsAa_hGG6ZSbVI6N79_AVwkMbo8PbFzfci9jXYORTN2BxciZpKKogbNRa51Qlto5BaHG-gZ&google_hm=6eea17993f1354c1a6e1eae2915791ea

Request Chain 192

https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzAyMDM2MzY4MTQ1NDc1NjAwMFYxMA%3D%3D&google_sc=1 HTTP 302
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEOsBozI3RToy-lrQpfP15K8&google_cver=1

207 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.calotteryx.com/ 65 KB
65 KB 116ms
44ms Document
text/html 142.4.208.214
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.calotteryx.com/
Protocol: HTTP/1.1
Server: 142.4.208.214 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns506590.ip-142-4-208.net
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 / PHP/5.4.16
Resource Hash: 35089cd5570f3e36dc9591657ee1240fc44ff0f27a121a591ee8795975c12f9d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Thu, 28 Jul 2022 18:59:26 GMT
Keep-Alive: timeout=5, max=100
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
Transfer-Encoding: chunked
X-Powered-By: PHP/5.4.16

GET
H/1.1 200
OK common.js Show response
www.calotteryx.com/js/ 1 KB
2 KB 23ms
10ms Script
application/javascript 142.4.208.214
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.calotteryx.com/js/common.js
Requested by: Host: www.calotteryx.com
URL: http://www.calotteryx.com/
Protocol: HTTP/1.1
Server: 142.4.208.214 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns506590.ip-142-4-208.net
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: cc8ff7980b4733a04063dbd5719b49aa7096aa4eacf85f9221d7046146725709

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 28 Jul 2022 18:59:26 GMT
Last-Modified: Sun, 02 Jun 2013 04:12:19 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "5c5-4de240dd38ec0"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1477

GET
H/1.1 200
OK ads.js Show response
www.calotteryx.com/js/ 2 KB
2 KB 34ms
10ms Script
application/javascript 142.4.208.214
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.calotteryx.com/js/ads.js
Requested by: Host: www.calotteryx.com
URL: http://www.calotteryx.com/
Protocol: HTTP/1.1
Server: 142.4.208.214 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns506590.ip-142-4-208.net
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: 83174a8ab67ab159cbcf202ab6f624c96d6b243864863c91512c061b00de3074

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 28 Jul 2022 18:59:26 GMT
Last-Modified: Sat, 29 Jun 2013 19:20:01 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "7a7-4e04fe1bada40"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1959

GET
H/1.1 200
OK menu.css
www.calotteryx.com/css/ 4 KB
4 KB 20ms
10ms Stylesheet
text/css 142.4.208.214
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.calotteryx.com/css/menu.css
Requested by: Host: www.calotteryx.com
URL: http://www.calotteryx.com/
Protocol: HTTP/1.1
Server: 142.4.208.214 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns506590.ip-142-4-208.net
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: 87fbc515e90fcb2224833ca1b3ebed233ed6b354c408012477aa07c242e7b64a

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 28 Jul 2022 18:59:26 GMT
Last-Modified: Sun, 23 Jun 2013 00:26:55 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "f80-4dfc75a6691c0"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3968

GET
H/1.1 200
OK style.css
www.calotteryx.com/css/ 14 KB
14 KB 19ms
10ms Stylesheet
text/css 142.4.208.214
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.calotteryx.com/css/style.css
Requested by: Host: www.calotteryx.com
URL: http://www.calotteryx.com/
Protocol: HTTP/1.1
Server: 142.4.208.214 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns506590.ip-142-4-208.net
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: 1c231101ef3284ff96064a19b904778a717d74b19e6dabdb36f6f4e598a22fd6

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 28 Jul 2022 18:59:26 GMT
Last-Modified: Wed, 18 Sep 2013 04:18:16 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "3766-4e6a0b9f77200"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 14182

GET
H/1.1 200
OK style04.css
www.calotteryx.com/css/ 534 B
828 B 20ms
11ms Stylesheet
text/css 142.4.208.214
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.calotteryx.com/css/style04.css
Requested by: Host: www.calotteryx.com
URL: http://www.calotteryx.com/
Protocol: HTTP/1.1
Server: 142.4.208.214 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns506590.ip-142-4-208.net
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: 6ae02be00967984dd2c7b3c6c910a7af99b1f5545bfc4fe1fbacf653fa8788d7

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 28 Jul 2022 18:59:26 GMT
Last-Modified: Fri, 21 Jun 2013 05:31:37 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "216-4dfa360690040"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 534

GET
H/1.1 200
OK anylinkmenu.css
www.calotteryx.com/css/ 2 KB
2 KB 20ms
10ms Stylesheet
text/css 142.4.208.214
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.calotteryx.com/css/anylinkmenu.css
Requested by: Host: www.calotteryx.com
URL: http://www.calotteryx.com/
Protocol: HTTP/1.1
Server: 142.4.208.214 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns506590.ip-142-4-208.net
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: 14d952d08e06cfd179248d28c5b16a6a737c089c0c084731edfa0523ac0b98b0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 28 Jul 2022 18:59:26 GMT
Last-Modified: Sun, 02 Jun 2013 04:12:19 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "69b-4de240dd38ec0"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1691

GET
H/1.1 200
OK menucontents.js Show response
www.calotteryx.com/js/ 6 KB
6 KB 33ms
10ms Script
application/javascript 142.4.208.214
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.calotteryx.com/js/menucontents.js
Requested by: Host: www.calotteryx.com
URL: http://www.calotteryx.com/
Protocol: HTTP/1.1
Server: 142.4.208.214 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns506590.ip-142-4-208.net
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: c6e155c5f461c058ebad4aa5a6da492a463fe66d07c695a1824a4cdf78f13588

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 28 Jul 2022 18:59:26 GMT
Last-Modified: Sat, 22 Jun 2013 20:24:24 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "17f8-4dfc3f717ee00"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 6136

GET
H/1.1 200
OK anylinkmenu.js Show response
www.calotteryx.com/js/ 13 KB
13 KB 34ms
11ms Script
application/javascript 142.4.208.214
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.calotteryx.com/js/anylinkmenu.js
Requested by: Host: www.calotteryx.com
URL: http://www.calotteryx.com/
Protocol: HTTP/1.1
Server: 142.4.208.214 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns506590.ip-142-4-208.net
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: 8857cee506fc1e3959924fb12af79e4bc4d6ce3b968ca4f51db7b94b41ad60d2

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 28 Jul 2022 18:59:26 GMT
Last-Modified: Sun, 02 Jun 2013 04:12:19 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "32ee-4de240dd38ec0"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 13038

GET
H/1.1 200
OK tabcontent.css
www.calotteryx.com/css/ 1 KB
2 KB 20ms
10ms Stylesheet
text/css 142.4.208.214
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.calotteryx.com/css/tabcontent.css
Requested by: Host: www.calotteryx.com
URL: http://www.calotteryx.com/
Protocol: HTTP/1.1
Server: 142.4.208.214 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns506590.ip-142-4-208.net
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: 079121f117db4a1c241fae8999f30167b00284920fd25527533af38b1839cd99

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 28 Jul 2022 18:59:26 GMT
Last-Modified: Fri, 28 Jun 2013 03:49:52 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "565-4e02ec569b800"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1381

GET
H/1.1 200
OK tabcontent.js Show response
www.calotteryx.com/js/ 3 KB
3 KB 34ms
11ms Script
application/javascript 142.4.208.214
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.calotteryx.com/js/tabcontent.js
Requested by: Host: www.calotteryx.com
URL: http://www.calotteryx.com/
Protocol: HTTP/1.1
Server: 142.4.208.214 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns506590.ip-142-4-208.net
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: bfaf9b5e775a1e70b2e041e92fcd5c7a700d62c70546dff5eaafff897713ca10

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 28 Jul 2022 18:59:26 GMT
Last-Modified: Fri, 28 Jun 2013 03:50:08 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "c68-4e02ec65ddc00"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 3176

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 166 KB
56 KB 108ms
53ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.calotteryx.com
URL: http://www.calotteryx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d10bbc98896b00833e4a11e2bf6886c650f4c1991e5cd0985eb392df3c91507

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 18:59:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56737
x-xss-protection: 0
server: cafe
etag: 1054565716315756735
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 28 Jul 2022 18:59:26 GMT

GET
H/1.1 200
OK California-Lottery-Logo.png
www.calotteryx.com/calottery_imgs/ 17 KB
18 KB 11ms
10ms Image
image/png 142.4.208.214
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.calotteryx.com/calottery_imgs/California-Lottery-Logo.png
Requested by: Host: www.calotteryx.com
URL: http://www.calotteryx.com/
Protocol: HTTP/1.1
Server: 142.4.208.214 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns506590.ip-142-4-208.net
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: 3b4f942260a6706789370606fd160b15c40862624ec5bc0d8967df5447add11f

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 28 Jul 2022 18:59:26 GMT
Last-Modified: Thu, 10 Jan 2013 08:19:12 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "4560-4d2ead5716000"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 17760

GET
H/1.1 200
OK California-Powerball-85.png
www.calotteryx.com/calottery_imgs/ 7 KB
7 KB 14ms
9ms Image
image/png 142.4.208.214
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.calotteryx.com/calottery_imgs/California-Powerball-85.png
Requested by: Host: www.calotteryx.com
URL: http://www.calotteryx.com/
Protocol: HTTP/1.1
Server: 142.4.208.214 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns506590.ip-142-4-208.net
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: 270c0b498a61c83d073a6cbb1e941ff0ac244c76d16ad4185e9ee25cc6353b30

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 28 Jul 2022 18:59:26 GMT
Last-Modified: Fri, 11 Jan 2013 21:07:30 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "1afa-4d309aef06880"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 6906

GET
H/1.1 200
OK homepage.png
www.calotteryx.com/imgs/ 3 KB
3 KB 16ms
11ms Image
image/png 142.4.208.214
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.calotteryx.com/imgs/homepage.png
Requested by: Host: www.calotteryx.com
URL: http://www.calotteryx.com/
Protocol: HTTP/1.1
Server: 142.4.208.214 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns506590.ip-142-4-208.net
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: 5c2ffc05390b5f07c142787adf8af3aa24610d9334853b0395c8f3cc950317e1

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 28 Jul 2022 18:59:26 GMT
Last-Modified: Sun, 30 Jun 2013 05:23:10 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "ae3-4e0584ec32b80"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 2787

GET
H/1.1 200
OK latest-results.png
www.calotteryx.com/imgs/ 3 KB
3 KB 16ms
11ms Image
image/png 142.4.208.214
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.calotteryx.com/imgs/latest-results.png
Requested by: Host: www.calotteryx.com
URL: http://www.calotteryx.com/
Protocol: HTTP/1.1
Server: 142.4.208.214 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns506590.ip-142-4-208.net
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: 5fc4efa5081117fc2e4e7ab838ad463879f1ffda6843d2a03220ef3e37f9dc6b

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 28 Jul 2022 18:59:26 GMT
Last-Modified: Sun, 30 Jun 2013 03:21:38 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "af6-4e0569c201480"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2806

GET
H/1.1 200
OK lottery-video.png
www.calotteryx.com/imgs/ 3 KB
4 KB 14ms
10ms Image
image/png 142.4.208.214
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.calotteryx.com/imgs/lottery-video.png
Requested by: Host: www.calotteryx.com
URL: http://www.calotteryx.com/
Protocol: HTTP/1.1
Server: 142.4.208.214 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns506590.ip-142-4-208.net
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: 93fc46c4e182c29ec951270932f278abbd37c03921b6d3ba9e4596cf681df3ad

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 28 Jul 2022 18:59:26 GMT
Last-Modified: Sun, 30 Jun 2013 05:29:56 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "cd9-4e05866f63d00"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3289

GET
H/1.1 200
OK California-MEGA-Millions-85.png
www.calotteryx.com/calottery_imgs/ 8 KB
8 KB 14ms
10ms Image
image/png 142.4.208.214
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.calotteryx.com/calottery_imgs/California-MEGA-Millions-85.png
Requested by: Host: www.calotteryx.com
URL: http://www.calotteryx.com/
Protocol: HTTP/1.1
Server: 142.4.208.214 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns506590.ip-142-4-208.net
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: 7b9b577ef9654a9487a238be82c5faa92b1b33b5b218baabb6f34c02b9defda3

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 28 Jul 2022 18:59:26 GMT
Last-Modified: Fri, 11 Jan 2013 21:07:30 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "1f35-4d309aef06880"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 7989

GET
H/1.1 200
OK California-Super-Lotto-85.png
www.calotteryx.com/calottery_imgs/ 5 KB
6 KB 11ms
10ms Image
image/png 142.4.208.214
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.calotteryx.com/calottery_imgs/California-Super-Lotto-85.png
Requested by: Host: www.calotteryx.com
URL: http://www.calotteryx.com/
Protocol: HTTP/1.1
Server: 142.4.208.214 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns506590.ip-142-4-208.net
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: 1339c77ba549fe78b8f48e42b3955b91553cea750a3cd5eed3dc81258d7a8332

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 28 Jul 2022 18:59:26 GMT
Last-Modified: Fri, 11 Jan 2013 21:07:30 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "155c-4d309aef06880"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 5468

GET
H/1.1 200
OK California-Fantasy-5-85.png
www.calotteryx.com/calottery_imgs/ 6 KB
6 KB 12ms
11ms Image
image/png 142.4.208.214
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.calotteryx.com/calottery_imgs/California-Fantasy-5-85.png
Requested by: Host: www.calotteryx.com
URL: http://www.calotteryx.com/
Protocol: HTTP/1.1
Server: 142.4.208.214 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns506590.ip-142-4-208.net
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: 9df4d0128e68a8181325a14354de693412de59f7ce81a96369a394f6048a59f9

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 28 Jul 2022 18:59:26 GMT
Last-Modified: Fri, 11 Jan 2013 21:07:30 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "17b3-4d309aef06880"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 6067

GET
H/1.1 200
OK California-Daily-4-85.png
www.calotteryx.com/calottery_imgs/ 6 KB
6 KB 11ms
10ms Image
image/png 142.4.208.214
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.calotteryx.com/calottery_imgs/California-Daily-4-85.png
Requested by: Host: www.calotteryx.com
URL: http://www.calotteryx.com/
Protocol: HTTP/1.1
Server: 142.4.208.214 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns506590.ip-142-4-208.net
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: 9dff19a6ee687a76cd9f8f1eef4db5665c258d3688a4c37a344f5a6a89bd77b2

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 28 Jul 2022 18:59:26 GMT
Last-Modified: Fri, 11 Jan 2013 21:07:30 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "1712-4d309aef06880"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 5906

GET
H/1.1 200
OK California-Daily-3-Midday-85.png
www.calotteryx.com/calottery_imgs/ 6 KB
7 KB 12ms
11ms Image
image/png 142.4.208.214
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.calotteryx.com/calottery_imgs/California-Daily-3-Midday-85.png
Requested by: Host: www.calotteryx.com
URL: http://www.calotteryx.com/
Protocol: HTTP/1.1
Server: 142.4.208.214 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns506590.ip-142-4-208.net
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: 70032c8152cd7a0211710480e35785e3bb1e84c5e19040b15145da0a909924e4

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 28 Jul 2022 18:59:26 GMT
Last-Modified: Fri, 11 Jan 2013 21:07:31 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "197f-4d309aeffaac0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 6527

GET
H/1.1 200
OK California-Daily-3-Evening-85.png
www.calotteryx.com/calottery_imgs/ 6 KB
7 KB 12ms
12ms Image
image/png 142.4.208.214
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.calotteryx.com/calottery_imgs/California-Daily-3-Evening-85.png
Requested by: Host: www.calotteryx.com
URL: http://www.calotteryx.com/
Protocol: HTTP/1.1
Server: 142.4.208.214 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns506590.ip-142-4-208.net
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: 70032c8152cd7a0211710480e35785e3bb1e84c5e19040b15145da0a909924e4

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 28 Jul 2022 18:59:26 GMT
Last-Modified: Fri, 11 Jan 2013 21:07:31 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "197f-4d309aeffaac0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 6527

GET
H/1.1 200
OK California-Daily-Derby-85.png
www.calotteryx.com/calottery_imgs/ 6 KB
6 KB 10ms
10ms Image
image/png 142.4.208.214
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.calotteryx.com/calottery_imgs/California-Daily-Derby-85.png
Requested by: Host: www.calotteryx.com
URL: http://www.calotteryx.com/
Protocol: HTTP/1.1
Server: 142.4.208.214 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns506590.ip-142-4-208.net
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: 9335db63cc6e1cdab310448ced5292816ea7bc393b3fb0cd936a2a749d532ac8

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 28 Jul 2022 18:59:26 GMT
Last-Modified: Fri, 11 Jan 2013 21:07:31 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "18d4-4d309aeffaac0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 6356

GET
H/1.1 200
OK poweredby_FFFFFF.gif
www.google.com/images/poweredby_transparent/ 488 B
1 KB 59ms
37ms Image
image/gif 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.google.com/images/poweredby_transparent/poweredby_FFFFFF.gif

Requested by

Host: www.calotteryx.com
URL: http://www.calotteryx.com/

Protocol

HTTP/1.1

Server

2607:f8b0:4006:81c::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0e34e6156e006e95579f7fd649583a85175b331452c3cb0aac883c472cee0fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 28 Jul 2022 18:59:26 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 22 Oct 2019 18:30:00 GMT
Server: sffe
Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
Content-Type: image/gif
Cache-Control: private, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 488
X-XSS-Protection: 0
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
Expires: Thu, 28 Jul 2022 18:59:26 GMT

GET
H/1.1 200
OK change.png
www.calotteryx.com/imgs/ 742 B
1 KB 11ms
10ms Image
image/png 142.4.208.214
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.calotteryx.com/imgs/change.png
Requested by: Host: www.calotteryx.com
URL: http://www.calotteryx.com/
Protocol: HTTP/1.1
Server: 142.4.208.214 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns506590.ip-142-4-208.net
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: 4fa24c94ed469e79163874d6d74acebe84d47116aae04f6d5b428411d9b75682

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 28 Jul 2022 18:59:26 GMT
Last-Modified: Fri, 21 Jun 2013 06:31:31 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "2e6-4dfa436a116c0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 742

GET
H/1.1 200
OK style25.png
www.calotteryx.com/imgs_bg/icon/ 1 KB
2 KB 11ms
10ms Image
image/png 142.4.208.214
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.calotteryx.com/imgs_bg/icon/style25.png
Requested by: Host: www.calotteryx.com
URL: http://www.calotteryx.com/
Protocol: HTTP/1.1
Server: 142.4.208.214 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns506590.ip-142-4-208.net
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: 0a07fc20623b1038bee77e0a7b2b160af5c4c593a3f25a14e14574e8d7232d13

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 28 Jul 2022 18:59:26 GMT
Last-Modified: Fri, 21 Jun 2013 05:51:38 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "4e1-4dfa3a7fece80"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1249

GET
H/1.1 200
OK more.png
www.calotteryx.com/imgs/ 600 B
894 B 224ms
223ms Image
image/png 142.4.208.214
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.calotteryx.com/imgs/more.png
Requested by: Host: www.calotteryx.com
URL: http://www.calotteryx.com/
Protocol: HTTP/1.1
Server: 142.4.208.214 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns506590.ip-142-4-208.net
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: 34bf77f1adb7490e183cce889b41d29fde89fd2ef5743ea187dedf32edfa1875

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 28 Jul 2022 18:59:26 GMT
Last-Modified: Fri, 21 Jun 2013 06:32:06 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "258-4dfa438b72580"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 600

GET
H/1.1 200
OK more_on2.png
www.calotteryx.com/imgs/ 2 KB
2 KB 11ms
10ms Image
image/png 142.4.208.214
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.calotteryx.com/imgs/more_on2.png
Requested by: Host: www.calotteryx.com
URL: http://www.calotteryx.com/
Protocol: HTTP/1.1
Server: 142.4.208.214 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns506590.ip-142-4-208.net
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: 96f63f64561ff9fe543119c6c9303cb01d102da60bc09eda0c21716cf2a9984f

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 28 Jul 2022 18:59:26 GMT
Last-Modified: Sun, 02 Jun 2013 04:12:19 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "604-4de240dd38ec0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 1540

GET
H/1.1 200
OK California-Lottery-Mega-Millions.jpg
www.calotteryx.com/calottery_imgs/ 3 KB
3 KB 11ms
10ms Image
image/jpeg 142.4.208.214
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.calotteryx.com/calottery_imgs/California-Lottery-Mega-Millions.jpg
Requested by: Host: www.calotteryx.com
URL: http://www.calotteryx.com/
Protocol: HTTP/1.1
Server: 142.4.208.214 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns506590.ip-142-4-208.net
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: 438c31036c853721255a004a28d6906d6bd02663435155721e5d4b96cbc05a41

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 28 Jul 2022 18:59:26 GMT
Last-Modified: Sun, 06 Jan 2013 06:00:50 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "c9c-4d2986f3d6880"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 3228

GET
H/1.1 200
OK California-Lottery-Powerball.png
www.calotteryx.com/calottery_imgs/ 9 KB
9 KB 11ms
11ms Image
image/png 142.4.208.214
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.calotteryx.com/calottery_imgs/California-Lottery-Powerball.png
Requested by: Host: www.calotteryx.com
URL: http://www.calotteryx.com/
Protocol: HTTP/1.1
Server: 142.4.208.214 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns506590.ip-142-4-208.net
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: 87ca4c4098fc1f46bc9fdd3b1ced56b4e5aca24dd7431be40736f62084b7e76a

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 28 Jul 2022 18:59:26 GMT
Last-Modified: Thu, 10 Jan 2013 22:23:57 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "2391-4d2f6a2811940"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 9105

GET
H/1.1 200
OK California-Lottery-Super-Lotto.png
www.calotteryx.com/calottery_imgs/ 4 KB
5 KB 13ms
12ms Image
image/png 142.4.208.214
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.calotteryx.com/calottery_imgs/California-Lottery-Super-Lotto.png
Requested by: Host: www.calotteryx.com
URL: http://www.calotteryx.com/
Protocol: HTTP/1.1
Server: 142.4.208.214 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns506590.ip-142-4-208.net
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: 23b399bbbf852355387b27baf5f5a2fdaaf8d4390a478d693314cfbe02c8ca7c

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 28 Jul 2022 18:59:26 GMT
Last-Modified: Thu, 10 Jan 2013 22:26:20 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "112f-4d2f6ab071b00"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 4399

GET
H/1.1 200
OK California-Lottery-Fantasy-5.png
www.calotteryx.com/calottery_imgs/ 4 KB
5 KB 13ms
12ms Image
image/png 142.4.208.214
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.calotteryx.com/calottery_imgs/California-Lottery-Fantasy-5.png
Requested by: Host: www.calotteryx.com
URL: http://www.calotteryx.com/
Protocol: HTTP/1.1
Server: 142.4.208.214 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns506590.ip-142-4-208.net
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: 5e2160e777817bf7b09b89a83cdcd74ea961bbaf905710b92d41999c331b5d0a

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 28 Jul 2022 18:59:26 GMT
Last-Modified: Thu, 10 Jan 2013 22:26:38 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "116e-4d2f6ac19c380"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 4462

GET
H/1.1 200
OK California-Lottery-Daily-4.png
www.calotteryx.com/calottery_imgs/ 3 KB
3 KB 14ms
13ms Image
image/png 142.4.208.214
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.calotteryx.com/calottery_imgs/California-Lottery-Daily-4.png
Requested by: Host: www.calotteryx.com
URL: http://www.calotteryx.com/
Protocol: HTTP/1.1
Server: 142.4.208.214 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns506590.ip-142-4-208.net
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: caeac31d9fb5420c9a05ad637fbcdb0d565ccc7ce011d75bb1a9fee08020623e

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 28 Jul 2022 18:59:26 GMT
Last-Modified: Thu, 10 Jan 2013 22:26:48 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "b85-4d2f6acb25a00"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 2949

GET
H/1.1 200
OK California-Lottery-Daily-3.png
www.calotteryx.com/calottery_imgs/ 4 KB
4 KB 14ms
13ms Image
image/png 142.4.208.214
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.calotteryx.com/calottery_imgs/California-Lottery-Daily-3.png
Requested by: Host: www.calotteryx.com
URL: http://www.calotteryx.com/
Protocol: HTTP/1.1
Server: 142.4.208.214 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns506590.ip-142-4-208.net
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: ea00ce6317ff73b76f1605a26107c0270b7ba1e4c4a4f7f0a99faf90245dd03b

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 28 Jul 2022 18:59:26 GMT
Last-Modified: Thu, 10 Jan 2013 22:26:49 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "105b-4d2f6acc19c40"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 4187

GET
H/1.1 200
OK California-Lottery-Daily-Derby.png
www.calotteryx.com/calottery_imgs/ 4 KB
4 KB 14ms
14ms Image
image/png 142.4.208.214
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.calotteryx.com/calottery_imgs/California-Lottery-Daily-Derby.png
Requested by: Host: www.calotteryx.com
URL: http://www.calotteryx.com/
Protocol: HTTP/1.1
Server: 142.4.208.214 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns506590.ip-142-4-208.net
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: 2f604d25c05c1a15764f341b1f2de2c6d49ee65ec2a2121434c4e77eb90b2184

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 28 Jul 2022 18:59:26 GMT
Last-Modified: Thu, 10 Jan 2013 22:26:41 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "10bf-4d2f6ac478a40"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 4287

GET
H/1.1 200
OK California-Lottery.png
www.calotteryx.com/calottery_imgs/ 18 KB
18 KB 10ms
10ms Image
image/png 142.4.208.214
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.calotteryx.com/calottery_imgs/California-Lottery.png
Requested by: Host: www.calotteryx.com
URL: http://www.calotteryx.com/
Protocol: HTTP/1.1
Server: 142.4.208.214 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns506590.ip-142-4-208.net
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: 2309a8e9b35b73083b9351baaea9ed5847e628eca6a1316253f21ac27d5f0648

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 28 Jul 2022 18:59:26 GMT
Last-Modified: Mon, 14 Jan 2013 01:51:53 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "488c-4d335e3a7e040"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 18572

GET
H/1.1 200
OK California-Lottery-Games.jpg
www.calotteryx.com/calottery_imgs/ 5 KB
5 KB 11ms
11ms Image
image/jpeg 142.4.208.214
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.calotteryx.com/calottery_imgs/California-Lottery-Games.jpg
Requested by: Host: www.calotteryx.com
URL: http://www.calotteryx.com/
Protocol: HTTP/1.1
Server: 142.4.208.214 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns506590.ip-142-4-208.net
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: 88254bd8d91c9ceeab1ba24172f1d94b1e1d786fb7ee728ff945c41a68df54bb

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 28 Jul 2022 18:59:26 GMT
Last-Modified: Mon, 14 Jan 2013 01:53:51 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "1301-4d335eab069c0"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 4865

GET
H/1.1 200
OK California-Lottery-Scratchers.png
www.calotteryx.com/calottery_imgs/ 68 KB
69 KB 11ms
10ms Image
image/png 142.4.208.214
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.calotteryx.com/calottery_imgs/California-Lottery-Scratchers.png
Requested by: Host: www.calotteryx.com
URL: http://www.calotteryx.com/
Protocol: HTTP/1.1
Server: 142.4.208.214 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns506590.ip-142-4-208.net
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: b6a66c6ba6ac0a16b75a9eea227c92a6fc856372c640d11ffbc3b812b3bbb426

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 28 Jul 2022 18:59:26 GMT
Last-Modified: Mon, 14 Jan 2013 07:01:30 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "11158-4d33a36ee6680"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 69976

GET
H/1.1 200
OK California-Lottery-Winning-Strategies.jpg
www.calotteryx.com/calottery_imgs/ 14 KB
14 KB 12ms
11ms Image
image/jpeg 142.4.208.214
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.calotteryx.com/calottery_imgs/California-Lottery-Winning-Strategies.jpg
Requested by: Host: www.calotteryx.com
URL: http://www.calotteryx.com/
Protocol: HTTP/1.1
Server: 142.4.208.214 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns506590.ip-142-4-208.net
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: dfcbc10ea7f5f0f01838936b2cd1b7f1d2837b46877b1b07ea718007ade353cc

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 28 Jul 2022 18:59:26 GMT
Last-Modified: Mon, 14 Jan 2013 01:56:36 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "387c-4d335f4861d00"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 14460

GET
H/1.1 200
OK backtotop.png
www.calotteryx.com/imgs/ 3 KB
3 KB 13ms
12ms Image
image/png 142.4.208.214
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.calotteryx.com/imgs/backtotop.png
Requested by: Host: www.calotteryx.com
URL: http://www.calotteryx.com/
Protocol: HTTP/1.1
Server: 142.4.208.214 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns506590.ip-142-4-208.net
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: 3abf316ad4aa70738a714b454784ed2db099e13be0edb686d517873e46c9c5f0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 28 Jul 2022 18:59:26 GMT
Last-Modified: Sat, 29 Jun 2013 17:57:06 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "cb7-4e04eb9326080"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 3255

GET
H2

200

amm.js Show response
scripts.chitika.net/eminimalls/
Redirect Chain

http://scripts.chitika.net/eminimalls/amm.js
https://scripts.chitika.net/eminimalls/amm.js

0
326 B

61ms
17ms

Script
application/javascript

54.230.163.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.chitika.net/eminimalls/amm.js
Requested by: Host: www.calotteryx.com
URL: http://www.calotteryx.com/
Protocol: H2
Server: 54.230.163.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-33.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 13:59:37 GMT
via: 1.1 3f6eb9ff07d4d2f572d4e8e6fb935a36.cloudfront.net (CloudFront)
last-modified: Fri, 19 Apr 2019 16:37:52 GMT
server: AmazonS3
age: 18290
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: EWR53-C3
content-length: 0
x-amz-cf-id: 6_RgvkQoGiW9RCCb1-oPdZPSIAbmUVDSKiMODnstwKCLRQcGwb_O0A==

Redirect headers

Date: Thu, 28 Jul 2022 18:59:26 GMT
Via: 1.1 1391cb3b815aa63859ec0cff5767737c.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: EWR53-C3
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://scripts.chitika.net/eminimalls/amm.js
Connection: keep-alive
Content-Length: 183
X-Amz-Cf-Id: n8BRpseXxUpzegFBZhZ26D4UCa8cyvySCI-phBzf8PPYvzG7k6ATUQ==

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

69ms
21ms

Script
text/javascript

2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: www.calotteryx.com
URL: http://www.calotteryx.com/

Protocol

Server

2607:f8b0:4006:820::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4345
date: Thu, 28 Jul 2022 17:47:01 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Thu, 28 Jul 2022 19:47:01 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 119 KB
40 KB 65ms
44ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: www.calotteryx.com
URL: http://www.calotteryx.com/js/ads.js

Protocol

HTTP/1.1

Server

2607:f8b0:4006:820::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2bec0d7dd98382af07151462ae0578dc8b7b14acb4e318970a3223ca535b7b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.calotteryx.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Timing-Allow-Origin: *
Date: Thu, 28 Jul 2022 18:59:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 9821940514114757299
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 40109
X-XSS-Protection: 0
Expires: Thu, 28 Jul 2022 18:59:26 GMT

GET
H/1.1 200
OK blue4.png
www.calotteryx.com/imgs_bg/ 513 B
807 B 13ms
9ms Image
image/png 142.4.208.214
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.calotteryx.com/imgs_bg/blue4.png
Requested by: Host: www.calotteryx.com
URL: http://www.calotteryx.com/css/style04.css
Protocol: HTTP/1.1
Server: 142.4.208.214 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns506590.ip-142-4-208.net
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: 603ed20365efc52da8d2c6500aa4ca7eecdd3a9cb0556cce00a1301e1dcb956e

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/css/style04.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 28 Jul 2022 18:59:26 GMT
Last-Modified: Sat, 08 Jun 2013 04:21:36 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "201-4de9ce212f400"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 513

GET
H2

200

__utm.gif
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1257954130&utmhn=www.calotteryx.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Ca...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1257954130&utmhn=www.calotteryx.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=C...

35 B
197 B

35ms
34ms

Image
image/gif

2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1257954130&utmhn=www.calotteryx.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=California%20Lottery%20%7C%20CA%20Lottery%20-%20calotteryx.com&utmhid=236538459&utmr=-&utmp=%2F&utmht=1659034766313&utmac=UA-38623554-1&utmcc=__utma%3D202592387.1640585551.1659034766.1659034766.1659034766.1%3B%2B__utmz%3D202592387.1659034766.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1844721684&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: www.calotteryx.com
URL: http://www.calotteryx.com/

Protocol

Server

2607:f8b0:4006:820::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Jul 2022 18:59:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1257954130&utmhn=www.calotteryx.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=California%20Lottery%20%7C%20CA%20Lottery%20-%20calotteryx.com&utmhid=236538459&utmr=-&utmp=%2F&utmht=1659034766313&utmac=UA-38623554-1&utmcc=__utma%3D202592387.1640585551.1659034766.1659034766.1659034766.1%3B%2B__utmz%3D202592387.1659034766.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1844721684&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207210101/ 341 KB
121 KB 53ms
52ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207210101/show_ads_impl_fy2019.js?bust=31068585

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3a5b015a170edd2b2428e1072f1a65c5e77abe423ec43a6d45c1d15f21d924c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 18:59:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123165
x-xss-protection: 0
server: cafe
etag: 8425275966527518099
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Jul 2022 18:59:26 GMT

GET
H/1.1 404
Not Found tabbg.gif
www.calotteryx.com/css/ 211 B
211 B 10ms
10ms Image
text/html 142.4.208.214
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.calotteryx.com/css/tabbg.gif
Requested by: Host: www.calotteryx.com
URL: http://www.calotteryx.com/css/tabcontent.css
Protocol: HTTP/1.1
Server: 142.4.208.214 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns506590.ip-142-4-208.net
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: 032765cadc23e716befd9b976cbc24bb44fd3964d16e31527f7b6f1b743b3c46

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/css/tabcontent.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 28 Jul 2022 18:59:26 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
Connection: Keep-Alive
Keep-Alive: timeout=5, max=93
Content-Length: 211
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220726/r20190131/ Frame BF8B 10 KB
5 KB 66ms
20ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220726/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.calotteryx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 6219
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Jul 2022 17:15:47 GMT
etag: 8616628553774171045
expires: Thu, 11 Aug 2022 17:15:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK blue1.png
www.calotteryx.com/imgs/balls/ 2 KB
2 KB 10ms
10ms Image
image/png 142.4.208.214
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.calotteryx.com/imgs/balls/blue1.png
Requested by: Host: www.calotteryx.com
URL: http://www.calotteryx.com/css/style.css
Protocol: HTTP/1.1
Server: 142.4.208.214 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns506590.ip-142-4-208.net
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: f6a114cbe6016a58d8c7e9cce6aa965babfc66f0572b11aa715b70c236c3ea07

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 28 Jul 2022 18:59:26 GMT
Last-Modified: Sun, 02 Jun 2013 04:12:19 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "7dc-4de240dd38ec0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 2012

GET
H/1.1 200
OK red3.png
www.calotteryx.com/imgs/balls/ 2 KB
2 KB 223ms
222ms Image
image/png 142.4.208.214
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.calotteryx.com/imgs/balls/red3.png
Requested by: Host: www.calotteryx.com
URL: http://www.calotteryx.com/css/style.css
Protocol: HTTP/1.1
Server: 142.4.208.214 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns506590.ip-142-4-208.net
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: 44ed2c5fc5068d0b5e29c58095eee108cb3efc4e0bbb358aa816326a54e3d4bf

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 28 Jul 2022 18:59:26 GMT
Last-Modified: Sun, 02 Jun 2013 04:12:19 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "86e-4de240dd38ec0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 2158

GET
H/1.1 200
OK blue2.png
www.calotteryx.com/imgs/balls/ 2 KB
3 KB 10ms
10ms Image
image/png 142.4.208.214
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.calotteryx.com/imgs/balls/blue2.png
Requested by: Host: www.calotteryx.com
URL: http://www.calotteryx.com/css/style.css
Protocol: HTTP/1.1
Server: 142.4.208.214 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns506590.ip-142-4-208.net
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: 95ffed57be531ec2c9dd9a8d2732d68912d66cdfdcb7388e2db608c56c8ff978

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 28 Jul 2022 18:59:26 GMT
Last-Modified: Sun, 02 Jun 2013 04:12:19 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "8df-4de240dd38ec0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 2271

GET
H/1.1 200
OK orange3.png
www.calotteryx.com/imgs/balls/ 2 KB
2 KB 11ms
10ms Image
image/png 142.4.208.214
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.calotteryx.com/imgs/balls/orange3.png
Requested by: Host: www.calotteryx.com
URL: http://www.calotteryx.com/css/style.css
Protocol: HTTP/1.1
Server: 142.4.208.214 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns506590.ip-142-4-208.net
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: 775e60d448df37b6b0529935391f6a207078b61b367342b78da6b447f3f08904

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 28 Jul 2022 18:59:26 GMT
Last-Modified: Sun, 02 Jun 2013 04:12:19 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "8d2-4de240dd38ec0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 2258

GET
H/1.1 200
OK green2.png
www.calotteryx.com/imgs/balls/ 2 KB
3 KB 10ms
10ms Image
image/png 142.4.208.214
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.calotteryx.com/imgs/balls/green2.png
Requested by: Host: www.calotteryx.com
URL: http://www.calotteryx.com/css/style.css
Protocol: HTTP/1.1
Server: 142.4.208.214 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns506590.ip-142-4-208.net
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: 355235b2b08bfd668c27a0c070633c9c62cf68dddcc36f7f34fca5e9c7be53b1

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 28 Jul 2022 18:59:26 GMT
Last-Modified: Sun, 02 Jun 2013 04:12:19 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "8dc-4de240dd38ec0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 2268

GET
H/1.1 200
OK yellow1.png
www.calotteryx.com/imgs/balls/ 2 KB
2 KB 10ms
10ms Image
image/png 142.4.208.214
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.calotteryx.com/imgs/balls/yellow1.png
Requested by: Host: www.calotteryx.com
URL: http://www.calotteryx.com/css/style.css
Protocol: HTTP/1.1
Server: 142.4.208.214 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns506590.ip-142-4-208.net
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: cd711d1265eca28bca55bdf02d1d4cbaa05d497d2391745bf02c8d81b947c83d

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 28 Jul 2022 18:59:26 GMT
Last-Modified: Sun, 02 Jun 2013 04:12:19 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "784-4de240dd38ec0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 1924

GET
H/1.1 200
OK grey3.png
www.calotteryx.com/imgs/balls/ 956 B
1 KB 15ms
15ms Image
image/png 142.4.208.214
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.calotteryx.com/imgs/balls/grey3.png
Requested by: Host: www.calotteryx.com
URL: http://www.calotteryx.com/css/style.css
Protocol: HTTP/1.1
Server: 142.4.208.214 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns506590.ip-142-4-208.net
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: 72865a6d47965c418d437e547946e191ac711333108a564fe5e30f9089f2fcce

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 28 Jul 2022 18:59:26 GMT
Last-Modified: Sun, 02 Jun 2013 04:12:19 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "3bc-4de240dd38ec0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 956

GET
H/1.1 200
OK grey4.png
www.calotteryx.com/imgs/balls/ 770 B
1 KB 15ms
15ms Image
image/png 142.4.208.214
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.calotteryx.com/imgs/balls/grey4.png
Requested by: Host: www.calotteryx.com
URL: http://www.calotteryx.com/css/style.css
Protocol: HTTP/1.1
Server: 142.4.208.214 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns506590.ip-142-4-208.net
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: 69afa2537847c36e3d3bb0984e7e366d332a8a3734c5532a66af95b03d80a26b

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 28 Jul 2022 18:59:26 GMT
Last-Modified: Sun, 02 Jun 2013 04:12:19 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "302-4de240dd38ec0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 770

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
702 B 100ms
34ms Script
text/javascript 142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.calotteryx.com&callback=_gfp_s_&client=ca-pub-0217567433541916&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207210101/show_ads_impl_fy2019.js?bust=31068585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f2.1e100.net

Software

cafe /

Resource Hash

3ac5488e736fdd6a9bf49e7d9fe7b8694cf2ecd9b3e4719c21c5a029c166cde9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 18:59:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 257
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
792 B 326ms
41ms Script
application/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=www.calotteryx.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207210101/show_ads_impl_fy2019.js?bust=31068585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 28 Jul 2022 18:59:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 103ms
41ms Script
application/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.calotteryx.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207210101/show_ads_impl_fy2019.js?bust=31068585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 28 Jul 2022 18:59:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 472B 30 KB
13 KB 1007ms
960ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0217567433541916&output=html&h=600&slotname=1113621453&adk=3269828215&adf=4294855720&pi=t.ma~as.1113621453&w=160&lmt=1659034766&url=http%3A%2F%2Fwww.calotteryx.com%2F&wgl=1&dt=1659034766325&bpp=14&bdt=159&idt=150&shv=r20220726&mjsv=m202207210101&ptt=5&saldr=sa&abxe=1&correlator=4418382583650&frm=20&pv=2&ga_vid=1640585551.1659034766&ga_sid=1659034766&ga_hid=236538459&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=317&ady=116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067984%2C31068585%2C31064018&oid=2&pvsid=2904366874347909&tmod=1836082873&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=ADPQBl0CVG&p=http%3A//www.calotteryx.com&dtd=184

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207210101/show_ads_impl_fy2019.js?bust=31068585

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dbd2a2ebf3e6b9732ad3a09327174ffac83e63ee210d1801e775cf9943ea419f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.calotteryx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 13040
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Jul 2022 18:59:27 GMT
expires: Thu, 28 Jul 2022 18:59:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A4D2 603 B
68 B 63ms
50ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0217567433541916&output=html&h=15&slotname=5600219850&adk=3853636943&adf=4292359678&pi=t.ma~as.5600219850&w=728&lmt=1659034766&url=http%3A%2F%2Fwww.calotteryx.com%2F&wgl=1&dt=1659034766343&bpp=4&bdt=177&idt=196&shv=r20220726&mjsv=m202207210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=1113621453&correlator=4418382583650&frm=20&pv=1&ga_vid=1640585551.1659034766&ga_sid=1659034766&ga_hid=236538459&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=513&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067984%2C31068585%2C31064018&oid=2&pvsid=2904366874347909&tmod=1836082873&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=DfOe1s7Anc&p=http%3A//www.calotteryx.com&dtd=202

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207210101/show_ads_impl_fy2019.js?bust=31068585

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.calotteryx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Jul 2022 18:59:26 GMT
expires: Thu, 28 Jul 2022 18:59:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK more_off2.png
www.calotteryx.com/imgs/ 1 KB
2 KB 12ms
12ms Image
image/png 142.4.208.214
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.calotteryx.com/imgs/more_off2.png
Requested by: Host: www.calotteryx.com
URL: http://www.calotteryx.com/
Protocol: HTTP/1.1
Server: 142.4.208.214 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns506590.ip-142-4-208.net
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: 8aedc39910160c0a0451b3a4ae0a63a5bedbfda71bf14674578d52e9d41a2026

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 28 Jul 2022 18:59:26 GMT
Last-Modified: Sun, 02 Jun 2013 04:12:19 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "5e1-4de240dd38ec0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Content-Length: 1505

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 10C8 603 B
68 B 51ms
50ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0217567433541916&output=html&h=15&slotname=5600219850&adk=3853636943&adf=4131526282&pi=t.ma~as.5600219850&w=728&lmt=1659034766&url=http%3A%2F%2Fwww.calotteryx.com%2F&wgl=1&dt=1659034766350&bpp=4&bdt=185&idt=207&shv=r20220726&mjsv=m202207210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=1113621453%2C5600219850&correlator=4418382583650&frm=20&pv=1&ga_vid=1640585551.1659034766&ga_sid=1659034766&ga_hid=236538459&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=513&ady=73&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067984%2C31068585%2C31064018&oid=2&pvsid=2904366874347909&tmod=1836082873&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=eCFW3Withk&p=http%3A//www.calotteryx.com&dtd=214

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207210101/show_ads_impl_fy2019.js?bust=31068585

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.calotteryx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Jul 2022 18:59:26 GMT
expires: Thu, 28 Jul 2022 18:59:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7A95 603 B
68 B 50ms
49ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0217567433541916&output=html&h=15&slotname=5600219850&adk=3853636943&adf=520734591&pi=t.ma~as.5600219850&w=728&lmt=1659034766&url=http%3A%2F%2Fwww.calotteryx.com%2F&wgl=1&dt=1659034766354&bpp=2&bdt=189&idt=215&shv=r20220726&mjsv=m202207210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=1113621453%2C5600219850%2C5600219850&correlator=4418382583650&frm=20&pv=1&ga_vid=1640585551.1659034766&ga_sid=1659034766&ga_hid=236538459&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=513&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067984%2C31068585%2C31064018&oid=2&pvsid=2904366874347909&tmod=1836082873&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=FXurlIjp5s&p=http%3A//www.calotteryx.com&dtd=220

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207210101/show_ads_impl_fy2019.js?bust=31068585

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.calotteryx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Jul 2022 18:59:26 GMT
expires: Thu, 28 Jul 2022 18:59:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5635 266 KB
65 KB 433ms
432ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0217567433541916&output=html&adk=1812271804&adf=3025194257&lmt=1659034766&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1048576%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.calotteryx.com%2F&ea=0&pra=5&wgl=1&dt=1659034766383&bpp=3&bdt=217&idt=201&shv=r20220726&mjsv=m202207210101&ptt=9&saldr=aa&abxe=1&prev_slotnames=1113621453%2C5600219850%2C5600219850%2C5600219850&nras=1&correlator=4418382583650&frm=20&pv=1&ga_vid=1640585551.1659034766&ga_sid=1659034766&ga_hid=236538459&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067984%2C31068585%2C31064018&oid=2&pvsid=2904366874347909&tmod=1836082873&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=5&uci=a!5&fsb=1&dtd=209

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207210101/show_ads_impl_fy2019.js?bust=31068585

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e29fd15045acabefede9acb3850a2da172a68ac07675bbd0f881e5bc083553

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.calotteryx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 66027
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Jul 2022 18:59:27 GMT
expires: Thu, 28 Jul 2022 18:59:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BBDD 63 KB
29 KB 287ms
285ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0217567433541916&output=html&h=60&slotname=2590354652&adk=2609542261&adf=966971807&pi=t.ma~as.2590354652&w=468&lmt=1659034766&url=http%3A%2F%2Fwww.calotteryx.com%2F&wgl=1&dt=1659034766416&bpp=13&bdt=250&idt=179&shv=r20220726&mjsv=m202207210101&ptt=5&saldr=sa&abxe=1&prev_fmts=0x0&prev_slotnames=1113621453%2C5600219850%2C5600219850%2C5600219850&nras=1&correlator=4418382583650&frm=20&pv=1&ga_vid=1640585551.1659034766&ga_sid=1659034766&ga_hid=236538459&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=652&ady=344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067984%2C31068585%2C31064018&oid=2&pvsid=2904366874347909&tmod=1836082873&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&fsb=1&xpc=lnvTIcFrTp&p=http%3A//www.calotteryx.com&dtd=186

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207210101/show_ads_impl_fy2019.js?bust=31068585

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c23182febee732191968934dfbf6d013332e24c467546b6397ddc05d13a64fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.calotteryx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 29785
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Jul 2022 18:59:26 GMT
expires: Thu, 28 Jul 2022 18:59:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D5FC 18 KB
10 KB 326ms
320ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0217567433541916&output=html&h=90&slotname=8636888252&adk=2846920967&adf=152940308&pi=t.ma~as.8636888252&w=728&lmt=1659034766&url=http%3A%2F%2Fwww.calotteryx.com%2F&wgl=1&dt=1659034766430&bpp=9&bdt=264&idt=175&shv=r20220726&mjsv=m202207210101&ptt=5&saldr=sa&abxe=1&prev_fmts=0x0&prev_slotnames=1113621453%2C5600219850%2C5600219850%2C5600219850%2C2590354652&nras=1&correlator=4418382583650&frm=20&pv=1&ga_vid=1640585551.1659034766&ga_sid=1659034766&ga_hid=236538459&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=522&ady=714&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067984%2C31068585%2C31064018&oid=2&pvsid=2904366874347909&tmod=1836082873&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=7&uci=a!7&fsb=1&xpc=9oPpflpkTH&p=http%3A//www.calotteryx.com&dtd=181

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207210101/show_ads_impl_fy2019.js?bust=31068585

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3cb877a6fb373e55e8502768abbb9b4a5b51f320778ae0ad91460b56b1efdf87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.calotteryx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9745
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Jul 2022 18:59:26 GMT
expires: Thu, 28 Jul 2022 18:59:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220726/r20110914/client/ Frame BBDD 34 KB
14 KB 94ms
43ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220726/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0217567433541916&output=html&h=60&slotname=2590354652&adk=2609542261&adf=966971807&pi=t.ma~as.2590354652&w=468&lmt=1659034766&url=http%3A%2F%2Fwww.calotteryx.com%2F&wgl=1&dt=1659034766416&bpp=13&bdt=250&idt=179&shv=r20220726&mjsv=m202207210101&ptt=5&saldr=sa&abxe=1&prev_fmts=0x0&prev_slotnames=1113621453%2C5600219850%2C5600219850%2C5600219850&nras=1&correlator=4418382583650&frm=20&pv=1&ga_vid=1640585551.1659034766&ga_sid=1659034766&ga_hid=236538459&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=652&ady=344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067984%2C31068585%2C31064018&oid=2&pvsid=2904366874347909&tmod=1836082873&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&fsb=1&xpc=lnvTIcFrTp&p=http%3A//www.calotteryx.com&dtd=186

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46249c3d2ca33dfa8e59147f837f26746ef8ebb2775eab4319dd5cfe1d69a17a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 17:54:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3919
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13940
x-xss-protection: 0
server: cafe
etag: 1189122857977652586
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Aug 2022 17:54:07 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220726/r20110914/client/ Frame BBDD 3 KB
1 KB 86ms
36ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220726/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 18:53:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 341
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Aug 2022 18:53:45 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BBDD 138 KB
43 KB 105ms
49ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5ce8ecc153c4e51d77a8480af2c1ceeb0c94a94f30b78d23151cacef80e6e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 18:59:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43394
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658749242091060"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 28 Jul 2022 18:59:26 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220726/r20110914/client/ Frame BBDD 17 KB
8 KB 67ms
18ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220726/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b13b8f89a79c883eb205b34adf7ea6afad13e4e7834f0487a3e9335dcaf09d24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 18:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 921
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7476
x-xss-protection: 0
server: cafe
etag: 17790590548613106194
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Aug 2022 18:44:05 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220726/r20110914/ Frame BBDD 23 KB
9 KB 69ms
21ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220726/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e5725866cc62a4f528fb8d7dd1d4c7827832f9d229077f3e747fbf511230bc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 18:47:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 731
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9370
x-xss-protection: 0
server: cafe
etag: 6407886451032183137
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Aug 2022 18:47:15 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame BBDD 0
0 108ms
50ms Fetch
image/gif 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstORw9xiI2wZqDTcRtdlKi6GQbUkgCNNmzIx6xenSZ0Q10e9VxCLXi5aR5RcY_p_zEeNlfTvfYsOshWqK_rwMGeZkytJ61w3A_OueQvmcHy9i2tRi8xwTocC8nqTvekA_51F5lTeGmxKxBpdlljGGZn2VcufgaGP98iXqKabAVnFj-kHuAqMNWFum5H8Gc_90BZdpGZbz4K0DxhI7PXrc3INW6_x2IyImADL3wjHZ8YUn6uyrowQS966b-aiRq9uQxspnwijvlcM1wRBtxQhJd278LC-P053o2CO0zhA5zGo6ShKd1HrC6Qk-FvmBsoeVagJnbpPSz3s7nVTn4My9hbTMWZ9Rn-TTyywx6RULI542frF6nt7sCaiTtojtXS8VdMQFMaUxIV9U8q0FKGLoNUU084TjaoMJxrMDoSORp_bNl06G2TdKmEes1_IVsn0nA9iCFiGrsuCmIq7GYa1vRE9Hc5V-Ck-lNMZRkvgIhMPhCgbLSUafWuqzl-Weq2rYkzFRye3ZbSPCdMUHl00EJgCCq5T6qFdKZW2zMdsLGeAgbeV90L3rIG20orlEMtTlM487rzWe5OnMsvDJO1SKRLAhperK8aXK2mlRl9SRSD8ToNg6zwtf5YDSyKCVX5EyYkRWIIq5yDH9YlxEl60TMTPDuTTC8WqQyGphyXDJlRe0T751ZZRp2lscc1tI3yRrIY1rFZb_G1Hp_3O3GrMgOVH-mtvbQqmsN1KzrV-iwGWiND74BZ3YysmvvKUOyI0IJC2ZXN19ZJOL1VmGiqaoD0a4nv01S1xffPxhb4a6TgPlZdsNt8wHG6zcJ8D8ytHh9sS5uBLYkgpqbnehcHlRH9FNBFmYNtrdtUt1Ipjr4pcSxYQ4BXrhLaf8s5pr5f6HJBeM8jFTQ4mVwRd1jj3baNuhquQm1BDctucmgCmoBTNvj292LJzSnfOiwk3yu3pHV4kw_9Q37lHpVK2r6m3spFxHyzR-O2XcC4uM-yoeqPfnZeuhAgcBwBKyrrpc7bzwd6RpVcG1inhZ_tu2WznBeZM81cplWllR2PPbISsCNboEbAh4aDHcC5QEfzteflGw6N6I9zvdUo2HU54IAROOeG7YStzlWcPMXokU-IHi1VHaSlt_A&sai=AMfl-YRta3kZXKbiDLQArAc9S8uWotRsvdCLo8KyFd8-LfcQmhoPkNUcXNuMOQ&sig=Cg0ArKJSzNJYBNx7RrrpEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Thu, 28 Jul 2022 18:59:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 28 Jul 2022 18:59:27 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame BBDD 106 KB
38 KB 88ms
19ms Script
text/javascript 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 16:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10429
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Jul 2022 16:05:37 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame BBDD 41 KB
15 KB 80ms
38ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 06:25:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45266
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Jul 2023 06:25:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D5FC 42 B
63 B 80ms
79ms Image
image/gif 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A79Plnb2Q9rhf6f45EwJDpKHPx1g49J-58-tC5qZlDiKS5q_wJimohtMAyv3i6DBbc5SyZOqfdRo4EOUW-NuHTwHDAJEYsQUPCF82mNZeA8hTatFU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0217567433541916&output=html&h=90&slotname=8636888252&adk=2846920967&adf=152940308&pi=t.ma~as.8636888252&w=728&lmt=1659034766&url=http%3A%2F%2Fwww.calotteryx.com%2F&wgl=1&dt=1659034766430&bpp=9&bdt=264&idt=175&shv=r20220726&mjsv=m202207210101&ptt=5&saldr=sa&abxe=1&prev_fmts=0x0&prev_slotnames=1113621453%2C5600219850%2C5600219850%2C5600219850%2C2590354652&nras=1&correlator=4418382583650&frm=20&pv=1&ga_vid=1640585551.1659034766&ga_sid=1659034766&ga_hid=236538459&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=522&ady=714&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067984%2C31068585%2C31064018&oid=2&pvsid=2904366874347909&tmod=1836082873&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=7&uci=a!7&fsb=1&xpc=9oPpflpkTH&p=http%3A//www.calotteryx.com&dtd=181

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Jul 2022 18:59:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220726/r20110914/client/ Frame D5FC 3 KB
1 KB 40ms
37ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220726/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 18:53:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 341
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Aug 2022 18:53:45 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D5FC 138 KB
42 KB 109ms
101ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5ce8ecc153c4e51d77a8480af2c1ceeb0c94a94f30b78d23151cacef80e6e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 18:59:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43394
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658749242091060"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 28 Jul 2022 18:59:27 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220726/r20110914/client/ Frame D5FC 17 KB
7 KB 27ms
25ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220726/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b13b8f89a79c883eb205b34adf7ea6afad13e4e7834f0487a3e9335dcaf09d24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 18:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 921
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7476
x-xss-protection: 0
server: cafe
etag: 17790590548613106194
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Aug 2022 18:44:05 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame D5FC 0
0 127ms
79ms Image
text/html 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQs1vaV0cQGmlPiDZ0zNODhBxhDmbuAUbJHZwLeiDIh--_ab3dftzNm0kI9jpit9n-AMwNa_j8VLEmcF6Yb9AZlnSdauA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0217567433541916&output=html&h=90&slotname=8636888252&adk=2846920967&adf=152940308&pi=t.ma~as.8636888252&w=728&lmt=1659034766&url=http%3A%2F%2Fwww.calotteryx.com%2F&wgl=1&dt=1659034766430&bpp=9&bdt=264&idt=175&shv=r20220726&mjsv=m202207210101&ptt=5&saldr=sa&abxe=1&prev_fmts=0x0&prev_slotnames=1113621453%2C5600219850%2C5600219850%2C5600219850%2C2590354652&nras=1&correlator=4418382583650&frm=20&pv=1&ga_vid=1640585551.1659034766&ga_sid=1659034766&ga_hid=236538459&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=522&ady=714&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067984%2C31068585%2C31064018&oid=2&pvsid=2904366874347909&tmod=1836082873&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=7&uci=a!7&fsb=1&xpc=9oPpflpkTH&p=http%3A//www.calotteryx.com&dtd=181
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81c::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 37B6 624 B
297 B 40ms
39ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjmXhCA8WYY-KPPzQEwAQ&v=APEucNU3g2ckwE1T1QC_3QSF7u47gVar1gCofM31Rm2qJksrs-RBvin8_BxFKdTVpPys_NJU1BYCkwb-E10TpZCT_hBoCYBC3Q

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0217567433541916&output=html&h=90&slotname=8636888252&adk=2846920967&adf=152940308&pi=t.ma~as.8636888252&w=728&lmt=1659034766&url=http%3A%2F%2Fwww.calotteryx.com%2F&wgl=1&dt=1659034766430&bpp=9&bdt=264&idt=175&shv=r20220726&mjsv=m202207210101&ptt=5&saldr=sa&abxe=1&prev_fmts=0x0&prev_slotnames=1113621453%2C5600219850%2C5600219850%2C5600219850%2C2590354652&nras=1&correlator=4418382583650&frm=20&pv=1&ga_vid=1640585551.1659034766&ga_sid=1659034766&ga_hid=236538459&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=522&ady=714&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067984%2C31068585%2C31064018&oid=2&pvsid=2904366874347909&tmod=1836082873&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=7&uci=a!7&fsb=1&xpc=9oPpflpkTH&p=http%3A//www.calotteryx.com&dtd=181
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Jul 2022 18:59:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame D5FC 81 KB
33 KB 87ms
86ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C0FPGNu4FvoUEBMe1dmEH0HOxJFXYvhcnLHU72POA8JzY9Y3naOUJCwhR9AGVccRbtc2cewdVnNTqJrtfI5HB_LDhV5w&cry=1&dbm_d=AKAmf-DSRFGFwwtJbepA3t3vkf5f-QauGjHB-0qzxIYDrNbe0bb5luocZH_-kg4KIg2b77RMeMUSrH8wxzGeZCuW7Ryb9Elf27YyEGBhRVKozOZTb1nnapFBYBv8MscVAWxy6svqA2mLAvVYXi17o4KucjDS2cTLxCOy-pAUyrenZvx1cyoeELmycwZDKS75QNuXf7FZL4FfBPD9J3R5FIosMbHpJ5cpbYgEg3M-J7mp0BvkqzXVD9pCj4KrFFUCtAdlt2gJf8f4LlWEtPNvb8_ATIuPYVCP7GRL99Prn6EYMh2XTzPKvLELW9SvFdkx3y3-WPOKAriQivR3WD7Ax-_n_hNa3D8VLfKZMg-AWtlLFjBKPlSm0gcuvz_5blh43Se-mp7FGCM_ErWZqw1puRnDNEfxosqp5tQ49ywMimZ7irQ_YRMrHNDgf0u91KKVnOMGhP9t2x8vUhK06U6yVECA4LlKiKK09-IRP8tJUXcOVYt4p4Yl5PZ1rr_s2FM4fiw-8vwxcIFojYlN8sCYZp0lvFG5iDK4RDswvGf4RTt667-z5xGeHio-pX-PzznaKI67l8eWzupEjxRF-eYhgQQvUJtNkXaU8CrsZmi3iyZJlQSAvehpOgJao71FURoZYChz_R_KkaWQIFKHCcrCRNR1Swh8U42T8c_iJVfAjThxIHk9DSCk8IhIu-XgEqQRBPCgZJjm6r9iXXYLJI1rW5NrROcfcJkp2ARh83fnAx9S_IpgZ42Mw9PSCfHvTHjNh1nLagx_6wVtq9nnanvf9SP3mCItw_l8h5z4kfjZDwuR5hjxMPMM6gGD_W6tSqo8oJu1ZLepW5vVg_z4Ox5iCsiZgHMaob5Ixx84sGzYmvQTb4Q7LIqHeTCzHz-EBMdxdRR2eDu44iUejtMTES6OpjTDuFW38K297mZ1JJw_VenxJCtmettRRYUUhEQrGkH5B7OTpEXPHL5C0ETmnP8preU4HQ6_vAJPUeE_BfP0sJqkKPRA5pSgbq5_N0lWud_A1k2CQp7Vo4mGpSJeH9Mb9ODKvzSP7zAV86R3BXjShihoDU2dhdZVPAeGPSTNsaqWLOW_g9dvqPY0hB_CWzE4FiJ-V-a6pg08dNwwoTZeZ45Yph8SGxRKPY7i3Rx2RcehkLPgHN1CNjzWxxz8c6Wmm16BYN_FGMsV2u-qctXaEnFwpTaK8rPF-4HfPcNAP_J9r3WBe-6n3XyjkwoliTP4VZzQbdIzO9UdYjJ3IkxiaM1ZTqIezLQ-LFdUkvrNjuFwDb6HoYq00C4IbGzKTxab_adIuJSiqMGxhShvmZNs61hp4kNa2I9aHTMwDEqq9119SAwFZz3JKBURkV9gBWUgI1fmwpgM9_SYLb81Jg8QLwN4AMl2U1v3BJO5A7MZfnzTqU7fdkO5GlwEql_s4_bYAH1tNRPfKbh4jaU4lOM2yMLpaHPTFWB0fVdGc2KbQEFWtOl1OWG7ZbuM8-iQCLVoWmpa9-QKnF55AXhS_S_UkNE46v-hDWyLKcut5fv6z5FVLlTTWSHP221qvVOfX0HUG3bIRm1gECQra_qqb-wgKDzGacG_HFZdyonJgf89JuT9lqD59jqXvXXmSRo70mWV_EChqoErtZU8PtsBifm-uutBpdDajwR71hM4JqdqDNQFuN91sukRlWgT-GWw0gyBYRjkrt5n10TVly3c0rODrLO4QTVZ9qv4RutndSJcaOfWBirwmGTFr5qe2Md_bGd5vlRVc1vVjoZ4j0iF_kfOFB7kUwsYAOwwsszMtAfgzPyjbMf8-MyuW1J91_H2-2jbpYqbJeBJX41peic6RBKBccGme25LP8ZMVnHEPmFipxCzMWdEIaW-a_KtKGr9Q8eVG3B2GnFLBsNjeuIhLz2qdhygI5-8L2yBznvSBSxjxHgSqwO_2GHOZRDiAkl6u2Wsq_HLJUTG91RZuZW6ls7TyQUfCs_jxbCLTHV3vef3a3Jtp2CLgYUtbYb8oD53W9EPbR1KiAyrO8U5WSW2-cEuNJ93VTpXXkTMJ09203ygHRn4zYVSyg9a5VJ--ZSaCE1wKaRwFVMlJ_stR05Hi9upjnROwD9NiPs-yt8c7DBEKtz2U70xqXqiQLNdii8o_vDgthg5-h_bLhoIazH9lVDZvPxyolIlvh44LS2ESe7NRMXHNP6ijv6Vmw3uQ02rrTUeOmsyOX4f2m1Wy2IxqE_WOoGoVSr2WKMpR2FHopj5TDXolCZRyqme70J9abT6QGZzbSDUl4h7DYadTM_LwhJHlF3nqPKCqCaXjasbg6LcHgbmszlP0ZQeGrFoWu-CHfROAcUm3rDpnwcCIoyVVaRy_U4KCbJfhqn0sueesLyBoETtFtbWePtP9OAHKH2umJYIBVqEXwQ1T6CtjujwnH-bkzDCx2bR-uNx2_HZVe78Ww7IKrhzM5pvzVHyfudzon05ODa7H-Yze0_3U44ypxJTPiGiopWd9Yo9_CzuAna3cMIb_5hM63H6bHXYNBoPTisjSTXMLJUSE1lXfjJybOIaBy1tVsRXZPgukR32gCaLIE-xrLJbUemPV2PFObGSTRtKfVXJqPdymdnzbPIAZ6APg9XvTU5BFP4IpGo9GFvCwNraBdmhc4DhbmmxIj1l9u6GTBTZmly7J8ji3_tWqYzO8Jt4GAwj6ccbvrxcilTlJ1AWioUjVeyUvh5vAD4Gqihe1730-QF6jDkCnNHji90tZprCnHVsGrUPee69X6m-K_mi7aEOWyrERSwwayobemUyL4zjh0wh1YBlgQw-XSIuCokpXuoXs7ki2sFSVRJpEM83uKjqY4arWGRZIlU80G6zJH7FwUOCy1lCUax_CgdAMZ1q33zH9sLEpCjCYHcPbGSa-vLhVniwnjieRfLypCwzBHNLHY6SWjD7XMRR44QKavi6W9z0rqus5hwN9LBT4WYnRbMLRXIakJsQU-rcDHRGbt6z3MPaebgHr7_Lo7TsbKzRooyYk61FsspXQHvsSsjCZCQ6A8H08j9kJLdNPo3RnNsM7QUNnZ2wZ1nXG1CcxwYuiVP5AHUWJ48vfx_nk1KM12B6WwzZUOGi-pYY4ivQFT1bOJpDrJkJlSXKg0MQgxoPyL0QcEv3nfc-iYwq5kc-zZWSrN1el6CZNVjM6aIHHcdYEACZPXRJyqzH9gJFT_S5Xmo114p7l-Fj9dcO6pY0v9sxQY_6cwgTOexvh_OE4_Ae5UyChP0AhleUh4beDWtlEI2xyFsqV8FHXPHedzqyfOso6nWzGkCZ2Il5Z9L_PiG1aSUNoVFRvTUByrVZVTLt1uoiQCEBefwzf3g9FU2TWZalS92P1nnSS-YyfAX8ojCBBGWWFTAumKWaT5GwnaCz5spUXx52RZ0YoZWVG12vNxNv3Q72sKxR&cid=CAASEuRoev0wVfciRPh_x11aeOpGHA&rfl=1%2Chttp%253A%252F%252Fwww.calotteryx.com%252F%240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1e26f61364f782f322f7530ff7ab1f8a4e34626323f9b04365f4c99990a493a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0217567433541916&output=html&h=90&slotname=8636888252&adk=2846920967&adf=152940308&pi=t.ma~as.8636888252&w=728&lmt=1659034766&url=http%3A%2F%2Fwww.calotteryx.com%2F&wgl=1&dt=1659034766430&bpp=9&bdt=264&idt=175&shv=r20220726&mjsv=m202207210101&ptt=5&saldr=sa&abxe=1&prev_fmts=0x0&prev_slotnames=1113621453%2C5600219850%2C5600219850%2C5600219850%2C2590354652&nras=1&correlator=4418382583650&frm=20&pv=1&ga_vid=1640585551.1659034766&ga_sid=1659034766&ga_hid=236538459&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=522&ady=714&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067984%2C31068585%2C31064018&oid=2&pvsid=2904366874347909&tmod=1836082873&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=7&uci=a!7&fsb=1&xpc=9oPpflpkTH&p=http%3A//www.calotteryx.com&dtd=181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Jul 2022 18:59:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34035
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 37B6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP-DboZDYwWmTIfDKEM582s&google_cver=1

43 B
903 B

73ms
58ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP-DboZDYwWmTIfDKEM582s&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjmXhCA8WYY-KPPzQEwAQ&v=APEucNU3g2ckwE1T1QC_3QSF7u47gVar1gCofM31Rm2qJksrs-RBvin8_BxFKdTVpPys_NJU1BYCkwb-E10TpZCT_hBoCYBC3Q
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray: 731fda1f1fb15431-YYZ
pragma: no-cache
date: Thu, 28 Jul 2022 18:59:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0LqCMpb2DYWMJUwLqpAviF1OC5PuAdYbRUuDs7MBm41j5TTBOjguJA4RgI8ogLW9gjIbbtG2Y1u9k2vlSHO121lWSJXo3qaoVW1zGrvhLp7Mtyw1K7eOSG%2Fk6Amng7wSuiizwLL4WqB7qA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 28 Jul 2022 18:59:27 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP-DboZDYwWmTIfDKEM582s&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 37B6
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YuLcjw2CJ7zoBna038bC6wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDqBIQQGweA7azwyyyzTUv8&google_cver=1

43 B
910 B

58ms
58ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDqBIQQGweA7azwyyyzTUv8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjmXhCA8WYY-KPPzQEwAQ&v=APEucNU3g2ckwE1T1QC_3QSF7u47gVar1gCofM31Rm2qJksrs-RBvin8_BxFKdTVpPys_NJU1BYCkwb-E10TpZCT_hBoCYBC3Q
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray: 731fda2039b55431-YYZ
pragma: no-cache
date: Thu, 28 Jul 2022 18:59:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6VlKhwwuY2lK%2BPceYbkOeOKbpEIyRek%2BLvt6k0JfhQRS1g6cMejkvpF1UX8T2AKrSZ3JhFRhBk%2F4gRVqqRpPZ0Zge0kmgWBEyH6aJiHVeQJRyAcsEN%2F%2BKleSw2Wss1Elqki5vOw6v3IjrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 28 Jul 2022 18:59:27 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDqBIQQGweA7azwyyyzTUv8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 37B6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMLQKaV34zIBacSBsC1Kh7E&google_cver=1

43 B
1018 B

174ms
162ms

Image
image/gif

68.67.160.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEMLQKaV34zIBacSBsC1Kh7E&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjmXhCA8WYY-KPPzQEwAQ&v=APEucNU3g2ckwE1T1QC_3QSF7u47gVar1gCofM31Rm2qJksrs-RBvin8_BxFKdTVpPys_NJU1BYCkwb-E10TpZCT_hBoCYBC3Q

Protocol

HTTP/1.1

Server

68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 28 Jul 2022 18:59:27 GMT
X-Proxy-Origin: 149.56.153.179; 149.56.153.179; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: c8918dce-ff2b-4321-93f8-9414f4238b11
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 28 Jul 2022 18:59:27 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEMLQKaV34zIBacSBsC1Kh7E&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 37B6
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg1NjgyMzYzMTk2OTg4MjMzMw%3D%3D

170 B
188 B

79ms
38ms

Image
image/png

142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg1NjgyMzYzMTk2OTg4MjMzMw%3D%3D

Requested by

Protocol

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Jul 2022 18:59:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 28 Jul 2022 18:59:27 GMT
X-Proxy-Origin: 149.56.153.179; 149.56.153.179; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: a0351fda-98ec-42ba-a28a-9e53ad0df0ea
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg1NjgyMzYzMTk2OTg4MjMzMw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 91BE 22 KB
8 KB 65ms
21ms Document
text/html 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 45267
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 28 Jul 2022 06:25:00 GMT
expires: Fri, 28 Jul 2023 06:25:00 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame BBDD 8 KB
4 KB 301ms
19ms Script
application/javascript 2600:1400:d:58c::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=17076837&cmp=27178305&sid=7691797&plc=327771722&num=&adid=&advid=10932048&adsrv=1&btreg=519915414&btadsrv=doubleclick&crt=165396353&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:58c::4469 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 73ae8628ff25c7db63ca0bc099f8934739980798a0c3ab0ca9cc190b711eeba7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 28 Jul 2022 18:59:27 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Jul 2022 12:00:26 GMT
Server: Microsoft-IIS/10.0
ETag: "0699c9f79a2d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3314

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/4916229719952719872/ Frame 8FB7 5 KB
2 KB 63ms
20ms Document
text/html 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4916229719952719872/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

966b7999a6cc60d181f1e9581dbbfbae51367452541eca6c8d053e6ad190704a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 519534
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1775
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Jul 2022 18:40:33 GMT
expires: Sat, 22 Jul 2023 18:40:33 GMT
last-modified: Wed, 26 Jan 2022 17:26:30 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame D5FC 106 KB
37 KB 102ms
62ms Script
text/javascript 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.calotteryx.com
URL: http://www.calotteryx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 16:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10430
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Jul 2022 16:05:37 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220726/r20110914/elements/html/ Frame D5FC 8 KB
3 KB 20ms
19ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220726/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C0FPGNu4FvoUEBMe1dmEH0HOxJFXYvhcnLHU72POA8JzY9Y3naOUJCwhR9AGVccRbtc2cewdVnNTqJrtfI5HB_LDhV5w&cry=1&dbm_d=AKAmf-DSRFGFwwtJbepA3t3vkf5f-QauGjHB-0qzxIYDrNbe0bb5luocZH_-kg4KIg2b77RMeMUSrH8wxzGeZCuW7Ryb9Elf27YyEGBhRVKozOZTb1nnapFBYBv8MscVAWxy6svqA2mLAvVYXi17o4KucjDS2cTLxCOy-pAUyrenZvx1cyoeELmycwZDKS75QNuXf7FZL4FfBPD9J3R5FIosMbHpJ5cpbYgEg3M-J7mp0BvkqzXVD9pCj4KrFFUCtAdlt2gJf8f4LlWEtPNvb8_ATIuPYVCP7GRL99Prn6EYMh2XTzPKvLELW9SvFdkx3y3-WPOKAriQivR3WD7Ax-_n_hNa3D8VLfKZMg-AWtlLFjBKPlSm0gcuvz_5blh43Se-mp7FGCM_ErWZqw1puRnDNEfxosqp5tQ49ywMimZ7irQ_YRMrHNDgf0u91KKVnOMGhP9t2x8vUhK06U6yVECA4LlKiKK09-IRP8tJUXcOVYt4p4Yl5PZ1rr_s2FM4fiw-8vwxcIFojYlN8sCYZp0lvFG5iDK4RDswvGf4RTt667-z5xGeHio-pX-PzznaKI67l8eWzupEjxRF-eYhgQQvUJtNkXaU8CrsZmi3iyZJlQSAvehpOgJao71FURoZYChz_R_KkaWQIFKHCcrCRNR1Swh8U42T8c_iJVfAjThxIHk9DSCk8IhIu-XgEqQRBPCgZJjm6r9iXXYLJI1rW5NrROcfcJkp2ARh83fnAx9S_IpgZ42Mw9PSCfHvTHjNh1nLagx_6wVtq9nnanvf9SP3mCItw_l8h5z4kfjZDwuR5hjxMPMM6gGD_W6tSqo8oJu1ZLepW5vVg_z4Ox5iCsiZgHMaob5Ixx84sGzYmvQTb4Q7LIqHeTCzHz-EBMdxdRR2eDu44iUejtMTES6OpjTDuFW38K297mZ1JJw_VenxJCtmettRRYUUhEQrGkH5B7OTpEXPHL5C0ETmnP8preU4HQ6_vAJPUeE_BfP0sJqkKPRA5pSgbq5_N0lWud_A1k2CQp7Vo4mGpSJeH9Mb9ODKvzSP7zAV86R3BXjShihoDU2dhdZVPAeGPSTNsaqWLOW_g9dvqPY0hB_CWzE4FiJ-V-a6pg08dNwwoTZeZ45Yph8SGxRKPY7i3Rx2RcehkLPgHN1CNjzWxxz8c6Wmm16BYN_FGMsV2u-qctXaEnFwpTaK8rPF-4HfPcNAP_J9r3WBe-6n3XyjkwoliTP4VZzQbdIzO9UdYjJ3IkxiaM1ZTqIezLQ-LFdUkvrNjuFwDb6HoYq00C4IbGzKTxab_adIuJSiqMGxhShvmZNs61hp4kNa2I9aHTMwDEqq9119SAwFZz3JKBURkV9gBWUgI1fmwpgM9_SYLb81Jg8QLwN4AMl2U1v3BJO5A7MZfnzTqU7fdkO5GlwEql_s4_bYAH1tNRPfKbh4jaU4lOM2yMLpaHPTFWB0fVdGc2KbQEFWtOl1OWG7ZbuM8-iQCLVoWmpa9-QKnF55AXhS_S_UkNE46v-hDWyLKcut5fv6z5FVLlTTWSHP221qvVOfX0HUG3bIRm1gECQra_qqb-wgKDzGacG_HFZdyonJgf89JuT9lqD59jqXvXXmSRo70mWV_EChqoErtZU8PtsBifm-uutBpdDajwR71hM4JqdqDNQFuN91sukRlWgT-GWw0gyBYRjkrt5n10TVly3c0rODrLO4QTVZ9qv4RutndSJcaOfWBirwmGTFr5qe2Md_bGd5vlRVc1vVjoZ4j0iF_kfOFB7kUwsYAOwwsszMtAfgzPyjbMf8-MyuW1J91_H2-2jbpYqbJeBJX41peic6RBKBccGme25LP8ZMVnHEPmFipxCzMWdEIaW-a_KtKGr9Q8eVG3B2GnFLBsNjeuIhLz2qdhygI5-8L2yBznvSBSxjxHgSqwO_2GHOZRDiAkl6u2Wsq_HLJUTG91RZuZW6ls7TyQUfCs_jxbCLTHV3vef3a3Jtp2CLgYUtbYb8oD53W9EPbR1KiAyrO8U5WSW2-cEuNJ93VTpXXkTMJ09203ygHRn4zYVSyg9a5VJ--ZSaCE1wKaRwFVMlJ_stR05Hi9upjnROwD9NiPs-yt8c7DBEKtz2U70xqXqiQLNdii8o_vDgthg5-h_bLhoIazH9lVDZvPxyolIlvh44LS2ESe7NRMXHNP6ijv6Vmw3uQ02rrTUeOmsyOX4f2m1Wy2IxqE_WOoGoVSr2WKMpR2FHopj5TDXolCZRyqme70J9abT6QGZzbSDUl4h7DYadTM_LwhJHlF3nqPKCqCaXjasbg6LcHgbmszlP0ZQeGrFoWu-CHfROAcUm3rDpnwcCIoyVVaRy_U4KCbJfhqn0sueesLyBoETtFtbWePtP9OAHKH2umJYIBVqEXwQ1T6CtjujwnH-bkzDCx2bR-uNx2_HZVe78Ww7IKrhzM5pvzVHyfudzon05ODa7H-Yze0_3U44ypxJTPiGiopWd9Yo9_CzuAna3cMIb_5hM63H6bHXYNBoPTisjSTXMLJUSE1lXfjJybOIaBy1tVsRXZPgukR32gCaLIE-xrLJbUemPV2PFObGSTRtKfVXJqPdymdnzbPIAZ6APg9XvTU5BFP4IpGo9GFvCwNraBdmhc4DhbmmxIj1l9u6GTBTZmly7J8ji3_tWqYzO8Jt4GAwj6ccbvrxcilTlJ1AWioUjVeyUvh5vAD4Gqihe1730-QF6jDkCnNHji90tZprCnHVsGrUPee69X6m-K_mi7aEOWyrERSwwayobemUyL4zjh0wh1YBlgQw-XSIuCokpXuoXs7ki2sFSVRJpEM83uKjqY4arWGRZIlU80G6zJH7FwUOCy1lCUax_CgdAMZ1q33zH9sLEpCjCYHcPbGSa-vLhVniwnjieRfLypCwzBHNLHY6SWjD7XMRR44QKavi6W9z0rqus5hwN9LBT4WYnRbMLRXIakJsQU-rcDHRGbt6z3MPaebgHr7_Lo7TsbKzRooyYk61FsspXQHvsSsjCZCQ6A8H08j9kJLdNPo3RnNsM7QUNnZ2wZ1nXG1CcxwYuiVP5AHUWJ48vfx_nk1KM12B6WwzZUOGi-pYY4ivQFT1bOJpDrJkJlSXKg0MQgxoPyL0QcEv3nfc-iYwq5kc-zZWSrN1el6CZNVjM6aIHHcdYEACZPXRJyqzH9gJFT_S5Xmo114p7l-Fj9dcO6pY0v9sxQY_6cwgTOexvh_OE4_Ae5UyChP0AhleUh4beDWtlEI2xyFsqV8FHXPHedzqyfOso6nWzGkCZ2Il5Z9L_PiG1aSUNoVFRvTUByrVZVTLt1uoiQCEBefwzf3g9FU2TWZalS92P1nnSS-YyfAX8ojCBBGWWFTAumKWaT5GwnaCz5spUXx52RZ0YoZWVG12vNxNv3Q72sKxR&cid=CAASEuRoev0wVfciRPh_x11aeOpGHA&rfl=1%2Chttp%253A%252F%252Fwww.calotteryx.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 18:51:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 480
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Aug 2022 18:51:27 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220726/r20110914/ Frame D5FC 30 KB
11 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220726/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccf275d85ba3479f9bb61b3915f34b3a16b5437cd0f4ec25666d819875a059a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 18:58:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11520
x-xss-protection: 0
server: cafe
etag: 16798029156924389348
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Aug 2022 18:58:07 GMT

GET
DATA 200
OK truncated
/ Frame BBDD 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a40f2f64ca3ebe95d774f408f56d7a5c2de90a6d35c6601111c5b2ac306b6f96

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207210101/ 149 KB
53 KB 48ms
48ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207210101/reactive_library_fy2021.js?bust=31068585

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207210101/show_ads_impl_fy2019.js?bust=31068585

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55ece0286170170f0e550fd7ed86d18d89ad37c4648b56db7d4007b321d65623

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 18:59:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54113
x-xss-protection: 0
server: cafe
etag: 3696917968296744729
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Jul 2022 18:59:27 GMT

GET
H3 200 styles.css
s0.2mdn.net/sadbundle/4916229719952719872/styles/ Frame 8FB7 2 KB
737 B 20ms
20ms Stylesheet
text/css 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4916229719952719872/styles/styles.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4916229719952719872/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54343f973739524192ca1bef236df43026157773f892d0ef6dbb4a0505470770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4916229719952719872/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 10:34:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 289471
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 708
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 17:26:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 25 Jul 2023 10:34:56 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.8.0/ Frame 8FB7 62 KB
23 KB 51ms
20ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.8.0/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4916229719952719872/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a14255e68fc99fc5b4a8b323c13070ac67f42775917706fd3b147b436810a5da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 18:59:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 79266
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22641
timing-allow-origin: *
last-modified: Wed, 29 Sep 2021 08:04:56 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "61541e28-5871"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XLD8NoHo8uGyQnMaDbumGsFtat8TR35PCKXk7n7n0RguXwDLr5sXaHMm7rny3O2oI4x7yc6j4L4GRO%2BlEUfzG2w%2B87DYdXONW4lBKd89pUoknLD1WKJ2HbvEjzy%2FvRSW1LgzL9PTQ8TPGbGeqQGQDtBo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 731fda1f6a7f7151-YUL
expires: Tue, 18 Jul 2023 18:59:27 GMT

GET
H2 200 ScrollToPlugin.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.8.0/ Frame 8FB7 4 KB
2 KB 67ms
38ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.8.0/ScrollToPlugin.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4916229719952719872/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0cc22baa2e1bda00f722ec6122b8360f4e29f263227f366cb5fdaf345401921a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 18:59:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4320730
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1607
timing-allow-origin: *
last-modified: Wed, 29 Sep 2021 08:04:56 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "61541e28-647"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bbe9NU9uDdrf1PwWR3gNMUI1u6jEzvpQPKmkZrG8MhAGBAdzENiY76Qp2w09zb2L1l9dP%2FTAAkT0gropgGrjQhlnC7Vz3PezSxBojHGCMH10Z%2BMPIiEsp8FLmt193BnzVF%2Be5yOL6LdYg3zRDyoky%2BhP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 731fda1f8ab57151-YUL
expires: Tue, 18 Jul 2023 18:59:27 GMT

GET
H3 200 isiText.js Show response
s0.2mdn.net/sadbundle/4916229719952719872/scripts/ Frame 8FB7 16 KB
6 KB 22ms
20ms Script
application/x-javascript 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4916229719952719872/scripts/isiText.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4916229719952719872/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

383a10bc0724bcadc7f160ef83e0db298ef23cfad81df12d630cd6778647e72b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4916229719952719872/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 10:34:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 289471
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6119
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 17:26:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 25 Jul 2023 10:34:56 GMT

GET
H3 200 ISI.min.js Show response
s0.2mdn.net/sadbundle/4916229719952719872/scripts/lib/ Frame 8FB7 7 KB
3 KB 23ms
22ms Script
application/x-javascript 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4916229719952719872/scripts/lib/ISI.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4916229719952719872/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

219cd5046703d80796a4341f568525b37d1f6b7d5b0c2f83e8fcb95c3f09ada9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4916229719952719872/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 18:53:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 259529
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2604
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 17:26:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 25 Jul 2023 18:53:58 GMT

GET
H3 200 intouch.min.js Show response
s0.2mdn.net/sadbundle/4916229719952719872/scripts/lib/ Frame 8FB7 1 KB
605 B 25ms
23ms Script
application/x-javascript 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4916229719952719872/scripts/lib/intouch.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4916229719952719872/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f8ec68c510504e40226637527c4978485306f32899c3e2036b0c57bd44d0ee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4916229719952719872/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 22:37:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 246142
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 576
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 17:26:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 25 Jul 2023 22:37:05 GMT

GET
H3 200 fontLoader.min.js Show response
s0.2mdn.net/sadbundle/4916229719952719872/scripts/lib/ Frame 8FB7 3 KB
1 KB 25ms
24ms Script
application/x-javascript 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4916229719952719872/scripts/lib/fontLoader.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4916229719952719872/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bb1e711212d8ed816dd2e5cf67456a0b82b5c047f1a466bda64dc2b5428c7ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4916229719952719872/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 10:34:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 289471
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1218
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 17:26:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 25 Jul 2023 10:34:56 GMT

GET
H3 200 gcmd.min.js Show response
s0.2mdn.net/sadbundle/4916229719952719872/scripts/lib/ Frame 8FB7 3 KB
1 KB 27ms
25ms Script
application/x-javascript 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4916229719952719872/scripts/lib/gcmd.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4916229719952719872/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d9e1aee0f49209dcd2e07fabee57cbdc1b97c8f98ac22aaddf4b7071bbdad5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4916229719952719872/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 10:34:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 289471
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1406
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 17:26:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 25 Jul 2023 10:34:56 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/sadbundle/4916229719952719872/scripts/ Frame 8FB7 2 KB
984 B 27ms
26ms Script
application/x-javascript 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4916229719952719872/scripts/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4916229719952719872/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f26d201ce6a67265198550ddbfa6eb6b1a3093d6821f635fb9121ede0e863a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4916229719952719872/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 00:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66636
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 955
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 17:26:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 28 Jul 2023 00:28:51 GMT

GET
H3 200 sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js Show response
pagead2.googlesyndication.com/bg/ Frame 91BE 36 KB
14 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b099db39e475bb735f0f889f4ebe8863bd1a1d945faf7c8a422f80da6fa81d3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 17:36:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 91366
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13883
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Jul 2023 17:36:41 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame D5FC 41 KB
15 KB 21ms
20ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 06:25:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45267
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Jul 2023 06:25:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 731A 1 KB
749 B 32ms
31ms Document
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 10431
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Jul 2022 16:05:36 GMT
etag: 48472445140208031
expires: Fri, 29 Jul 2022 16:05:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D5FC 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d6ceb10222044ca39133975adc07825f998f3c6e1d94021a83918e12e7b3b31f

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
122 B 87ms
42ms Script
application/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=www.calotteryx.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207210101/show_ads_impl_fy2019.js?bust=31068585

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 28 Jul 2022 18:59:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 84ms
40ms Script
application/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.calotteryx.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207210101/show_ads_impl_fy2019.js?bust=31068585

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 28 Jul 2022 18:59:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220726/r20110914/ Frame D79D 10 KB
4 KB 21ms
21ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220726/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207210101/show_ads_impl_fy2019.js?bust=31068585

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.calotteryx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 6083
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Jul 2022 17:18:04 GMT
etag: 8616628553774171045
expires: Thu, 11 Aug 2022 17:18:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220726/r20110914/ Frame 2745 10 KB
4 KB 21ms
21ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220726/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207210101/show_ads_impl_fy2019.js?bust=31068585

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.calotteryx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 6083
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Jul 2022 17:18:04 GMT
etag: 8616628553774171045
expires: Thu, 11 Aug 2022 17:18:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 41D3 22 KB
8 KB 22ms
21ms Document
text/html 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 45267
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 28 Jul 2022 06:25:00 GMT
expires: Fri, 28 Jul 2023 06:25:00 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

firstevent Show response
scotiabank.demdex.net/ Frame D5FC
Redirect Chain

https://scotiabank.demdex.net/event?d_event=imp&d_src=203093&d_creative=173744556&d_campaign=27984544&d_placement=339132495&d_site=3375178&c_advertID=6105463&d_bust=359949805
https://scotiabank.demdex.net/firstevent?d_event=imp&d_src=203093&d_creative=173744556&d_campaign=27984544&d_placement=339132495&d_site=3375178&c_advertID=6105463&d_bust=359949805

42 B
956 B

89ms
86ms

Script
image/gif

54.200.135.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://scotiabank.demdex.net/firstevent?d_event=imp&d_src=203093&d_creative=173744556&d_campaign=27984544&d_placement=339132495&d_site=3375178&c_advertID=6105463&d_bust=359949805

Requested by

Protocol

HTTP/1.1

Server

54.200.135.15 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-200-135-15.us-west-2.compute.amazonaws.com

Software

Resource Hash

1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v034-0eff03ec0.edge-usw2.demdex.com 6 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Z9GboKzZT+o=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-usw2-2-v034-047fc7024.edge-usw2.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Ai/1vnNhQ+A=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://scotiabank.demdex.net/firstevent?d_event=imp&d_src=203093&d_creative=173744556&d_campaign=27984544&d_placement=339132495&d_site=3375178&c_advertID=6105463&d_bust=359949805
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/14202341889595670528/ Frame 552B 34 KB
10 KB 23ms
20ms Document
text/html 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14202341889595670528/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92087472bfbdf3ad30c7db4ffc74fe08e9574ccfd24a9258a7b0ac80e9e7b4ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 485879
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 10414
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 23 Jul 2022 04:01:28 GMT
expires: Sun, 23 Jul 2023 04:01:28 GMT
last-modified: Thu, 16 Jun 2022 14:43:13 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame D5FC 0
27 B 93ms
50ms Ping
image/gif 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss7DXTgnIrHAo9gBAhbLOkSOYO-NLo6vIp_lIZ6wWqKsQvUOL3ZN3SFNOMeEsM9P9nzaGar-awtW0ldV3GE28vvl7wDhp5nWwoS97RLqefrlVUc4caVSNOxNC2rkaECBHJKTLFpZ1p0wv0e3CDg4QjJyBX7Aomto7pE6YTaIKTlzoLe04Qe3ln4Slumn0oihbst4bEmWmFt5tb3NnI6dSEHLC1vzrZI_tN0RgJwhDcx0BwLxA-S77lq_-igLJftum_7bW__kC6zB01YxTPs45PstPQDJVTWTiEWd77mCaMeXTy79dj8LpNRrGARTW7heQua90wgT2SlrCwP6HDUgLxSuqEVe99MTjXMd4aW2oUaFSA3itHlzsCfL-uEPNJNCrL2C52wx17L2YcOAcVL9tf-psw_Dl-DxojgarmUvpZP_o8AMuFYCQJMgh1b-hJSDSfBCASGwEsMO6w-3Dm4ZwPO70dMaSAnwBxF35BtmXiBiKcI8IzxeEf6BqUb8-V8Nn67v0KHbbo1AcCBzXVI2-e9OfXdiLOiAhPgVHzr4W0F_dt-EyOkCiOiDdYX8wHQDeSpzuqCxQ5ck8lQIZrhf1gGHF72Coij-_esqHiSVduV38iOenZUb7wpnhDcsW1sfM-8sEidTQauhLZgq6RmGOIClSLUgPQwSZoWWcKbrlPZSdtu5YGVg1l1P4-eZIl6SOL2VVdM4lKN1ZNoc4LLa7WjOelaFhjaavYHoZlTQZ5bi8wFMgO38r4UFka1HiLIN2F6dEt80gCgtPrgMYcqlJ0SEqvKuTKby1uGk-Q9aPDqBnED4dlsUvMpD4q40GXaw0KHBUu6GpxH58DXn_C3hnLR-fX-Puls6zpjZFkyxNOVl5rN0u97hThBd10dMwpcjNrqyHYZLvjvXXJ7XJcTwrtjlC7eNib9mm9moiYBbBJIxS4ih1RoktWdnf9kVtLrpVo54KfHDtGfsjovxAcwnZsYbINulThiQPrsDgdb8fJkOuCI2nN5NnK2AIK9pUPYnjr4UkpLaE6x0-eJKILA94kC6l-oB5eK_HY16i6YINit3eNmyNcTCPVn7_D-ozEdcIXZPxRHTu286Y6Hof328IGGEe2gDmw1Xv1MYdbDSTehQECntUaH7b_QAhbPvTjLY7ZKYmoqDmMsdc6mAHSO3SPYckxUaaeANDj59TvKkR-PaWlQCjtKTDmpIFhazSZdWqCekG-Ov1UP-Huowp7jZvey-RG_otGXIA_6Rz1-U__OqBasSrZ-uQIqlYwe9DDDIdjwWtkpPcWkvu4u716cY8HU1qJfVUquUULDcGTT9Stkfp4bJrViE4jhqEPPiWSi3A&sai=AMfl-YTPiuT-UqptJPFdiG4xSzt1S0shOKWoPi3L3KUsseUqegF3HaPZ0Zzd-lWPuLGr9j4ZxhVej-zqjxXyC6TSExB7u7peP6GddaBTS4kUwh-QP76QBcEct-Obd3HS7-Hamkq5lw6oClBOFsCZD3EGwNrp1YFmgwg7cIQcWPM0gWC2YZJjljp5CQ&sig=Cg0ArKJSzPj2-xfE2VKoEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=208&cbvp=1&cstd=205&cisv=r20220726.45462&adurl=

Requested by

Host: www.calotteryx.com
URL: http://www.calotteryx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Thu, 28 Jul 2022 18:59:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ Frame 8FB7 13 KB
6 KB 70ms
20ms Script
text/javascript 2607:f8b0:4006:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4916229719952719872/scripts/lib/fontLoader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 16:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 96840
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Jul 2023 16:05:27 GMT

GET
H3 200 campaign.jpg
s0.2mdn.net/sadbundle/4916229719952719872/images/ Frame 8FB7 48 KB
48 KB 22ms
22ms Image
image/jpeg 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4916229719952719872/images/campaign.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4916229719952719872/styles/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0da43c6686f5f2f920bdb35e3677014968fee931ed0c90df435a3d70589445c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4916229719952719872/styles/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 22:37:06 GMT
x-content-type-options: nosniff
age: 246141
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48930
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 17:26:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 25 Jul 2023 22:37:06 GMT

GET
H3 200 dotsTwo.png
s0.2mdn.net/sadbundle/4916229719952719872/images/ Frame 8FB7 443 B
470 B 21ms
20ms Image
image/png 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4916229719952719872/images/dotsTwo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4916229719952719872/styles/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

059a4a5716d23c6b19daf8c57aa50b05b226f28e2aa73336bcfed7d5532f06ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4916229719952719872/styles/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 10:15:58 GMT
x-content-type-options: nosniff
age: 290609
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 443
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 17:26:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 25 Jul 2023 10:15:58 GMT

GET
H3 200 dotsThree.png
s0.2mdn.net/sadbundle/4916229719952719872/images/ Frame 8FB7 178 B
205 B 35ms
34ms Image
image/png 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4916229719952719872/images/dotsThree.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4916229719952719872/styles/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a91cad69f6e41bc4f5f640a23ea4972bf3afdb8f0800ee68c57b3ec27abae33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4916229719952719872/styles/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 05:17:06 GMT
x-content-type-options: nosniff
age: 567741
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 178
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 17:26:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 22 Jul 2023 05:17:06 GMT

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/4916229719952719872/images/ Frame 8FB7 13 KB
5 KB 31ms
30ms Image
image/svg+xml 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4916229719952719872/images/logo.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4916229719952719872/styles/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e6d98614c4f1186bbe8d7ac35b8e16a239e11c6a32ce10cdd3954327ebcbef4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4916229719952719872/styles/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 12:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 197470
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5057
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 17:26:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 26 Jul 2023 12:08:17 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/4916229719952719872/images/ Frame 8FB7 1 KB
1 KB 33ms
33ms Image
image/png 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4916229719952719872/images/cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4916229719952719872/styles/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dd3c7aca525b488302dc032eda1be65d7a41081b49d0d3c88620881399a83d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4916229719952719872/styles/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 10:15:58 GMT
x-content-type-options: nosniff
age: 290609
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1400
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 17:26:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 25 Jul 2023 10:15:58 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 731A
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEL0cQyrzOLYoqApnAoRq-Os&google_cver=1&google_push=AehlK4C7GULHWzI4UvsK4-NKJWi1-Xrg162Kt7EARQBotXJ1Et9N7Hhsd_sEH8rOnhlojwztgb6wRsoEKwNBGogBIDW18ZS1DBg
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4C7GULHWzI4UvsK4-NKJWi1-Xrg162Kt7EARQBotXJ1Et9N7Hhsd_sEH8rOnhlojwztgb6wRsoEKwNBGogBIDW18ZS1DBg&google_hm=Q0FFU0VMMGNReXJ6T0xZb3...

170 B
188 B

39ms
38ms

Image
image/png

142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4C7GULHWzI4UvsK4-NKJWi1-Xrg162Kt7EARQBotXJ1Et9N7Hhsd_sEH8rOnhlojwztgb6wRsoEKwNBGogBIDW18ZS1DBg&google_hm=Q0FFU0VMMGNReXJ6T0xZb3FBcG5Bb1JxLU9z

Requested by

Protocol

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Jul 2022 18:59:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 28 Jul 2022 18:59:27 GMT
via: 1.1 1ffe498380a643d1bb2efaa624b761a6.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
x-amz-cf-pop: EWR53-C1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4C7GULHWzI4UvsK4-NKJWi1-Xrg162Kt7EARQBotXJ1Et9N7Hhsd_sEH8rOnhlojwztgb6wRsoEKwNBGogBIDW18ZS1DBg&google_hm=Q0FFU0VMMGNReXJ6T0xZb3FBcG5Bb1JxLU9z
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: ZIFTS1FawSSy25sEUBPEIAEF41uj_u0COG9IgzyQuug1sYN4VEg4hA==
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 731A
Redirect Chain

https://odr.mookie1.com/t/v2/sync?tagid=V2_4530&src.visitorid=CAESEGIfkM_TPnAGCVnso2G9t18&google_cver=1&google_push=AehlK4DN89wNUmQlKb_2gnh0WfSWmQChvNwumx5IcmdMAloBpGUXauJm1DcqojiXdWkB0JeIu_So9pHkZ...
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dev_dmp&google_push=AehlK4DN89wNUmQlKb_2gnh0WfSWmQChvNwumx5IcmdMAloBpGUXauJm1DcqojiXdWkB0JeIu_So9pHkZrXtdKs6tt28icdWLa8&google_hm=MTA2MDA4NDAyMDY...

170 B
188 B

41ms
38ms

Image
image/png

142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dev_dmp&google_push=AehlK4DN89wNUmQlKb_2gnh0WfSWmQChvNwumx5IcmdMAloBpGUXauJm1DcqojiXdWkB0JeIu_So9pHkZrXtdKs6tt28icdWLa8&google_hm=MTA2MDA4NDAyMDYzMTI1MzAzNjI

Requested by

Protocol

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Jul 2022 18:59:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 28 Jul 2022 18:59:27 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dev_dmp&google_push=AehlK4DN89wNUmQlKb_2gnh0WfSWmQChvNwumx5IcmdMAloBpGUXauJm1DcqojiXdWkB0JeIu_So9pHkZrXtdKs6tt28icdWLa8&google_hm=MTA2MDA4NDAyMDYzMTI1MzAzNjI
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 731A
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEPv5WwSwV23DSObkvwbFUqg&google_cver=1&google_push=AehlK4Ct7_VqHOUNnZb5zpZBwmRWbwsstxUKXL0WgOb_OlpU2IzEQtq5NkRB1qQp5IGIL5yuJYOoa-5Kujvx1lJA5ijYDwAmHUVh
https://rtb.openx.net/sync/dds?google_gid=CAESEPv5WwSwV23DSObkvwbFUqg&google_cver=1&google_push=AehlK4Ct7_VqHOUNnZb5zpZBwmRWbwsstxUKXL0WgOb_OlpU2IzEQtq5NkRB1qQp5IGIL5yuJYOoa-5Kujvx1lJA5ijYDwAmHUVh&...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4Ct7_VqHOUNnZb5zpZBwmRWbwsstxUKXL0WgOb_OlpU2IzEQtq5NkRB1qQp5IGIL5yuJYOoa-5Kujvx1lJA5ijYDwAmHUVh&google_hm=QRfVF6r6wW8kkYSQ2M9ySg==

170 B
188 B

41ms
41ms

Image
image/png

142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4Ct7_VqHOUNnZb5zpZBwmRWbwsstxUKXL0WgOb_OlpU2IzEQtq5NkRB1qQp5IGIL5yuJYOoa-5Kujvx1lJA5ijYDwAmHUVh&google_hm=QRfVF6r6wW8kkYSQ2M9ySg==

Requested by

Protocol

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Jul 2022 18:59:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 28 Jul 2022 18:59:27 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4Ct7_VqHOUNnZb5zpZBwmRWbwsstxUKXL0WgOb_OlpU2IzEQtq5NkRB1qQp5IGIL5yuJYOoa-5Kujvx1lJA5ijYDwAmHUVh&google_hm=QRfVF6r6wW8kkYSQ2M9ySg==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: q8pt7pnik3qkm1pq2c82g4tcippo7pu6

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 731A
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=B_EnlC9sTKGewPliDKoLvA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

38ms
38ms

Image
image/png

142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=B_EnlC9sTKGewPliDKoLvA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AehlK4AhZ0qVo5mdT4zNpSVeqoEfFyWm2f1lmbhrpka-a3dTt9VKpGD9v9XR5WQPaNQhdnOeKb9pbZ7ZeSJAWVIC6PFWMA8ih10

Requested by

Protocol

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Jul 2022 18:59:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=B_EnlC9sTKGewPliDKoLvA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AehlK4AhZ0qVo5mdT4zNpSVeqoEfFyWm2f1lmbhrpka-a3dTt9VKpGD9v9XR5WQPaNQhdnOeKb9pbZ7ZeSJAWVIC6PFWMA8ih10
date: Thu, 28 Jul 2022 18:59:26 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 731A
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEH3HW_BQF4e4cPtJ7bH7VFk&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEH3HW_BQF4e4cPtJ7bH7VFk&google_hm=YuLcjw2CJ7zoBna038bC6wAAACEAAAIB&google_nid=index&google_push=AehlK4Dtag5KpPBYcpmVYQmqM2Mpjg2M9ETCr...

170 B
188 B

39ms
39ms

Image
image/png

142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEH3HW_BQF4e4cPtJ7bH7VFk&google_hm=YuLcjw2CJ7zoBna038bC6wAAACEAAAIB&google_nid=index&google_push=AehlK4Dtag5KpPBYcpmVYQmqM2Mpjg2M9ETCr1Lnz4w7qiiRAa_lVpJBV0Gkhtf-fJr_MGTzcn5vHiUa9Wt2CI0Qnq0boRt0rS0A

Requested by

Protocol

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Jul 2022 18:59:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 28 Jul 2022 18:59:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aCGc9p%2B176%2Fbihml11Sj2UwXo02rnSy%2B%2FIabxCcPjcJP0yWW86lf1GmwQZVdMz0DmGxOa0%2FswGdn%2Bpn9o5CMH6R%2B3m3QpQ%2FPVn%2F8hj87x%2FZhboEc27bkzXH0w3ToSIO1%2FmRNyAdWcAq%2FcA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEH3HW_BQF4e4cPtJ7bH7VFk&google_hm=YuLcjw2CJ7zoBna038bC6wAAACEAAAIB&google_nid=index&google_push=AehlK4Dtag5KpPBYcpmVYQmqM2Mpjg2M9ETCr1Lnz4w7qiiRAa_lVpJBV0Gkhtf-fJr_MGTzcn5vHiUa9Wt2CI0Qnq0boRt0rS0A
cache-control: no-cache
cf-ray: 731fda20ebe8ab3b-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame 731A 43 B
297 B 141ms
24ms Image
image/gif 2600:1f18:445b:901:d799:937f:65e0:74fe
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEJEXdeCPB1gc6qpcRtdMB3c&google_cver=1&google_push=AehlK4DV1i8_7xvOzH2p9mawuZ815eA6GSx-A3oiFLM9e0PoFVaNV_ZH8SuWAxCF01iMBmuQO-oYiy3Pg6dDcMz-Va7aSkx_vGs
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0217567433541916&output=html&h=90&slotname=8636888252&adk=2846920967&adf=152940308&pi=t.ma~as.8636888252&w=728&lmt=1659034766&url=http%3A%2F%2Fwww.calotteryx.com%2F&wgl=1&dt=1659034766430&bpp=9&bdt=264&idt=175&shv=r20220726&mjsv=m202207210101&ptt=5&saldr=sa&abxe=1&prev_fmts=0x0&prev_slotnames=1113621453%2C5600219850%2C5600219850%2C5600219850%2C2590354652&nras=1&correlator=4418382583650&frm=20&pv=1&ga_vid=1640585551.1659034766&ga_sid=1659034766&ga_hid=236538459&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=522&ady=714&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067984%2C31068585%2C31064018&oid=2&pvsid=2904366874347909&tmod=1836082873&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=7&uci=a!7&fsb=1&xpc=9oPpflpkTH&p=http%3A//www.calotteryx.com&dtd=181
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:445b:901:d799:937f:65e0:74fe Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Jul 2022 18:59:27 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 1
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 731A
Redirect Chain

https://cc.adingo.jp/adx/push/?google_gid=CAESEFM9k0oKVLHmipW2Rg4lrSM&google_cver=1&google_push=AehlK4CWKodepYjeAIIzQRxkjJRINEsAa_hGG6ZSbVI6N79_AVwkMbo8PbFzfci9jXYORTN2BxciZpKKogbNRa51Qlto5BaHG-gZ
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4CWKodepYjeAIIzQRxkjJRINEsAa_hGG6ZSbVI6N79_AVwkMbo8PbFzfci9jXYORTN2BxciZpKKogbNRa51Qlto5BaHG-gZ&google_hm=6eea17993f1354c1a6e...

170 B
188 B

42ms
41ms

Image
image/png

142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4CWKodepYjeAIIzQRxkjJRINEsAa_hGG6ZSbVI6N79_AVwkMbo8PbFzfci9jXYORTN2BxciZpKKogbNRa51Qlto5BaHG-gZ&google_hm=6eea17993f1354c1a6e1eae2915791ea

Requested by

Protocol

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Jul 2022 18:59:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4CWKodepYjeAIIzQRxkjJRINEsAa_hGG6ZSbVI6N79_AVwkMbo8PbFzfci9jXYORTN2BxciZpKKogbNRa51Qlto5BaHG-gZ&google_hm=6eea17993f1354c1a6e1eae2915791ea
date: Thu, 28 Jul 2022 18:59:27 GMT
server: nginx
content-type: text/html; charset=UTF-8
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 731A 0
12 B 37ms
36ms Image
text/html 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LjlEwvhN7AH75FUFAjB0ORcY6T_EIw4_d9zv9VnYeoSe6Ks4tB4UDALxJtxW-rNwLfpqLy

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 18:59:27 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK dv-measurements2940.js Show response
cdn.doubleverify.com/ Frame F3F1 552 KB
106 KB 28ms
28ms Script
application/javascript 2600:1400:d:58c::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements2940.js
Requested by: Host: www.calotteryx.com
URL: http://www.calotteryx.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:58c::4469 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 2337eb5e60767dd62c2290ad0b574fab6abb643cd17989bb92ff3e3b325e47e8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 28 Jul 2022 18:59:27 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Jul 2022 10:13:18 GMT
Server: Microsoft-IIS/10.0
ETag: "07339a86aa2d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 107726

GET
H2 200 css2
fonts.googleapis.com/ Frame D79D 4 KB
1 KB 84ms
37ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 18:52:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 28 Jul 2022 18:59:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Jul 2022 18:59:27 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D79D 205 B
743 B 75ms
21ms Image
image/png 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 08:06:39 GMT
x-content-type-options: nosniff
age: 39168
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 28 Jul 2023 08:06:39 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D79D 604 B
696 B 76ms
22ms Image
image/png 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 10:24:38 GMT
x-content-type-options: nosniff
age: 549289
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 22 Jul 2023 10:24:38 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220726/r20110914/elements/html/ Frame D79D 19 KB
8 KB 21ms
20ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220726/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb8d8c0e475aee8610d424aca333dbecbd6924b47981d07d8e2ed31eb9faf63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 18:51:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 493
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8380
x-xss-protection: 0
server: cafe
etag: 10255747711235720242
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Aug 2022 18:51:14 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 2745 8 KB
966 B 91ms
50ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 18:49:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 28 Jul 2022 18:59:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Jul 2022 18:59:27 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220726/r20110914/client/ Frame 2745 2 KB
902 B 19ms
19ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220726/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 18:43:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 952
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Aug 2022 18:43:35 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2745 0
0 53ms
53ms Fetch
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CtY74jtziYteUJsfA_gSMq6nABOnnwrtrwYuCrrEQZBABIPz-oxZg_eiigfADoAG5yPSoKMgBCagDAcgDywSqBPcBT9AEeSrmP7lT8lB7teawhUgw0AuYpPAS2WdJ4XDPl23wf7c7qZVw28bR9TiwG__8_z3Ao6_ZiNtW3yRv8EBs_Zk9yfKF6eNQWM11dliEBWBOnsCQ6_pGEHN_F98LwNjeN4z0b2THwHJZMdl9Gjn4IVc5Vq0aEzR3G2TM0uhvQBymI4pB84RNxkvC568lgQHfnKa3Qfzx74195JeXXvAFdaLG-tq-n2Mrk_S4jtXbk__DGSQfW0_2Kpzmt9wKflggf_S3FQj2KM0o85cT39FgaG9hMYf5JiE1ev7x0JfnuLrTM-XwjCi-fgcXv5zM6PiMH-VlGKI-cMAEmruM4ZEEkgUECAQYAZIFBAgFGASgBi6AB7mAxYgDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ348E0ggPCIBhEAEYHzICigI6AoBAgAoByAsBuBOIJ9gTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi0wMjE3NTY3NDMzNTQxOTE2GAA&sigh=5ju_mekQFww&uach_m=[UACH]&template_id=5000

Requested by

Host: www.calotteryx.com
URL: http://www.calotteryx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220726/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 28 Jul 2022 18:59:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220726/r20110914/ Frame 2745 23 KB
9 KB 20ms
19ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220726/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e5725866cc62a4f528fb8d7dd1d4c7827832f9d229077f3e747fbf511230bc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 18:47:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 732
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9370
x-xss-protection: 0
server: cafe
etag: 6407886451032183137
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Aug 2022 18:47:15 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220726/r20110914/client/ Frame 2745 3 KB
1 KB 26ms
24ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220726/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 18:53:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 342
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Aug 2022 18:53:45 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2745 138 KB
42 KB 102ms
59ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5ce8ecc153c4e51d77a8480af2c1ceeb0c94a94f30b78d23151cacef80e6e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 18:59:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43394
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658749242091060"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 28 Jul 2022 18:59:27 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220726/r20110914/client/ Frame 2745 17 KB
7 KB 22ms
20ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220726/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b13b8f89a79c883eb205b34adf7ea6afad13e4e7834f0487a3e9335dcaf09d24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 18:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 922
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7476
x-xss-protection: 0
server: cafe
etag: 17790590548613106194
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Aug 2022 18:44:05 GMT

GET
H2 200 ab4c532c1fbaba50606c7d3c45560ace.js Show response
www.gstatic.com/mysidia/ Frame 2745 30 KB
13 KB 64ms
23ms Script
text/javascript 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ab4c532c1fbaba50606c7d3c45560ace.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55d4b4b18e5492eadec3e8f318025e666faa0f9cc56613b8b15974396a6801a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 23:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71333
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12814
x-xss-protection: 0
last-modified: Mon, 25 Jul 2022 22:38:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 25 Oct 2022 23:10:34 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/6551431297332553250/ Frame 2745 15 KB
15 KB 23ms
22ms Image
image/jpeg 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6551431297332553250/downsize_200k_v1?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79976a0b7c972ddd1810287810e1af8b787aa99c49d5078c735bad3c89752c2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 17:11:21 GMT
x-content-type-options: nosniff
age: 6486
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15677
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 15:04:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 28 Jul 2023 17:11:21 GMT

GET
DATA 200
OK truncated
/ Frame 2745 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2745 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 1f5f002b.svg
s0.2mdn.net/sadbundle/14202341889595670528/images/ Frame 552B 1 KB
639 B 22ms
21ms Image
image/svg+xml 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14202341889595670528/images/1f5f002b.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14202341889595670528/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b07097624c87d1bafb77f876488b832b14e25e30083c0926c6b937177080821d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14202341889595670528/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 04:01:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 485879
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 610
x-xss-protection: 0
last-modified: Thu, 16 Jun 2022 14:43:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 23 Jul 2023 04:01:28 GMT

GET
H3 200 e5c16288.svg
s0.2mdn.net/sadbundle/14202341889595670528/images/ Frame 552B 6 KB
3 KB 30ms
22ms Image
image/svg+xml 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14202341889595670528/images/e5c16288.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14202341889595670528/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e159e8a7ca4d2e6396e58d7dfd1e372c6e5759b8df947794f8e48b3b048cee2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14202341889595670528/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 04:01:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 485881
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3077
x-xss-protection: 0
last-modified: Thu, 16 Jun 2022 14:43:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 23 Jul 2023 04:01:26 GMT

GET
H3 200 2546fa3e.png
s0.2mdn.net/sadbundle/14202341889595670528/images/ Frame 552B 1 KB
1 KB 30ms
22ms Image
image/png 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14202341889595670528/images/2546fa3e.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14202341889595670528/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32ad1eb9d5465ff67e53dcf1b425ad5262cc6c9211595116c6dd44f34d858bca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14202341889595670528/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:32:24 GMT
x-content-type-options: nosniff
age: 124023
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1317
x-xss-protection: 0
last-modified: Thu, 16 Jun 2022 14:43:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Jul 2023 08:32:24 GMT

GET
H3 200 1332d5bd.png
s0.2mdn.net/sadbundle/14202341889595670528/images/ Frame 552B 3 KB
3 KB 34ms
27ms Image
image/png 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14202341889595670528/images/1332d5bd.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14202341889595670528/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ba103c347cdd35f92cfa74b9c709084eb7458bc7841131470c73a32e01be2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14202341889595670528/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 01:38:41 GMT
x-content-type-options: nosniff
age: 494446
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2872
x-xss-protection: 0
last-modified: Thu, 16 Jun 2022 14:43:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 23 Jul 2023 01:38:41 GMT

GET
H3 200 de47d9ca.png
s0.2mdn.net/sadbundle/14202341889595670528/images/ Frame 552B 942 B
976 B 35ms
28ms Image
image/png 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14202341889595670528/images/de47d9ca.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14202341889595670528/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db0b98843aad1a4f40e06c48261446f9834cc5c1b0fb6c594c108a5a1f548bcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14202341889595670528/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 18:02:14 GMT
x-content-type-options: nosniff
age: 521833
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 942
x-xss-protection: 0
last-modified: Thu, 16 Jun 2022 14:43:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 22 Jul 2023 18:02:14 GMT

GET
H3 200 fd6a45a8.png
s0.2mdn.net/sadbundle/14202341889595670528/images/ Frame 552B 2 KB
2 KB 34ms
27ms Image
image/png 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14202341889595670528/images/fd6a45a8.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14202341889595670528/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75c90a9b21952f5169548799430ea43a6c9e96e5c8d6d039d71aee34f2c31eaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14202341889595670528/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 01:38:41 GMT
x-content-type-options: nosniff
age: 494446
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2000
x-xss-protection: 0
last-modified: Thu, 16 Jun 2022 14:43:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 23 Jul 2023 01:38:41 GMT

GET
H3 200 5a02924d.png
s0.2mdn.net/sadbundle/14202341889595670528/images/ Frame 552B 4 KB
4 KB 30ms
23ms Image
image/png 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14202341889595670528/images/5a02924d.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14202341889595670528/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

533165a570e9fef1d0d23f18e93097ff62f8bc94ab3bf0c80084c6d4bf60baa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14202341889595670528/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 01:38:41 GMT
x-content-type-options: nosniff
age: 494446
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3807
x-xss-protection: 0
last-modified: Thu, 16 Jun 2022 14:43:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 23 Jul 2023 01:38:41 GMT

GET
H3 200 66184399.png
s0.2mdn.net/sadbundle/14202341889595670528/images/ Frame 552B 7 KB
7 KB 30ms
24ms Image
image/png 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14202341889595670528/images/66184399.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14202341889595670528/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bca7eb917868b733a565f1e35f3a4d3b06c496551be5c8944ba89fe1b3fec8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14202341889595670528/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 01:38:41 GMT
x-content-type-options: nosniff
age: 494446
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6667
x-xss-protection: 0
last-modified: Thu, 16 Jun 2022 14:43:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 23 Jul 2023 01:38:41 GMT

GET
H3 200 c4d7ab4b.png
s0.2mdn.net/sadbundle/14202341889595670528/images/ Frame 552B 2 KB
2 KB 34ms
28ms Image
image/png 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14202341889595670528/images/c4d7ab4b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14202341889595670528/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

284f93a7ed63967a01754ecda65f5cb2d894c5e51c6b3f7707fe44ef1a4fa84c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14202341889595670528/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 01:38:41 GMT
x-content-type-options: nosniff
age: 494446
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2393
x-xss-protection: 0
last-modified: Thu, 16 Jun 2022 14:43:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 23 Jul 2023 01:38:41 GMT

GET
H3 200 eb8b6dfb.png
s0.2mdn.net/sadbundle/14202341889595670528/images/ Frame 552B 4 KB
4 KB 35ms
30ms Image
image/png 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14202341889595670528/images/eb8b6dfb.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14202341889595670528/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84e8c661dba2333339c5a5763bab0a2e3719e0968118ff4521cd5d24fc0c3a57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14202341889595670528/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 01:38:41 GMT
x-content-type-options: nosniff
age: 494446
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4008
x-xss-protection: 0
last-modified: Thu, 16 Jun 2022 14:43:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 23 Jul 2023 01:38:41 GMT

GET
H3 200 6f08e9e8.png
s0.2mdn.net/sadbundle/14202341889595670528/images/ Frame 552B 1 KB
1 KB 34ms
29ms Image
image/png 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14202341889595670528/images/6f08e9e8.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14202341889595670528/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c43899b0e496da845d0effeefaac185587fd1aa713ae9e3ea5b3813a6f710294

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14202341889595670528/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 01:38:41 GMT
x-content-type-options: nosniff
age: 494446
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1398
x-xss-protection: 0
last-modified: Thu, 16 Jun 2022 14:43:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 23 Jul 2023 01:38:41 GMT

GET
H3 200 77947d97.png
s0.2mdn.net/sadbundle/14202341889595670528/images/ Frame 552B 3 KB
3 KB 34ms
28ms Image
image/png 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14202341889595670528/images/77947d97.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14202341889595670528/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74a19f88c731f5fdec9d1c252c7d51c420576f131ac469cbb5950df011e051c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14202341889595670528/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 01:38:41 GMT
x-content-type-options: nosniff
age: 494446
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3089
x-xss-protection: 0
last-modified: Thu, 16 Jun 2022 14:43:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 23 Jul 2023 01:38:41 GMT

GET
H3 200 sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js Show response
pagead2.googlesyndication.com/bg/ Frame 41D3 36 KB
14 KB 23ms
20ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b099db39e475bb735f0f889f4ebe8863bd1a1d945faf7c8a422f80da6fa81d3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 17:36:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 91366
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13883
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Jul 2023 17:36:41 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 8FB7 8 KB
629 B 76ms
35ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700,900

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a7b6a8f01fd1e530ff592f427c6ee0bf2e1ee497b6b4c84a593ab93060002dff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 18:47:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 28 Jul 2022 18:59:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Jul 2022 18:59:27 GMT

GET
H2 200 nmedianet.js Show response
contextual.media.net/ Frame 472B 202 KB
71 KB 93ms
38ms Script
text/javascript 23.205.76.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/nmedianet.js?cid=8CU7Q771E

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0217567433541916&output=html&h=600&slotname=1113621453&adk=3269828215&adf=4294855720&pi=t.ma~as.1113621453&w=160&lmt=1659034766&url=http%3A%2F%2Fwww.calotteryx.com%2F&wgl=1&dt=1659034766325&bpp=14&bdt=159&idt=150&shv=r20220726&mjsv=m202207210101&ptt=5&saldr=sa&abxe=1&correlator=4418382583650&frm=20&pv=2&ga_vid=1640585551.1659034766&ga_sid=1659034766&ga_hid=236538459&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=317&ady=116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067984%2C31068585%2C31064018&oid=2&pvsid=2904366874347909&tmod=1836082873&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=ADPQBl0CVG&p=http%3A//www.calotteryx.com&dtd=184

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.76.25 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-76-25.deploy.static.akamaitechnologies.com

Software

Resource Hash

3db0da62e9a34458585d955ac2e395bca37c80ba8bc6b23dd1b2300bab1324c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-mnt-h: 22-pvgm
content-encoding: gzip
etag: "ba3963c7946a9d14b258c79bd2e958b8"
x-mnt-w: 8-18
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
date: Thu, 28 Jul 2022 18:59:27 GMT
x-cache-hits: 0
strict-transport-security: max-age=31536000
timing-allow-origin: *
expires: Thu, 28 Jul 2022 19:04:27 GMT

GET
H2 200 adperformance.js Show response
warp.media.net/rtb/resource/ Frame 472B 61 KB
62 KB 103ms
21ms Script
application/javascript 23.52.167.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-167-93.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=604800
server: nginx
date: Thu, 28 Jul 2022 18:59:27 GMT
content-type: application/javascript;charset=ISO-8859-1
cache-control: max-age=11264
access-control-allow-credentials: true
content-length: 62892
expires: Thu, 28 Jul 2022 22:07:11 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220726/r20110914/client/ Frame 472B 3 KB
1 KB 20ms
19ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220726/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 18:53:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 342
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Aug 2022 18:53:45 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 472B 138 KB
42 KB 50ms
49ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5ce8ecc153c4e51d77a8480af2c1ceeb0c94a94f30b78d23151cacef80e6e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 18:59:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43394
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658749242091060"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 28 Jul 2022 18:59:27 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220726/r20110914/client/ Frame 472B 17 KB
7 KB 20ms
19ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220726/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b13b8f89a79c883eb205b34adf7ea6afad13e4e7834f0487a3e9335dcaf09d24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 18:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 922
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7476
x-xss-protection: 0
server: cafe
etag: 17790590548613106194
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Aug 2022 18:44:05 GMT

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame F3F1 724 B
707 B 392ms
29ms Script
text/javascript 204.154.110.83
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=135&ttfrms=31&brid=3&brver=103.0.5060.134&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEATbpTauTauHHH%5D42%3D%40EE6CJI%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEATbpTauTauHHH%5D42%3D%40EE6CJI%5D4%40%3ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&srcurlD=0&aUrlD=0&ssl=https:&dfs=432&ddur=303&uid=1659034767609955&jsCallback=dvCallback_1659034767609298&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F103.0.5060.134%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=60&winw=468&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=2940&tgjsver=2940&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-0217567433541916%26output%3Dhtml%26h%3D60%26slotname%3D2590354652%26adk%3D2609542261%26adf%3D966971807%26pi%3Dt.ma~as.2590354652%26w%3D468%26lmt%3D1659034766%26url%3Dhttp%253A%252F%252Fwww.calotteryx.com%252F%26wgl%3D1%26dt%3D1659034766416%26bpp%3D13%26bdt%3D250%26idt%3D179%26shv%3Dr20220726%26mjsv%3Dm202207210101%26ptt%3D5%26saldr%3Dsa%26abxe%3D1%26prev_fmts%3D0x0%26prev_slotnames%3D1113621453%252C5600219850%252C5600219850%252C5600219850%26nras%3D1%26correlator%3D4418382583650%26frm%3D20%26pv%3D1%26ga_vid%3D1640585551.1659034766%26ga_sid%3D1659034766%26ga_hid%3D236538459%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D652%26ady%3D344%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C44763505%252C31067984%252C31068585%252C31064018%26oid%3D2%26pvsid%3D2904366874347909%26tmod%3D1836082873%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3Dd%257C%257Ce%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D23%26ifi%3D6%26uci%3Da!6%26fsb%3D1%26xpc%3DlnvTIcFrTp%26p%3Dhttp%253A%2F%2Fwww.calotteryx.com%26dtd%3D186&fcifrms=10&brh=2&sdf=2&dvp_epl=182&noc=4&nav_pltfrm=Win32&ctx=17076837&cmp=27178305&sid=7691797&plc=327771722&crt=165396353&btreg=519915414&btadsrv=doubleclick&adsrv=1&advid=10932048&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=2345155.8067146135&dvp_tukv=1494156764.4504025&dvp_uuid=359163893197.41504&dvp_strhd=0.5&dvpx_strhd=0.5&dvp_tuid=1345827130796
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2940.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 204.154.110.83 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS: nycp-phlb113.doubleverify.com
Software: /
Resource Hash: 42f08f2d0d9e24e9c8a74d1e4d3e3241014314df5dea60d0e2e58be205d83dce

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 28 Jul 2022 18:59:27 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 07/27/2022 18:59:27

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 472B 0
0 48ms
47ms Fetch
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CoSWxjtziYvj0I4Li_gS_9KOADOySrZFg99rS06wMwI23ARABIABg_eiigfADggEXY2EtcHViLTAyMTc1Njc0MzM1NDE5MTagAZX1m98DyAEJqAMBqgTjAU_QcbFGmDht1YNPO2hNd-50WC1AIVNzxIew6bKobxX55Ro37YPUyJLU6NaV-jIbR5XQOWrqhZ_IoK0Xghatjo_zIszpMOtOt2qwIKohCDLJxni4XrvNTpxRjbzPDZtZt5u7vx7_rAXep8wYna5tf8iixZubJ2F-YAR7VDiTNypib2m58Rie4JCDm3M3IBR5DnUbGU0dtox-NDR141MVpc16w0ctY0ol8fUPEimkXaOBfp94EiFDIVlkNSRF3F1mHAfJJ5_2AstY2i1Kmzhde-EpVB_LwVZilBNcUlyZP290YIK9gAbbopmB3avpkj6gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0wMjE3NTY3NDMzNTQxOTE2GAA&sigh=mFG1LbLcuTI&uach_m=[UACH]&cid=CAQSGwCNIrLMSsAKEVdlbMJctDf2QyHtaRrDZK_wbBgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0217567433541916&output=html&h=600&slotname=1113621453&adk=3269828215&adf=4294855720&pi=t.ma~as.1113621453&w=160&lmt=1659034766&url=http%3A%2F%2Fwww.calotteryx.com%2F&wgl=1&dt=1659034766325&bpp=14&bdt=159&idt=150&shv=r20220726&mjsv=m202207210101&ptt=5&saldr=sa&abxe=1&correlator=4418382583650&frm=20&pv=2&ga_vid=1640585551.1659034766&ga_sid=1659034766&ga_hid=236538459&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=317&ady=116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067984%2C31068585%2C31064018&oid=2&pvsid=2904366874347909&tmod=1836082873&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=ADPQBl0CVG&p=http%3A//www.calotteryx.com&dtd=184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 28 Jul 2022 18:59:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 log
hblg.media.net/ Frame 472B 35 B
0 101ms
26ms Fetch
image/gif 23.52.167.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hblg.media.net/log?logid=kfk&evtid=l1log&app=0&cc=CA&ctr=5.9467176E-4&viewability=87&device_id=4&cbdp=0.149&slotVisibility=1&dn=calotteryx.com&acid=26fdc3c0c38344039f9dc6d7178690fd&ugd=4&size=160x600&pvid=4&csip=rtb-appnexus-6f4bb988bd-lpqsm.SC&ogbdp=0.27&prvReqId=7336460598559_1439118870_41051946841&itype=ADX&requrl=http%3A%2F%2Fwww.calotteryx.com&scrid=1700080807683300160060000000500&mang=1&bidrestime=1659034766814&cid=8CUU9JF8H&rme=nurl
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0217567433541916&output=html&h=600&slotname=1113621453&adk=3269828215&adf=4294855720&pi=t.ma~as.1113621453&w=160&lmt=1659034766&url=http%3A%2F%2Fwww.calotteryx.com%2F&wgl=1&dt=1659034766325&bpp=14&bdt=159&idt=150&shv=r20220726&mjsv=m202207210101&ptt=5&saldr=sa&abxe=1&correlator=4418382583650&frm=20&pv=2&ga_vid=1640585551.1659034766&ga_sid=1659034766&ga_hid=236538459&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=317&ady=116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067984%2C31068585%2C31064018&oid=2&pvsid=2904366874347909&tmod=1836082873&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=ADPQBl0CVG&p=http%3A//www.calotteryx.com&dtd=184
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-167-93.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.35.v20201120) /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Jul 2022 18:59:27 GMT
server: Jetty(9.4.35.v20201120)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Thu, 28 Jul 2022 18:59:27 GMT

GET
H/1.1 200
OK log
qsearch-a.akamaihd.net/ Frame 472B 35 B
0 78ms
17ms Fetch
image/gif 23.34.59.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=adx_test&bdr_typ=1&ss_d1=0&ogerpm=0.2700&ss_d2=0&stid=&other_prv=4&jar_err=&current_day=4.0&adtyp=0&req_id=YuLcjgAJ5NYIaAmAtQ2ANA&bd_m3=0.0000&bidfp=0.0100&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&predicted_wr=66.5662&exp=&second_bidder=*&search_res=45&floor_bucket=0.00&gpid_format=&seat=BID_API&size=160x600&f_seg=&prdp=0.1485&ogcbdp=0.2700&dfpbd=0.1485&server=1&ogerpm_wd_bkt=0-1&model_version=202207280648_generic_adx_1-cid_0&viewability=0.8700&dmm_r=0.0000&cut=45&dmm_l=0.0000&as_cache=1&tcyerpm=&sc=CA-QC&send_erpm=true&dmm_m9=0.0000&sd=0&hb_exp=&seg=&dmm_m4=0.0000&erpm_bucket=0.25&ugd_ver=&requrl=calotteryx.com%2F&bidrestime=1659034766814&cc=CA&strg=harmony&ss=&current_hour=18&time_stamp=2022-07-28+18%3A59%3A26&model_key=generic_adx_1-cid_0&rvshhon=&mul_ratio=0.0000&bdp=0.2700&ct=Montreal&akey=&mnckfl=0&bdp_bucket=0.25&algo=default&dc=east_sc&splid=&dn=calotteryx.com&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F103.0.5060.134+Safari%2F537.36&buyer_id=&bdp_wider_bucket=1&acid=26fdc3c0c38344039f9dc6d7178690fd&infl=&o_ver=NT+10.0&br_ver=103.0.5060.134&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m5=0.0000&ver=8.12.0&totalTimeBucket=3&visibility=1&totalTime=3860110&dmm_m1=2022-07-28+18%3A59%3A26.819574570&e_rpm=0.0000&dmm_m22=0.2700&gdpr=&vsid=&log_less=false&gpid_sent=false&ogerpm_used=false&bdmm_m12=0.0000&cid=8CUU9JF8H&bcrid=1700080807683300160060000000500&rawbid=0.2700&seat_id=BID_API&sub_bidder=133&pst=EMS&pbshr=100.0000&dmm_d10=&o_id=101&clisp=rtb-appnexus-6f4bb988bd-lpqsm.SC&dfp_bucket=0.1&adblk=3269828215&itype=adx&pvid_seat=4_BID_API&cliIP=0&advurl=topics.businessfocus.online%2F&level_base=0&crid=410519468&sat=1&br_id=265&cut_bkt=45&gpid=&iwb=1&second_bid=0.000000&sc_pvid=4&capd=0&other_bids=0.27
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0217567433541916&output=html&h=600&slotname=1113621453&adk=3269828215&adf=4294855720&pi=t.ma~as.1113621453&w=160&lmt=1659034766&url=http%3A%2F%2Fwww.calotteryx.com%2F&wgl=1&dt=1659034766325&bpp=14&bdt=159&idt=150&shv=r20220726&mjsv=m202207210101&ptt=5&saldr=sa&abxe=1&correlator=4418382583650&frm=20&pv=2&ga_vid=1640585551.1659034766&ga_sid=1659034766&ga_hid=236538459&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=317&ady=116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067984%2C31068585%2C31064018&oid=2&pvsid=2904366874347909&tmod=1836082873&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=ADPQBl0CVG&p=http%3A//www.calotteryx.com&dtd=184
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.34.59.152 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-34-59-152.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.35.v20201120) /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 28 Jul 2022 18:59:27 GMT
Server: Jetty(9.4.35.v20201120)
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Thu, 28 Jul 2022 18:59:27 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ Frame 8FB7 30 KB
31 KB 68ms
20ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 03:02:54 GMT
x-content-type-options: nosniff
age: 402993
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 24 Jul 2023 03:02:54 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame D5FC 0
26 B 43ms
43ms Ping
image/gif 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.calotteryx.com
URL: http://www.calotteryx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 28 Jul 2022 18:59:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 css
fonts.googleapis.com/ Frame 2873 8 KB
893 B 35ms
35ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 18:52:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 28 Jul 2022 18:59:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Jul 2022 18:59:27 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220726/r20110914/client/ Frame 2873 2 KB
902 B 20ms
19ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220726/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 18:43:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 952
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Aug 2022 18:43:35 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220726/r20110914/ Frame 2873 23 KB
9 KB 19ms
19ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220726/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e5725866cc62a4f528fb8d7dd1d4c7827832f9d229077f3e747fbf511230bc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 18:47:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 732
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9370
x-xss-protection: 0
server: cafe
etag: 6407886451032183137
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Aug 2022 18:47:15 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220726/r20110914/client/ Frame 2873 3 KB
1 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220726/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 18:53:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 342
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Aug 2022 18:53:45 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2873 138 KB
42 KB 48ms
47ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5ce8ecc153c4e51d77a8480af2c1ceeb0c94a94f30b78d23151cacef80e6e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 18:59:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43394
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658749242091060"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 28 Jul 2022 18:59:27 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220726/r20110914/client/ Frame 2873 17 KB
7 KB 21ms
20ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220726/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b13b8f89a79c883eb205b34adf7ea6afad13e4e7834f0487a3e9335dcaf09d24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 18:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 922
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7476
x-xss-protection: 0
server: cafe
etag: 17790590548613106194
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Aug 2022 18:44:05 GMT

GET
H3 200 ab4c532c1fbaba50606c7d3c45560ace.js Show response
www.gstatic.com/mysidia/ Frame 2873 30 KB
13 KB 63ms
19ms Script
text/javascript 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ab4c532c1fbaba50606c7d3c45560ace.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55d4b4b18e5492eadec3e8f318025e666faa0f9cc56613b8b15974396a6801a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 23:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71333
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12814
x-xss-protection: 0
last-modified: Mon, 25 Jul 2022 22:38:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 25 Oct 2022 23:10:34 GMT

GET
H/1.1 200
OK browserfp.min.js Show response
pxlclnmdecom-a.akamaihd.net/javascripts/ Frame 472B 98 KB
32 KB 135ms
70ms Script
text/javascript 23.215.130.91
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CU7Q771E&noCookies=true
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU7Q771E
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.215.130.91 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-215-130-91.deploy.static.akamaitechnologies.com
Software: / Express
Resource Hash: badadfecd19bc170b76fd9b97ba8c7dda47adee53ef5748f2453d2b387489ee1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 28 Jul 2022 18:59:28 GMT
Content-Encoding: gzip
x-powered-by: Express
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1800
Cache-Control: max-age=300
Connection: keep-alive
Content-Length: 32890
Expires: Thu, 28 Jul 2022 19:04:28 GMT

GET
H2 200 smtr Show response
contextual.media.net/ Frame 472B 94 KB
34 KB 465ms
463ms Script
text/javascript 23.205.76.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU7Q771E&cpcd=QcqgoxBu_JEBy1__-rrJcw%3D%3D&crid=684527525&size=160x600&cc=CA&sc=QC&chnm=HARMONY&pid=8PO6CSQ66&tpid=T1E3668&https=1&vif=2&requrl=http%3A%2F%2Fwww.calotteryx.com&nse=5&vi=1659034767634504996&lw=1&ugd=4&adt1=8CUU9JF8H&adt2=410519468&bae=B4zae/z/44&bcpf=B4za8fOnRrolnfOur8e%2Fz%2F44&bdrId=4&ntv=0&matchstring=hr%3D0%7C&katpre=1&katbid=-102&pgid=p1694635134t202207281859&goent=1&nb=1&cadomain=tzR-hLcl-L81q0bo4F7GnA3mMwDIDjC2d77KxBXphR_fTCDUsmLZYQ%3D%3D&allsc=QC

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU7Q771E

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.76.25 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-76-25.deploy.static.akamaitechnologies.com

Software

Resource Hash

8e71c0d4cdc314f15918b37fbb2e0a31acb7f9bbda964b027613878720b39df8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Jul 2022 18:59:28 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: text/javascript
expires: Thu, 28 Jul 2022 18:59:28 GMT
cache-control: max-age=0, no-cache, no-store
x-sc-h: 21-nw7g
strict-transport-security: max-age=31536000
timing-allow-origin: *
content-length: 34500
x-sc-w: 21-dzp0

GET
H2 200 bping.php
lg3.media.net/ Frame 472B 35 B
189 B 61ms
27ms Image
image/gif 23.52.167.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?vgd_len=524&&vgd_cdv=768&gdpr=0&prid=8PRVCXX19&cid=8CU7Q771E&crid=684527525&vi=1659034767634504996&ugd=4&lf=6&cc=CA&sc=QC&lper=100&wsip=2886781335&r=1659034767883&requrl=http%3A%2F%2Fwww.calotteryx.com&vgd_l2type=sca&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=16276&vgd_rakh=1659034767140806828&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=410519468&vgd_pgid=p1694635134t202207281859&vgd_pgids=1&vgd_uspa=0&hvsid=00001659034767880025035145479281&gdpr=0&vgd_end=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-167-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Thu, 28 Jul 2022 18:59:27 GMT
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Thu, 28 Jul 2022 18:59:27 GMT

GET
DATA 200
OK truncated
/ Frame 2745 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f3e8dae5454457ad481047b1f1d8918c5bd4830fee42cb759e1314b98ded0c8

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame FF0F 26 KB
9 KB 194ms
193ms Document
text/html 23.205.76.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C4%2C20000%2C313%2C10000%2C9%2C319%2C294&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.76.25 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-76-25.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

d6e3372b0c3f37e23ece795ed7c4ab8a2a900b18556001000c2f525c69b5530f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 9326
content-type: text/html; charset=UTF-8
date: Thu, 28 Jul 2022 18:59:28 GMT
expires: Sat, 30 Jul 2022 18:59:28 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 clog
hblg.media.net/ Frame 472B 35 B
172 B 21ms
19ms Image
image/gif 23.52.167.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4374&lmt_enf=true&req_mtype%3C%3E=0&mx_nsz=2&spSource=0&ifst=0&vid=YuLcjgAJ5NYIaAmAtQ2ANA&s_city=morganton&ugd=4&cliIPV6=2607%3A5300%3A0060%3A0000%3A0000%3A0000%3A0000%3A0000&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Cclt%3D2%7Cfl_rl%3D1%7Ckbb_se%3D1%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=5.9467176E-4&mx_TAF=2&device_id=4&ae=false&mx_UCC=4&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.270&size=160x600&mx_TAS=1&mx_gpid_sent=false&xtmax=290&mx_crsw_bckt=A1&commit_id=4e0085c1&scrid=1700080807683300160060000000500&itypeid=17&mx_SPRIG=2&viewability=87&renderer=0&be=0&rtime=50.0&adj0=0.0&tmax=300&s_ip=74.125.19.2&adj2=0.0&adj1=0.0&adtypes=0&mx_aabpc=0&reqid=YuLcjgAJ5NYIaAmAtQ2ANA&sc=CA-QC&mowxReqId=26fdc3c0c38344039f9dc6d7178690fd_1&ifdp=0&requrl=http%3A%2F%2Fwww.calotteryx.com&bidrestime=1659034766814&pv_adtype=0&cc=CA&strg=HARMONY&pcrid=8CU7Q771E-684527525-31-8&coppa_enf=true&bdp=0.270&ct=Montreal&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D290%7CHARMONY%7Cbrr%3D0&mx_epbc=8CU7Q771E&dnt_enf=false&mx_ssBucket=0&vls=0&asn=514&mang=1&fleet=appnexus&mx_isLossNtf=false&advUrl=https%3A%2F%2Ftopics.businessfocus.online&dn=calotteryx.com&pgcatiab2=480&dt=O&acid=26fdc3c0c38344039f9dc6d7178690fd&actltime=59&act=headerBid&iframingState=0&mx_lr_seg_deal=0&exclattr=32%7C34%7C70%7C7%7C13%7C14%7C15%7C16%7C48%7C17%7C114%7C18%7C19%7C20%7C22%7C25%7C26%7C27&dfpBd=0.149&sckfl=0&dmm_erpm=true&mx_lr=0&mview=1&smbrid=adx-1&bfs=103&rfc=-1&prvApiId=8CU7Q771E&epcexp=false&pubid=pub-ADX-116310109131&mx_bsProfile=0&cid=8CUU9JF8H&bcrid=1700080807683300160060000000500&omul=1.0&res_mtype=0&apPrfs%3C%3E=13%23%2361&chnl=HARMONY&pst=0&reqsize=160x600&adpos=1&itype=ADX&mx_g_one_uid_sent=None&spCst=0&tgtval=pub-ADX-116310109131&__expireat=1659035367072&lmt_status=N&reftype=0&viewability_vendor=EXCHANGE&prvAccId=684527525&ckfl=0&lper=1&mx_tgs=120x600%7C160x600&cbdp=0.149&pvdTmax=176&ltime=56.0&epc=684527525&ctr_vendor=EXCHANGE&prvReqId=7336460598559_1439118870_41051946841&exid=31&spFst=0&mx_GCID=0&cliIPType=v6&pexid=ADX-pub-0217567433541916&ybnca_erpm=0.27&brsrclk=0&sbdrid=133&rtttime=143&mx_PC=1&wsip=mowx-lite-7bc68c8864-cd8s2&currsrc_date=2022-07-28+00%3A00%3A00&psrc=fail&geoll=false&omid=0&debug_ts=2022-07-28+18%3A59%3A26&policy_enf=2&mx_ssProfile=0&mx_SC=0&reftime=0&pbidflr=0.010&spbf=0&currsrc=API&fpusp=false&lmt_applied=N&mnrfc=-1&pub_blk_enf=1&amptype=1&moau=true&ocurr=USD&snm=SUCCESS&mx_IAB2=1&usp_enf=1&bidflr=0.010&incentive_type=0&skadidfl=0&pid=8PR113JGC&spTo=3&pvid=4&schain_cmpl=1&is_ortb=false&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=1&dbf=1&gdpr=0&gqid=AHfbET5vRzDzFFsg1EOpGpIHxYVCV7JEu43xQUs5FIB0q8Ka4ScKvhB1NH1-Mb1_qzb3g-jh&dmm_ogerpm=false&csip=rtb-appnexus-6f4bb988bd-lpqsm.SC&mx_bsBucket=0&mx_aurt=0&mx_crsw_exp=cbx&spIvt=3&ptype=23&media=0&acsn=1&dtc=east_sc&mx_aqcpl_crid=4&ogbdp=0.27&tpbTkn=false&adblk=3269828215&fpuReq=1&vcmplrt=-1.0&crid=410519468&geo_source=2&sat=1&mnet_ckfl=0&mp_seg%3C%3E=44513%23%2344506&opbidflr=0.010&impId=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D20~ogerpm%3D0.27~vis_sd%3D680~dc2%3D1~scd%3Dqc~v_asn%3D16276~vl2r_sd%3D2022072811~iurl_b%3D12125.62~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.58~ip%3D19L3rJI3UMirDVFMi3AQN2~fbb%3D0~vis_url_l%3D10~riipua%3D0%2C0~et%3D45~rc%3D1~rps_sd%3D2022072812~vis_b%3D784.03~url_b%3D0.08~url_tvi%3D0~url_l%3D20~gcat%3D500694~bb%3D133~vv%3D0~l2r_b%3D1000~erpm%3D0.27~MFB%3D1p~bm%3D1~sid%3D684527525~sd%3D0~uid%3D1Ie2twYMU1j9Id0F9~btd%3D928402162029818397518453307337013273701673782675569409831290419416862677274624~d2p_l%3D30~3pcf%3D1084.02~uim%3D0~dmm_strg%3Dharmony~d2p_b%3D0.92~ogd2p_b%3D0.92~vurl_b%3D0.16~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D70.39~vurl_l%3D20~CI%3D2706~nts%3D2~tb%3D-1~ct%3Dmontreal~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D6.09~isif%3D0~lc%3D1~bid%3D0.27~dc%3D8~vl2r_b%3D4.44~ivurl_l%3D20~supply_tag_id%3D%7Eviewability%3D0.87%7Eamp%3D1%7Ecbdp%3D0.149%7Edmm%3Dharmony%7Esuid%3D%7Edtc%3Deast_sc%7Exid%3DADX-pub-0217567433541916%7Edalg%3Ddefault%7Ehtml%3D1%7Eadblk%3D3269828215%7Esobp%3D%7Ectr%3D5.9467176E-4%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.010%7Eogbid%3D0.270%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D45%7Edogb%3D0-1~ibc%3D1~mxe%3Dcbx~mxbn%3DA1~ddt%3D-1~nsz%3D2~tgs%3D120x600%7C160x600~bsb%3D0~bsp%3D0~tmx%3D176&utime=1111&sf=0&cpr=0.7741693844325026
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0217567433541916&output=html&h=600&slotname=1113621453&adk=3269828215&adf=4294855720&pi=t.ma~as.1113621453&w=160&lmt=1659034766&url=http%3A%2F%2Fwww.calotteryx.com%2F&wgl=1&dt=1659034766325&bpp=14&bdt=159&idt=150&shv=r20220726&mjsv=m202207210101&ptt=5&saldr=sa&abxe=1&correlator=4418382583650&frm=20&pv=2&ga_vid=1640585551.1659034766&ga_sid=1659034766&ga_hid=236538459&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=317&ady=116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067984%2C31068585%2C31064018&oid=2&pvsid=2904366874347909&tmod=1836082873&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=ADPQBl0CVG&p=http%3A//www.calotteryx.com&dtd=184
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-167-93.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: max-age=3600
date: Thu, 28 Jul 2022 18:59:27 GMT
server: Apache
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=21600
content-length: 35
expires: Fri, 29 Jul 2022 00:59:27 GMT

GET
DATA 200
OK truncated
/ Frame 472B 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d354ceb3bef19ca701ac69fb0c97de5046612474e747e2c445f3c05f897c9bd

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8FB7 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4c7e49478869b4512c768eee78a8706efac7925cf30e38218b5195ca92ce380

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 91BE 0
20 B 117ms
117ms Image
image/gif 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BzCZOjtziYrmNJ6zExtYPpaqr4AkAAAAAOAHgBAI&bg=!19Sl1JDNAAacadVKvGk7ACkAdvg8Wmc8IIY9aSfT5plNM9GmyITlrNfkv9YhbVkiiP7oFrenmdSz3gIAAAJyUgAAAANoAQeZAsrKVGlQEmiPSYObe4VVND1slmY99KSt5Raa085DMYuOTKKRfX2VfJffcO3A3I-GDZ5afNYb1yTQ-VLKx2bDkp2aIfGUQElDpuVzfsxNIsEIibmp-WllfJCFokhPASsW10uaVhPQSyseX1cnEiLTuj_ooksN3_Yor397bNn9m9IdBNOhWrj1uFchqObtuuK40T3OsopvIWQlIzxgxgblbgcWfBrsfdn8p72V7ZJvMl50lZt-DgiO-UMKDxO3kDtc0qk4gwVeT2uiyq7kp8peeOfi4cgzuqJE-CtL-irhpI32OeYU5UPe-uXUfM1WiDbVxrHbfZg5fwrfYO68qQoGu1cvRc2U80tE7HVgKxY0kCzu8jj6DpfIwfr_kiOjTK6F_qMexoqXLdK2EAaReiR3vz5MILt_9jby4XEV_iUMgFPYHy28pj537M2rClD3GPQmVGQnWCMqXapr8IgtkA50BlHkqcXm6a-0HRryOUid5GJjisK5l1Zn9QFMXgBJaNsd_NNrCRYrZI2cTNmUvsmvLwcDubB7dhr6nVinqkqKKy6pkc08oQzca3mevlZOINzOLn-kzw1LueyKhqXgtivs7tIsTf3FIovufEm3dzHyCNOvhH08MGuDy4u0pDC6A0cMwZQMu6BB16tSLo8nYiGHtbQSRyrzLJYBXQqwXCzmftgtPmai8TJ6iHJ8URykV0mkR8MIp9ksgCm3ZKuqFbapWmC9ZYbptm_1TpJytRf6en-H_vlWS7IF2CwgD4puQWzvuohgdU1Zx7E9RPswgcXIstrwmk6GI92bOTE_m__G5aVm6xXBzJm3T6JEEFcykCAuGsarSk1On-DT2Qx4Fbb7BFM0040lPHtun8DmN9xYaqSL_jY23aisT7X2yFOHcE9ZRQn_czq5z8ID9nnjryBuINwh6AAixjmYikwqSJ-MH-i0cIWz-IVik1z3VZs

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Jul 2022 18:59:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js Show response
pagead2.googlesyndication.com/bg/ Frame A1AD 36 KB
14 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js

Requested by

Host: www.calotteryx.com
URL: http://www.calotteryx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b099db39e475bb735f0f889f4ebe8863bd1a1d945faf7c8a422f80da6fa81d3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 17:36:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 91367
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13883
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Jul 2023 17:36:41 GMT

GET
H3 200 sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js Show response
pagead2.googlesyndication.com/bg/ Frame F75D 36 KB
14 KB 21ms
20ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js

Requested by

Host: www.calotteryx.com
URL: http://www.calotteryx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b099db39e475bb735f0f889f4ebe8863bd1a1d945faf7c8a422f80da6fa81d3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 17:36:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 91367
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13883
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Jul 2023 17:36:41 GMT

GET
H/1.1 200
OK bfp_ssn.js Show response
pxlclnmdecom-a.akamaihd.net/javascripts/ Frame 84D3 12 KB
4 KB 20ms
20ms Document
text/html 23.215.130.91
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/bfp_ssn.js?templateId=3
Requested by: Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CU7Q771E&noCookies=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.215.130.91 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-215-130-91.deploy.static.akamaitechnologies.com
Software: / Express
Resource Hash: 7ec5561af74114c3b4b8e0a3e4e2d6f0718e60449f99d4266d8c026bfba8ddcc

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1800
Cache-Control: max-age=300
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3751
Content-Type: text/html; charset=utf-8
Date: Thu, 28 Jul 2022 18:59:28 GMT
Expires: Thu, 28 Jul 2022 19:04:28 GMT
Vary: Accept-Encoding
x-powered-by: Express

POST
H2 200 ptmdP
dts.clnmde.com/ Frame 472B 7 B
324 B 74ms
39ms Ping
text/html 34.111.96.116
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dts.clnmde.com/ptmdP
Requested by: Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CU7Q771E&noCookies=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.96.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 116.96.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash: aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 28 Jul 2022 18:59:28 GMT
via: 1.1 google
etag: W/"7-Jgyp3YpFd/wAt71YECmAdg"
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1800
alt-svc: clear
content-length: 7

GET
H2 200 ptmdDual
dts6.clnmde.com/ Frame 472B 70 B
335 B 71ms
39ms Image
image/gif 2600:1901:0:cba2::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dts6.clnmde.com/ptmdDual?t=%7B%22gh%22%3A%22165903476812733652643067%22%2C%22za%22%3A1%2C%22gcd%22%3A1659034768150%2C%22al%22%3A3%2C%22bcnd%22%3A1%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0217567433541916&output=html&h=600&slotname=1113621453&adk=3269828215&adf=4294855720&pi=t.ma~as.1113621453&w=160&lmt=1659034766&url=http%3A%2F%2Fwww.calotteryx.com%2F&wgl=1&dt=1659034766325&bpp=14&bdt=159&idt=150&shv=r20220726&mjsv=m202207210101&ptt=5&saldr=sa&abxe=1&correlator=4418382583650&frm=20&pv=2&ga_vid=1640585551.1659034766&ga_sid=1659034766&ga_hid=236538459&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=317&ady=116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067984%2C31068585%2C31064018&oid=2&pvsid=2904366874347909&tmod=1836082873&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=ADPQBl0CVG&p=http%3A//www.calotteryx.com&dtd=184
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:cba2:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 18:59:28 GMT
via: 1.1 google
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
x-powered-by: Express
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif
access-control-allow-origin: *
alt-svc: clear

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BBDD 42 B
64 B 83ms
41ms Fetch
image/gif 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss5X5osxyrEwdFWR6xwWJYauS0wtNV9a4tLd-FTgI05S27XIUMsWt8c8tmyXf03XQGZ1RgL9rjK_5obgM58TzvJ5ePJOsAdGfMvV2-jeU3ynYR41TPmNPlb6t_d1RfSsHtvmurhamRVLO50-en-pEhCYkcZdjFVg_ex5f9WSEgRsZVzt3EWE4TYmHsnchfzUcepyw&sai=AMfl-YTaS00ly09Zgk7zvzVd_s_pUsOxC9CxV6N30nOBpOYRd_VDPwsDOoeY59nQv-i3BO_YcHysbmoVu1vb&sig=Cg0ArKJSzCFaGCERk1pUEAE&id=lidar2&mcvt=1106&p=0,0,57.875,468&mtos=1106,1106,1106,1106,1106&tos=1106,0,0,0,0&v=20220725&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2609542261&rs=2&la=0&cr=0&vs=4&r=v&rst=1659034766603&rpt=475&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Jul 2022 18:59:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cksync
cs.media.net/ Frame FF0F
Redirect Chain

https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzAyMDM2MzY4MTQ1NDc1NjAwMFYxMA%3D%3D&google_sc=1
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEOsBozI3RToy-lrQpfP15K8&google_cver=1

45 B
445 B

211ms
129ms

Image
image/gif

23.52.167.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEOsBozI3RToy-lrQpfP15K8&google_cver=1
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C4%2C20000%2C313%2C10000%2C9%2C319%2C294&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol: H2
Server: 23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-167-93.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Jul 2022 18:59:28 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Thu, 28 Jul 2022 18:59:28 GMT

Redirect headers

pragma: no-cache
date: Thu, 28 Jul 2022 18:59:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEOsBozI3RToy-lrQpfP15K8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cenw.js Show response
dts.clnmde.com/ Frame 84D3 36 B
357 B 82ms
60ms XHR
text/html 34.111.96.116
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dts.clnmde.com/cenw.js
Requested by: Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/bfp_ssn.js?templateId=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.96.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 116.96.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash: b7200d3166921aa7247e9e1dee56c3fd7b8ab5c41c54bd218fce46fd6f01e746

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pxlclnmdecom-a.akamaihd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 18:59:28 GMT
via: 1.1 google
etag: W/"24-hH9yOaSkKkVvjxi+jUNEVA"
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1800
alt-svc: clear
content-length: 36

GET
DATA 200
OK truncated
/ Frame 98DC 107 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 98DC 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 98DC 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bql.php Show response
lg3.media.net/ Frame 98DC 15 B
216 B 29ms
29ms Script
text/javascript 23.52.167.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?vgd_len=5792&&&vgd_l2type=sca&fp=0dk0KvFHUKWSl7l1tjfD5oOXJRRfa4M4XOsmmcN-dYZANUir_NXM52gdHe5r3ZzLtpUHstcEJRCqjVAGmTTfjzkSsnblGp7TjIuOkMTPKuWDHOANE4gUk4_5Jzb3YC9ZMFe17ADbcE0%3D&cme=6Fbd82Rb9QxGs_qcfLTcsYTNN_MtORJlTTPB0oOF4fhlkjul_yT0ynYnu-AQ536uZPPqy_OpROT33o8jn4vE39YM9p9AAC6dE_ebN_cjiuto8avb5P8kp4tvUBmUdexT3KvXIwM5dO9TQbIw4EoC7uw5JJlpJGlvQrwjEVbUZaOYKkdEs31MT4QvGMaTXPSDM0z28D4Wr7_z6WCIknyT-Q%3D%3D%7C%7Cu8A6SM53vAcxkZY9VHWafLSuY-HKDieQ%7CYfC2eZepuu0iO4bN1L0Y5DHOMnHYLvLj%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7CxDcVMoSqRISuKqJ58kI-_nx5rP0j7eo6RHrOnNj5H9jPMp4jpvn0iA%3D%3D%7CB7Pc3YvzKMFvn6w-2wJgrvDQg1mWci73MAVQzF4szqQhM7Q2HX05wKYkD01IQHa3vLPY3cIt-1GLMaRVlkbaBHFJhHydUJigEsV40E8q_zdJqfnnkXrizJilyJHuXRa2eM-byFTINgc9G8eh5wCY1NlcKm4JBm6MOjJBE-QRqUYq7hltKol91PstG7w9FOeoNZE3fvKTmhMTcqNlicA9c5dqNkH9I8r5fQ780HIYn1ry6uU8FGLbmg%3D%3D%7C&v=1&geo=45.5%7C-73.58&dlper=20&lper=100&lpid=&tsid=2&q=&prv=&type=&ps=&hint=&td=&cc=CA&wsip=170721603&bca=0&ugd=4&vgd_fcic=0&vgde_setid=Nfu&vgd_dnquo=00_XX&ksu=224&fdkt=375&vgde_kbbh=fuoNWNY&kwd[]=Scratch+Off+Tickets&kwt[]=375&kbc[]=154394&kwp[]=1&kid[]=25459530&kbc2[]=%23c%3A3002257%7C1%3D0.68%7Cfdb_ty%3D439%7Cfdb_bs%3D1262499090%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C12%3D0.47%7C10%3D5.10%7C62%3D0.37%7C66%3D0.46%7C60%3D0.69%7C63%3D0.46%7Cps%3D1.000%7C3%3D0.29%7C4%3D2.44&ktd[]=274911478016&ktrkt[]=Scratch+Off+Tickets&kwd[]=Personal+Loans+for+Very+Poor+Credit&kwt[]=390&kbc[]=208%3A%3A1262292604&kwp[]=2&kid[]=329491837&kbc2[]=1%3D2.45%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C12%3D1.63%7C10%3D5.10%7C62%3D0.98%7C66%3D0.64%7C60%3D2.56%7C63%3D0.46%7Cps%3D0.830%7C3%3D1.66%7C4%3D3.17&ktd[]=274894815488&ktrkt[]=Personal+Loans+for+Very+Poor+Credit&kwd[]=Stocks+That+Will+Make+You+Rich&kwt[]=375&kbc[]=136104&kwp[]=3&kid[]=313178991&kbc2[]=%23c%3A3002257%7C1%3D0.98%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C12%3D0.16%7C10%3D5.10%7C62%3D1.90%7C66%3D0.71%7C60%3D0.98%7C63%3D0.46%7Cps%3D1.000%7C3%3D1.03%7C4%3D3.44&ktd[]=274894684416&ktrkt[]=Stocks+That+Will+Make+You+Rich&kwd[]=Top+5+Medicare+Insurance+Plans&kwt[]=375&kbc[]=-1&kwp[]=4&kid[]=329875769&kbc2[]=%23c%3A3002257%7C1%3D0.64%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C12%3D0.81%7C10%3D5.10%7C62%3D0.55%7C66%3D0.64%7C60%3D0.60%7C63%3D0.46%7Cps%3D1.000%7C3%3D0.84%7C4%3D1.00&ktd[]=274894684416&ktrkt[]=Top+5+Medicare+Insurance+Plans&kwd[]=Unclaimed+Funds+Free+Search&kwt[]=375&kbc[]=25328&kwp[]=5&kid[]=29324106&kbc2[]=%23c%3A3002257%7C1%3D0.51%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C12%3D0.96%7C10%3D5.10%7C62%3D0.12%7C66%3D0.64%7C60%3D0.50%7C63%3D0.46%7Cps%3D1.000%7C3%3D0.14%7C4%3D3.14&ktd[]=274894684416&ktrkt[]=Unclaimed+Funds+Free+Search&kwd[]=5+Best+Stocks+to+Buy+Now&kwt[]=390&kbc[]=265%3A%3A20548&kwp[]=6&kid[]=322494104&kbc2[]=1%3D0.79%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C12%3D0.16%7C10%3D5.10%7C62%3D1.79%7C66%3D0.71%7C60%3D0.79%7C63%3D0.46%7Cps%3D0.830%7C3%3D1.85%7C4%3D4.00&ktd[]=274911592704&ktrkt[]=5+Best+Stocks+to+Buy+Now&kwd[]=Mega+Lotto+Numbers&kwt[]=439&kbc[]=1262499090&kwp[]=7&kid[]=121483312&kbc2[]=1%3D0.43%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C12%3D0.47%7C10%3D5.10%7C62%3D0.43%7C66%3D0.62%7C60%3D0.42%7C63%3D0.46%7Cps%3D0.949%7C3%3D0.03%7C4%3D1.00&ktd[]=563224848236800&ktrkt[]=Mega+Lotto+Numbers&cid=8CU7Q771E&vwid=1659034767634504996&vi=1659034767634504996&tdAdd[]=ib%3D0&vsid=3020363671454785&tdAdd[]=asnum%3D16276&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_cdv=768&vgd_l3_sc=QC&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=410519468&vgd_katbid=-102&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170721603&vgd_nrrv=57785&vgd_nrrmf=1ca0a&vgd_nrrsf=scrr&vgd_cty=montreal&vgd_go_pid=8PO6CSQ66&&tdAdd[]=%7C%40%7Cfsap%3D1%7C%40%7Clsat%3D3&vgd_ifrmode=11&vgd_l1rakh=1659034767140806828&sttm=1659034767880&upk=1659034768.2312&hvsid=00001659034767880025035145479281&verid=3111299&vgd_matchstr=hr%3D0%7C&sbdrId=133&vgd_ecrid=1700080807683300160060000000500&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8PO6CSQ66&&abpl=2&&kbbq=%26asn%3D16276&&vgd_vstrid=3020363671454785&vgde_bdata=QOfvzxjj~8xLjMjvf9~myJLEYv9.fh~e8QMQOvFW9~ONfvu~QNOv%20N~eM1QzvuFfhF~ejfLMQOvf9ff9hfWuu~8xLjMGvufufX.Ff~xLjM7UNv9~Q7Ov~j1Q7v~e8QMxLjMGv9.XW~8EvuiTAL6VAPc8Lr%2Fsc8AKgIf~kGGv9~e8QMxLjMjvu9~L88Ex1v9%2C9~J7vHX~LNvu~LEQMQOvf9ff9hfWuf~e8QMGvhWH.9A~xLjMGv9.9W~xLjM7e8v9~xLjMjvf9~yN17vX99FiH~GGvuAA~eev9~jfLMGvu999~JLEYv9.fh~csRvuE~GYvu~Q8OvFWHXfhXfX~QOv9~x8OvuVJf7B3cPudiVO9si~G7OvifWH9fuFf9fiWuWAihXuWHXAA9hAAh9uAfhAh9uFhAhWfFhXXFiH9iWAufi9HuiHuFWFfFhhfhHFfH~OfEMjvA9~AENkvu9WH.9f~x8Yv9~OYYMQ7Lyvw1LYmz5~OfEMGv9.if~myOfEMGv9.if~exLjMGv9.uF~QQvIK~x8Bvou~NJv9~LEQMGvh9.Ai~exLjMjvf9~%3DVvfh9F~z7Qvf~7Gvou~N7vYmz7LJ1j~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvF.9i~8Q8kv9~jNvu~G8Ov9.fh~ONvW~ejfLMGvH.HH~8exLjMjvf9~QxEEj5M71yM8Ov~e8JB1G8j875v9.Wh~1YEvu~NGOEv9.uHi~OYYvw1LYmz5~Qx8Ov~O7NvJ1Q7MQN~-8OvKrtoExGo9fuhXFhHAAXHuiuF~O1jyvOJk1xj7~w7Yjvu~1OGjUvAfFiWfWfuX~QmGEv~N7LvX.iHFhuhF4oH~GOEN1EOv9~OYYMJLEYv7LxJ~GkjLv9.9u9~myG8Ov9.fh9~1NM75EJvu~875EJM8Ovuh~QJjjJLM71yM8Ov~OJ7JN7JOM71yM8Ov~ONx7vHX~OmyGv9ou~8GNvu~Y-JvNG-~Y-GzvKu~OO7vou~zQlvf~7yQvuf9-F99%7CuF9-F99~GQGv9~GQEv9~7Y-vuhF&vgd_optout=0&vgd_cfud=220623&vgd_scsver=277&vgd_bhv_kbb=-1&vgd_go_ent=1&vgd_l2ch=0&vgd_rensize=160_600&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=east_sc&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Brend_w%3A160%3Brend_h%3A600&&vgd_uspa=0&vgd_sc=QC&vgd_l1rhst=contextual.media.net&hvsid=00001659034767880025035145479281&subBdr=133&bdrid=4&rc=0&rand=1659034768413&acid=26fdc3c0c38344039f9dc6d7178690fd&matm=1659034768413&requrl=http%3A%2F%2Fwww.calotteryx.com&vgd_ltimesrc=1&vgd_ltime=683&vgd_rtime=670&vgd_etm=17&vgd_l1hcsd=Spvgm%7C4945&vgd_l1ch=1&vgd_lhl=2631&vgd_pgid=p1694635134t202207281859&vgd_adprefflag=11&vgd_csip=rtb-appnexus-6f4bb988bd-lpqsm.SC&vgd_sbSup=1&vgd_nrrs=57785&vgd_cntrdt=SF%7Cgoogleads.g.doubleclick.net&vgd_eadm=1&vgd_end=1

Requested by

Host: www.calotteryx.com
URL: http://www.calotteryx.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-167-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Thu, 28 Jul 2022 18:59:28 GMT
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 15
expires: Thu, 28 Jul 2022 18:59:28 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 41D3 0
20 B 83ms
83ms Image
image/gif 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BnVLJj9ziYo8FhK3-BKaxv-AKAAAAADgB4AQC&bg=!5uWl5aHNAAacadVKvGk7ACkAdvg8WqwTIFebZjuO8KTPIauYyvyuXoKA-KZqF2QgRHgkIG6AbE39JQIAAAHYUgAAAAJoAQeZAsiFM8svrxaWaEwgBiKhFkavOjAF4Mm2Nm-scgBjnParqPDxybyhaJ9OTBILYng60DENviyiS1_lSkynEO22hvv179gQ_z-97NkQ07Ai4tE-QcPSFu9jtl78oJLTUXVW6_rQLOxNBbD9k5DlFtTXe8RRDvHBZK9u0Nevx0yOH3bJKMHel4Xk-uz6lwxm6n9Nc_pjeLrJ5ZQ2vyyiEu83J1RhxNdS6mX3bAyso5RG5pJDxbHS87s_xYjljoBdIDhgHgsjwroP57WqlK1_qtbF7GPSIWEQURNGRf-DP4hj7AqlyGjM0dXeb3sQlKUKTmhVr-Y6SoOnQMYujUDpOFScCwUnn2Qvtl9o1g8jspOHRwAUyNdwGMMrvVD6w91Dxop_D9VLL1Fxjha18nYMYJg-c32SREDL6kvvMU31mO644cd-rq-r78V-eg2t-jMqSYCLDr7QWNvkYtuF8PI4ayzTXJ1jSqbB4YgGRyDaSVW7LdJIVpagRp7LPvhl3ig36p99Tz601MuxDlVvddx1RI0TNM6Fc48rHkYY5viUNwTIp2aZNam45sfDtDQZUlrozopv0Z3KkN1ovtBxm5gzNHSAKY6liwG6PLfv7MdfH_9QgxnOtalbQaZuhEtpuR5gIXXj4clQ8jlLeMErjQ7LWdqk7UHn2_gNk1Q-CBzpJZFvlFa41af2Eea9PMSF_YnLZnu6hCNEjyrR0lgV0v6OS3QeQDyW8siwyYw1Kr55czg64OFViiy-nBaFXVDVGSSg5muAaQdZoOS9O97jMX-Kgo5TqxelI080PsqG05NDbwv3UL60wgzPDBvPknkhmDcEHRPHujEK2VXGLSXkESI86-cVNYHlEmD9GOhelwJEo-H9mHjELPHSVwQKGlBFdVijae-5qq306jqdodYz8nnsvLBEvoEuTh2G8yz_uShwfh_CRJbCrtfEcFA3pMGI

Requested by

Host: www.calotteryx.com
URL: http://www.calotteryx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Jul 2022 18:59:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D5FC 42 B
64 B 45ms
44ms Fetch
image/gif 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssX_oZz5ZY8TQEv3r4ACAxMqon-GtCptMfZ_PqYm1sm97kgs0oSaInpOY-u64v8QFPYklp0QNT8iiByvUfaOeMI_nCQlxbVj3fJvAAzXCu2O8_oeYxpE4GvwCfNYa4RxxaEZsQXCU95wQ&sai=AMfl-YQSCKKsSVstjfcpDdmqe6zv4fvhGkC3OXL8BzYZgdZDX0fFv10tGxRMNxMmhUD-mPv2nN9jRPgI80uM1gRlUoOKysBmlhQnHTw&sig=Cg0ArKJSzMih57WHBr7VEAE&cid=CAASEuRoev0wVfciRPh_x11aeOpGHA&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220725&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2846920967&rs=2&la=0&cr=0&vs=4&r=v&rst=1659034766612&rpt=917&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Jul 2022 18:59:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 45ms
44ms XHR
application/json 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220726&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207210101/show_ads_impl_fy2019.js?bust=31068585

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54c9032dce9ed4990a920dfdfd6ad669eff49aa54d196b30fbd789429fe7f46a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 28 Jul 2022 18:59:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10803
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 39ms
38ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207210101/show_ads_impl_fy2019.js?bust=31068585

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 18:59:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 28 Jul 2022 18:59:28 GMT

GET
H2 200 ptmd
dts.clnmde.com/ Frame 472B 70 B
139 B 40ms
39ms Image
image/gif 34.111.96.116
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dts.clnmde.com/ptmd?t=165903476812733652643067_N4IgxmAWDWIFwG0QDYAcAWArAJgOw8xAF0AaEABwEsATAF3iQAZiyAnAUwDMBVVgG3qIQLEAGdWYXgIYhItWuQCkAZgCCi7ADENmgO76AdGACGfAPbz2rAJ4API2YC2IgG6iA+jUEIAdgFc+PlJZN086GUZIxgBGZEwATkZldFxkXFRUSOxMJMxorBT47FRokTA-UVow7xBUAGFuXABFXFxogFEy1hcZYAAdFAwcfGyBuH6QWmtydjGBsFYwgZIBl0ol+AHYhKSUtORknPR4+ORlgchQmjmQKJi4xOTU9MzGbNz8zELi6IGAXz+Ih8xgY6Gw8WOaWwyHQJGiyUYqFwSXiJEwykiGFQGOCwNE8HBZEoxmciEYwWJ+LgqCJPTgjAMmDIlWMtAqoJIymUnNhyiZymQnNwnJpylRhOi8WCAC8QXBomRyABzeAgHpkJWQVXbR57Ep4LlxaHoDFpEBkNyq5AGBnHeLmkCmeDckCcMDwAC0CpA7FolG1D12zwdlRV9OZsDgIB1QbS7jwmAOmHRMNwygd7Eo5G1x0Z1ui6IM0Vw9otVlV5FYZmoGb8cu9fn98rI7BcfAYoGBjnYqoARjRqFYwg7qKy5aB+9RB4saKr0A61sOozGnvtDow7cgQACSJ2ST2o8YwLOyKPaOPHcea1HoZxqGBlGBGA-seh0CjOPF78hqG10shEjvBd1lnZdA1XVJ103bc-mCchLUQYJRD4SoAx2VcSnhB0+E4eBvXKSol1qBpmlaDpgKIlc9kgrANxOLcNXdeVwL1OJhRAABHA9vU4JtsD+IA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.96.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 116.96.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 18:59:28 GMT
via: 1.1 google
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
x-powered-by: Express
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif
access-control-allow-origin: *
alt-svc: clear

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 194A 13 KB
5 KB 20ms
20ms Document
text/html 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.calotteryx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 45268
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 28 Jul 2022 06:25:00 GMT
expires: Fri, 28 Jul 2023 06:25:00 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1B66 783 B
533 B 85ms
41ms Document
text/html 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3a304758d0713ee7a0e4320410653aede77eac70a61277d3b13fce6e86794d33

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uQ-sv9j1ZDqbvnNd11RpLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.calotteryx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-uQ-sv9j1ZDqbvnNd11RpLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 28 Jul 2022 18:59:28 GMT
expires: Thu, 28 Jul 2022 18:59:28 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js Show response
pagead2.googlesyndication.com/bg/ Frame 194A 36 KB
14 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b099db39e475bb735f0f889f4ebe8863bd1a1d945faf7c8a422f80da6fa81d3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 17:36:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 91367
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13883
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Jul 2023 17:36:41 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1B66 0
0 46ms
46ms Image
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220726&jk=2904366874347909&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:820::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 194A 0
9 B 20ms
19ms Image
text/plain 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?zJcfKA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 18:59:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 log
hblg.media.net/ Frame 472B 35 B
194 B 19ms
19ms Image
image/gif 23.52.167.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hblg.media.net/log?log=kfk&evtid=adplog&&lmt_enf=true&req_mtype%3C%3E=0&mx_nsz=2&spSource=0&ifst=0&vid=YuLcjgAJ5NYIaAmAtQ2ANA&s_city=morganton&ugd=4&cliIPV6=2607%3A5300%3A0060%3A0000%3A0000%3A0000%3A0000%3A0000&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Cclt%3D2%7Cfl_rl%3D1%7Ckbb_se%3D1%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=5.9467176E-4&mx_TAF=2&device_id=4&ae=false&mx_UCC=4&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.270&size=160x600&mx_TAS=1&mx_gpid_sent=false&xtmax=290&mx_crsw_bckt=A1&commit_id=4e0085c1&scrid=1700080807683300160060000000500&itypeid=17&mx_SPRIG=2&viewability=87&renderer=0&be=0&rtime=50.0&adj0=0.0&tmax=300&s_ip=74.125.19.2&adj2=0.0&adj1=0.0&adtypes=0&mx_aabpc=0&reqid=YuLcjgAJ5NYIaAmAtQ2ANA&sc=CA-QC&mowxReqId=26fdc3c0c38344039f9dc6d7178690fd_1&ifdp=0&requrl=http%3A%2F%2Fwww.calotteryx.com&bidrestime=1659034766814&pv_adtype=0&cc=CA&strg=HARMONY&pcrid=8CU7Q771E-684527525-31-8&coppa_enf=true&bdp=0.270&ct=Montreal&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D290%7CHARMONY%7Cbrr%3D0&mx_epbc=8CU7Q771E&dnt_enf=false&mx_ssBucket=0&vls=0&asn=514&mang=1&fleet=appnexus&mx_isLossNtf=false&advUrl=https%3A%2F%2Ftopics.businessfocus.online&dn=calotteryx.com&pgcatiab2=480&dt=O&acid=26fdc3c0c38344039f9dc6d7178690fd&actltime=59&act=headerBid&iframingState=0&mx_lr_seg_deal=0&exclattr=32%7C34%7C70%7C7%7C13%7C14%7C15%7C16%7C48%7C17%7C114%7C18%7C19%7C20%7C22%7C25%7C26%7C27&dfpBd=0.149&sckfl=0&dmm_erpm=true&mx_lr=0&mview=1&smbrid=adx-1&bfs=103&rfc=-1&prvApiId=8CU7Q771E&epcexp=false&pubid=pub-ADX-116310109131&mx_bsProfile=0&cid=8CUU9JF8H&bcrid=1700080807683300160060000000500&omul=1.0&res_mtype=0&apPrfs%3C%3E=13%23%2361&chnl=HARMONY&pst=0&reqsize=160x600&adpos=1&itype=ADX&mx_g_one_uid_sent=None&spCst=0&tgtval=pub-ADX-116310109131&__expireat=1659035367072&lmt_status=N&reftype=0&viewability_vendor=EXCHANGE&prvAccId=684527525&ckfl=0&lper=1&mx_tgs=120x600%7C160x600&cbdp=0.149&pvdTmax=176&ltime=56.0&epc=684527525&ctr_vendor=EXCHANGE&prvReqId=7336460598559_1439118870_41051946841&exid=31&spFst=0&mx_GCID=0&cliIPType=v6&pexid=ADX-pub-0217567433541916&ybnca_erpm=0.27&brsrclk=0&sbdrid=133&rtttime=143&mx_PC=1&wsip=mowx-lite-7bc68c8864-cd8s2&currsrc_date=2022-07-28+00%3A00%3A00&psrc=fail&geoll=false&omid=0&debug_ts=2022-07-28+18%3A59%3A26&policy_enf=2&mx_ssProfile=0&mx_SC=0&reftime=0&pbidflr=0.010&spbf=0&currsrc=API&fpusp=false&lmt_applied=N&mnrfc=-1&pub_blk_enf=1&amptype=1&moau=true&ocurr=USD&snm=SUCCESS&mx_IAB2=1&usp_enf=1&bidflr=0.010&incentive_type=0&skadidfl=0&pid=8PR113JGC&spTo=3&pvid=4&schain_cmpl=1&is_ortb=false&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=1&dbf=1&gdpr=0&gqid=AHfbET5vRzDzFFsg1EOpGpIHxYVCV7JEu43xQUs5FIB0q8Ka4ScKvhB1NH1-Mb1_qzb3g-jh&dmm_ogerpm=false&csip=rtb-appnexus-6f4bb988bd-lpqsm.SC&mx_bsBucket=0&mx_aurt=0&mx_crsw_exp=cbx&spIvt=3&ptype=23&media=0&acsn=1&dtc=east_sc&mx_aqcpl_crid=4&ogbdp=0.27&tpbTkn=false&adblk=3269828215&fpuReq=1&vcmplrt=-1.0&crid=410519468&geo_source=2&sat=1&mnet_ckfl=0&mp_seg%3C%3E=44513%23%2344506&opbidflr=0.010&impId=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D20~ogerpm%3D0.27~vis_sd%3D680~dc2%3D1~scd%3Dqc~v_asn%3D16276~vl2r_sd%3D2022072811~iurl_b%3D12125.62~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.58~ip%3D19L3rJI3UMirDVFMi3AQN2~fbb%3D0~vis_url_l%3D10~riipua%3D0%2C0~et%3D45~rc%3D1~rps_sd%3D2022072812~vis_b%3D784.03~url_b%3D0.08~url_tvi%3D0~url_l%3D20~gcat%3D500694~bb%3D133~vv%3D0~l2r_b%3D1000~erpm%3D0.27~MFB%3D1p~bm%3D1~sid%3D684527525~sd%3D0~uid%3D1Ie2twYMU1j9Id0F9~btd%3D928402162029818397518453307337013273701673782675569409831290419416862677274624~d2p_l%3D30~3pcf%3D1084.02~uim%3D0~dmm_strg%3Dharmony~d2p_b%3D0.92~ogd2p_b%3D0.92~vurl_b%3D0.16~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D70.39~vurl_l%3D20~CI%3D2706~nts%3D2~tb%3D-1~ct%3Dmontreal~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D6.09~isif%3D0~lc%3D1~bid%3D0.27~dc%3D8~vl2r_b%3D4.44~ivurl_l%3D20~supply_tag_id%3D%7Eviewability%3D0.87%7Eamp%3D1%7Ecbdp%3D0.149%7Edmm%3Dharmony%7Esuid%3D%7Edtc%3Deast_sc%7Exid%3DADX-pub-0217567433541916%7Edalg%3Ddefault%7Ehtml%3D1%7Eadblk%3D3269828215%7Esobp%3D%7Ectr%3D5.9467176E-4%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.010%7Eogbid%3D0.270%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D45%7Edogb%3D0-1~ibc%3D1~mxe%3Dcbx~mxbn%3DA1~ddt%3D-1~nsz%3D2~tgs%3D120x600%7C160x600~bsb%3D0~bsp%3D0~tmx%3D176&utime=1111&sf=0&cpr=0.7741693844325026&evttyp=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-167-93.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.35.v20201120) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Jul 2022 18:59:28 GMT
server: Jetty(9.4.35.v20201120)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Thu, 28 Jul 2022 18:59:28 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2745 42 B
64 B 42ms
42ms Fetch
image/gif 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvu7w89T_Z8pmhxdoMm53WFb2X3Zc0ZhQuEtywToFBE0Fs73ftfiqET9UNdzU0pjLXPUe_K1f0q6vILAtPVswLLHVLcGA8xoPmowXL18wC1aFdbpauMQ16wYgmChPkar6F82irmaNHKfQ&sai=AMfl-YQsZin4iaw-HZ8roGWhiG2ugOv3PLHADdaiR9IC3NZaKI3oR1wzFUDarYY4nLLZngILT6nPcKJ1ziH4&sig=Cg0ArKJSzLg8e8lXWghNEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=404,1000,1000,1000,1000&tos=404,596,0,0,0&v=20220725&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1659034767347&rpt=650&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Jul 2022 18:59:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 58ms
57ms Image
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220726&jk=2904366874347909&bg=!EBOlE1fNAAacadVKvGk7ACkAdvg8WqstUX8XoRridHhJItYQzCVTIniUA-_nR6WxALpitxBwsy7slgIAAABlUgAAAAJoAQeZAp1QCdxsILG4aOffiKSeYaRgJUSHYRsGg2_mL_D6EsNsmtudd7RRIYqGMPiQC3tz8Lpnh82JsU85tARi0yiCdXND7Tu5y96RwtVBY2e5KWffztmEwKZappxXmviRv7VpMkIhNGBTRtCJYTGdEZZFSFK9NBJ4iYs15DQYpuP2rlW5RBnMqlYIrD8K7r2uIkXqMhp0YjukEwf91qHF_ZDcXZaILIJb1dK3doF3x174i6zBIEPD5bo3RSxt0QkmTfXlHov0ePpefMVCxFpwfuow_MXwrWo-396o-Wx-k3CnadwOZu8IJTc6gsG7r3B1tTZIRUvRyorXIPyYolrLHHDWvO5qVzjxWg-pbiSsiPiRsd3WOs3Fbn2Ygf9aTd-Gg2ftNZr2fnxEzCWuOxJTDoY51k608AhhJuNG2QFpQ90wwSvV1F574hw9L41htlXPUXZHJxEOp_bLB0SB8Gr8U5pb8omv2TK9A5e1qvBkdKV2VidaJexieKQoj6SzAXjpwHFVarlHFfwskOqSg_NXxatGCRkX0TT_hnDUNHpiR3VbO74g47vmZDx0a2YNUTT1GWqxYtCNOkS_xHCv-qjH9TUaRMGMAEYNQp92APDIy3W3z-I6O_Y9Y1GbyinQxwxIvt4TDEZpWbBy6Hb5oeYcO_3DonroTTvwT_Ea1wuOER34-I8_j7vL-3nCWWio3-NBffi91bcVIxfsNPxXYaBP9Jla2vxwyCNN9RNNigVjv80SIs0fbVNdPK3oq1UUFZhsZ3gRxb6gImTXe_QGSxcYlZoQ4pi5CuP9OsHoVlENNN_ihajDDSh8s0zs45WvX52pOYri26JYuWDLoMCuOAYq4ZRneVBrbQs5yxUwzT6ENeZy4jz4Q66epfUNPJIjRm6zMq0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:820::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.calotteryx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H2 200 bqi.php
lg3.media.net/ Frame 472B 15 B
15 B 23ms
22ms Image
text/javascript 23.52.167.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bqi.php?vgd_len=2843&lf=3&&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=410519468&vgd_l2type=sca&pid=8PO6CSQ66&katbid=-102&katen=1&cme=6Fbd82Rb9QxGs_qcfLTcsYTNN_MtORJlTTPB0oOF4fhlkjul_yT0ynYnu-AQ536uZPPqy_OpROT33o8jn4vE39YM9p9AAC6dE_ebN_cjiuto8avb5P8kp4tvUBmUdexT3KvXIwM5dO9TQbIw4EoC7uw5JJlpJGlvQrwjEVbUZaOYKkdEs31MT4QvGMaTXPSDM0z28D4Wr7_z6WCIknyT-Q==||u8A6SM53vAcxkZY9VHWafLSuY-HKDieQ|YfC2eZepuu0iO4bN1L0Y5DHOMnHYLvLj|dsA6EMpZ47R6ljdz__nQtthZoUpm2bb5|xDcVMoSqRISuKqJ58kI-_nx5rP0j7eo6RHrOnNj5H9jPMp4jpvn0iA==|B7Pc3YvzKMFvn6w-2wJgrvDQg1mWci73MAVQzF4szqQhM7Q2HX05wKYkD01IQHa3vLPY3cIt-1GLMaRVlkbaBHFJhHydUJigEsV40E8q_zdJqfnnkXrizJilyJHuXRa2eM-byFTINgc9G8eh5wCY1NlcKm4JBm6MOjJBE-QRqUYq7hltKol91PstG7w9FOeoNZE3fvKTmhMTcqNlicA9c5dqNkH9I8r5fQ780HIYn1ry6uU8FGLbmg==|&gdpr=0&prid=8PRVCXX19&cid=8CU7Q771E&crid=684527525&requrl=http%3A%2F%2Fwww.calotteryx.com&vi=1659034767634504996&ugd=4&cc=CA&sc=QC&bdrid=4&subBdr=133&startTime=1659034767871&l2type=sca&vgd_l1rakh=1659034767140806828&l1ch=1&sttm=1659034767880&upk=1659034768.2312&hvsid=00001659034767880025035145479281&acid=26fdc3c0c38344039f9dc6d7178690fd&verid=3111299&vgd_bdata=sd2%3Dnull~iurl_l%3D20~ogerpm%3D0.27~vis_sd%3D680~dc2%3D1~scd%3Dqc~v_asn%3D16276~vl2r_sd%3D2022072811~iurl_b%3D12125.62~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.58~ip%3D19L3rJI3UMirDVFMi3AQN2~fbb%3D0~vis_url_l%3D10~riipua%3D0%2C0~et%3D45~rc%3D1~rps_sd%3D2022072812~vis_b%3D784.03~url_b%3D0.08~url_tvi%3D0~url_l%3D20~gcat%3D500694~bb%3D133~vv%3D0~l2r_b%3D1000~erpm%3D0.27~MFB%3D1p~bm%3D1~sid%3D684527525~sd%3D0~uid%3D1Ie2twYMU1j9Id0F9~btd%3D928402162029818397518453307337013273701673782675569409831290419416862677274624~d2p_l%3D30~3pcf%3D1084.02~uim%3D0~dmm_strg%3Dharmony~d2p_b%3D0.92~ogd2p_b%3D0.92~vurl_b%3D0.16~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D70.39~vurl_l%3D20~CI%3D2706~nts%3D2~tb%3D-1~ct%3Dmontreal~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D6.09~isif%3D0~lc%3D1~bid%3D0.27~dc%3D8~vl2r_b%3D4.44~ivurl_l%3D20~supply_tag_id%3D%7Eviewability%3D0.87%7Eamp%3D1%7Ecbdp%3D0.149%7Edmm%3Dharmony%7Esuid%3D%7Edtc%3Deast_sc%7Exid%3DADX-pub-0217567433541916%7Edalg%3Ddefault%7Ehtml%3D1%7Eadblk%3D3269828215%7Esobp%3D%7Ectr%3D5.9467176E-4%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.010%7Eogbid%3D0.270%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D45%7Edogb%3D0-1~ibc%3D1~mxe%3Dcbx~mxbn%3DA1~ddt%3D-1~nsz%3D2~tgs%3D120x600%7C160x600~bsb%3D0~bsp%3D0~tmx%3D176&matchstring=hr%3D0%7C&vgd_matchstr=hr%3D0%7C&vgd_sc=QC&infr=1&twna=1&stime=1659034767761&vgd_ecrid=1700080807683300160060000000500&l1hcsd=l1!Spvgm|4945&vgd_l1rhst=contextual.media.net&vgd_uspa=0&tdAdd[]=%7C%40%7Cfsap%3D1%7C%40%7Clsat%3D3&vgd_isiolc=1&pvl=%7B%22dtc%22%3A%22east_sc%22%2C%22mbr%22%3A1%2C%22l1rpth%22%3A%22%2Fnmedianet.js%22%2C%22pgids%22%3A1%7D&vgd_fcm_enc_mis=1&l2ch=0&vgd_pgid=p1694635134t202207281859&vgd_pgids=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-167-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Thu, 28 Jul 2022 18:59:29 GMT
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
cache-control: max-age=0, no-cache, no-store
content-length: 15
expires: Thu, 28 Jul 2022 18:59:29 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 472B 42 B
64 B 39ms
38ms Fetch
image/gif 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuyAZCBIgRtZ2dc0g4dxDzpE6W2iIMpGoaXLtTGMpyy7CiFbdrpp5Kze-rCw_io0B1bBPC0_b44WmsmklUiqBq54fFs&sig=Cg0ArKJSzEmTipRInhL5EAE&id=lidar2&mcvt=1001&p=0,0,604,160&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20220725&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&vu=1&app=0&itpl=20&adk=3269828215&rs=2&la=0&cr=0&vs=4&r=v&rst=1659034766511&rpt=2068&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Jul 2022 18:59:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ptmd
dts.clnmde.com/ Frame 472B 70 B
131 B 41ms
40ms Image
image/gif 34.111.96.116
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dts.clnmde.com/ptmd?t=165903476812733652643067_N4IgpgHiBcIAwgDQgM4GMD2MQEYBsArAJxwDMALAOx6UD6ATJQXqQQaXlaUqpgGYwcydBgAu2fMTJUaDJizYcutABwAjenBWU1OOPTREwpMAT58wAExxocVFVfWUVPEaIHQhvMZewA5AEFXTFFLDwBaemQwAGsAQ2waPjgiek1wuDA4ynCcHCtwokowwrVLFXJyOKIcPgJyHli1QWQ0ADcUbGAAHRAAGww0OL7aFFEMACc4gHMwXuhepJS0uAysnLyCopKiMoqqmrryXsRelDAUFABLDAA7UfGp2fnFymTU9Mzs3PzLQuK+KVypVqrV6idepgMDErmBaJY4qI4i8QEsPqsvhtfv8dnsQYdwSAAL6NYYwADaAF1onEAA4U3DkIgAOmYzJw7HZlCIIGpIAAtgBPCnkoRwRD4cXivBwOCUvkAdwAjhS+UKJqrWvy0M1YHgKgRGIaCDw0BN+fToOTcIQSBRqNQKAQ4EyiHhaPy4ld7jhechhuIrXLhFhPMgrm0YFFUEjRABXTpW+ikCUqRApnBEPkALwSYZAtOm2EjyGmAAsJLbpNQVDhGKQOIbOKQ4DQeB1Esy4MzXTwydAUyA+GgYLloqIrpWpPa28JREXoOLUDEp3aZHQjQp2JxKNxoldLYyWWyOaQuTzkG0wBrYLSJhhfNE43mvHHJ-mwG0+hTQLc4vywGwNQrksSxr1oECeARJEYFAYDQPAyDYAaS8rgg3xYEkNcHRYchnVdPBiSJRBf3-QDYDiNBIOQaC81ASikJAeg8D4Sw0FINA4HYlQKHIMgiD4Ig2LwSxKBwZw8BIVj2zQxisOrGhcPwog3SIvlaQ7K14AAAk0egcG030+RQPoxlXBTaxwPd+g8Lw0ATUR0OwFQAGEAFVKAARUoMSAFEZKczCqxnR08JdFTCNLEdPGCqhKDgDlKGQJVyK8Ph31IIkgA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.96.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 116.96.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 18:59:30 GMT
via: 1.1 google
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
x-powered-by: Express
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif
access-control-allow-origin: *
alt-svc: clear

POST
H/1.1 204
No Content event.png
tpsc-nyc.doubleverify.com/ Frame F3F1 0
210 B 78ms
23ms Ping
text/plain 204.154.110.83
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-nyc.doubleverify.com/event.png?impid=f638c5fffed04dfabda4e734bcdb7957&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_ealrgx=1&dvp_ealmp=1&dvp_ealslr=1&vdur=394&eoid=11&msrjs=2940&sdf=2&vit=2&isvelg=1&rmi=16&tltms=303&tetms=9&msltms=73&vltms=394&sei=290&vetms=91&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=904&msrcannum=3&ismms=41&isumms=40&nvr=6&elmtp=1&isbxdms=2540&b0=278&b11=2428&adhgt=58&adwdth=468&norwdth=468&norhgt=60&vsos=1&dvp_vsosnmr=16&lftb=2706&sftb=2706&msrdp=2&naral=640&vct=512&vphgt=1200&vpwdth=1600&chgt=60&cwdth=468&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1144&isuiabvms=1144&ispmxpms=1144&engalms=39&engscrlms=316&dvp_pageEng=true&dvp_dpr=1&ttfurm=3515&cbust=1659034771096224
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2940.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 204.154.110.83 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS: nycp-phlb113.doubleverify.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Thu, 28 Jul 2022 18:58:52 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Expires: 07/27/2022 18:59:31

GET
H2 200 ptmd
dts.clnmde.com/ Frame 472B 70 B
131 B 41ms
40ms Image
image/gif 34.111.96.116
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dts.clnmde.com/ptmd?t=165903476812733652643067_N4IgHgZiBcIAwDYIEYDGAmAnAEwEbowHYBWADnQFNcBmXUuAFhXWIWvULhABpwIAXGCFLUKCCpky4IDOLkIME6ahFTViyFdjipimOOmw8QEAIYwA2tRKlkcQqVbc7pbnDcf3Xzz+9eAurxmAM4wCLwAFhGWyNwsgSZQ0O4gAK6pMMSEmEEAbkLGAJb50Ay8wfym-Kmh0FbuLM6YCQBe5tCxIAAOAOZC+bw90bDICHpw1AyECLYc1NRj6AgM1IiExrm1IAgAdHA7DJLGpgA2MNRBqDAAtJ0U-IVCo+OT0+vl-H3J5QDWT2P6V4IQgAfQ4rHUxAWU2oxgohS6T0OO1YO2QULR2Q2FAATkIujiAPZGXgUVLtTqpR4dUm5M51UAAO1MAFsKEJcIVsNhcSCucZsFV2qBOdzefzYAwNoU+UYRgCJlNgWwGMRGJIECAAL5a7hM1ns2CmVD83iCyowUDGiUgJYQbBqVA6agiBiyaiYCA4VAIbCEZAOBD6e3S2X-F5K6aTNWHTCanUJLqbSwJYInCrhwFK2yaYwnJKdVA1fhh2CkADCAFVCABFQj+gCioZtzyzbxVMY1xh6Vw6CtehHQ6MIvAAjobOhBqQwtUA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.96.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 116.96.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 18:59:32 GMT
via: 1.1 google
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
x-powered-by: Express
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif
access-control-allow-origin: *
alt-svc: clear

Verdicts & Comments Add Verdict or Comment

221 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.calotteryx.com/	1970-01-20 04:54:53	Name: approved Value: 1
.calotteryx.com/	1970-01-20 22:21:46	Name: __utma Value: 202592387.1640585551.1659034766.1659034766.1659034766.1
.calotteryx.com/	1969-12-31 23:59:59	Name: __utmc Value: 202592387
.calotteryx.com/	1970-01-20 09:13:22	Name: __utmz Value: 202592387.1659034766.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.calotteryx.com/	1970-01-20 04:50:35	Name: __utmt Value: 1
.calotteryx.com/	1970-01-20 04:50:36	Name: __utmb Value: 202592387.1.10.1659034766
.calotteryx.com/	1970-01-20 14:12:10	Name: __gads Value: ID=f78ac83c64a5882e-2271c08673d400b9:T=1659034766:RT=1659034766:S=ALNI_MYPcMgD-wwfXSUi8vGjhyk2Cl3lqw
.calotteryx.com/	1970-01-20 14:12:10	Name: __gpi Value: UID=0000056ebf69b6c4:T=1659034766:RT=1659034766:S=ALNI_MbsF2uehEqs_GW7R2XxzzsXZDt8DA
.doubleclick.net/	1970-01-20 22:21:46	Name: IDE Value: AHWqTUni20SFMSDNWk-1p4HockaS3TNmI5un9Y7aUI8iD1-BWap41xhsyhCBdwedgWM
.doubleclick.net/	1970-01-20 04:50:35	Name: test_cookie Value: CheckForPermission
.adnxs.com/	1970-01-20 07:00:10	Name: uuid2 Value: 7856823631969882333
.casalemedia.com/	1970-01-20 13:36:10	Name: CMID Value: YuLcjw2CJ7zoBna038bC6wAA
.casalemedia.com/	1970-01-20 07:00:10	Name: CMPS Value: 033
.casalemedia.com/	1970-01-20 07:00:10	Name: CMPRO Value: 033
.adnxs.com/	1970-01-20 07:00:10	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C')j%S9`!]tbPl1M>e)ZlrFUfJ+tGXxpG>W?tDV)F8NZh1(J^_'l8Xr+:']%Lc4rhjS$%nugO%v4VB%nm<o)ddW0
.openx.net/	1970-01-20 13:36:10	Name: i Value: 4ded6072-aafb-47b6-9833-00cf6ff17b0d\|1659034767
.mookie1.com/	1970-01-20 14:19:22	Name: id Value: 10600840206312530362
.mookie1.com/	1970-01-20 14:19:22	Name: mdata Value: 1\|10600840206312530362\|1659034767492
.mookie1.com/	1970-01-20 14:19:22	Name: ov Value: f59763e7bfde4f3756c869771df36a08
.pubmatic.com/	1970-01-20 04:52:01	Name: KTPCACOOKIE Value: YES
.agkn.com/	1970-01-20 13:36:10	Name: ab Value: 0001%3A88bBo4O%2FLcbN6U4ouLsFhINZQzieF7cv
.agkn.com/	1970-01-20 13:36:10	Name: u Value: C\|0CEAqdZkPKnWZDwAAAAAAAQ13AQCAAQpAAAAAAA
.adingo.jp/	1970-01-20 05:33:46	Name: ID Value: 6eea17993f1354c1a6e1eae2915791ea
.casalemedia.com/	1970-01-20 07:00:10	Name: CMTS Value: 156
.pubmatic.com/	1970-01-20 07:00:10	Name: KADUSERCOOKIE Value: 07F12794-2F6C-4CA1-9EC0-F9620CAA0BBC
.innovid.com/	1970-01-20 07:00:10	Name: uuid Value: 2c95041d-7b87-4207-9c71-a5e38f973d6b-20220728 14:59:27
.demdex.net/	1970-01-20 09:09:46	Name: demdex Value: 52191054389102704550306371642740605642
.scotiabank.demdex.net/	1970-01-20 09:09:46	Name: scotiabank Value: 52191054389102704550306371642740605642
.media.net/	1970-01-20 13:36:10	Name: visitor-id Value: 3020363671454785000V10
.pxlclnmdecom-a.akamaihd.net/	1970-01-20 04:50:36	Name: bfp_sn Value: 1659034767_275635536473
.pxlclnmdecom-a.akamaihd.net/	1970-01-20 04:50:36	Name: bfp_sn_t_8b2087b102c9e3e5ffed1c1478ed8b78 Value: 1659034767_275635536473_8b2087b102c9e3e5ffed1c1478ed8b78
.pxlclnmdecom-a.akamaihd.net/	1970-01-23 06:41:45	Name: bafp_t Value: 67f09220-0ea7-11ed-97df-9bd844a91f54
.media.net/	1970-01-20 05:10:44	Name: data-g Value: CAESEOsBozI3RToy-lrQpfP15K8~~6

16 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://www.calotteryx.com/js/ads.js(Line 20) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://www.calotteryx.com/js/ads.js(Line 20) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://www.calotteryx.com/js/ads.js(Line 63) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://www.calotteryx.com/js/ads.js(Line 63) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://www.calotteryx.com/js/ads.js(Line 63) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://www.calotteryx.com/js/ads.js(Line 63) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://www.calotteryx.com/js/ads.js(Line 63) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://www.calotteryx.com/js/ads.js(Line 63) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: http://www.calotteryx.com/css/tabbg.gif Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	warning	URL: http://www.calotteryx.com/js/ads.js(Line 31) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://www.calotteryx.com/js/ads.js(Line 31) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://www.calotteryx.com/js/ads.js(Line 9) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://www.calotteryx.com/js/ads.js(Line 9) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0217567433541916&output=html&h=90&slotname=8636888252&adk=2846920967&adf=152940308&pi=t.ma~as.8636888252&w=728&lmt=1659034766&url=http%3A%2F%2Fwww.calotteryx.com%2F&wgl=1&dt=1659034766430&bpp=9&bdt=264&idt=175&shv=r20220726&mjsv=m202207210101&ptt=5&saldr=sa&abxe=1&prev_fmts=0x0&prev_slotnames=1113621453%2C5600219850%2C5600219850%2C5600219850%2C2590354652&nras=1&correlator=4418382583650&frm=20&pv=1&ga_vid=1640585551.1659034766&ga_sid=1659034766&ga_hid=236538459&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=522&ady=714&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067984%2C31068585%2C31064018&oid=2&pvsid=2904366874347909&tmod=1836082873&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=7&uci=a!7&fsb=1&xpc=9oPpflpkTH&p=http%3A//www.calotteryx.com&dtd=181 Message: Refused to execute script from 'https://scotiabank.demdex.net/firstevent?d_event=imp&d_src=203093&d_creative=173744556&d_campaign=27984544&d_placement=339132495&d_site=3375178&c_advertID=6105463&d_bust=359949805' because its MIME type ('image/gif') is not executable, and strict MIME type checking is enabled.
other	warning	URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CU7Q771E&noCookies=true(Line 14) Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20220726/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-0217567433541916&fa=1&ifi=9&uci=a!9&btvi=1&xpc=jUnuZViMqj&p=http%3A//www.calotteryx.com Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.ca
adservice.google.com
ag.innovid.com
ajax.googleapis.com
cc.adingo.jp
cdn.doubleverify.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
contextual.media.net
cs.media.net
d.agkn.com
dsum-sec.casalemedia.com
dts.clnmde.com
dts6.clnmde.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hblg.media.net
ib.adnxs.com
image6.pubmatic.com
lg3.media.net
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pxlclnmdecom-a.akamaihd.net
qsearch-a.akamaihd.net
rtb.openx.net
s0.2mdn.net
scotiabank.demdex.net
scripts.chitika.net
ssum-sec.casalemedia.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-nyc.doubleverify.com
warp.media.net
www.calotteryx.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
104.18.18.126
104.36.115.113
142.250.65.162
142.250.80.2
142.251.32.98
142.4.208.214
18.234.4.63
204.154.110.83
23.205.76.25
23.215.130.91
23.34.59.152
23.52.167.93
2600:1400:d:58c::4469
2600:1901:0:cba2::
2600:1f18:445b:901:d799:937f:65e0:74fe
2600:9000:21da:1800:19:fc2c:a140:93a1
2606:4700::6811:190e
2607:f8b0:4006:809::200a
2607:f8b0:4006:80f::2002
2607:f8b0:4006:816::2001
2607:f8b0:4006:816::2002
2607:f8b0:4006:81c::2004
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81f::2003
2607:f8b0:4006:820::2002
2607:f8b0:4006:820::200e
2607:f8b0:4006:823::2002
2607:f8b0:4006:824::2003
2607:f8b0:4006:824::2006
34.111.96.116
35.190.90.30
35.227.252.103
54.200.135.15
54.230.163.33
68.67.160.132
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
032765cadc23e716befd9b976cbc24bb44fd3964d16e31527f7b6f1b743b3c46
059a4a5716d23c6b19daf8c57aa50b05b226f28e2aa73336bcfed7d5532f06ab
079121f117db4a1c241fae8999f30167b00284920fd25527533af38b1839cd99
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
0a07fc20623b1038bee77e0a7b2b160af5c4c593a3f25a14e14574e8d7232d13
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bca7eb917868b733a565f1e35f3a4d3b06c496551be5c8944ba89fe1b3fec8a
0cc22baa2e1bda00f722ec6122b8360f4e29f263227f366cb5fdaf345401921a
0d10bbc98896b00833e4a11e2bf6886c650f4c1991e5cd0985eb392df3c91507
0da43c6686f5f2f920bdb35e3677014968fee931ed0c90df435a3d70589445c4
0dd3c7aca525b488302dc032eda1be65d7a41081b49d0d3c88620881399a83d3
0e6d98614c4f1186bbe8d7ac35b8e16a239e11c6a32ce10cdd3954327ebcbef4
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1339c77ba549fe78b8f48e42b3955b91553cea750a3cd5eed3dc81258d7a8332
14d952d08e06cfd179248d28c5b16a6a737c089c0c084731edfa0523ac0b98b0
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18e29fd15045acabefede9acb3850a2da172a68ac07675bbd0f881e5bc083553
1bb1e711212d8ed816dd2e5cf67456a0b82b5c047f1a466bda64dc2b5428c7ba
1c231101ef3284ff96064a19b904778a717d74b19e6dabdb36f6f4e598a22fd6
1f3e8dae5454457ad481047b1f1d8918c5bd4830fee42cb759e1314b98ded0c8
1f8ec68c510504e40226637527c4978485306f32899c3e2036b0c57bd44d0ee0
219cd5046703d80796a4341f568525b37d1f6b7d5b0c2f83e8fcb95c3f09ada9
2309a8e9b35b73083b9351baaea9ed5847e628eca6a1316253f21ac27d5f0648
2337eb5e60767dd62c2290ad0b574fab6abb643cd17989bb92ff3e3b325e47e8
23b399bbbf852355387b27baf5f5a2fdaaf8d4390a478d693314cfbe02c8ca7c
270c0b498a61c83d073a6cbb1e941ff0ac244c76d16ad4185e9ee25cc6353b30
284f93a7ed63967a01754ecda65f5cb2d894c5e51c6b3f7707fe44ef1a4fa84c
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2e5725866cc62a4f528fb8d7dd1d4c7827832f9d229077f3e747fbf511230bc6
2f26d201ce6a67265198550ddbfa6eb6b1a3093d6821f635fb9121ede0e863a7
2f604d25c05c1a15764f341b1f2de2c6d49ee65ec2a2121434c4e77eb90b2184
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
32ad1eb9d5465ff67e53dcf1b425ad5262cc6c9211595116c6dd44f34d858bca
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
34bf77f1adb7490e183cce889b41d29fde89fd2ef5743ea187dedf32edfa1875
35089cd5570f3e36dc9591657ee1240fc44ff0f27a121a591ee8795975c12f9d
355235b2b08bfd668c27a0c070633c9c62cf68dddcc36f7f34fca5e9c7be53b1
383a10bc0724bcadc7f160ef83e0db298ef23cfad81df12d630cd6778647e72b
3a304758d0713ee7a0e4320410653aede77eac70a61277d3b13fce6e86794d33
3abf316ad4aa70738a714b454784ed2db099e13be0edb686d517873e46c9c5f0
3ac5488e736fdd6a9bf49e7d9fe7b8694cf2ecd9b3e4719c21c5a029c166cde9
3b4f942260a6706789370606fd160b15c40862624ec5bc0d8967df5447add11f
3ba103c347cdd35f92cfa74b9c709084eb7458bc7841131470c73a32e01be2ce
3cb877a6fb373e55e8502768abbb9b4a5b51f320778ae0ad91460b56b1efdf87
3db0da62e9a34458585d955ac2e395bca37c80ba8bc6b23dd1b2300bab1324c7
42f08f2d0d9e24e9c8a74d1e4d3e3241014314df5dea60d0e2e58be205d83dce
438c31036c853721255a004a28d6906d6bd02663435155721e5d4b96cbc05a41
44ed2c5fc5068d0b5e29c58095eee108cb3efc4e0bbb358aa816326a54e3d4bf
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
46249c3d2ca33dfa8e59147f837f26746ef8ebb2775eab4319dd5cfe1d69a17a
4a91cad69f6e41bc4f5f640a23ea4972bf3afdb8f0800ee68c57b3ec27abae33
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa24c94ed469e79163874d6d74acebe84d47116aae04f6d5b428411d9b75682
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
533165a570e9fef1d0d23f18e93097ff62f8bc94ab3bf0c80084c6d4bf60baa7
54343f973739524192ca1bef236df43026157773f892d0ef6dbb4a0505470770
54c9032dce9ed4990a920dfdfd6ad669eff49aa54d196b30fbd789429fe7f46a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55d4b4b18e5492eadec3e8f318025e666faa0f9cc56613b8b15974396a6801a0
55ece0286170170f0e550fd7ed86d18d89ad37c4648b56db7d4007b321d65623
5c2ffc05390b5f07c142787adf8af3aa24610d9334853b0395c8f3cc950317e1
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d354ceb3bef19ca701ac69fb0c97de5046612474e747e2c445f3c05f897c9bd
5e2160e777817bf7b09b89a83cdcd74ea961bbaf905710b92d41999c331b5d0a
5fc4efa5081117fc2e4e7ab838ad463879f1ffda6843d2a03220ef3e37f9dc6b
603ed20365efc52da8d2c6500aa4ca7eecdd3a9cb0556cce00a1301e1dcb956e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
69afa2537847c36e3d3bb0984e7e366d332a8a3734c5532a66af95b03d80a26b
6ae02be00967984dd2c7b3c6c910a7af99b1f5545bfc4fe1fbacf653fa8788d7
70032c8152cd7a0211710480e35785e3bb1e84c5e19040b15145da0a909924e4
72865a6d47965c418d437e547946e191ac711333108a564fe5e30f9089f2fcce
73ae8628ff25c7db63ca0bc099f8934739980798a0c3ab0ca9cc190b711eeba7
74a19f88c731f5fdec9d1c252c7d51c420576f131ac469cbb5950df011e051c3
75c90a9b21952f5169548799430ea43a6c9e96e5c8d6d039d71aee34f2c31eaf
775e60d448df37b6b0529935391f6a207078b61b367342b78da6b447f3f08904
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
79976a0b7c972ddd1810287810e1af8b787aa99c49d5078c735bad3c89752c2f
7b9b577ef9654a9487a238be82c5faa92b1b33b5b218baabb6f34c02b9defda3
7ec5561af74114c3b4b8e0a3e4e2d6f0718e60449f99d4266d8c026bfba8ddcc
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
83174a8ab67ab159cbcf202ab6f624c96d6b243864863c91512c061b00de3074
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e8c661dba2333339c5a5763bab0a2e3719e0968118ff4521cd5d24fc0c3a57
87ca4c4098fc1f46bc9fdd3b1ced56b4e5aca24dd7431be40736f62084b7e76a
87fbc515e90fcb2224833ca1b3ebed233ed6b354c408012477aa07c242e7b64a
88254bd8d91c9ceeab1ba24172f1d94b1e1d786fb7ee728ff945c41a68df54bb
8857cee506fc1e3959924fb12af79e4bc4d6ce3b968ca4f51db7b94b41ad60d2
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8aedc39910160c0a0451b3a4ae0a63a5bedbfda71bf14674578d52e9d41a2026
8d9e1aee0f49209dcd2e07fabee57cbdc1b97c8f98ac22aaddf4b7071bbdad5a
8e159e8a7ca4d2e6396e58d7dfd1e372c6e5759b8df947794f8e48b3b048cee2
8e71c0d4cdc314f15918b37fbb2e0a31acb7f9bbda964b027613878720b39df8
92087472bfbdf3ad30c7db4ffc74fe08e9574ccfd24a9258a7b0ac80e9e7b4ef
9335db63cc6e1cdab310448ced5292816ea7bc393b3fb0cd936a2a749d532ac8
93fc46c4e182c29ec951270932f278abbd37c03921b6d3ba9e4596cf681df3ad
95ffed57be531ec2c9dd9a8d2732d68912d66cdfdcb7388e2db608c56c8ff978
966b7999a6cc60d181f1e9581dbbfbae51367452541eca6c8d053e6ad190704a
96f63f64561ff9fe543119c6c9303cb01d102da60bc09eda0c21716cf2a9984f
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c23182febee732191968934dfbf6d013332e24c467546b6397ddc05d13a64fc
9df4d0128e68a8181325a14354de693412de59f7ce81a96369a394f6048a59f9
9dff19a6ee687a76cd9f8f1eef4db5665c258d3688a4c37a344f5a6a89bd77b2
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a14255e68fc99fc5b4a8b323c13070ac67f42775917706fd3b147b436810a5da
a1e26f61364f782f322f7530ff7ab1f8a4e34626323f9b04365f4c99990a493a
a2bec0d7dd98382af07151462ae0578dc8b7b14acb4e318970a3223ca535b7b5
a40f2f64ca3ebe95d774f408f56d7a5c2de90a6d35c6601111c5b2ac306b6f96
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7b6a8f01fd1e530ff592f427c6ee0bf2e1ee497b6b4c84a593ab93060002dff
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b07097624c87d1bafb77f876488b832b14e25e30083c0926c6b937177080821d
b099db39e475bb735f0f889f4ebe8863bd1a1d945faf7c8a422f80da6fa81d3e
b13b8f89a79c883eb205b34adf7ea6afad13e4e7834f0487a3e9335dcaf09d24
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6a66c6ba6ac0a16b75a9eea227c92a6fc856372c640d11ffbc3b812b3bbb426
b7200d3166921aa7247e9e1dee56c3fd7b8ab5c41c54bd218fce46fd6f01e746
badadfecd19bc170b76fd9b97ba8c7dda47adee53ef5748f2453d2b387489ee1
bfaf9b5e775a1e70b2e041e92fcd5c7a700d62c70546dff5eaafff897713ca10
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c3a5b015a170edd2b2428e1072f1a65c5e77abe423ec43a6d45c1d15f21d924c
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77
c43899b0e496da845d0effeefaac185587fd1aa713ae9e3ea5b3813a6f710294
c6e155c5f461c058ebad4aa5a6da492a463fe66d07c695a1824a4cdf78f13588
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
caeac31d9fb5420c9a05ad637fbcdb0d565ccc7ce011d75bb1a9fee08020623e
cc8ff7980b4733a04063dbd5719b49aa7096aa4eacf85f9221d7046146725709
ccf275d85ba3479f9bb61b3915f34b3a16b5437cd0f4ec25666d819875a059a9
cd711d1265eca28bca55bdf02d1d4cbaa05d497d2391745bf02c8d81b947c83d
d4c7e49478869b4512c768eee78a8706efac7925cf30e38218b5195ca92ce380
d6ceb10222044ca39133975adc07825f998f3c6e1d94021a83918e12e7b3b31f
d6e3372b0c3f37e23ece795ed7c4ab8a2a900b18556001000c2f525c69b5530f
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
db0b98843aad1a4f40e06c48261446f9834cc5c1b0fb6c594c108a5a1f548bcf
dbd2a2ebf3e6b9732ad3a09327174ffac83e63ee210d1801e775cf9943ea419f
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
dfcbc10ea7f5f0f01838936b2cd1b7f1d2837b46877b1b07ea718007ade353cc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
ea00ce6317ff73b76f1605a26107c0270b7ba1e4c4a4f7f0a99faf90245dd03b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e34e6156e006e95579f7fd649583a85175b331452c3cb0aac883c472cee0fe
f5ce8ecc153c4e51d77a8480af2c1ceeb0c94a94f30b78d23151cacef80e6e32
f6a114cbe6016a58d8c7e9cce6aa965babfc66f0572b11aa715b70c236c3ea07
ffb8d8c0e475aee8610d424aca333dbecbd6924b47981d07d8e2ed31eb9faf63

www.calotteryx.com Open in urlscan Pro 142.4.208.214 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

207 Requests

68 %HTTPS

49 %IPv6

26 Domains

41 Subdomains

31 IPs

3 Countries

1901 kBTransfer

4630 kBSize

33 Cookies

0 Outgoing links

Redirected requests

207 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.calotteryx.com Open in urlscan Pro
142.4.208.214 Public Scan

Screenshot
Live screenshot

Full Image

207
Requests

68 %
HTTPS

49 %
IPv6

26
Domains

41
Subdomains

31
IPs

3
Countries

1901 kB
Transfer

4630 kB
Size

33
Cookies

207 HTTP transactions
10 data transactions