holiday.presslogic.com Open in urlscan Pro
2606:4700::6812:1649 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://holiday.presslogic.com/
Submission: On August 24 via api (August 24th 2021, 3:50:21 am UTC) from HK

Summary HTTP 300 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 46 IPs in 6 countries across 34 domains to perform 300 HTTP transactions. The main IP is 2606:4700::6812:1649, located in United States and belongs to CLOUDFLARENET, US. The main domain is holiday.presslogic.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 9th 2021. Valid for: a year.

This is the only time holiday.presslogic.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
80	2606:4700::68... 2606:4700::6812:1649	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a03:2880:f22... 2a03:2880:f22d:c4:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
1 2	2a03:2880:f21... 2a03:2880:f21c:81e5:face:b00c:0:4420	32934 (FACEBOOK) (FACEBOOK)
7	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
21	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	13.224.102.98 13.224.102.98	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3 7	13.224.102.56 13.224.102.56	16509 (AMAZON-02) (AMAZON-02)
22	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5f41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
1	13.224.102.21 13.224.102.21	16509 (AMAZON-02) (AMAZON-02)
1	52.15.171.234 52.15.171.234	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1 5	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	35.188.42.15 35.188.42.15	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
3 7	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82a::2006	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2010	15169 (GOOGLE) (GOOGLE)
1	3.129.250.65 3.129.250.65	16509 (AMAZON-02) (AMAZON-02)
16	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
2 2	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
3 5	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
3 4	185.33.221.91 185.33.221.91	29990 (ASN-APPNEX) (ASN-APPNEX)
2	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	85.14.248.91 85.14.248.91	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba1a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
1 1	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
3	18.158.22.228 18.158.22.228	16509 (AMAZON-02) (AMAZON-02)
3 3	52.57.230.211 52.57.230.211	16509 (AMAZON-02) (AMAZON-02)
1 1	146.0.227.110 146.0.227.110	29066 (VELIANET-...) (VELIANET-AS velia.net Internetdienste GmbH)
2 2	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
2 2	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
1 1	213.19.147.44 213.19.147.44	3356 (LEVEL3) (LEVEL3)
1	2.18.234.233 2.18.234.233	16625 (AKAMAI-AS) (AKAMAI-AS)
5	146.20.132.98 146.20.132.98	27357 (RACKSPACE) (RACKSPACE)
20	146.20.128.154 146.20.128.154	27357 (RACKSPACE) (RACKSPACE)
4 4	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
10	146.20.132.174 146.20.132.174	27357 (RACKSPACE) (RACKSPACE)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
300	46

80 2606:4700::6812:1649 (United States)

ASN13335 (CLOUDFLARENET, US)

holiday.presslogic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.presslogic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image.presslogic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f22d:c4:face:b00c:0:43fe (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

platform.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f21c:81e5:face:b00c:0:4420 (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.102.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-98.zrh50.r.cloudfront.net

certify-js.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.224.102.56 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-56.zrh50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5f41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.102.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-21.zrh50.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.15.171.234 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-15-171-234.us-east-2.compute.amazonaws.com

redirect.prod.experiment.routing.cloudfront.aws.a2z.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.188.42.15 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 15.42.188.35.bc.googleusercontent.com

sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.129.250.65 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-129-250-65.us-east-2.compute.amazonaws.com

ads.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.234.21 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.221.91 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.14.248.91 (Bottrop, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

tagm.tchibo.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba1a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

ad.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.150 (Portsmouth, United Kingdom) 1 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.158.22.228 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-22-228.eu-central-1.compute.amazonaws.com

a.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.57.230.211 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-230-211.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.0.227.110 (Ascension Island) 1 redirects

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.45 (United Kingdom) 2 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.242.197 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.44 (United Kingdom) 1 redirects

ASN3356 (LEVEL3, US)

sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 146.20.132.98 (United States)

ASN27357 (RACKSPACE, US)

v.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 146.20.128.154 (United States)

ASN27357 (RACKSPACE, US)

cs.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:678:cb4:bbbb::11 (United Kingdom) 4 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 146.20.132.174 (United States)

ASN27357 (RACKSPACE, US)

t.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
80	presslogic.com holiday.presslogic.com assets.presslogic.com image.presslogic.com	1 MB
43	lkqd.net ad.lkqd.net v.lkqd.net cs.lkqd.net t.lkqd.net	209 KB
41	doubleclick.net 3 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net static.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net	385 KB
35	googlesyndication.com ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com ade.googlesyndication.com	349 KB
22	gstatic.com fonts.gstatic.com	990 KB
16	2mdn.net s0.2mdn.net	193 KB
10	google.com 3 redirects www.google.com adservice.google.com	967 B
7	scorecardresearch.com 3 redirects sb.scorecardresearch.com	3 KB
7	googletagservices.com www.googletagservices.com	238 KB
5	ampproject.org cdn.ampproject.org	102 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com	4 KB
5	facebook.com 1 redirects www.facebook.com	378 B
4	turn.com 4 redirects ad.turn.com	2 KB
4	adnxs.com 3 redirects ib.adnxs.com	4 KB
4	vidoomy.com ads.vidoomy.com a.vidoomy.com	7 KB
4	facebook.net connect.facebook.net	166 KB
4	google-analytics.com www.google-analytics.com	19 KB
3	bidswitch.net 3 redirects x.bidswitch.net	1 KB
3	google.de www.google.de adservice.google.de	379 B
3	instagram.com 2 redirects platform.instagram.com www.instagram.com	5 KB
2	adsrvr.org 2 redirects match.adsrvr.org	909 B
2	1rx.io 2 redirects sync.1rx.io	1 KB
2	alexametrics.com certify-js.alexametrics.com certify.alexametrics.com	3 KB
2	googleapis.com fonts.googleapis.com storage.googleapis.com	131 KB
1	stickyadstv.com ads.stickyadstv.com	599 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	481 B
1	admixer.net 1 redirects inv-nets.admixer.net	567 B
1	sitescout.com 1 redirects pixel-sync.sitescout.com	263 B
1	createjs.com code.createjs.com	63 KB
1	tchibo.pl tagm.tchibo.pl	1 KB
1	sentry.io sentry.io	452 B
1	a2z.com redirect.prod.experiment.routing.cloudfront.aws.a2z.com	48 B
1	cloudflareinsights.com static.cloudflareinsights.com	5 KB
1	googletagmanager.com www.googletagmanager.com	61 KB
300	34

	Domain	Requested by
64	holiday.presslogic.com	holiday.presslogic.com
22	fonts.gstatic.com	fonts.googleapis.com
21	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com holiday.presslogic.com
21	securepubads.g.doubleclick.net	www.googletagservices.com holiday.presslogic.com
20	cs.lkqd.net	ad.lkqd.net
16	s0.2mdn.net	holiday.presslogic.com s0.2mdn.net ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com
10	t.lkqd.net	ad.lkqd.net
9	pagead2.googlesyndication.com	holiday.presslogic.com tpc.googlesyndication.com ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com www.googletagservices.com
9	www.google.com	3 redirects holiday.presslogic.com tpc.googlesyndication.com securepubads.g.doubleclick.net ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com
8	ad.lkqd.net	holiday.presslogic.com ad.lkqd.net
8	image.presslogic.com	holiday.presslogic.com
8	assets.presslogic.com	holiday.presslogic.com
7	sb.scorecardresearch.com	3 redirects holiday.presslogic.com
7	www.googletagservices.com	holiday.presslogic.com securepubads.g.doubleclick.net ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com
6	googleads.g.doubleclick.net	ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com holiday.presslogic.com
6	static.doubleclick.net	ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com
5	v.lkqd.net	ad.lkqd.net
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	www.facebook.com	1 redirects holiday.presslogic.com connect.facebook.net
4	ad.turn.com	4 redirects
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	connect.facebook.net	holiday.presslogic.com connect.facebook.net
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com holiday.presslogic.com
3	x.bidswitch.net	3 redirects
3	a.vidoomy.com	holiday.presslogic.com
2	match.adsrvr.org	2 redirects
2	sync.1rx.io	2 redirects
2	googleads4.g.doubleclick.net	holiday.presslogic.com
2	www.google.de	holiday.presslogic.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	www.instagram.com	1 redirects holiday.presslogic.com
1	ade.googlesyndication.com
1	ads.stickyadstv.com
1	sync.targeting.unrulymedia.com	1 redirects
1	inv-nets.admixer.net	1 redirects
1	pixel-sync.sitescout.com	1 redirects
1	code.createjs.com	s0.2mdn.net
1	tagm.tchibo.pl	holiday.presslogic.com
1	ads.vidoomy.com	securepubads.g.doubleclick.net
1	storage.googleapis.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	sentry.io	holiday.presslogic.com
1	redirect.prod.experiment.routing.cloudfront.aws.a2z.com	holiday.presslogic.com
1	certify.alexametrics.com	holiday.presslogic.com
1	static.cloudflareinsights.com	holiday.presslogic.com
1	certify-js.alexametrics.com	holiday.presslogic.com
1	fonts.googleapis.com	holiday.presslogic.com
1	www.googletagmanager.com	holiday.presslogic.com
1	platform.instagram.com	1 redirects
300	53

This site contains links to these domains. Also see Links.

Domain
www.presslogic.com
www.facebook.com
www.instagram.com
www.youtube.com

Subject Issuer	Validity	Valid
presslogic.com Cloudflare Inc ECC CA-3	`2021-06-09` - `2022-06-08`	a year	crt.sh
*.www.instagram.com DigiCert SHA2 High Assurance Server CA	`2021-08-12` - `2021-11-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-07-26` - `2021-10-18`	3 months	crt.sh
certify-js.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
certify.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com Amazon	`2020-09-10` - `2021-10-10`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
sentry.io DigiCert SHA2 Secure Server CA	`2020-06-02` - `2022-06-07`	2 years	crt.sh
*.google.de GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2021-08-06` - `2022-09-05`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
tagm.tchibo.pl AlphaSSL CA - SHA256 - G2	`2020-10-12` - `2021-11-13`	a year	crt.sh
tls.adobe.com DigiCert SHA2 Secure Server CA	`2020-06-01` - `2022-06-06`	2 years	crt.sh
ad.lkqd.net R3	`2021-07-25` - `2021-10-23`	3 months	crt.sh
ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-11-17`	a year	crt.sh
*.lkqd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-09` - `2022-07-14`	a year	crt.sh

This page contains 29 frames:

Primary Page: https://holiday.presslogic.com/
Frame ID: A5D2512D9554CD64AEEA756156CD5D49
Requests: 156 HTTP requests in this frame

Frame: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 799790AE4A6D921F2E97AEC770EF1620
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%3D1686107568269712%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df9b38b502b4ca%2526domain%253Dholiday.presslogic.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fholiday.presslogic.com%25252Ff2fb799df81b08c%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttp%253A%252F%252Fwww.facebook.com%252F1177918368921987%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D300
Frame ID: 91CFE8D6BA0F77234B3BC4B7D0240A45
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: EF60078E74D47510A6B6594F2646156F
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F0EA672AD5669063C452C555DC34049E
Requests: 1 HTTP requests in this frame

Frame: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 91DE6FEFD05F0E63B5734BBA14F81ECB
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 40C306B42097EDE89B9BC8B11BB31854
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvJQWwsF2bNHBX8efFxgklLgWq0E9HfXroyWPwPKLRYPJeuz2kl_mqdrr7vw2AgMttVfwc7i0gQ-7cOJE06vsdOR8cBI5x2j4aEqValMTrf7S9JnDZcHLzNfPsqUthv3fcC_z0QbjCoYIirYkCXN3mjHG5Cv6UyytSo921Cl03Nt8pNiiUlUp9sNdh9qCBUaaF8qLDZnNKPN1D_sNwLfswbv5X9xMhSDvcF2wiwnRQxtJIwQhYbhfl8F0UsD2cJVCNp3rWCrOmdrZbNMr0GZWqEuhdO1TpMcoS30NStd482jRIU4L-kODNGqkt8aEPmMYKF9U2SGdLT1gBAYLwuHmKP3nSjdFqnZ9awgwu_fYfzPoNq1ZTFobP-8dryOulQYrUV4A&sai=AMfl-YS_1B44hxKkMEKQpDQNnMP57n0lmnk_wxvzpGBJBki7bkq9Fe5Z6JdBCyjy5JPtKoxJyoVpuiwBd0lsKU86zDyU8OivSuGlWzW9WgaYXQxq70hm3mv_mVzsXbs4klvw&sig=Cg0ArKJSzOmznt-WOEVYEAE&adurl=
Frame ID: 560D3DAB20257B09B700BA7C79423F48
Requests: 9 HTTP requests in this frame

Frame: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 55FD7997B1AFC3FBD58E810EB4AE2D2F
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: A6B126845137608BFF36D263F0BB40A0
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstXuhOUtgZ60tfatb3eTZNHCBjr9lgcbjl9TEl877IpBRjQGouPFdOdu6Tucw8e_0gszd20WW_W4XK0JdtM0U97gtBCarRXGqR1xqeRtaG78bMY_De91XiDEwKLPYjt-pKM1yLB0luKlLWT6LWFVmtYU__TXJvvokiJSGuyIUumMDgWl09to1UhTf-Goaf-ujZ0orZJX_LVMojFGGixbmkluD_R5Tr9E1pwu-U1vffZmI349NLqFuXPc38f5peMMmt675qEAMYq5LmbCyAn7rLFZtaDGpxXeIVBE4ZCthDzF_NzofUlwVVoM3jND5_sKRY1wxR6qeRuRWMUM8BMbFInEEN1gQ&sai=AMfl-YQ2XwX-s9Ix6DAWaiujKwO6sudAbo7FebC2BPfpqa0dfYxpNeSpTQeD2XpjCw8ndxd9j_RVfn9IJoWJH4z28JS9t5-elcS5mAN7gHmtWpNhLSPT181V6hXCHrYJbFM&sig=Cg0ArKJSzFImYlGeFeDSEAE&urlfix=1&adurl=
Frame ID: 5C9CD354F3E3B3CF100EE093CD0239CD
Requests: 5 HTTP requests in this frame

Frame: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BA957124D79A084E9760CFE471EE92D2
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLzWGxD_8vACGM_82bEBMAE&v=APEucNWk1K3fDGtszh9wD1X47QsWMmzgCSTDNMT0X8Z1p_Z5-YhX4gtNsYBh1Lh-m9wTx7qJTAag4lCOsQC4MWA9sXfCP0SuO4bdPMgzSIuZeCtURk9-pNGnORn1g2qrMfHvvXv4ePI5onnY4W4BzES600TzThuFRIlILHpmUrRYmLl4AF_9lyw
Frame ID: 566E10BE16D3BF86FFF1046D2F3CF22C
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D9F6907022CB30BC5A6970BB8DEAC58E
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8165978399285854016/300x250_v2/index.html
Frame ID: D60D5FFFC46ADC5DB4081F9FD1A1E803
Requests: 16 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032108170213000/amp4ads-v0.mjs
Frame ID: CACA91B05B0203D30C02615F3934D805
Requests: 12 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: C7F51ED2FCF455A5C488E09A9BEF8761
Requests: 4 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: 0D0D2D899784909B707B332C380BD2E7
Requests: 2 HTTP requests in this frame

Frame: https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
Frame ID: 47F598658BFDB2AC1E8AEF5E6BA564D0
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 40D998FA8C01F8FBB7A55C7A93686335
Requests: 6 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 3B52A5A667B3E26914B2DC8581303F5F
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 1CB99E8D522E5DCFF91E19F021C5A8C3
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 1042D960C016096DED574AC1C75CA717
Requests: 2 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 38DF954BD601DF26265EC7D4FD3687F6
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: C4B2BA867CACC18584453D6F86E5C85C
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: E5AA904974EEE1A25145BC49CFF0B4EC
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 2EF146DACD4B9EB2D14343C13A83E200
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 9CE15979F9231C52B7B5283E5DFE413C
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 1CF8C0B8DD038123ADAECD96F514C591
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HolidaySmart 假期日常 | 香港最強食買玩旅遊資訊精明消費雜誌

Detected technologies

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

300
Requests

97 %
HTTPS

52 %
IPv6

34
Domains

53
Subdomains

46
IPs

6
Countries

4215 kB
Transfer

8872 kB
Size

8
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.presslogic.com/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/holidaysmart.hk/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/holidaysmart.hk/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCaQFYYwB2yjyKAleYyuv3Kw

Search URL Search Domain Scan URL

URL: https://www.presslogic.com/zh/advertise/
Title: Advertise

Search URL Search Domain Scan URL

URL: https://www.presslogic.com/zh/career/
Title: Career

Search URL Search Domain Scan URL

URL: https://www.presslogic.com/zh/disclaimer/
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://platform.instagram.com/en_US/embeds.js HTTP 301
https://www.instagram.com/embed.js HTTP 302
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js

Request Chain 60

https://sb.scorecardresearch.com/b?c1=2&c2=21733041&ns__t=1629777002659&ns_c=UTF-8&c8=HolidaySmart%20%E5%81%87%E6%9C%9F%E6%97%A5%E5%B8%B8%20%7C%20%E9%A6%99%E6%B8%AF%E6%9C%80%E5%BC%B7%E9%A3%9F%E8%B2%B7%E7%8E%A9%E6%97%85%E9%81%8A%E8%B3%87%E8%A8%8A%E7%B2%BE%E6%98%8E%E6%B6%88%E8%B2%BB%E9%9B%9C%E8%AA%8C&c7=https%3A%2F%2Fholiday.presslogic.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=21733041&ns__t=1629777002659&ns_c=UTF-8&c8=HolidaySmart%20%E5%81%87%E6%9C%9F%E6%97%A5%E5%B8%B8%20%7C%20%E9%A6%99%E6%B8%AF%E6%9C%80%E5%BC%B7%E9%A3%9F%E8%B2%B7%E7%8E%A9%E6%97%85%E9%81%8A%E8%B3%87%E8%A8%8A%E7%B2%BE%E6%98%8E%E6%B6%88%E8%B2%BB%E9%9B%9C%E8%AA%8C&c7=https%3A%2F%2Fholiday.presslogic.com%2F&c9=

Request Chain 139

https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=1686107568269712&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df9b38b502b4ca%26domain%3Dholiday.presslogic.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fholiday.presslogic.com%252Ff2fb799df81b08c%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=http%3A%2F%2Fwww.facebook.com%2F1177918368921987&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=300 HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%3D1686107568269712%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df9b38b502b4ca%2526domain%253Dholiday.presslogic.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fholiday.presslogic.com%25252Ff2fb799df81b08c%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttp%253A%252F%252Fwww.facebook.com%252F1177918368921987%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D300

Request Chain 141

https://sb.scorecardresearch.com/c2/21733041/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

Request Chain 161

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 185

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 202

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB7vegkjWCqElRcHQRrs87o&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB7vegkjWCqElRcHQRrs87o&google_cver=1&C=1

Request Chain 203

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YSRsbNxUdBVCM0J27vpkrAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB7vegkjWCqElRcHQRrs87o&google_cver=1

Request Chain 204

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHN4kaekz3BIv1EEzn8pyTg&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHN4kaekz3BIv1EEzn8pyTg%26google_cver%3D1

Request Chain 205

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ5ODUwODUxMjQ2MjU2MDMxOA%3D%3D

Request Chain 224

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 232

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent

Request Chain 234

https://x.bidswitch.net/sync?ssp=vidoomy&user_id=785891764.67867181702435503.0123776 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=785891764.67867181702435503.0123776 HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dvidoomy%26bsw_param%3Ddc34095f-2e5b-4117-906f-1cdff7533de3%26gdpr%3D%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
https://x.bidswitch.net/sync?dsp_id=354&user_id=eeece8a5d482410ea956a28919abb878&ssp=vidoomy&bsw_param=dc34095f-2e5b-4117-906f-1cdff7533de3&gdpr=&consent=&gdpr_pd=&expires=7 HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=dc34095f-2e5b-4117-906f-1cdff7533de3

Request Chain 235

https://sync.1rx.io/usersync2/vidoomy?redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DUN%26uid%3D%5BRX_UUID%5D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2921611690 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2921611690 HTTP 302
https://sync.1rx.io/usersync/tradedesk/7ddc5eb7-c12d-4a35-ac72-1a9ef6b21cea HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-f13666c8-3cad-4ca3-bb3b-505a2e216d5f-003?redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DUN%26uid%3DRX-f13666c8-3cad-4ca3-bb3b-505a2e216d5f-003 HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=UN&uid=RX-f13666c8-3cad-4ca3-bb3b-505a2e216d5f-003

Request Chain 256

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3203409742748613029

Request Chain 262

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3275467336786540965

Request Chain 276

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3203409742748613029

Request Chain 281

https://sb.scorecardresearch.com/p?c1=2&c2=34403499&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=468359&ns_st_ec=1&ns_st_cn=1&ns_st_ev=end&ns_st_ct=va&ns_st_cl=0&ns_st_pt=0&c3=vidoomynet&c4=&c6=&ns_ts=1629777009 HTTP 302
https://sb.scorecardresearch.com/p2?c1=2&c2=34403499&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=468359&ns_st_ec=1&ns_st_cn=1&ns_st_ev=end&ns_st_ct=va&ns_st_cl=0&ns_st_pt=0&c3=vidoomynet&c4=&c6=&ns_ts=1629777009

Request Chain 299

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2653986580174607252

300 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
holiday.presslogic.com/ 117 KB
25 KB 328ms
298ms Document
text/html 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0de906a9b095b501c262e6dc066905d118832051499aeff9b581e706b6b28767

Request headers

:method: GET
:authority: holiday.presslogic.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
content-type: text/html; charset=utf-8
x-envoy-upstream-service-time: 2
x-ua-device: pc
x-varnish: 657849588 657932447
age: 60357
x-cache: HIT
vary: Accept-Encoding, Origin, User-Agent
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 68399d371f890eab-FRA
content-encoding: br

GET
H3-29

200

58b07fec4121.js Show response
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain

https://platform.instagram.com/en_US/embeds.js
https://www.instagram.com/embed.js
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js

15 KB
5 KB

13ms
6ms

Script
text/javascript

2a03:2880:f21c:81e5:face:b00c:0:4420
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f21c:81e5:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 55e4952be9599ffd0c411a904a954ac984ed919d612ac2c044545a373aebd1f8

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 06:50:54 GMT
content-encoding: br
etag: "58b07fec4121"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
edge-control: max-age=1209600, no-transform
cache-control: public,max-age=31536000,immutable
content-length: 4824
priority: u=3,i

Redirect headers

date: Tue, 24 Aug 2021 03:50:02 GMT
x-fb-trip-id: 1679558926
x-ig-origin-region: cln
content-type: text/html; charset=utf-8
location: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
cache-control: max-age=21600
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 71 KB
25 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51f2b3636134176c96a88442884446f2d1f6362552c5c88bd516785af14aa56a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "968 / 599 of 1000 / last-modified: 1629762807"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25283
x-xss-protection: 0
expires: Tue, 24 Aug 2021 03:50:02 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 184 KB
61 KB 24ms
22ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PRD2XB9

Requested by

Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5dffee68234deec6b2364581014e145fc9750f8014571f6a6b54c1430e06c0cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62260
x-xss-protection: 0
last-modified: Tue, 24 Aug 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 24 Aug 2021 03:50:02 GMT

GET
H2 200 50369f4.js Show response
holiday.presslogic.com/my/_nuxt/ 9 KB
3 KB 35ms
28ms Script
application/javascript 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/50369f4.js
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 065b3f4764f35e6e8966507cc87575f960719f0687b0429efe56255cf270bead

Request headers

:path: /my/_nuxt/50369f4.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 496307
x-cache: MISS
content-type: application/javascript; charset=UTF-8
x-ua-device: mobile-iphone
x-envoy-upstream-service-time: 8
content-encoding: br
last-modified: Wed, 18 Aug 2021 08:10:50 GMT
server: cloudflare
etag: W/"257b-17b58501b10"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 526721832
cache-control: public, max-age=31536000
cf-ray: 68399d3919610eab-FRA
expires: Wed, 24 Aug 2022 03:50:02 GMT

GET
H2 200 85a75e1.js Show response
holiday.presslogic.com/my/_nuxt/ 21 KB
8 KB 36ms
29ms Script
application/javascript 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/85a75e1.js
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f2b4365d34a3674dca8130a0ad100fb822c288485faac1afed2eca07af7acb9

Request headers

:path: /my/_nuxt/85a75e1.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 5447771
x-cache: HIT
content-type: application/javascript; charset=UTF-8
x-ua-device: pc
x-envoy-upstream-service-time: 1
content-encoding: br
last-modified: Tue, 22 Jun 2021 01:54:13 GMT
server: cloudflare
etag: W/"5574-17a316cd188"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 537302046 517066275
cache-control: public, max-age=31536000
cf-ray: 68399d3919680eab-FRA
expires: Wed, 24 Aug 2022 03:50:02 GMT

GET
H2 200 1f6cf10.js Show response
holiday.presslogic.com/my/_nuxt/ 64 KB
19 KB 60ms
52ms Script
application/javascript 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/1f6cf10.js
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b2d5e88c36ab8efc1347d619bff25b503bed8c97e9431fb5053bf61ba297426

Request headers

:path: /my/_nuxt/1f6cf10.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 3365212
x-cache: HIT
content-type: application/javascript; charset=UTF-8
x-ua-device: mobile-iphone
x-envoy-upstream-service-time: 1
content-encoding: br
last-modified: Fri, 16 Jul 2021 01:41:44 GMT
server: cloudflare
etag: W/"fe1a-17aacfa03c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 816917985 815316697
cache-control: public, max-age=31536000
cf-ray: 68399d39196b0eab-FRA
expires: Wed, 24 Aug 2022 03:50:02 GMT

GET
H2 200 9fc8a55.js Show response
holiday.presslogic.com/my/_nuxt/ 13 KB
4 KB 36ms
28ms Script
application/javascript 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/9fc8a55.js
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87f89557eebee9305eeda94f705ea5155509685cb4a274f042e9b3bb43f43ae0

Request headers

:path: /my/_nuxt/9fc8a55.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 3365212
x-cache: HIT
content-type: application/javascript; charset=UTF-8
x-ua-device: mobile-iphone
x-envoy-upstream-service-time: 1
content-encoding: br
last-modified: Fri, 16 Jul 2021 01:41:44 GMT
server: cloudflare
etag: W/"351d-17aacfa03c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 816917981 817172772
cache-control: public, max-age=31536000
cf-ray: 68399d39196d0eab-FRA
expires: Wed, 24 Aug 2022 03:50:02 GMT

GET
H2 200 1d10af8.js Show response
holiday.presslogic.com/my/_nuxt/ 46 KB
17 KB 45ms
36ms Script
application/javascript 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/1d10af8.js
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 812f8be8df3e614cc2c0c83f37b4448e0c7d9cbcee2d7f87e8dd83344c4e72d1

Request headers

:path: /my/_nuxt/1d10af8.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 6055362
x-cache: HIT
content-type: application/javascript; charset=UTF-8
x-ua-device: pc
x-envoy-upstream-service-time: 1
content-encoding: br
last-modified: Tue, 15 Jun 2021 01:28:45 GMT
server: cloudflare
etag: W/"b729-17a0d48fcc8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 465243626 467731146
cache-control: public, max-age=31536000
cf-ray: 68399d39196e0eab-FRA
expires: Wed, 24 Aug 2022 03:50:02 GMT

GET
H2 200 2972cbb.js Show response
holiday.presslogic.com/my/_nuxt/ 64 KB
24 KB 39ms
30ms Script
application/javascript 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/2972cbb.js
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ca6497a42e24612a860882911fa235b3a1b94620da002b84af1fead572a282b

Request headers

:path: /my/_nuxt/2972cbb.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 5447771
x-cache: HIT
content-type: application/javascript; charset=UTF-8
x-ua-device: pc
x-envoy-upstream-service-time: 1
content-encoding: br
last-modified: Tue, 22 Jun 2021 01:54:13 GMT
server: cloudflare
etag: W/"101b7-17a316cd188"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 536709679 537397915
cache-control: public, max-age=31536000
cf-ray: 68399d3919710eab-FRA
expires: Wed, 24 Aug 2022 03:50:02 GMT

GET
H2 200 14b916ce.b96088d.css
holiday.presslogic.com/my/_nuxt/vendors/app/ 5 KB
1 KB 43ms
35ms Stylesheet
text/css 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/vendors/app/14b916ce.b96088d.css
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66703b9abb25d3f3e8209351e79e43bb40720de5d0d32fbc83ca4b29af1bcc09

Request headers

:path: /my/_nuxt/vendors/app/14b916ce.b96088d.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 10619199
x-cache: HIT
content-type: text/css; charset=UTF-8
x-ua-device: mobile-iphone
x-envoy-upstream-service-time: 2
content-encoding: br
last-modified: Thu, 22 Apr 2021 05:59:45 GMT
server: cloudflare
etag: W/"1399-178f829b068"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 6341547 14926419
cache-control: public, max-age=31536000
cf-ray: 68399d39196f0eab-FRA
expires: Wed, 24 Aug 2022 03:50:02 GMT

GET
H2 200 7626e0a.js Show response
holiday.presslogic.com/my/_nuxt/ 29 KB
10 KB 37ms
28ms Script
application/javascript 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/7626e0a.js
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d5ad4161562b6ba4bc9e6a0932600b410753be316b9a1015f731e657ce16a8d

Request headers

:path: /my/_nuxt/7626e0a.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 5447771
x-cache: HIT
content-type: application/javascript; charset=UTF-8
x-ua-device: pc
x-envoy-upstream-service-time: 2
content-encoding: br
last-modified: Tue, 22 Jun 2021 01:54:13 GMT
server: cloudflare
etag: W/"73e8-17a316cd188"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 515516214 527764863
cache-control: public, max-age=31536000
cf-ray: 68399d3929720eab-FRA
expires: Wed, 24 Aug 2022 03:50:02 GMT

GET
H2 200 63df3c6.js Show response
holiday.presslogic.com/my/_nuxt/ 2 KB
1 KB 40ms
31ms Script
application/javascript 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/63df3c6.js
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c863026af0aca0b6e8067015b05c5be855682e861c8cb376075ad8e7b313f06f

Request headers

:path: /my/_nuxt/63df3c6.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 8802207
x-cache: HIT
content-type: application/javascript; charset=UTF-8
x-ua-device: pc
x-envoy-upstream-service-time: 1
content-encoding: br
last-modified: Fri, 14 May 2021 06:32:22 GMT
server: cloudflare
etag: W/"830-179699374f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 6401547 7047798
cache-control: public, max-age=31536000
cf-ray: 68399d3929730eab-FRA
expires: Wed, 24 Aug 2022 03:50:02 GMT

GET
H2 200 7cb4df6.js Show response
holiday.presslogic.com/my/_nuxt/ 3 KB
2 KB 67ms
58ms Script
application/javascript 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/7cb4df6.js
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e65f82f6a83a9037b41abe38e84b5095104efa3c0a1a7c086240644c0b0d6c4

Request headers

:path: /my/_nuxt/7cb4df6.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 8802569
x-cache: HIT
content-type: application/javascript; charset=UTF-8
x-ua-device: mobile-iphone
x-envoy-upstream-service-time: 1
content-encoding: br
last-modified: Fri, 14 May 2021 06:32:22 GMT
server: cloudflare
etag: W/"d98-179699374f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 5331434 5331411
cache-control: public, max-age=31536000
cf-ray: 68399d3929760eab-FRA
expires: Wed, 24 Aug 2022 03:50:02 GMT

GET
H2 200 5b3fdf9.js Show response
holiday.presslogic.com/my/_nuxt/ 2 KB
1 KB 34ms
25ms Script
application/javascript 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/5b3fdf9.js
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e88efe32efdb6348bf7e652f94fe2ac0b4fc2de4e372d2a9fe436db686e0a99d

Request headers

:path: /my/_nuxt/5b3fdf9.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 8802568
x-cache: HIT
content-type: application/javascript; charset=UTF-8
x-ua-device: mobile-iphone
x-envoy-upstream-service-time: 1
content-encoding: br
last-modified: Fri, 14 May 2021 06:32:22 GMT
server: cloudflare
etag: W/"91d-179699374f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 7177983 5331417
cache-control: public, max-age=31536000
cf-ray: 68399d3929770eab-FRA
expires: Wed, 24 Aug 2022 03:50:02 GMT

GET
H2 200 ff27d5f.js Show response
holiday.presslogic.com/my/_nuxt/ 46 KB
16 KB 35ms
26ms Script
application/javascript 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/ff27d5f.js
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db8e982e9d4aee00d8b7052edd851e00a8cf4ae33ca811272b67c6e048d93a25

Request headers

:path: /my/_nuxt/ff27d5f.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 5447771
x-cache: HIT
content-type: application/javascript; charset=UTF-8
x-ua-device: pc
x-envoy-upstream-service-time: 2
content-encoding: br
last-modified: Tue, 22 Jun 2021 01:54:13 GMT
server: cloudflare
etag: W/"b868-17a316cd188"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 523605567 526519225
cache-control: public, max-age=31536000
cf-ray: 68399d3929780eab-FRA
expires: Wed, 24 Aug 2022 03:50:02 GMT

GET
H2 200 321c313.js Show response
holiday.presslogic.com/my/_nuxt/ 52 KB
13 KB 42ms
33ms Script
application/javascript 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/321c313.js
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 620d2496ce892dbfea08cde89081ccc445f49c1155faa3fd431f09b0152e3ec1

Request headers

:path: /my/_nuxt/321c313.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 6677
x-cache: HIT
content-type: application/javascript; charset=UTF-8
x-ua-device: mobile-iphone
x-envoy-upstream-service-time: 2
content-encoding: br
last-modified: Wed, 18 Aug 2021 08:10:50 GMT
server: cloudflare
etag: W/"ce74-17b58501b10"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 658559228 648294762
cache-control: public, max-age=31536000
cf-ray: 68399d3929790eab-FRA
expires: Wed, 24 Aug 2022 03:50:02 GMT

GET
H2 200 96c0bb8.js Show response
holiday.presslogic.com/my/_nuxt/ 49 KB
14 KB 40ms
32ms Script
application/javascript 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/96c0bb8.js
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7115b000d09e26c8d4acddcdc655544309634c73189e9dbdd7160b5e2cb9582

Request headers

:path: /my/_nuxt/96c0bb8.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 3365212
x-cache: HIT
content-type: application/javascript; charset=UTF-8
x-ua-device: mobile-iphone
x-envoy-upstream-service-time: 3
content-encoding: br
last-modified: Fri, 16 Jul 2021 01:41:44 GMT
server: cloudflare
etag: W/"c20d-17aacfa03c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 821203458 819751278
cache-control: public, max-age=31536000
cf-ray: 68399d39297a0eab-FRA
expires: Wed, 24 Aug 2022 03:50:02 GMT

GET
H2 200 09e9d85.js Show response
holiday.presslogic.com/my/_nuxt/ 10 KB
4 KB 35ms
26ms Script
application/javascript 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/09e9d85.js
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b838024f7eb1457a19caad1dc9fe45ed130118c7e34da184105f3ae40887898

Request headers

:path: /my/_nuxt/09e9d85.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 6677
x-cache: HIT
content-type: application/javascript; charset=UTF-8
x-ua-device: mobile-iphone
x-envoy-upstream-service-time: 1
content-encoding: br
last-modified: Wed, 18 Aug 2021 08:10:50 GMT
server: cloudflare
etag: W/"29d8-17b58501b10"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 717555025 717442601
cache-control: public, max-age=31536000
cf-ray: 68399d3929830eab-FRA
expires: Wed, 24 Aug 2022 03:50:02 GMT

GET
H2 200 4b2de3b.js Show response
holiday.presslogic.com/my/_nuxt/ 28 KB
7 KB 51ms
43ms Script
application/javascript 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/4b2de3b.js
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcba340c9bc5486c71ff1141807a0fcfc21e3492981f0a78c69b33a6e3a572cc

Request headers

:path: /my/_nuxt/4b2de3b.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 5447771
x-cache: HIT
content-type: application/javascript; charset=UTF-8
x-ua-device: pc
x-envoy-upstream-service-time: 1
content-encoding: br
last-modified: Tue, 22 Jun 2021 01:54:14 GMT
server: cloudflare
etag: W/"7030-17a316cd570"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 527632123 524854329
cache-control: public, max-age=31536000
cf-ray: 68399d3929840eab-FRA
expires: Wed, 24 Aug 2022 03:50:02 GMT

GET
H2 200 91dcb95.js Show response
holiday.presslogic.com/my/_nuxt/ 11 KB
3 KB 42ms
34ms Script
application/javascript 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/91dcb95.js
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13b8277e949ea93ffc1b329a1f95b2775593340d17fe828ed40f2b3f9e125f9a

Request headers

:path: /my/_nuxt/91dcb95.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 7139
x-cache: HIT
content-type: application/javascript; charset=UTF-8
x-ua-device: mobile-iphone
x-envoy-upstream-service-time: 1
content-encoding: br
last-modified: Wed, 18 Aug 2021 08:10:50 GMT
server: cloudflare
etag: W/"2db0-17b58501b10"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 658889259 659503919
cache-control: public, max-age=31536000
cf-ray: 68399d3929850eab-FRA
expires: Wed, 24 Aug 2022 03:50:02 GMT

GET
H2 200 5f47eab.js Show response
holiday.presslogic.com/my/_nuxt/ 5 KB
2 KB 40ms
32ms Script
application/javascript 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/5f47eab.js
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a43607be29f655abb526294f1c784c828dc78d6d39786a5f1bb400ac0c13725

Request headers

:path: /my/_nuxt/5f47eab.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 5951196
x-cache: HIT
content-type: application/javascript; charset=UTF-8
x-ua-device: pc
x-envoy-upstream-service-time: 1
content-encoding: br
last-modified: Wed, 16 Jun 2021 06:27:46 GMT
server: cloudflare
etag: W/"1339-17a13811ad0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 456041117 465933721
cache-control: public, max-age=31536000
cf-ray: 68399d3929860eab-FRA
expires: Wed, 24 Aug 2022 03:50:02 GMT

GET
H2 200 f685aff.js Show response
holiday.presslogic.com/my/_nuxt/ 23 KB
7 KB 39ms
32ms Script
application/javascript 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/f685aff.js
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1a4276cc356a6b35abd1932607bfe1fbdaacd3ea50c6c465cb636b63c9b80d1

Request headers

:path: /my/_nuxt/f685aff.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 5447771
x-cache: HIT
content-type: application/javascript; charset=UTF-8
x-ua-device: pc
x-envoy-upstream-service-time: 1
content-encoding: br
last-modified: Tue, 22 Jun 2021 01:54:14 GMT
server: cloudflare
etag: W/"5abd-17a316cd570"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 536709682 518539097
cache-control: public, max-age=31536000
cf-ray: 68399d3929880eab-FRA
expires: Wed, 24 Aug 2022 03:50:02 GMT

GET
H2 200 908ade4.js Show response
holiday.presslogic.com/my/_nuxt/ 12 KB
4 KB 41ms
33ms Script
application/javascript 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/908ade4.js
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb8c12f38c58542a19e9bc876eea0078159aa560794bc0244608946d0f7ec64b

Request headers

:path: /my/_nuxt/908ade4.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 1184155
x-cache: HIT
content-type: application/javascript; charset=UTF-8
x-ua-device: pc
x-envoy-upstream-service-time: 1
content-encoding: br
last-modified: Fri, 30 Jul 2021 02:30:06 GMT
server: cloudflare
etag: W/"3112-17af53f53b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 404320756 412927027
cache-control: public, max-age=31536000
cf-ray: 68399d3929890eab-FRA
expires: Wed, 24 Aug 2022 03:50:02 GMT

GET
H2 200 76ff1a8.js Show response
holiday.presslogic.com/my/_nuxt/ 40 KB
11 KB 49ms
41ms Script
application/javascript 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/76ff1a8.js
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0583d749537c347d42a4ca3c939933db2d7c2b2cf87ef6206f8525de99aba10

Request headers

:path: /my/_nuxt/76ff1a8.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 7138
x-cache: HIT
content-type: application/javascript; charset=UTF-8
x-ua-device: mobile-iphone
x-envoy-upstream-service-time: 1
content-encoding: br
last-modified: Wed, 18 Aug 2021 08:10:50 GMT
server: cloudflare
etag: W/"9e02-17b58501b10"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 625634555 651112368
cache-control: public, max-age=31536000
cf-ray: 68399d39298a0eab-FRA
expires: Wed, 24 Aug 2022 03:50:02 GMT

GET
H2 200 1ba1641.js Show response
holiday.presslogic.com/my/_nuxt/ 34 KB
10 KB 42ms
35ms Script
application/javascript 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/1ba1641.js
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f79c4cf2b5494dac51a38f8c149d66042f46e6a3bb07510fb5d64f296895ea75

Request headers

:path: /my/_nuxt/1ba1641.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 3365212
x-cache: HIT
content-type: application/javascript; charset=UTF-8
x-ua-device: mobile-iphone
x-envoy-upstream-service-time: 2
content-encoding: br
last-modified: Fri, 16 Jul 2021 01:41:44 GMT
server: cloudflare
etag: W/"8852-17aacfa03c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 810765874 811541363
cache-control: public, max-age=31536000
cf-ray: 68399d39298f0eab-FRA
expires: Wed, 24 Aug 2022 03:50:02 GMT

GET
H2 200 537793f.js Show response
holiday.presslogic.com/my/_nuxt/ 6 KB
3 KB 40ms
33ms Script
application/javascript 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/537793f.js
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 858c67a87c1e3521cb7ed90b52eb2815b41ce7f27b21160d8a0941da25ea38d2

Request headers

:path: /my/_nuxt/537793f.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 5447771
x-cache: HIT
content-type: application/javascript; charset=UTF-8
x-ua-device: pc
x-envoy-upstream-service-time: 3
content-encoding: br
last-modified: Tue, 22 Jun 2021 01:54:14 GMT
server: cloudflare
etag: W/"19cc-17a316cd570"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 527632124 507211818
cache-control: public, max-age=31536000
cf-ray: 68399d3929900eab-FRA
expires: Wed, 24 Aug 2022 03:50:02 GMT

GET
H2 200 04f031b.js Show response
holiday.presslogic.com/my/_nuxt/ 7 KB
3 KB 49ms
42ms Script
application/javascript 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/04f031b.js
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3918f5549f6a86dadacaa9ac21d53eaec20f6f88e45c3575051d6d7a3999143

Request headers

:path: /my/_nuxt/04f031b.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 2753691
x-cache: HIT
content-type: application/javascript; charset=UTF-8
x-ua-device: pc
x-envoy-upstream-service-time: 1
content-encoding: br
last-modified: Mon, 19 Jul 2021 06:19:08 GMT
server: cloudflare
etag: W/"1bc0-17abd6b0f60"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 885204521 880680736
cache-control: public, max-age=31536000
cf-ray: 68399d3929910eab-FRA
expires: Wed, 24 Aug 2022 03:50:02 GMT

GET
H2 200 6e45e56.js Show response
holiday.presslogic.com/my/_nuxt/ 49 KB
12 KB 39ms
33ms Script
application/javascript 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/6e45e56.js
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48b587363801affa439a25c88c4df2baffa4ee1e7aa8f7cd0995a23af0087c95

Request headers

:path: /my/_nuxt/6e45e56.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 8802565
x-cache: HIT
content-type: application/javascript; charset=UTF-8
x-ua-device: mobile-iphone
x-envoy-upstream-service-time: 1
content-encoding: br
last-modified: Fri, 14 May 2021 06:32:22 GMT
server: cloudflare
etag: W/"c366-179699374f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 5597000 5890043
cache-control: public, max-age=31536000
cf-ray: 68399d3929920eab-FRA
expires: Wed, 24 Aug 2022 03:50:02 GMT

GET
H2 200 b429c638.170edba.css
holiday.presslogic.com/my/_nuxt/vendors/app/ 62 KB
10 KB 38ms
32ms Stylesheet
text/css 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/vendors/app/b429c638.170edba.css
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 090b0d5b9c6fcad898bf80088a9b08666736e32872bfd4329fc14f28dbdd9a5d

Request headers

:path: /my/_nuxt/vendors/app/b429c638.170edba.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 10619198
x-cache: HIT
content-type: text/css; charset=UTF-8
x-ua-device: mobile-iphone
x-envoy-upstream-service-time: 2
content-encoding: br
last-modified: Thu, 22 Apr 2021 05:59:45 GMT
server: cloudflare
etag: W/"f97d-178f829b068"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 7391618 30351412
cache-control: public, max-age=31536000
cf-ray: 68399d39297b0eab-FRA
expires: Wed, 24 Aug 2022 03:50:02 GMT

GET
H2 200 93f0101.js Show response
holiday.presslogic.com/my/_nuxt/ 65 KB
18 KB 43ms
37ms Script
application/javascript 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/93f0101.js
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44fb13854aa442c76f3a69420e5ac500ebef070f9c3796e43115dd1ce851a166

Request headers

:path: /my/_nuxt/93f0101.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 5447771
x-cache: HIT
content-type: application/javascript; charset=UTF-8
x-ua-device: pc
x-envoy-upstream-service-time: 1
content-encoding: br
last-modified: Tue, 22 Jun 2021 01:54:14 GMT
server: cloudflare
etag: W/"10265-17a316cd570"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 526977096 518954009
cache-control: public, max-age=31536000
cf-ray: 68399d3929930eab-FRA
expires: Wed, 24 Aug 2022 03:50:02 GMT

GET
H2 200 e854962.js Show response
holiday.presslogic.com/my/_nuxt/ 70 KB
26 KB 41ms
35ms Script
application/javascript 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/e854962.js
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 482630e04e56e186b6821c33288f0a5be8ee31638cd5f1dfbb33169b5dd6a204

Request headers

:path: /my/_nuxt/e854962.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 5447771
x-cache: HIT
content-type: application/javascript; charset=UTF-8
x-ua-device: pc
x-envoy-upstream-service-time: 2
content-encoding: br
last-modified: Tue, 22 Jun 2021 01:54:14 GMT
server: cloudflare
etag: W/"11867-17a316cd570"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 515516216 516734192
cache-control: public, max-age=31536000
cf-ray: 68399d3929950eab-FRA
expires: Wed, 24 Aug 2022 03:50:02 GMT

GET
H2 200 46438e7.js Show response
holiday.presslogic.com/my/_nuxt/ 52 KB
18 KB 49ms
43ms Script
application/javascript 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/46438e7.js
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b12be8ea0b99ddff6a37e0b868de5a4b7f8cf1c8b9d13de72e675d13b46bc83c

Request headers

:path: /my/_nuxt/46438e7.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 2753691
x-cache: MISS
content-type: application/javascript; charset=UTF-8
x-ua-device: pc
x-envoy-upstream-service-time: 30
content-encoding: br
last-modified: Mon, 19 Jul 2021 06:19:08 GMT
server: cloudflare
etag: W/"cf50-17abd6b0f60"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 876266135
cache-control: public, max-age=31536000
cf-ray: 68399d3929960eab-FRA
expires: Wed, 24 Aug 2022 03:50:02 GMT

GET
H2 200 b58f7129.bb3c038.css
holiday.presslogic.com/my/_nuxt/vendors/app/ 22 KB
5 KB 38ms
32ms Stylesheet
text/css 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/vendors/app/b58f7129.bb3c038.css
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 891b590b7c68d10805cba9374cd11d711d160e92466c23759590ed50039aa585

Request headers

:path: /my/_nuxt/vendors/app/b58f7129.bb3c038.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 2251739
x-cache: MISS
content-type: text/css; charset=UTF-8
x-ua-device: tablet-ipad
x-envoy-upstream-service-time: 6
content-encoding: br
last-modified: Thu, 29 Jul 2021 01:33:36 GMT
server: cloudflare
etag: W/"5640-17aefe53d80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 930351690
cache-control: public, max-age=31536000
cf-ray: 68399d39297d0eab-FRA
expires: Wed, 24 Aug 2022 03:50:02 GMT

GET
H2 200 39d3125.js Show response
holiday.presslogic.com/my/_nuxt/ 84 KB
21 KB 42ms
36ms Script
application/javascript 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/39d3125.js
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 918ba0dc0f0ad5e21feceaa8882c3377f777dfc684f8238b9866cb9b8e70a30f

Request headers

:path: /my/_nuxt/39d3125.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 2251734
x-cache: MISS
content-type: application/javascript; charset=UTF-8
x-ua-device: tablet-ipad
x-envoy-upstream-service-time: 6
content-encoding: br
last-modified: Thu, 29 Jul 2021 01:33:36 GMT
server: cloudflare
etag: W/"14f8a-17aefe53d80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 932810017
cache-control: public, max-age=31536000
cf-ray: 68399d3929980eab-FRA
expires: Wed, 24 Aug 2022 03:50:02 GMT

GET
H2 200 ec8c427e.5959bde.css
holiday.presslogic.com/my/_nuxt/vendors/app/ 18 KB
3 KB 42ms
37ms Stylesheet
text/css 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/vendors/app/ec8c427e.5959bde.css
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74e0a79ef6d63e8502a4efc5db37400f4da1facea09eec134af5db57ebd0f84c

Request headers

:path: /my/_nuxt/vendors/app/ec8c427e.5959bde.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 10619198
x-cache: HIT
content-type: text/css; charset=UTF-8
x-ua-device: mobile-iphone
x-envoy-upstream-service-time: 2
content-encoding: br
last-modified: Thu, 22 Apr 2021 05:59:45 GMT
server: cloudflare
etag: W/"475c-178f829b068"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 30874494 28174039
cache-control: public, max-age=31536000
cf-ray: 68399d39297f0eab-FRA
expires: Wed, 24 Aug 2022 03:50:02 GMT

GET
H2 200 8158ed1.js Show response
holiday.presslogic.com/my/_nuxt/ 510 B
395 B 41ms
36ms Script
application/javascript 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/8158ed1.js
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24e7a872e97ddca5fc2cacc625c2a147bde894a764ba51300214781560368116

Request headers

:path: /my/_nuxt/8158ed1.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 8802564
x-cache: MISS
content-type: application/javascript; charset=UTF-8
x-ua-device: mobile-iphone
x-envoy-upstream-service-time: 6
content-encoding: br
last-modified: Fri, 14 May 2021 06:32:22 GMT
server: cloudflare
etag: W/"1fe-179699374f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 322453
cache-control: public, max-age=31536000
cf-ray: 68399d3929990eab-FRA
expires: Wed, 24 Aug 2022 03:50:02 GMT

GET
H2 200 a406b00.js Show response
holiday.presslogic.com/my/_nuxt/ 129 KB
34 KB 47ms
42ms Script
application/javascript 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/a406b00.js
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 429359266b178dc66a512ca84aec255558c9916a41f3fc8c0ceeea0421b4899d

Request headers

:path: /my/_nuxt/a406b00.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 5447771
x-cache: HIT
content-type: application/javascript; charset=UTF-8
x-ua-device: pc
x-envoy-upstream-service-time: 1
content-encoding: br
last-modified: Tue, 22 Jun 2021 01:54:14 GMT
server: cloudflare
etag: W/"20463-17a316cd570"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 536709681 530714883
cache-control: public, max-age=31536000
cf-ray: 68399d39299b0eab-FRA
expires: Wed, 24 Aug 2022 03:50:02 GMT

GET
H2 200 d14b5de.js Show response
holiday.presslogic.com/my/_nuxt/ 82 KB
24 KB 48ms
43ms Script
application/javascript 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/d14b5de.js
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21c5cdf88a9219f623264dd4d24e3e0692f58c5618617030fb634b11f8a6116c

Request headers

:path: /my/_nuxt/d14b5de.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 5447771
x-cache: HIT
content-type: application/javascript; charset=UTF-8
x-ua-device: pc
x-envoy-upstream-service-time: 2
content-encoding: br
last-modified: Tue, 22 Jun 2021 01:54:14 GMT
server: cloudflare
etag: W/"147c4-17a316cd570"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 527632125 516307472
cache-control: public, max-age=31536000
cf-ray: 68399d39299c0eab-FRA
expires: Wed, 24 Aug 2022 03:50:02 GMT

GET
H2 200 f69643ec.b08e073.css
holiday.presslogic.com/my/_nuxt/app/ 254 B
356 B 47ms
43ms Stylesheet
text/css 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/app/f69643ec.b08e073.css
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd52c122328222aa09da5268422e69f9cd61111fbcd7b125cfcf5a7f03a22384

Request headers

:path: /my/_nuxt/app/f69643ec.b08e073.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 10619198
x-cache: MISS
content-type: text/css; charset=UTF-8
x-ua-device: mobile-iphone
x-envoy-upstream-service-time: 9
content-encoding: br
last-modified: Thu, 22 Apr 2021 05:59:45 GMT
server: cloudflare
etag: W/"fe-178f829b068"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 30120994
cache-control: public, max-age=31536000
cf-ray: 68399d3929800eab-FRA
expires: Wed, 24 Aug 2022 03:50:02 GMT

GET
H2 200 12676c3.js Show response
holiday.presslogic.com/my/_nuxt/ 66 KB
19 KB 39ms
34ms Script
application/javascript 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/12676c3.js
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4645e41595da9c672140b15610528c886785a6fa90b17a8ce8458786139c9932

Request headers

:path: /my/_nuxt/12676c3.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 3365212
x-cache: HIT
content-type: application/javascript; charset=UTF-8
x-ua-device: mobile-iphone
x-envoy-upstream-service-time: 2
content-encoding: br
last-modified: Fri, 16 Jul 2021 01:41:44 GMT
server: cloudflare
etag: W/"108d7-17aacfa03c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 821203463 821542443
cache-control: public, max-age=31536000
cf-ray: 68399d39299d0eab-FRA
expires: Wed, 24 Aug 2022 03:50:02 GMT

GET
H2 200 01e7b97c.3c5d4f5.css
holiday.presslogic.com/my/_nuxt/app/ 66 KB
8 KB 37ms
32ms Stylesheet
text/css 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/app/01e7b97c.3c5d4f5.css
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffce136a8f1516b57b0a4c1ad896246c5fc44dfdf513d8f5f0768881fefb71a4

Request headers

:path: /my/_nuxt/app/01e7b97c.3c5d4f5.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 6678
x-cache: HIT
content-type: text/css; charset=UTF-8
x-ua-device: mobile-iphone
x-envoy-upstream-service-time: 1
content-encoding: br
last-modified: Wed, 18 Aug 2021 08:10:50 GMT
server: cloudflare
etag: W/"109f2-17b58501b10"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 658559218 652070254
cache-control: public, max-age=31536000
cf-ray: 68399d3929820eab-FRA
expires: Wed, 24 Aug 2022 03:50:02 GMT

GET
H2 200 511a22d.js Show response
holiday.presslogic.com/my/_nuxt/ 43 KB
8 KB 62ms
57ms Script
application/javascript 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/511a22d.js
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 425050ba5cddd6da2e5c8ca0f0e2b49f4b842c425767dbb1e984861fd64f21f7

Request headers

:path: /my/_nuxt/511a22d.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 3365212
x-cache: HIT
content-type: application/javascript; charset=UTF-8
x-ua-device: mobile-iphone
x-envoy-upstream-service-time: 1
content-encoding: br
last-modified: Fri, 16 Jul 2021 01:41:44 GMT
server: cloudflare
etag: W/"aa8b-17aacfa03c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 807444884 815316706
cache-control: public, max-age=31536000
cf-ray: 68399d39299e0eab-FRA
expires: Wed, 24 Aug 2022 03:50:02 GMT

GET
H2 200 684085e2.aaf3ed0.css
holiday.presslogic.com/my/_nuxt/app/ 23 KB
4 KB 40ms
36ms Stylesheet
text/css 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/app/684085e2.aaf3ed0.css
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d52ba9d1eaa9f0e44d54860455271a4c409b0535dda3430c2fe9856d3bfa5cb

Request headers

:path: /my/_nuxt/app/684085e2.aaf3ed0.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 5447771
x-cache: HIT
content-type: text/css; charset=UTF-8
x-ua-device: pc
x-envoy-upstream-service-time: 1
content-encoding: br
last-modified: Tue, 22 Jun 2021 01:54:13 GMT
server: cloudflare
etag: W/"5dc6-17a316cd188"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 515516213 526519345
cache-control: public, max-age=31536000
cf-ray: 68399d39298c0eab-FRA
expires: Wed, 24 Aug 2022 03:50:02 GMT

GET
H2 200 952bbb1.js Show response
holiday.presslogic.com/my/_nuxt/ 44 KB
11 KB 46ms
42ms Script
application/javascript 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/952bbb1.js
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0795a9add8aaabcf9fc428586bf8e7e73038c95798adeb038a287ff2a586dbb7

Request headers

:path: /my/_nuxt/952bbb1.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 2251733
x-cache: MISS
content-type: application/javascript; charset=UTF-8
x-ua-device: tablet-ipad
x-envoy-upstream-service-time: 6
content-encoding: br
last-modified: Thu, 29 Jul 2021 01:33:36 GMT
server: cloudflare
etag: W/"b075-17aefe53d80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 932087387
cache-control: public, max-age=31536000
cf-ray: 68399d39299f0eab-FRA
expires: Wed, 24 Aug 2022 03:50:02 GMT

GET
H2 200 f075b844.ab9c0ff.css
holiday.presslogic.com/my/_nuxt/pages/index/ 9 KB
2 KB 36ms
32ms Stylesheet
text/css 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/pages/index/f075b844.ab9c0ff.css
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f0f73603fc825165a86d3f8cea2192f39822851516608324fc3bc0c69f694d5

Request headers

:path: /my/_nuxt/pages/index/f075b844.ab9c0ff.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 2242006
x-cache: HIT
content-type: text/css; charset=UTF-8
x-ua-device: pc
x-envoy-upstream-service-time: 1
content-encoding: br
last-modified: Thu, 29 Jul 2021 01:33:36 GMT
server: cloudflare
etag: W/"23a1-17aefe53d80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 911587950 911586120
cache-control: public, max-age=31536000
cf-ray: 68399d39298d0eab-FRA
expires: Wed, 24 Aug 2022 03:50:02 GMT

GET
H2 200 c13dc5d.js Show response
holiday.presslogic.com/my/_nuxt/ 25 KB
6 KB 39ms
35ms Script
application/javascript 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/c13dc5d.js
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa21139e68e8398007aa02e976493467cc6699ef57f9a1e54919b5cda680f2f1

Request headers

:path: /my/_nuxt/c13dc5d.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 3531
x-cache: MISS
content-type: application/javascript; charset=UTF-8
x-ua-device: bot
x-envoy-upstream-service-time: 11
content-encoding: br
last-modified: Wed, 18 Aug 2021 08:10:50 GMT
server: cloudflare
etag: W/"65b8-17b58501b10"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 721539463
cache-control: public, max-age=31536000
cf-ray: 68399d3929a00eab-FRA
expires: Wed, 24 Aug 2022 03:50:02 GMT

GET
H2 200 e3dbdb39.dfb590b.css
holiday.presslogic.com/my/_nuxt/pages/_country/tag/_slug/pages/article/_wpid/index/pages/article/amp/_wpid/index/pages/author/_blogg/ 1013 B
432 B 36ms
33ms Stylesheet
text/css 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/pages/_country/tag/_slug/pages/article/_wpid/index/pages/article/amp/_wpid/index/pages/author/_blogg/e3dbdb39.dfb590b.css
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2bbba340d2f452e7c662f1e486a08477ae6aa7c10093dfe09f6636674df8a720

Request headers

:path: /my/_nuxt/pages/_country/tag/_slug/pages/article/_wpid/index/pages/article/amp/_wpid/index/pages/author/_blogg/e3dbdb39.dfb590b.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 5447771
x-cache: HIT
content-type: text/css; charset=UTF-8
x-ua-device: pc
x-envoy-upstream-service-time: 2
content-encoding: br
last-modified: Tue, 22 Jun 2021 01:54:13 GMT
server: cloudflare
etag: W/"3f5-17a316cd188"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 527632122 504262045
cache-control: public, max-age=31536000
cf-ray: 68399d39298e0eab-FRA
expires: Wed, 24 Aug 2022 03:50:02 GMT

GET
H2 200 9d4f805.js Show response
holiday.presslogic.com/my/_nuxt/ 7 KB
2 KB 46ms
43ms Script
application/javascript 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/9d4f805.js
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6d9014a237b2b9ad7c03a94d1f7ff0534ea0f9b941ee9df4a73f6d440f84fe1

Request headers

:path: /my/_nuxt/9d4f805.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 3365212
x-cache: HIT
content-type: application/javascript; charset=UTF-8
x-ua-device: mobile-iphone
x-envoy-upstream-service-time: 2
content-encoding: br
last-modified: Fri, 16 Jul 2021 01:41:44 GMT
server: cloudflare
etag: W/"1bd6-17aacfa03c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 816917984 808218733
cache-control: public, max-age=31536000
cf-ray: 68399d3929a10eab-FRA
expires: Wed, 24 Aug 2022 03:50:02 GMT

GET
H2 200 presslogic-logo.png
assets.presslogic.com/presslogic-hk-hd/static/images/ 2 KB
2 KB 60ms
48ms Image
image/png 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.presslogic.com/presslogic-hk-hd/static/images/presslogic-logo.png
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fa27f35fb69e04575f2b6a30221f1c1641d23346e8587295c6630238d9c9bae

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
cf-cache-status: HIT
age: 1388001
x-guploader-uploadid: ADPycdtHCgFw6BUcAC-W3b7arrWcyslnLKSdMriHR2Hxlht9JpBQRKXKB9rSYXx8VEytVa8e_HcVC9SSoiZz6JlCtMFjnp-UOg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 10
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 1685
last-modified: Fri, 12 Mar 2021 04:05:23 GMT
server: cloudflare
etag: "3c683679e8133a689608a2d58319b3af"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=Pu5y9w==, md5=PGg2eegTOmiWCKLVgxmzrw==
x-goog-generation: 1615521923566635
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=31536000
x-goog-stored-content-length: 1685
accept-ranges: bytes
cf-ray: 68399d3939a60eab-FRA
expires: Wed, 24 Aug 2022 03:50:02 GMT

GET
H2 200 logo.png
assets.presslogic.com/presslogic-hk-hd/static/images/holiday/ 74 KB
75 KB 50ms
39ms Image
image/png 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.presslogic.com/presslogic-hk-hd/static/images/holiday/logo.png?v=191112
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60c5faf531c04e9a0436fcf0c1365934af930380a45e1900e59ac70f4742ca2b

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
cf-cache-status: HIT
age: 10619191
x-guploader-uploadid: ABg5-UzVk0Zl1rUSwi7aNikLTexfXMT4XIR6QZOrVEnIdxKOQi467cyoiVFxhPXfcRO_cacmwAf0bN-zFJnssMeumvF_2dIhLw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 10
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 75851
last-modified: Fri, 12 Mar 2021 04:06:48 GMT
server: cloudflare
etag: "a089b504e4353b8e0f90edc65276bb87"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=/dfCeA==, md5=oIm1BOQ1O44PkO3GUna7hw==
x-goog-generation: 1615522008209031
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=31536000
x-goog-stored-content-length: 75851
accept-ranges: bytes
cf-ray: 68399d3939a50eab-FRA
expires: Wed, 24 Aug 2022 03:50:02 GMT

GET
H2 200 loading.png
assets.presslogic.com/presslogic-hk-hd/static/images/ 2 KB
2 KB 65ms
54ms Image
image/png 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.presslogic.com/presslogic-hk-hd/static/images/loading.png
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95e572491860557badd4d4d1d3e37f1f3c602cc3d163a0cdac6b6523fbee67c3

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
cf-cache-status: HIT
age: 1660867
x-guploader-uploadid: ADPycduI9jeT_R9OBNmjtu9Gb4DvRTTGD_ljP7dKtaxoXlX8WPwpJaYEGdkWX04FkTYxSv71k8E6MvVbve6DqsIN7-MXofuSbA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 10
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 1692
last-modified: Fri, 12 Mar 2021 04:05:20 GMT
server: cloudflare
etag: "8a583b3705a086f29df69cd898e3ed10"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=DrWs/g==, md5=ilg7NwWghvKd9pzYmOPtEA==
x-goog-generation: 1615521920858130
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=31536000
x-goog-stored-content-length: 1692
accept-ranges: bytes
cf-ray: 68399d3939a40eab-FRA
expires: Wed, 24 Aug 2022 03:50:02 GMT

GET
H2 200 youtube-white.png
assets.presslogic.com/presslogic-hk-hd/static/images/ 948 B
1 KB 64ms
54ms Image
image/png 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.presslogic.com/presslogic-hk-hd/static/images/youtube-white.png
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9bc60b625ef89de00f22bc264e3f085526b4bd0fed14e2f5ebf3b8ab7ac8b95

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
cf-cache-status: HIT
age: 10614109
x-guploader-uploadid: ABg5-Uyvr5qw6OY6syWDlRZQoe7xb0oqrGiZzijqbIqOONNuOyqiR7PuypdYN4u7JEJ1JFqbpsrjsODtv04q3htMsHo
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 10
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 948
last-modified: Fri, 12 Mar 2021 04:05:25 GMT
server: cloudflare
etag: "2bc9bef3c70a6e784b6cbc94d45c8cfe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=tAungA==, md5=K8m+88cKbnhLbLyU1FyM/g==
x-goog-generation: 1615521925069537
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=31536000
x-goog-stored-content-length: 948
accept-ranges: bytes
cf-ray: 68399d3939a30eab-FRA
expires: Wed, 24 Aug 2022 03:50:02 GMT

GET
H2 200 pubads_impl_2021081901.js Show response
securepubads.g.doubleclick.net/gpt/ 331 KB
116 KB 148ms
51ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

50235ec9793a0ef9fa1e16fc5d47fdfd56f199b343586308c7cbec1e9937435a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 19 Aug 2021 08:39:07 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118670
x-xss-protection: 0
expires: Tue, 24 Aug 2021 03:50:02 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 100 B
748 B 154ms
58ms XHR
application/json 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=holiday.presslogic.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

313980e71cc69f18608b91680d9ed20c5b888629ee2d8904c168f01a3a21a6eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 24 Aug 2021 03:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91
x-xss-protection: 0
expires: Tue, 24 Aug 2021 03:50:02 GMT

GET
H2 200 category_maple.png
assets.presslogic.com/presslogic-hk-hd/static/images/event/201908_klook/ 19 KB
20 KB 29ms
29ms Image
image/png 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.presslogic.com/presslogic-hk-hd/static/images/event/201908_klook/category_maple.png
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59cc7fa40540cc164a9c69d98d697f14010ff99f62cb8afe97610cacd2d32c04

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
cf-cache-status: HIT
age: 10619192
x-guploader-uploadid: ABg5-UwrmZ-t4vV33iIz6GCVwnTcPEbvjWMwW4kNH1Dd_iMhwHhFHxzxuBVgbtkRFdMb6V46yNCrNDn-eMnm1ZYpLg4
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 10
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 19835
last-modified: Fri, 12 Mar 2021 04:05:49 GMT
server: cloudflare
etag: "ea6d559e1da640abc88fcfe89a97e522"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=E4cgrQ==, md5=6m1Vnh2mQKvIj8/ompflIg==
x-goog-generation: 1615521949402695
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=31536000
x-goog-stored-content-length: 19835
accept-ranges: bytes
cf-ray: 68399d3949af0eab-FRA
expires: Wed, 24 Aug 2022 03:50:02 GMT

GET
H2 200 css
fonts.googleapis.com/ 117 KB
33 KB 18ms
18ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Requested by

Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/app/01e7b97c.3c5d4f5.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f32e5a054bca9ebc3601a7a908ca341f2de553f2a18b83b61e8f1c040cb936bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 24 Aug 2021 02:32:29 GMT
server: ESF
date: Tue, 24 Aug 2021 03:50:02 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 24 Aug 2021 03:50:02 GMT

GET
H2 200 element-icons.2fad952.woff
holiday.presslogic.com/my/_nuxt/fonts/ 6 KB
6 KB 26ms
25ms Font
font/woff 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/fonts/element-icons.2fad952.woff
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/vendors/app/b429c638.170edba.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d810d62c27c55c915feaca97af37fac9580073e4c1482b7f1665912d74627ac1

Request headers

:path: /my/_nuxt/fonts/element-icons.2fad952.woff
pragma: no-cache
origin: https://holiday.presslogic.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/my/_nuxt/vendors/app/b429c638.170edba.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://holiday.presslogic.com
Referer: https://holiday.presslogic.com/my/_nuxt/vendors/app/b429c638.170edba.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 1407350
cf-ray: 68399d39ea420eab-FRA
x-cache: MISS
x-ua-device: mobile-iphone
x-envoy-upstream-service-time: 7
content-length: 6164
last-modified: Fri, 30 Jul 2021 02:30:06 GMT
server: cloudflare
etag: W/"1814-17af53f53b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 405777642
access-control-allow-origin: https://holiday.presslogic.com
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: font/woff
expires: Wed, 24 Aug 2022 03:50:02 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRD2XB9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 2181
date: Tue, 24 Aug 2021 03:13:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Tue, 24 Aug 2021 05:13:41 GMT

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ 4 KB
2 KB 168ms
55ms Script
application/javascript 13.224.102.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-98.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
Age: 10230155
ETag: W/"d89453438fbf10dcf4c13265c40d5160"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 d7147e532e5cf73689fcb39fa760bcf3.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: ZRH50-C1
X-Amz-Cf-Id: mjXECgpDoRDRzqHC2BVTfgkc5ORHY3eY99JxaBr9VypMViJk0uvLAw==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

525f091870c1282bb4823f9e64192983f1652a3bbc84c97ca5e6c4f063ca6e82

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25940
x-xss-protection: 0
pragma: public
x-fb-debug: UkYzEeUygDsshMJJboLOhIv2ctiNf2fQeuSA+arvtR3SrhrcJpwGx7gVKS8PUARWhOQr+zFn1LTbqJ1ri9ZFnA==
x-fb-trip-id: 2095733797
x-frame-options: DENY
date: Tue, 24 Aug 2021 03:50:02 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=21733041&ns__t=1629777002659&ns_c=UTF-8&c8=HolidaySmart%20%E5%81%87%E6%9C%9F%E6%97%A5%E5%B8%B8%20%7C%20%E9%A6%99%E6%B8%AF%E6%9C%80%E5%BC%B7%E9%A3%9F%E8%B2...
https://sb.scorecardresearch.com/b2?c1=2&c2=21733041&ns__t=1629777002659&ns_c=UTF-8&c8=HolidaySmart%20%E5%81%87%E6%9C%9F%E6%97%A5%E5%B8%B8%20%7C%20%E9%A6%99%E6%B8%AF%E6%9C%80%E5%BC%B7%E9%A3%9F%E8%B...

64 B
330 B

62ms
62ms

Image
image/gif

13.224.102.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=21733041&ns__t=1629777002659&ns_c=UTF-8&c8=HolidaySmart%20%E5%81%87%E6%9C%9F%E6%97%A5%E5%B8%B8%20%7C%20%E9%A6%99%E6%B8%AF%E6%9C%80%E5%BC%B7%E9%A3%9F%E8%B2%B7%E7%8E%A9%E6%97%85%E9%81%8A%E8%B3%87%E8%A8%8A%E7%B2%BE%E6%98%8E%E6%B6%88%E8%B2%BB%E9%9B%9C%E8%AA%8C&c7=https%3A%2F%2Fholiday.presslogic.com%2F&c9=
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-56.zrh50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
via: 1.1 ebbd7f31e48ea8cf77f6021cdd92bf62.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: -vpaI9B-tiTF0_dXqu4GkfqyJ6CB38v8fUVx3stoj9S1kXmDL3txkw==

Redirect headers

date: Tue, 24 Aug 2021 03:50:02 GMT
via: 1.1 ebbd7f31e48ea8cf77f6021cdd92bf62.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=21733041&ns__t=1629777002659&ns_c=UTF-8&c8=HolidaySmart%20%E5%81%87%E6%9C%9F%E6%97%A5%E5%B8%B8%20%7C%20%E9%A6%99%E6%B8%AF%E6%9C%80%E5%BC%B7%E9%A3%9F%E8%B2%B7%E7%8E%A9%E6%97%85%E9%81%8A%E8%B3%87%E8%A8%8A%E7%B2%BE%E6%98%8E%E6%B6%88%E8%B2%BB%E9%9B%9C%E8%AA%8C&c7=https%3A%2F%2Fholiday.presslogic.com%2F&c9=
content-length: 369
x-amz-cf-id: s2CD1o9HKg30to5h3DO4YyoPSOo5QoCd3NCZgM1JNHsH_EKDiXasKA==

GET
H2 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.117.woff2
fonts.gstatic.com/s/notosanstc/v11/ 46 KB
46 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.117.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f83c6e3eac9d41d51bc8e3b63f353ea889cc70b9938e2f701719aef80bf8528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://holiday.presslogic.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 04:28:28 GMT
x-content-type-options: nosniff
age: 602494
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47312
x-xss-protection: 0
last-modified: Thu, 12 Nov 2020 04:25:13 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 04:28:28 GMT

GET
H2 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.119.woff2
fonts.gstatic.com/s/notosanstc/v11/ 25 KB
25 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.119.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77c3d215298f95357de947f102cc00bded45bdb71ab3c20f9dfdc64e490729c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://holiday.presslogic.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 05:26:25 GMT
x-content-type-options: nosniff
age: 599017
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25360
x-xss-protection: 0
last-modified: Thu, 12 Nov 2020 04:18:53 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 05:26:25 GMT

GET
H3-29 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.116.woff2
fonts.gstatic.com/s/notosanstc/v11/ 51 KB
51 KB 10ms
8ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.116.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

717de30a4e041b92e5d3aa230aeede4e08434647e627279477a2f642ac2861eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://holiday.presslogic.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 07:43:34 GMT
x-content-type-options: nosniff
age: 590788
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52052
x-xss-protection: 0
last-modified: Thu, 12 Nov 2020 04:09:56 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 07:43:34 GMT

GET
H3-29 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.109.woff2
fonts.gstatic.com/s/notosanstc/v11/ 52 KB
52 KB 13ms
12ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.109.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9625dd5f36e9196b741bfb4558fb8809318495207eb6213427f4ee42b7baa57e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://holiday.presslogic.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 04:41:08 GMT
x-content-type-options: nosniff
age: 601734
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52844
x-xss-protection: 0
last-modified: Thu, 12 Nov 2020 04:25:01 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 04:41:08 GMT

GET
H3-29 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.118.woff2
fonts.gstatic.com/s/notosanstc/v11/ 43 KB
43 KB 14ms
13ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.118.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2abab588ed1aa226fff507bb12cc00b354738c203f4b6cd202f40352cdc6591

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://holiday.presslogic.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 01:56:01 GMT
x-content-type-options: nosniff
age: 6841
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43804
x-xss-protection: 0
last-modified: Thu, 12 Nov 2020 04:19:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 01:56:01 GMT

GET
H3-29 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.112.woff2
fonts.gstatic.com/s/notosanstc/v11/ 53 KB
53 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.112.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9f94f957c781ac27e4257c276659d678b1cd9dcd5931b6c0b068da46198378e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://holiday.presslogic.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 21:03:38 GMT
x-content-type-options: nosniff
age: 24384
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54000
x-xss-protection: 0
last-modified: Thu, 12 Nov 2020 04:25:02 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Aug 2022 21:03:38 GMT

GET
H3-29 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.115.woff2
fonts.gstatic.com/s/notosanstc/v11/ 52 KB
52 KB 11ms
9ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.115.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a7695bf1c26b3250de42c8ad42bc4e3abf7418876f76ad67bb58092c9244478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://holiday.presslogic.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 00:16:49 GMT
x-content-type-options: nosniff
age: 12793
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52792
x-xss-protection: 0
last-modified: Thu, 12 Nov 2020 04:08:38 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 00:16:49 GMT

GET
H3-29 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.114.woff2
fonts.gstatic.com/s/notosanstc/v11/ 51 KB
51 KB 12ms
11ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.114.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5472cbce3d59802ab140c5b8eecfca4d357343c47a1c9ea601ccf1d50145955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://holiday.presslogic.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 01:27:12 GMT
x-content-type-options: nosniff
age: 8570
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51852
x-xss-protection: 0
last-modified: Thu, 12 Nov 2020 04:25:08 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 01:27:12 GMT

GET
H3-29 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.113.woff2
fonts.gstatic.com/s/notosanstc/v11/ 52 KB
52 KB 17ms
16ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.113.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5a369d3d8be69eaf6a54f958015e687947252be07dbb197750fa8147caea4dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://holiday.presslogic.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 21:43:41 GMT
x-content-type-options: nosniff
age: 21981
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53144
x-xss-protection: 0
last-modified: Thu, 12 Nov 2020 04:25:06 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Aug 2022 21:43:41 GMT

GET
H3-29 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.110.woff2
fonts.gstatic.com/s/notosanstc/v11/ 55 KB
55 KB 16ms
15ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.110.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdd3e502fbd1bda1da8283465cb8fe741ed9543e851e645711d9383280fbe3b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://holiday.presslogic.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 21:45:55 GMT
x-content-type-options: nosniff
age: 21847
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56272
x-xss-protection: 0
last-modified: Thu, 12 Nov 2020 04:24:59 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Aug 2022 21:45:55 GMT

GET
H3-29 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.108.woff2
fonts.gstatic.com/s/notosanstc/v11/ 50 KB
50 KB 16ms
15ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.108.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c69739431e5aff1b7174a81209cbd0658da6c4d1b6527580f9f2f070df848290

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://holiday.presslogic.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 01:14:13 GMT
x-content-type-options: nosniff
age: 9349
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50784
x-xss-protection: 0
last-modified: Thu, 12 Nov 2020 04:25:01 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 01:14:13 GMT

GET
H3-29 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.111.woff2
fonts.gstatic.com/s/notosanstc/v11/ 57 KB
57 KB 17ms
17ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.111.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4176795e7304f2d0373d2c3edad1600cab1a1a0e8b202c6cfe3e06c7466172

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://holiday.presslogic.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 05:41:07 GMT
x-content-type-options: nosniff
age: 598135
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57968
x-xss-protection: 0
last-modified: Thu, 12 Nov 2020 04:25:14 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 05:41:07 GMT

GET
H3-29 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.104.woff2
fonts.gstatic.com/s/notosanstc/v11/ 47 KB
47 KB 17ms
16ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.104.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63a218801054b8267a86e48b10025b463f4fc573ad1c58ea95ccbb69627e9905

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://holiday.presslogic.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 08:20:00 GMT
x-content-type-options: nosniff
age: 588602
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48552
x-xss-protection: 0
last-modified: Thu, 12 Nov 2020 04:25:43 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 08:20:00 GMT

GET
H3-29 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.107.woff2
fonts.gstatic.com/s/notosanstc/v11/ 52 KB
52 KB 14ms
14ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.107.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57e7135d32625d7e1d8117a0571033a7564dc662dfe18bafdefd6633633858b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://holiday.presslogic.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 01:28:50 GMT
x-content-type-options: nosniff
age: 526872
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52988
x-xss-protection: 0
last-modified: Thu, 12 Nov 2020 04:10:01 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Aug 2022 01:28:50 GMT

GET
H3-29 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.102.woff2
fonts.gstatic.com/s/notosanstc/v11/ 45 KB
45 KB 13ms
13ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.102.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61fb409fcea7eda0419035ff2d75faea6742fcccdf5ff99fa44eb783f5053bb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://holiday.presslogic.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 08:09:30 GMT
x-content-type-options: nosniff
age: 589232
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46208
x-xss-protection: 0
last-modified: Thu, 12 Nov 2020 04:09:58 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 08:09:30 GMT

GET
H3-29 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.103.woff2
fonts.gstatic.com/s/notosanstc/v11/ 50 KB
50 KB 17ms
17ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.103.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

720540fdf6be1b3d2aee9c54172a0b328457b3e6860da752f37c88a0860607cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://holiday.presslogic.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 21:02:05 GMT
x-content-type-options: nosniff
age: 24477
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50856
x-xss-protection: 0
last-modified: Thu, 12 Nov 2020 04:09:56 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Aug 2022 21:02:05 GMT

GET
H3-29 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.41.woff2
fonts.gstatic.com/s/notosanstc/v11/ 20 KB
20 KB 18ms
18ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.41.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cee95e28d99d9926f58e1523ee1f80e407fa273226162d92c836693441f39a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://holiday.presslogic.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 01:53:27 GMT
x-content-type-options: nosniff
age: 6995
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20088
x-xss-protection: 0
last-modified: Thu, 12 Nov 2020 04:22:31 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 01:53:27 GMT

GET
H3-29 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.77.woff2
fonts.gstatic.com/s/notosanstc/v11/ 26 KB
26 KB 27ms
26ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.77.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b95161460d1f4437aa714cfa1876d0419defa2c6ea42a2fbc78dd487900a1d3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://holiday.presslogic.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 22:35:07 GMT
x-content-type-options: nosniff
age: 18895
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26188
x-xss-protection: 0
last-modified: Thu, 12 Nov 2020 04:23:49 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Aug 2022 22:35:07 GMT

GET
H3-29 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.106.woff2
fonts.gstatic.com/s/notosanstc/v11/ 52 KB
52 KB 27ms
26ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.106.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35adff49f4f7c4fa7112da10261ed1abecd865549fadc40690a4cc1f2e6bf832

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://holiday.presslogic.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 00:58:11 GMT
x-content-type-options: nosniff
age: 10311
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52836
x-xss-protection: 0
last-modified: Thu, 12 Nov 2020 04:19:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 00:58:11 GMT

GET
H3-29 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.105.woff2
fonts.gstatic.com/s/notosanstc/v11/ 47 KB
47 KB 19ms
19ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.105.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef7ddeaf31d487bf07b79b1aeb4f9cad24ffa35c280e0702c276dd5cf709cf67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://holiday.presslogic.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 08:24:44 GMT
x-content-type-options: nosniff
age: 588318
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48324
x-xss-protection: 0
last-modified: Thu, 12 Nov 2020 04:25:08 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 08:24:44 GMT

GET
H3-29 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.74.woff2
fonts.gstatic.com/s/notosanstc/v11/ 41 KB
41 KB 18ms
18ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.74.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d05926362e43abfab6f30edefa30cb5877f0786d58095b8c03d788748d8040c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://holiday.presslogic.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:40:52 GMT
x-content-type-options: nosniff
age: 550
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41620
x-xss-protection: 0
last-modified: Thu, 12 Nov 2020 04:16:34 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 03:40:52 GMT

GET
H3-29 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.68.woff2
fonts.gstatic.com/s/notosanstc/v11/ 26 KB
26 KB 25ms
23ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.68.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38803ccd696b11446d5922ca1113adedbae3e9f609a44ffc74015b4bb4c5232f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://holiday.presslogic.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 00:30:19 GMT
x-content-type-options: nosniff
age: 11983
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27036
x-xss-protection: 0
last-modified: Thu, 12 Nov 2020 04:09:58 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 00:30:19 GMT

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 13 KB
5 KB 50ms
35ms Script
text/javascript 2606:4700::6810:5f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
content-encoding: gzip
last-modified: Wed, 18 Aug 2021 21:41:27 GMT
server: cloudflare
etag: W/2021.5.3
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 68399d3bc9cb1f55-FRA

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1990439401&t=pageview&_s=1&dl=https%3A%2F%2Fholiday.presslogic.com%2F&ul=en-us&de=UTF-8&dt=HolidaySmart%20%E5%81%87%E6%9C%9F%E6%97%A5%E5%B8%B8%20%7C%20%E9%A6%99%E6%B8%AF%E6%9C%80%E5%BC%B7%E9%A3%9F%E8%B2%B7%E7%8E%A9%E6%97%85%E9%81%8A%E8%B3%87%E8%A8%8A%E7%B2%BE%E6%98%8E%E6%B6%88%E8%B2%BB%E9%9B%9C%E8%AA%8C&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1764898226&gjid=65183801&cid=1282470622.1629777003&tid=UA-75313505-12&_gid=1308648333.1629777003&_r=1&gtm=2wg8n0PRD2XB9&cd2=null&cd3=null&z=1780855579

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 24 Aug 2021 03:50:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://holiday.presslogic.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
12ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1990439401&t=pageview&_s=1&dl=https%3A%2F%2Fholiday.presslogic.com%2F&ul=en-us&de=UTF-8&dt=HolidaySmart%20%E5%81%87%E6%9C%9F%E6%97%A5%E5%B8%B8%20%7C%20%E9%A6%99%E6%B8%AF%E6%9C%80%E5%BC%B7%E9%A3%9F%E8%B2%B7%E7%8E%A9%E6%97%85%E9%81%8A%E8%B3%87%E8%A8%8A%E7%B2%BE%E6%98%8E%E6%B6%88%E8%B2%BB%E9%9B%9C%E8%AA%8C&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAAC~&jid=149895064&gjid=1052968233&cid=1282470622.1629777003&tid=UA-75313505-7&_gid=1308648333.1629777003&_r=1&gtm=2wg8n0PRD2XB9&cd2=null&cd3=null&z=2145853861

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 24 Aug 2021 03:50:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://holiday.presslogic.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
5ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j92&a=1990439401&t=event&ni=1&_s=1&dl=https%3A%2F%2Fholiday.presslogic.com%2F&ul=en-us&de=UTF-8&dt=HolidaySmart%20%E5%81%87%E6%9C%9F%E6%97%A5%E5%B8%B8%20%7C%20%E9%A6%99%E6%B8%AF%E6%9C%80%E5%BC%B7%E9%A3%9F%E8%B2%B7%E7%8E%A9%E6%97%85%E9%81%8A%E8%B3%87%E8%A8%8A%E7%B2%BE%E6%98%8E%E6%B6%88%E8%B2%BB%E9%9B%9C%E8%AA%8C&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Pageview&ea=Article%20category&_u=YEDAAEABAAAAAC~&jid=&gjid=&cid=1282470622.1629777003&tid=UA-75313505-12&_gid=1308648333.1629777003&gtm=2wg8n0PRD2XB9&cd2=null&cd3=null&z=1562182663

Requested by

Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Aug 2021 01:17:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 9147
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 2597336253707076 Show response
connect.facebook.net/signals/config/ 253 KB
72 KB 14ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2597336253707076?v=2.9.44&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

82f7485255164ff17c3a7c718d8893f5633192de5fc3f0951b7416bd5feda2be

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 73320
x-xss-protection: 0
pragma: public
x-fb-debug: YREo/qFMU6ww3+dBn03q2A8GRLhE3kRc0O2tjAv3w93AUUFuig1W0gOWZauP/cAhC4eoMvooVZKW6j2n5Rx0Ww==
x-frame-options: DENY
date: Tue, 24 Aug 2021 03:50:02 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 db300d2f.6e808e7.css
holiday.presslogic.com/my/_nuxt/vendors/pages/about/pages/article/_wpid/index/pages/category/_slug/pages/index/ 982 B
473 B 16ms
16ms Stylesheet
text/css 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/vendors/pages/about/pages/article/_wpid/index/pages/category/_slug/pages/index/db300d2f.6e808e7.css
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/50369f4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10451b01ead5e286ee4dd7fba2a18aeae2a0ecc31035fa9eeed6130865bd514a

Request headers

:path: /my/_nuxt/vendors/pages/about/pages/article/_wpid/index/pages/category/_slug/pages/index/db300d2f.6e808e7.css
pragma: no-cache
cookie: _ga=GA1.2.1282470622.1629777003; _gid=GA1.2.1308648333.1629777003; _gat_UA-75313505-12=1; _gat_UA-75313505-7=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 3365140
x-cache: HIT
content-type: text/css; charset=UTF-8
x-ua-device: pc
x-envoy-upstream-service-time: 1
content-encoding: br
last-modified: Fri, 16 Jul 2021 01:41:44 GMT
server: cloudflare
etag: W/"3d6-17aacfa03c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 816251599 817172847
cache-control: public, max-age=31536000
cf-ray: 68399d3c7c680eab-FRA
expires: Wed, 24 Aug 2022 03:50:02 GMT

GET
H2 200 3dacc57.js Show response
holiday.presslogic.com/my/_nuxt/ 7 KB
2 KB 20ms
20ms Script
application/javascript 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/3dacc57.js
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/50369f4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 072cdbe0c3148659b3575f5d5249fa283a53ea8bd3240f84c862125832383433

Request headers

:path: /my/_nuxt/3dacc57.js
pragma: no-cache
cookie: _ga=GA1.2.1282470622.1629777003; _gid=GA1.2.1308648333.1629777003; _gat_UA-75313505-12=1; _gat_UA-75313505-7=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 484373
x-cache: HIT
content-type: application/javascript; charset=UTF-8
x-ua-device: bot
x-envoy-upstream-service-time: 1
content-encoding: br
last-modified: Wed, 18 Aug 2021 08:10:50 GMT
server: cloudflare
etag: W/"1b7e-17b58501b10"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 618378207 613620078
cache-control: public, max-age=31536000
cf-ray: 68399d3c8c6a0eab-FRA
expires: Wed, 24 Aug 2022 03:50:02 GMT

GET
H2 200 6cfe8caa.dc73841.css
holiday.presslogic.com/my/_nuxt/vendors/pages/bloggers/pages/category/_slug/pages/index/ 2 KB
587 B 16ms
16ms Stylesheet
text/css 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/vendors/pages/bloggers/pages/category/_slug/pages/index/6cfe8caa.dc73841.css
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/50369f4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7d8388031f5fdf89c50b8a437841156016b65640cf9a19ed0b663aea62c2e6d

Request headers

:path: /my/_nuxt/vendors/pages/bloggers/pages/category/_slug/pages/index/6cfe8caa.dc73841.css
pragma: no-cache
cookie: _ga=GA1.2.1282470622.1629777003; _gid=GA1.2.1308648333.1629777003; _gat_UA-75313505-12=1; _gat_UA-75313505-7=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 1341343
x-cache: MISS
content-type: text/css; charset=UTF-8
x-ua-device: bot
x-envoy-upstream-service-time: 7
content-encoding: br
last-modified: Fri, 30 Jul 2021 02:30:06 GMT
server: cloudflare
etag: W/"762-17af53f53b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 407165715
cache-control: public, max-age=31536000
cf-ray: 68399d3c8c6b0eab-FRA
expires: Wed, 24 Aug 2022 03:50:02 GMT

GET
H2 200 1fa48b9.js Show response
holiday.presslogic.com/my/_nuxt/ 273 KB
70 KB 27ms
26ms Script
application/javascript 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/1fa48b9.js
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/50369f4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a23dca95e4bb730b33af450264d22633e9c68cfb5a0fe118466f7bcd0dd919

Request headers

:path: /my/_nuxt/1fa48b9.js
pragma: no-cache
cookie: _ga=GA1.2.1282470622.1629777003; _gid=GA1.2.1308648333.1629777003; _gat_UA-75313505-12=1; _gat_UA-75313505-7=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 3365132
x-cache: HIT
content-type: application/javascript; charset=UTF-8
x-ua-device: pc
x-envoy-upstream-service-time: 2
content-encoding: br
last-modified: Fri, 16 Jul 2021 01:41:44 GMT
server: cloudflare
etag: W/"44521-17aacfa03c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 822118992 821542474
cache-control: public, max-age=31536000
cf-ray: 68399d3c8c6d0eab-FRA
expires: Wed, 24 Aug 2022 03:50:02 GMT

GET
H2 200 a3d577b.js Show response
holiday.presslogic.com/my/_nuxt/ 34 KB
7 KB 22ms
22ms Script
application/javascript 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/a3d577b.js
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/50369f4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4921546c0a359575d12e5e7c7990a501872a1bd67f91b7bc4f95003bdf6f84d

Request headers

:path: /my/_nuxt/a3d577b.js
pragma: no-cache
cookie: _ga=GA1.2.1282470622.1629777003; _gid=GA1.2.1308648333.1629777003; _gat_UA-75313505-12=1; _gat_UA-75313505-7=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:02 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 3365132
x-cache: HIT
content-type: application/javascript; charset=UTF-8
x-ua-device: pc
x-envoy-upstream-service-time: 1
content-encoding: br
last-modified: Fri, 16 Jul 2021 01:41:44 GMT
server: cloudflare
etag: W/"86b5-17aacfa03c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 819084382 813627862
cache-control: public, max-age=31536000
cf-ray: 68399d3c8c6f0eab-FRA
expires: Wed, 24 Aug 2022 03:50:02 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
92 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-75313505-12&cid=1282470622.1629777003&jid=1764898226&gjid=65183801&_gid=1308648333.1629777003&_u=YEBAAEAAAAAAAC~&z=1715620120

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 24 Aug 2021 03:50:02 GMT
content-type: text/plain
access-control-allow-origin: https://holiday.presslogic.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-75313505-7&cid=1282470622.1629777003&jid=149895064&gjid=1052968233&_gid=1308648333.1629777003&_u=YEDAAEABAAAAAC~&z=305616968

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 24 Aug 2021 03:50:02 GMT
content-type: text/plain
access-control-allow-origin: https://holiday.presslogic.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
551 B 166ms
54ms Image
image/gif 13.224.102.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=HolidaySmart%20%E5%81%87%E6%9C%9F%E6%97%A5%E5%B8%B8%20%7C%20%E9%A6%99%E6%B8%AF%E6%9C%80%E5%BC%B7%E9%A3%9F%E8%B2%B7%E7%8E%A9%E6%97%85%E9%81%8A%E8%B3%87%E8%A8%8A%E7%B2%BE%E6%98%8E%E6%B6%88%E8%B2%BB%E9%9B%9C%E8%AA%8C&time=1629777002965&time_zone_offset=-120&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fholiday.presslogic.com%2F&random_number=12550890949&sess_cookie=c623273a17b764781d555a87764&sess_cookie_flag=1&user_cookie=c623273a17b764781d555a87764&user_cookie_flag=1&dynamic=true&domain=presslogic.com&account=aj+Wm1aMp4Z34B&jsv=20130128&user_lang=en-US
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-21.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 24 Aug 2021 03:30:13 GMT
Via: 1.1 ebbd7f31e48ea8cf77f6021cdd92bf62.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 1191
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: ZRH50-C1
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: d7VFKHDbWci1HhMDPWK-MVaDGMs8Pj9bpTkokY8K-DwTH4eO3A7zdQ==

GET
H2 204 x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 0
48 B 453ms
150ms Image
text/plain 52.15.171.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.15.171.234 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-15-171-234.us-east-2.compute.amazonaws.com
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:03 GMT
server: Server

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 19ms
18ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-75313505-12&cid=1282470622.1629777003&jid=1764898226&_u=YEBAAEAAAAAAAC~&z=580954766

Requested by

Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Aug 2021 03:50:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
17ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-75313505-12&cid=1282470622.1629777003&jid=1764898226&_u=YEBAAEAAAAAAAC~&z=580954766

Requested by

Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Aug 2021 03:50:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 18ms
17ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-75313505-7&cid=1282470622.1629777003&jid=149895064&_u=YEDAAEABAAAAAC~&z=712383245

Requested by

Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Aug 2021 03:50:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 16ms
16ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-75313505-7&cid=1282470622.1629777003&jid=149895064&_u=YEDAAEABAAAAAC~&z=712383245

Requested by

Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Aug 2021 03:50:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
251 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2597336253707076&ev=PageView&dl=https%3A%2F%2Fholiday.presslogic.com%2F&rl=&if=false&ts=1629777003002&sw=1600&sh=1200&v=2.9.44&r=stable&ec=0&o=30&fbp=fb.1.1629777003001.1268076862&it=1629777002868&coo=false&rqm=GET

Requested by

Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:03 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 24 Aug 2021 03:50:03 GMT

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/952bbb1.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

79ded6103b2d8c990e502c9de24dc6a96f0eeb6038cd5f2db8c8e6c7fea1b4a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: R5epCPfxmafZNL3B1nnzCw==
cross-origin-resource-policy: cross-origin
expires: Tue, 24 Aug 2021 04:08:10 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: LiWDljaHapgp+eq8e8WGR1WxffDM0P4ic+VkOCADkZLY0DOpq/AXhRYOtjf8YNdwgu6qOqgs3NwX3um9lLUA4A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: d8eb9ca7f5f73493938007edbd4c2521
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 24 Aug 2021 03:50:03 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "a2c900343952bc7ea1b95439f6e16ec5"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 521f4315.jpg
image.presslogic.com/holiday.presslogic.com/wp-content/uploads/2021/08/ 83 KB
83 KB 41ms
32ms Image
image/webp 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.presslogic.com/holiday.presslogic.com/wp-content/uploads/2021/08/521f4315.jpg?auto=format&w=830

Requested by

Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30ee311dc44fb48fcb6d78e93b07916610075d7191303d3fb52d907887f0de46

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 23 Aug 2021 08:29:11 GMT
server: cloudflare
etag: "cfzf69ACjNaLEZMKHPdqFhvA:5f1e4e20f4c09302d83fa720f18d6b7f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000
content-length: 84704
accept-ranges: bytes
cf-ray: 68399d3e3dc20eab-FRA
cf-resized: internal=ok/h q=0 n=30 c=73 v=2021.8.11

POST
H/1.1 200
OK / Show response
sentry.io/api/1471869/store/ 41 B
452 B 590ms
147ms Fetch
application/json 35.188.42.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1471869/store/?sentry_key=a9108d2b2c8346a8b0e8a5f2899cbbcd&sentry_version=7

Requested by

Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/ff27d5f.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

0e54da785f2019b940fdac7bceb9204a589ed3b44734b64df5cd529bedb294eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 24 Aug 2021 03:50:03 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://holiday.presslogic.com
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 41

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=holiday.presslogic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 24 Aug 2021 03:50:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=holiday.presslogic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 24 Aug 2021 03:50:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 467 B
275 B 126ms
75ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2969308710715151&correlator=2798184769348410&output=ldjh&impl=fifs&eid=31062297&vrg=2021081901&ptt=17&sc=1&sfv=1-0-38&ecs=20210824&iu_parts=123517519%2Cpresslogic-1200x300-topbanner&enc_prev_ius=%2F0%2F1&prev_iu_szs=1200x300%7C1x1&prev_scp=subdomain%3Dholiday%26env%3Dproduction%26page_url%3Dhttps%253A%252F%252Fholiday.presslogic.com%26page_type%3Dmain%26inskin_desktop_yes%3Dtrue%26inskin_mobile_yes%3Dtrue%26ad-demo%3D%2520&eri=4&cookie_enabled=1&cdm=holiday.presslogic.com&bc=31&abxe=1&dt=1629777003271&dlt=1629777002393&idt=481&frm=20&biw=1600&bih=1200&oid=3&adxs=274&adys=0&adks=4058169023&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fholiday.presslogic.com&loc=https%3A%2F%2Fholiday.presslogic.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1282470622.1629777003&ga_sid=1629777003&ga_hid=1990439401&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/ff27d5f.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

43eea1670a31ec83358d216fa7b94a21abb3dd5dd9657d171bb9a60ad873556b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:03 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 245
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://holiday.presslogic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7997 6 KB
3 KB 61ms
13ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://holiday.presslogic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://holiday.presslogic.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 24 Aug 2021 03:50:03 GMT
expires: Wed, 24 Aug 2022 03:50:03 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 37 KB
14 KB 501ms
454ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2969308710715151&correlator=2798184769348410&output=ldjh&impl=fifs&eid=31062297&vrg=2021081901&ptt=17&sc=1&sfv=1-0-38&ecs=20210824&iu_parts=123517519%2Cpresslogic-300x250%2Cpresslogic-300x250-article-sidebar-lrec&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C1x1&prev_scp=subdomain%3Dholiday%26env%3Dproduction%26page_url%3Dhttps%253A%252F%252Fholiday.presslogic.com%26page_type%3Dmain%26inskin_desktop_yes%3Dtrue%26inskin_mobile_yes%3Dtrue%26ad-demo%3D%2520&eri=4&cookie_enabled=1&cdm=holiday.presslogic.com&bc=31&abxe=1&dt=1629777003277&dlt=1629777002393&idt=481&frm=20&biw=1600&bih=1200&oid=3&adxs=1027&adys=724&adks=2155410361&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fholiday.presslogic.com&loc=https%3A%2F%2Fholiday.presslogic.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x3419&msz=300x0&ga_vid=1282470622.1629777003&ga_sid=1629777003&ga_hid=1990439401&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/ff27d5f.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

9b9353072230617ff936b852cd96e695e4dd987098dbd985b28e2b5d06bd53bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:03 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14637
x-xss-protection: 0
google-lineitem-id: 5761539284
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138359566021
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://holiday.presslogic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 77 KB
30 KB 911ms
865ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2969308710715151&correlator=2798184769348410&output=ldjh&impl=fifs&eid=31062297&vrg=2021081901&ptt=17&sc=1&sfv=1-0-38&ecs=20210824&iu_parts=123517519%2Cpresslogic-300x250%2Cpresslogic-300x250-article-sidebar-lrec-2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C1x1&prev_scp=subdomain%3Dholiday%26env%3Dproduction%26page_url%3Dhttps%253A%252F%252Fholiday.presslogic.com%26page_type%3Dmain%26inskin_desktop_yes%3Dtrue%26inskin_mobile_yes%3Dtrue%26ad-demo%3D%2520&eri=4&cookie_enabled=1&cdm=holiday.presslogic.com&bc=31&abxe=1&dt=1629777003279&dlt=1629777002393&idt=481&frm=20&biw=1600&bih=1200&oid=3&adxs=1027&adys=2713&adks=1156532695&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fholiday.presslogic.com&loc=https%3A%2F%2Fholiday.presslogic.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x20&msz=300x0&ga_vid=1282470622.1629777003&ga_sid=1629777003&ga_hid=1990439401&ga_fc=false&fws=0&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/ff27d5f.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

c04ab3e8b18d11a14600fd622617ea35e19e0b2508a8c35f2c422d9cd489e552

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30995
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://holiday.presslogic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 67 KB
20 KB 508ms
462ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2969308710715151&correlator=2798184769348410&output=ldjh&impl=fifs&eid=31062297&vrg=2021081901&ptt=17&sc=1&sfv=1-0-38&ecs=20210824&iu_parts=123517519%2Cpresslogic-300x250%2Cpresslogic-300x250-article-sidebar-lrec-3&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C1x1&prev_scp=subdomain%3Dholiday%26env%3Dproduction%26page_url%3Dhttps%253A%252F%252Fholiday.presslogic.com%26page_type%3Dmain%26inskin_desktop_yes%3Dtrue%26inskin_mobile_yes%3Dtrue%26ad-demo%3D%2520&eri=4&cookie_enabled=1&cdm=holiday.presslogic.com&bc=31&abxe=1&dt=1629777003283&dlt=1629777002393&idt=481&frm=20&biw=1600&bih=1200&oid=3&adxs=1027&adys=4083&adks=1861541104&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fholiday.presslogic.com&loc=https%3A%2F%2Fholiday.presslogic.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x20&msz=300x0&ga_vid=1282470622.1629777003&ga_sid=1629777003&ga_hid=1990439401&ga_fc=false&fws=0&ohw=0&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/ff27d5f.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

1862f98dd2e7831eca8c835660d5127c6ae5ea78b141dd78ec872e39b8c51077

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CP-F8rrgyPICFdLhuwgdZpgE9w&gqi=&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CP-F8rrgyPICFdLhuwgdZpgE9w&gqi=&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20919
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Tue, 24 Aug 2021 03:50:03 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://holiday.presslogic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 44 KB
11 KB 1138ms
1092ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2969308710715151&correlator=2798184769348410&output=ldjh&impl=fifs&eid=31062297&vrg=2021081901&ptt=17&sc=1&sfv=1-0-38&ecs=20210824&iu_parts=123517519%2Cpresslogic-300x600%2Cpresslogic-300x600-article-sidebar-half&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600%7C1x1&prev_scp=subdomain%3Dholiday%26env%3Dproduction%26page_url%3Dhttps%253A%252F%252Fholiday.presslogic.com%26page_type%3Dmain%26inskin_desktop_yes%3Dtrue%26inskin_mobile_yes%3Dtrue%26ad-demo%3D%2520&eri=4&cookie_enabled=1&cdm=holiday.presslogic.com&bc=31&abxe=1&dt=1629777003285&dlt=1629777002393&idt=481&frm=20&biw=1600&bih=1200&oid=3&adxs=1027&adys=4103&adks=1231650139&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fholiday.presslogic.com&loc=https%3A%2F%2Fholiday.presslogic.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x20&msz=300x0&ga_vid=1282470622.1629777003&ga_sid=1629777003&ga_hid=1990439401&ga_fc=false&fws=0&ohw=0&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/ff27d5f.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

696dc8c446a7d7fe301adaa8559eda716ec8d7d391ceba838e77dc4ae1b63a36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11284
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://holiday.presslogic.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 67 KB
20 KB 308ms
264ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2969308710715151&correlator=2798184769348410&output=ldjh&impl=fifs&eid=31062297&vrg=2021081901&ptt=17&sc=1&sfv=1-0-38&ecs=20210824&iu_parts=123517519%2Cpresslogic-300x250%2Cpresslogic-300x250-article-sidebar-lrec-4&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C1x1&prev_scp=subdomain%3Dholiday%26env%3Dproduction%26page_url%3Dhttps%253A%252F%252Fholiday.presslogic.com%26page_type%3Dmain%26inskin_desktop_yes%3Dtrue%26inskin_mobile_yes%3Dtrue%26ad-demo%3D%2520&eri=4&cookie_enabled=1&cdm=holiday.presslogic.com&bc=31&abxe=1&dt=1629777003289&dlt=1629777002393&idt=481&frm=20&biw=1600&bih=1200&oid=3&adxs=1027&adys=4123&adks=3665356067&ucis=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fholiday.presslogic.com&loc=https%3A%2F%2Fholiday.presslogic.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x20&msz=300x0&ga_vid=1282470622.1629777003&ga_sid=1629777003&ga_hid=1990439401&ga_fc=false&fws=0&ohw=0&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/ff27d5f.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

705dc880cbf2c75fff6d89cbd6062ab4e2cc3b00f99eb885df47ee34642fbc6d

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMHW57rgyPICFWtU5QodXQcLzg&gqi=&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMHW57rgyPICFWtU5QodXQcLzg&gqi=&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20841
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Tue, 24 Aug 2021 03:50:03 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://holiday.presslogic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 487 B
280 B 491ms
446ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2969308710715151&correlator=2798184769348410&output=ldjh&impl=fifs&eid=31062297&vrg=2021081901&ptt=17&sc=1&sfv=1-0-38&ecs=20210824&iu_parts=123517519%2Cpresslogic-popup%2Cpresslogic-mobile-pop-up-iframe-full&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&prev_scp=subdomain%3Dholiday%26env%3Dproduction%26page_url%3Dhttps%253A%252F%252Fholiday.presslogic.com%26page_type%3Dmain%26inskin_desktop_yes%3Dtrue%26inskin_mobile_yes%3Dtrue%26ad-demo%3D%2520&eri=4&cookie_enabled=1&cdm=holiday.presslogic.com&bc=31&abxe=1&dt=1629777003292&dlt=1629777002393&idt=481&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=547487625&ucis=7&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fholiday.presslogic.com&loc=https%3A%2F%2Fholiday.presslogic.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1&msz=0x-1&ga_vid=1282470622.1629777003&ga_sid=1629777003&ga_hid=1990439401&ga_fc=false&fws=640&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/ff27d5f.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e5670a724acb6d419f617893e95a8545fd4228c56d4a998900daf69495adb76e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:03 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 250
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://holiday.presslogic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 480 B
280 B 121ms
77ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2969308710715151&correlator=2798184769348410&output=ldjh&impl=fifs&eid=31062297&vrg=2021081901&ptt=17&sc=1&sfv=1-0-38&ecs=20210824&iu_parts=123517519%2Cpresslogic-popup%2Cpresslogic-interstitial-image&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&prev_scp=subdomain%3Dholiday%26env%3Dproduction%26page_url%3Dhttps%253A%252F%252Fholiday.presslogic.com%26page_type%3Dmain%26inskin_desktop_yes%3Dtrue%26inskin_mobile_yes%3Dtrue%26ad-demo%3D%2520&eri=4&cookie_enabled=1&cdm=holiday.presslogic.com&bc=31&abxe=1&dt=1629777003294&dlt=1629777002393&idt=481&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=4973&adks=2631300786&ucis=8&ifi=8&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fholiday.presslogic.com&loc=https%3A%2F%2Fholiday.presslogic.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1282470622.1629777003&ga_sid=1629777003&ga_hid=1990439401&ga_fc=false&fws=0&ohw=0&btvi=5&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/ff27d5f.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

2b7494da41950881d5ce83c1090daf59784803ba847b2fe6bbf8a87a15e3b4d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:03 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 250
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://holiday.presslogic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 462 B
268 B 291ms
249ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2969308710715151&correlator=2798184769348410&output=ldjh&impl=fifs&eid=31062297&vrg=2021081901&ptt=17&sc=1&sfv=1-0-38&ecs=20210824&iu_parts=123517519%2Cpresslogic-1x1-article-top-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&prev_scp=subdomain%3Dholiday%26env%3Dproduction%26page_url%3Dhttps%253A%252F%252Fholiday.presslogic.com%26page_type%3Dmain%26inskin_desktop_yes%3Dtrue%26inskin_mobile_yes%3Dtrue%26ad-demo%3D%2520&eri=4&cookie_enabled=1&cdm=holiday.presslogic.com&bc=31&abxe=1&dt=1629777003296&dlt=1629777002393&idt=481&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=4973&adks=790991473&ucis=9&ifi=9&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fholiday.presslogic.com&loc=https%3A%2F%2Fholiday.presslogic.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1282470622.1629777003&ga_sid=1629777003&ga_hid=1990439401&ga_fc=false&fws=0&ohw=0&btvi=6&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/ff27d5f.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

8e5af3f36b5da786e812a77ff69c209bf59074d545038c1b26aa14e8cc284dfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:03 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 238
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://holiday.presslogic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 462 B
272 B 1127ms
1085ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2969308710715151&correlator=2798184769348410&output=ldjh&impl=fifs&eid=31062297&vrg=2021081901&ptt=17&sc=1&sfv=1-0-38&ecs=20210824&iu_parts=123517519%2Cpresslogic-1x1-article-top-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&prev_scp=subdomain%3Dholiday%26env%3Dproduction%26page_url%3Dhttps%253A%252F%252Fholiday.presslogic.com%26page_type%3Dmain%26inskin_desktop_yes%3Dtrue%26inskin_mobile_yes%3Dtrue%26ad-demo%3D%2520&eri=4&cookie_enabled=1&cdm=holiday.presslogic.com&bc=31&abxe=1&dt=1629777003297&dlt=1629777002393&idt=481&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=4973&adks=3406228458&ucis=a&ifi=10&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fholiday.presslogic.com&loc=https%3A%2F%2Fholiday.presslogic.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1282470622.1629777003&ga_sid=1629777003&ga_hid=1990439401&ga_fc=false&fws=0&ohw=0&btvi=7&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/ff27d5f.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

429c07177f8d9723f4f0a686adc4f4df1aa71837a031db8176e6be06f0d55458

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 242
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://holiday.presslogic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 16 KB
8 KB 899ms
856ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2969308710715151&correlator=2798184769348410&output=ldjh&impl=fifs&eid=31062297&vrg=2021081901&ptt=17&sc=1&sfv=1-0-38&ecs=20210824&iu_parts=123517519%2Cpresslogic-1x1-article-top-4&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&prev_scp=subdomain%3Dholiday%26env%3Dproduction%26page_url%3Dhttps%253A%252F%252Fholiday.presslogic.com%26page_type%3Dmain%26inskin_desktop_yes%3Dtrue%26inskin_mobile_yes%3Dtrue%26ad-demo%3D%2520&eri=4&cookie_enabled=1&cdm=holiday.presslogic.com&bc=31&abxe=1&dt=1629777003299&dlt=1629777002393&idt=481&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=4973&adks=327417460&ucis=b&ifi=11&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fholiday.presslogic.com&loc=https%3A%2F%2Fholiday.presslogic.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1282470622.1629777003&ga_sid=1629777003&ga_hid=1990439401&ga_fc=false&fws=0&ohw=0&btvi=8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/ff27d5f.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

a35b16842e7a94ad17e249476a91b63299264b016df9efa797790c4d58b0a514

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7821
x-xss-protection: 0
google-lineitem-id: 5358482576
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138310170868
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://holiday.presslogic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 462 B
272 B 114ms
72ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2969308710715151&correlator=2798184769348410&output=ldjh&impl=fifs&eid=31062297&vrg=2021081901&ptt=17&sc=1&sfv=1-0-38&ecs=20210824&iu_parts=123517519%2Cpresslogic-1x1-article-top-5&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&prev_scp=subdomain%3Dholiday%26env%3Dproduction%26page_url%3Dhttps%253A%252F%252Fholiday.presslogic.com%26page_type%3Dmain%26inskin_desktop_yes%3Dtrue%26inskin_mobile_yes%3Dtrue%26ad-demo%3D%2520&eri=4&cookie_enabled=1&cdm=holiday.presslogic.com&bc=31&abxe=1&dt=1629777003301&dlt=1629777002393&idt=481&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=4973&adks=269837259&ucis=c&ifi=12&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fholiday.presslogic.com&loc=https%3A%2F%2Fholiday.presslogic.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1282470622.1629777003&ga_sid=1629777003&ga_hid=1990439401&ga_fc=false&fws=0&ohw=0&btvi=9&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/ff27d5f.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

71fb104a5499ef2737f6ce3ea58393201caf2fa6dd8d12d22b97b6785d161711

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:03 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 242
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://holiday.presslogic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 facebook-white.png
assets.presslogic.com/presslogic-hk-hd/static/images/ 434 B
908 B 22ms
21ms Image
image/png 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.presslogic.com/presslogic-hk-hd/static/images/facebook-white.png
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c38e0daca00b89a7abd05c03405d75e8c23b5c341754fdfce5663f0f36e1d845

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:03 GMT
cf-cache-status: HIT
age: 1388000
x-guploader-uploadid: ADPycdsGDhq56fVQ0E3h1OSPunWrU3oicg-CVJU5GCsPIAqlU5Wi2Zb0GquM0wi6lxn1z4oNcu74FaSHklFruQTc9AsDLVQh2A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 10
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 434
last-modified: Fri, 12 Mar 2021 04:05:18 GMT
server: cloudflare
etag: "3c0e335db5a178d13aefa74fec2eb4e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=WfHFew==, md5=PA4zXbWheNE676dP7C604w==
x-goog-generation: 1615521918714402
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=31536000
x-goog-stored-content-length: 434
accept-ranges: bytes
cf-ray: 68399d3ece3c0eab-FRA
expires: Wed, 24 Aug 2022 03:50:03 GMT

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ 230 KB
67 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=d9f6428164479bc7268fee8553d27bc8

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

24ed4e4e451c52b3f0b36a0f2bd1449fb89c933caeb024660919ed1c04cb2b0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://holiday.presslogic.com
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: EnWYoNTEcO30NiwVWMZHXQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 68321
x-fb-rlafr: 0
x-fb-debug: MYTCDzxOS2ih6VOwCFTPTBWOUws4a81vDZLdX4tb9SWHnhtQGgcBzY6MgZaZiQ0P3zp0DVYPaboxrbGYQqwMEQ==
x-fb-content-md5: e57f1f4528f0207a1488cb01a842d939
x-frame-options: DENY
date: Tue, 24 Aug 2021 03:50:03 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "2a1f59b7edc94c6f88f051174cd500a1"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 24 Aug 2022 03:26:50 GMT

GET
H2 200 8d937d0f.4197e0b.css
holiday.presslogic.com/my/_nuxt/pages/fb/pages/search/ 3 KB
1 KB 18ms
16ms Stylesheet
text/css 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/pages/fb/pages/search/8d937d0f.4197e0b.css
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/50369f4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1108f1916ae7a8c7298e032eeb7a87fb86f0aa24b3883f62911b6206d5107c2b

Request headers

:path: /my/_nuxt/pages/fb/pages/search/8d937d0f.4197e0b.css
pragma: no-cache
cookie: _ga=GA1.2.1282470622.1629777003; _gid=GA1.2.1308648333.1629777003; _gat_UA-75313505-12=1; _gat_UA-75313505-7=1; __asc=c623273a17b764781d555a87764; __auc=c623273a17b764781d555a87764; _fbp=fb.1.1629777003001.1268076862
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:03 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 442624
x-cache: MISS
content-type: text/css; charset=UTF-8
x-ua-device: bot
x-envoy-upstream-service-time: 9
content-encoding: br
last-modified: Wed, 18 Aug 2021 08:10:50 GMT
server: cloudflare
etag: W/"c8f-17b58501b10"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 616545552
cache-control: public, max-age=31536000
cf-ray: 68399d3efe5d0eab-FRA
expires: Wed, 24 Aug 2022 03:50:03 GMT

GET
H2 200 8525797.js Show response
holiday.presslogic.com/my/_nuxt/ 6 KB
2 KB 18ms
15ms Script
application/javascript 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/8525797.js
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/50369f4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34f4765beef1963a50e6f26df1523b3b0d0db5fcb77331eb5f5a71243e0ac461

Request headers

:path: /my/_nuxt/8525797.js
pragma: no-cache
cookie: _ga=GA1.2.1282470622.1629777003; _gid=GA1.2.1308648333.1629777003; _gat_UA-75313505-12=1; _gat_UA-75313505-7=1; __asc=c623273a17b764781d555a87764; __auc=c623273a17b764781d555a87764; _fbp=fb.1.1629777003001.1268076862
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:03 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 3365133
x-cache: HIT
content-type: application/javascript; charset=UTF-8
x-ua-device: pc
x-envoy-upstream-service-time: 2
content-encoding: br
last-modified: Fri, 16 Jul 2021 01:41:44 GMT
server: cloudflare
etag: W/"1953-17aacfa03c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 817956587 814995214
cache-control: public, max-age=31536000
cf-ray: 68399d3efe5e0eab-FRA
expires: Wed, 24 Aug 2022 03:50:03 GMT

GET
H2 200 bd35df2a.a198961.css
holiday.presslogic.com/my/_nuxt/pages/search/ 440 B
339 B 26ms
22ms Stylesheet
text/css 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/pages/search/bd35df2a.a198961.css
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/50369f4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c83d3b2626e5c7be290676f31d079ab4a3c1013458e1748494cbe3e05145b27

Request headers

:path: /my/_nuxt/pages/search/bd35df2a.a198961.css
pragma: no-cache
cookie: _ga=GA1.2.1282470622.1629777003; _gid=GA1.2.1308648333.1629777003; _gat_UA-75313505-12=1; _gat_UA-75313505-7=1; __asc=c623273a17b764781d555a87764; __auc=c623273a17b764781d555a87764; _fbp=fb.1.1629777003001.1268076862
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:03 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 6054388
x-cache: HIT
content-type: text/css; charset=UTF-8
x-ua-device: pc
x-envoy-upstream-service-time: 2
content-encoding: br
last-modified: Tue, 15 Jun 2021 01:28:45 GMT
server: cloudflare
etag: W/"1b8-17a0d48fcc8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 436446934 458752691
cache-control: public, max-age=31536000
cf-ray: 68399d3efe600eab-FRA
expires: Wed, 24 Aug 2022 03:50:03 GMT

GET
H2 200 89dafb4.js Show response
holiday.presslogic.com/my/_nuxt/ 3 KB
2 KB 23ms
20ms Script
application/javascript 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/89dafb4.js
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/50369f4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e647c5d18350402817098a6f79853790ace79be9a1bf94cc3c8797addc5cdd34

Request headers

:path: /my/_nuxt/89dafb4.js
pragma: no-cache
cookie: _ga=GA1.2.1282470622.1629777003; _gid=GA1.2.1308648333.1629777003; _gat_UA-75313505-12=1; _gat_UA-75313505-7=1; __asc=c623273a17b764781d555a87764; __auc=c623273a17b764781d555a87764; _fbp=fb.1.1629777003001.1268076862
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:03 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 3532
x-cache: MISS
content-type: application/javascript; charset=UTF-8
x-ua-device: bot
x-envoy-upstream-service-time: 9
content-encoding: br
last-modified: Wed, 18 Aug 2021 08:10:50 GMT
server: cloudflare
etag: W/"c35-17b58501b10"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 652398806
cache-control: public, max-age=31536000
cf-ray: 68399d3efe660eab-FRA
expires: Wed, 24 Aug 2022 03:50:03 GMT

GET
H2 200 e776cc8.js Show response
holiday.presslogic.com/my/_nuxt/ 302 KB
78 KB 32ms
30ms Script
application/javascript 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/e776cc8.js
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/50369f4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26a59f5cd2e558222d7fe0c2883f7e3926c15534d1ea4b846ce1aa2ea79c4adf

Request headers

:path: /my/_nuxt/e776cc8.js
pragma: no-cache
cookie: _ga=GA1.2.1282470622.1629777003; _gid=GA1.2.1308648333.1629777003; _gat_UA-75313505-12=1; _gat_UA-75313505-7=1; __asc=c623273a17b764781d555a87764; __auc=c623273a17b764781d555a87764; _fbp=fb.1.1629777003001.1268076862
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:03 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 3365140
x-cache: HIT
content-type: application/javascript; charset=UTF-8
x-ua-device: pc
x-envoy-upstream-service-time: 2
content-encoding: br
last-modified: Fri, 16 Jul 2021 01:41:44 GMT
server: cloudflare
etag: W/"4b69f-17aacfa03c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 816949076 817172668
cache-control: public, max-age=31536000
cf-ray: 68399d3efe670eab-FRA
expires: Wed, 24 Aug 2022 03:50:03 GMT

GET
H2 200 760b5c95.5b90dde.css
holiday.presslogic.com/my/_nuxt/vendors/pages/article/_wpid/index/ 15 KB
3 KB 22ms
21ms Stylesheet
text/css 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/vendors/pages/article/_wpid/index/760b5c95.5b90dde.css
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/50369f4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ad462c24b7db7dd8b19893f55f6101838f756bbf9473c8ed172389f61ecf1c8

Request headers

:path: /my/_nuxt/vendors/pages/article/_wpid/index/760b5c95.5b90dde.css
pragma: no-cache
cookie: _ga=GA1.2.1282470622.1629777003; _gid=GA1.2.1308648333.1629777003; _gat_UA-75313505-12=1; _gat_UA-75313505-7=1; __asc=c623273a17b764781d555a87764; __auc=c623273a17b764781d555a87764; _fbp=fb.1.1629777003001.1268076862
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:03 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 2338659
x-cache: MISS
content-type: text/css; charset=UTF-8
x-ua-device: tablet-ipad
x-envoy-upstream-service-time: 10
content-encoding: br
last-modified: Mon, 19 Jul 2021 06:19:08 GMT
server: cloudflare
etag: W/"3ad6-17abd6b0f60"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 900805940
cache-control: public, max-age=31536000
cf-ray: 68399d3efe610eab-FRA
expires: Wed, 24 Aug 2022 03:50:03 GMT

GET
H2 200 6448b3d.js Show response
holiday.presslogic.com/my/_nuxt/ 84 B
167 B 24ms
22ms Script
application/javascript 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/6448b3d.js
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/50369f4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5ab65d9bc23ec6f0a9aa0777bcedb0b5c81722ca1baeb73070fed2421bcbd0c

Request headers

:path: /my/_nuxt/6448b3d.js
pragma: no-cache
cookie: _ga=GA1.2.1282470622.1629777003; _gid=GA1.2.1308648333.1629777003; _gat_UA-75313505-12=1; _gat_UA-75313505-7=1; __asc=c623273a17b764781d555a87764; __auc=c623273a17b764781d555a87764; _fbp=fb.1.1629777003001.1268076862
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:03 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 3365140
x-cache: HIT
content-type: application/javascript; charset=UTF-8
x-ua-device: pc
x-envoy-upstream-service-time: 1
content-encoding: br
last-modified: Fri, 16 Jul 2021 01:41:44 GMT
server: cloudflare
etag: W/"54-17aacfa03c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 819084354 819857772
cache-control: public, max-age=31536000
cf-ray: 68399d3efe680eab-FRA
expires: Wed, 24 Aug 2022 03:50:03 GMT

GET
H2 200 890ca723.c915abf.css
holiday.presslogic.com/my/_nuxt/pages/article/_wpid/index/pages/article/amp/_wpid/index/ 3 KB
992 B 24ms
23ms Stylesheet
text/css 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/pages/article/_wpid/index/pages/article/amp/_wpid/index/890ca723.c915abf.css
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/50369f4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8da0c3872beb7b2262f0405bef8d4f6a35b74cfd167d443ba4d2ecd0caf3c9e0

Request headers

:path: /my/_nuxt/pages/article/_wpid/index/pages/article/amp/_wpid/index/890ca723.c915abf.css
pragma: no-cache
cookie: _ga=GA1.2.1282470622.1629777003; _gid=GA1.2.1308648333.1629777003; _gat_UA-75313505-12=1; _gat_UA-75313505-7=1; __asc=c623273a17b764781d555a87764; __auc=c623273a17b764781d555a87764; _fbp=fb.1.1629777003001.1268076862
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:03 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 1054449
x-cache: MISS
content-type: text/css; charset=UTF-8
x-ua-device: bot
x-envoy-upstream-service-time: 8
content-encoding: br
last-modified: Fri, 30 Jul 2021 02:30:06 GMT
server: cloudflare
etag: W/"bae-17af53f53b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 352819047
cache-control: public, max-age=31536000
cf-ray: 68399d3efe630eab-FRA
expires: Wed, 24 Aug 2022 03:50:03 GMT

GET
H2 200 e7c6c75.js Show response
holiday.presslogic.com/my/_nuxt/ 12 KB
3 KB 25ms
24ms Script
application/javascript 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/e7c6c75.js
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/50369f4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 747de4f700fc38ad6aec697eca9a96c31b522213c90f3b50211c869a5d7f0464

Request headers

:path: /my/_nuxt/e7c6c75.js
pragma: no-cache
cookie: _ga=GA1.2.1282470622.1629777003; _gid=GA1.2.1308648333.1629777003; _gat_UA-75313505-12=1; _gat_UA-75313505-7=1; __asc=c623273a17b764781d555a87764; __auc=c623273a17b764781d555a87764; _fbp=fb.1.1629777003001.1268076862
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:03 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 3365213
x-cache: HIT
content-type: application/javascript; charset=UTF-8
x-ua-device: mobile-iphone
x-envoy-upstream-service-time: 2
content-encoding: br
last-modified: Fri, 16 Jul 2021 01:41:44 GMT
server: cloudflare
etag: W/"2e53-17aacfa03c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 807444885 814328801
cache-control: public, max-age=31536000
cf-ray: 68399d3efe690eab-FRA
expires: Wed, 24 Aug 2022 03:50:03 GMT

GET
H2 200 01e7b97c.7ea623f.css
holiday.presslogic.com/my/_nuxt/pages/article/_wpid/index/ 10 KB
2 KB 33ms
32ms Stylesheet
text/css 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/pages/article/_wpid/index/01e7b97c.7ea623f.css
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/50369f4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 503fdf21c73cbd004617290290875aae1c12e70ea356b10206112cb41bc023e0

Request headers

:path: /my/_nuxt/pages/article/_wpid/index/01e7b97c.7ea623f.css
pragma: no-cache
cookie: _ga=GA1.2.1282470622.1629777003; _gid=GA1.2.1308648333.1629777003; _gat_UA-75313505-12=1; _gat_UA-75313505-7=1; __asc=c623273a17b764781d555a87764; __auc=c623273a17b764781d555a87764; _fbp=fb.1.1629777003001.1268076862
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:03 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 2161292
x-cache: HIT
content-type: text/css; charset=UTF-8
x-ua-device: mobile-iphone
x-envoy-upstream-service-time: 1
content-encoding: br
last-modified: Fri, 30 Jul 2021 02:30:06 GMT
server: cloudflare
etag: W/"2935-17af53f53b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 10717621 1940457
cache-control: public, max-age=31536000
cf-ray: 68399d3efe650eab-FRA
expires: Wed, 24 Aug 2022 03:50:03 GMT

GET
H2 200 a96ca58.js Show response
holiday.presslogic.com/my/_nuxt/ 13 KB
5 KB 22ms
21ms Script
application/javascript 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://holiday.presslogic.com/my/_nuxt/a96ca58.js
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/50369f4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 881d7ee9c548267e8868c706be137e571769363579475059b680777d2f8ad88d

Request headers

:path: /my/_nuxt/a96ca58.js
pragma: no-cache
cookie: _ga=GA1.2.1282470622.1629777003; _gid=GA1.2.1308648333.1629777003; _gat_UA-75313505-12=1; _gat_UA-75313505-7=1; __asc=c623273a17b764781d555a87764; __auc=c623273a17b764781d555a87764; _fbp=fb.1.1629777003001.1268076862
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:03 GMT
via: 1.1 varnish (Varnish/6.4), 1.1 google
cf-cache-status: HIT
age: 1171593
x-cache: HIT
content-type: application/javascript; charset=UTF-8
x-ua-device: mobile-iphone
x-envoy-upstream-service-time: 1
content-encoding: br
last-modified: Fri, 30 Jul 2021 02:30:06 GMT
server: cloudflare
etag: W/"3598-17af53f53b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin, User-Agent
x-varnish: 347069227 353705271
cache-control: public, max-age=31536000
cf-ray: 68399d3efe6b0eab-FRA
expires: Wed, 24 Aug 2022 03:50:03 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1686107568269712&ev=fb_page_view&dl=https%3A%2F%2Fholiday.presslogic.com%2F&rl=&if=false&ts=1629777003366&sw=1600&sh=1200&at=

Requested by

Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:03 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Tue, 24 Aug 2021 03:50:03 GMT

GET
H2 200 instagram-white.png
assets.presslogic.com/presslogic-hk-hd/static/images/ 558 B
839 B 26ms
25ms Image
image/png 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.presslogic.com/presslogic-hk-hd/static/images/instagram-white.png
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c1ce9c9a9b386bde0f0788bcf893c32952042c6b409d5a86c184f0cfc967727

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:03 GMT
cf-cache-status: HIT
age: 1334500
x-guploader-uploadid: ADPycdujOb3eJm0nDp5GkSORXsD7213acIbdVYn0zjjXZTYUwMbiNH7vuwv7OIk-HCF1Whxw76_I0eaxZxdpGnqp958
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 10
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 558
last-modified: Fri, 12 Mar 2021 04:05:20 GMT
server: cloudflare
etag: "af21074b14882776e25431cdfdf995bb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=UM87jA==, md5=ryEHSxSIJ3biVDHN/fmVuw==
x-goog-generation: 1615521919956450
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=31536000
x-goog-stored-content-length: 558
accept-ranges: bytes
cf-ray: 68399d3f6eb20eab-FRA
expires: Wed, 24 Aug 2022 03:50:03 GMT

GET
H2 200 AhHg0hkM4oza4MXdMzbSAqJ8djY7neLeTDcpjSTK.png
assets.presslogic.com/presslogic-hk-hd/images/upload/ 10 KB
11 KB 20ms
19ms Image
image/png 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.presslogic.com/presslogic-hk-hd/images/upload/AhHg0hkM4oza4MXdMzbSAqJ8djY7neLeTDcpjSTK.png
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36764ad99858aeabc8630ce12a731d82ec32feb371c88b2572e7f848159127d3

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:03 GMT
cf-cache-status: HIT
age: 1388000
x-guploader-uploadid: ADPycdun0rlg-V4I_krV9WKKD3xy_nRf6FFTi-xoQezYW72gqbVE-owLs7PyQo8RoayAylO6a7BzYxvHDnCHAnpDAVvuET39IQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 9
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 10269
last-modified: Fri, 12 Mar 2021 05:28:09 GMT
server: cloudflare
etag: "2d7753b68ba0094de669f30c3f7f937e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=55pcBA==, md5=LXdTtougCU3mafMMP3+Tfg==
x-goog-generation: 1615526889655790
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=31536000
x-goog-stored-content-length: 10269
accept-ranges: bytes
cf-ray: 68399d3f6eb30eab-FRA
expires: Wed, 24 Aug 2022 03:50:03 GMT

GET
H2 200 521f4315.jpg
image.presslogic.com/holiday.presslogic.com/wp-content/uploads/2021/08/ 68 KB
68 KB 30ms
30ms Image
image/webp 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.presslogic.com/holiday.presslogic.com/wp-content/uploads/2021/08/521f4315.jpg?w=700&auto=format

Requested by

Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea5f4e9308304ce3c98c57fe78bcce332a4cf962e48cbd6c6d443a2e1b78b900

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 23 Aug 2021 08:29:11 GMT
server: cloudflare
etag: "cfQE1KSBOA8MHUNhSthvp45w:5f1e4e20f4c09302d83fa720f18d6b7f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000
content-length: 69480
accept-ranges: bytes
cf-ray: 68399d3f6eb40eab-FRA
cf-resized: internal=ok/h q=0 n=21 c=57 v=2021.8.11

GET
H2 200 e92b21b3.jpg
image.presslogic.com/holiday.presslogic.com/wp-content/uploads/2021/08/ 28 KB
29 KB 26ms
26ms Image
image/webp 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.presslogic.com/holiday.presslogic.com/wp-content/uploads/2021/08/e92b21b3.jpg?w=400&auto=format

Requested by

Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbb57cb79323d071cdd8071a2cb16292a6aa9dcaf41f701c760e4c927570340a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 23 Aug 2021 08:25:40 GMT
server: cloudflare
etag: "cfeycrqsWVpFLI7KbkoSRNNg:a6253d9db939b6a723d054cb432ef7c3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000
content-length: 29126
accept-ranges: bytes
cf-ray: 68399d3f6eb60eab-FRA
cf-resized: internal=ok/m q=0 n=1642 c=27 v=2021.8.11

GET
H2 200 6ad82031.jpg
image.presslogic.com/holiday.presslogic.com/wp-content/uploads/2021/08/ 21 KB
21 KB 26ms
26ms Image
image/webp 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.presslogic.com/holiday.presslogic.com/wp-content/uploads/2021/08/6ad82031.jpg?w=300&auto=format

Requested by

Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d39496cf0e486697bb3a01d0f25bb7ac560b794bb01793382402e234744ca9ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 23 Aug 2021 03:42:13 GMT
server: cloudflare
etag: "cfl9rOBkgTEXSsWbWtYMZc1Q:d35139f90384cd7a558cbc77f8b4b441"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000
content-length: 21770
accept-ranges: bytes
cf-ray: 68399d3f6eb70eab-FRA
cf-resized: internal=ok/h q=0 n=26 c=18 v=2021.8.11

GET
H3-29

200

/
www.facebook.com/login/ Frame 91CF
Redirect Chain

https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=1686107568269712&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df9...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%3D1686107568269712%26channel%3Dhttps%253A%252F%252Fstaticxx.faceboo...

0
0

111ms
111ms

Document
text/html

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%3D1686107568269712%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df9b38b502b4ca%2526domain%253Dholiday.presslogic.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fholiday.presslogic.com%25252Ff2fb799df81b08c%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttp%253A%252F%252Fwww.facebook.com%252F1177918368921987%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D300

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=d9f6428164479bc7268fee8553d27bc8

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%3D1686107568269712%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df9b38b502b4ca%2526domain%253Dholiday.presslogic.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fholiday.presslogic.com%25252Ff2fb799df81b08c%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttp%253A%252F%252Fwww.facebook.com%252F1177918368921987%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D300
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://holiday.presslogic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: about:blank

Response headers

vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-rlafr: 0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/;font-src data: *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;frame-src *.facebook.com fbsbx.com;worker-src blob:;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: yES3Mu8m/QhzJvViDi+Z5skSP0PsMQGzqKZO2XVjEyeRVzv08e7vzgRX2uJWNTHGkxUpd9NPCWj7nkUtGZLDQA==
date: Tue, 24 Aug 2021 03:50:03 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

Redirect headers

location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%3D1686107568269712%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df9b38b502b4ca%2526domain%253Dholiday.presslogic.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fholiday.presslogic.com%25252Ff2fb799df81b08c%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttp%253A%252F%252Fwww.facebook.com%252F1177918368921987%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D300
x-fb-rlafr: 0
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info *.atdmt.com blob: android-webview-video-poster:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com fbsbx.com *.atdmt.com;worker-src blob:;report-uri https://www.facebook.com/csp/reporting/;
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version: v4.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: S622mkhFrtpsjJ8w4QPxKSdsHTOILeHm90cRjTPe69b0uBJRMXppuZdtZrsvB66rmmXS95Ohw8OSODg9v7+t7A==
content-length: 0
date: Tue, 24 Aug 2021 03:50:03 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 39ms
19ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021081901&st=env

Requested by

Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/ff27d5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f5205042d163b67080802e82367c6e61010808437836456d9fc7cb07fa6f2ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 24 Aug 2021 03:50:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8505
x-xss-protection: 0

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/21733041/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
349 B

55ms
54ms

Script
application/javascript

13.224.102.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-56.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:39:38 GMT
via: 1.1 ebbd7f31e48ea8cf77f6021cdd92bf62.cloudfront.net (CloudFront)
etag: "d41d8cd98f00b204e9800998ecf8427e"
last-modified: Mon, 01 Mar 2021 20:42:20 GMT
server: AmazonS3
age: 626
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: 733w_6v5bhRgtVP0bvD6EXa29s7ApjTo1ndvBiF0iBw_eSYpzp63jw==

Redirect headers

date: Tue, 24 Aug 2021 03:50:03 GMT
via: 1.1 ebbd7f31e48ea8cf77f6021cdd92bf62.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: /internal-c2/default/cs.js
content-length: 48
x-amz-cf-id: 3dNil3efJC-0ktIfoD_gdlcQNRnCDzjhxR-yQ6ZKU6AxkT956PoblA==

POST
H2 200 rum Show response
holiday.presslogic.com/cdn-cgi/ 0
215 B 13ms
13ms XHR
text/plain 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://holiday.presslogic.com/cdn-cgi/rum?req_id=68399d371f890eab

Requested by

Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/ff27d5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-fetch-mode: cors
origin: https://holiday.presslogic.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: _ga=GA1.2.1282470622.1629777003; _gid=GA1.2.1308648333.1629777003; _gat_UA-75313505-12=1; _gat_UA-75313505-7=1; __asc=c623273a17b764781d555a87764; __auc=c623273a17b764781d555a87764; _fbp=fb.1.1629777003001.1268076862; __gads=ID=9cae8982439f7070-22cf69e5acc8001f:T=1629777003:S=ALNI_MZ-o5scbo6oCz_0HYvtTbfdt_8ERg
content-length: 42053
:path: /cdn-cgi/rum?req_id=68399d371f890eab
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: holiday.presslogic.com
referer: https://holiday.presslogic.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: application/json

Response headers

date: Tue, 24 Aug 2021 03:50:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://holiday.presslogic.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 68399d3fcef00eab-FRA
vary: Origin

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 7ms
6ms Ping
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryVYtmwXWHkBXgv8v9

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Tue, 24 Aug 2021 03:50:03 GMT
content-type: text/plain
access-control-allow-origin: https://holiday.presslogic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Tue, 24 Aug 2021 03:50:03 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame EF60 12 KB
5 KB 14ms
14ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://holiday.presslogic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://holiday.presslogic.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Tue, 24 Aug 2021 00:42:51 GMT
expires: Wed, 24 Aug 2022 00:42:51 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 11232
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F0EA 783 B
534 B 20ms
20ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

efeea300476f645fad693f5f1940f09d4bc36f06218062be64554d670927cee1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-eJds+jvBWqfjhLyKaiKFnA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://holiday.presslogic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://holiday.presslogic.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 24 Aug 2021 03:50:03 GMT
date: Tue, 24 Aug 2021 03:50:03 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-eJds+jvBWqfjhLyKaiKFnA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js Show response
pagead2.googlesyndication.com/bg/ Frame EF60 35 KB
13 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1121d7f8fb131bce05cbaf9b75a1272f9fbed57a53cd239d2fe91ece63ed9424

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 12:43:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54399
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13272
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 14:48:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 Aug 2022 12:43:24 GMT

GET
H3-29 200 container.html Show response
ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 91DE 6 KB
3 KB 20ms
7ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://holiday.presslogic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://holiday.presslogic.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 24 Aug 2021 03:50:03 GMT
expires: Wed, 24 Aug 2022 03:50:03 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99f6048e026a358bcd25087b08a35840836764c0c3a97cd18569a0dab3263b7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:03 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629718286636491"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27620
x-xss-protection: 0
expires: Tue, 24 Aug 2021 03:50:03 GMT

GET
H3-29 200 ssrh.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 91DE 84 KB
29 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/ssrh.js

Requested by

Host: ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com
URL: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b5312cb2f154f2bd64ee8746195a63df254d10bfd107a61eec3d5d38dd48bff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 01:32:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8234
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30063
x-xss-protection: 0
server: cafe
etag: 16132151104434394549
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 25 Aug 2021 01:32:49 GMT

GET
H2 200 8916226963514681782_14153521601245685586.jpeg
static.doubleclick.net/dynamic/5/284154781/ Frame 91DE 30 KB
30 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/284154781/8916226963514681782_14153521601245685586.jpeg

Requested by

Host: ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com
URL: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

783bdee3b98d28761c9365cb84aab079516d78d6915fa15796007004ec106e40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 13:28:05 GMT
x-content-type-options: nosniff
last-modified: Sat, 24 Apr 2021 06:52:02 GMT
server: sffe
age: 570118
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30891
x-xss-protection: 0
expires: Wed, 17 Aug 2022 13:28:05 GMT

GET
H2 200 670471605159646876_8467090014335288849.jpeg
static.doubleclick.net/dynamic/5/284154781/ Frame 91DE 20 KB
20 KB 14ms
12ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/284154781/670471605159646876_8467090014335288849.jpeg

Requested by

Host: ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com
URL: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca499618edd15ed29a519fc9002f8e4abc35248b6c07df426bd6d6ab545ca0b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 14:06:10 GMT
x-content-type-options: nosniff
last-modified: Fri, 23 Apr 2021 18:03:35 GMT
server: sffe
age: 567833
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20699
x-xss-protection: 0
expires: Wed, 17 Aug 2022 14:06:10 GMT

GET
H2 200 9234287138937948245_3818642961253411685.jpeg
static.doubleclick.net/dynamic/5/284154781/ Frame 91DE 29 KB
29 KB 16ms
15ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/284154781/9234287138937948245_3818642961253411685.jpeg

Requested by

Host: ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com
URL: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425220ba21035ca3cf9fadf13dd9b089153d5e545573b23d67f3e361b3954524

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:26:49 GMT
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 23:34:41 GMT
server: sffe
age: 33794
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30065
x-xss-protection: 0
expires: Tue, 23 Aug 2022 18:26:49 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/ Frame 91DE 18 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/abg_lite_fy2019.js

Requested by

Host: ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com
URL: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38cae7aa633433ce04ad15167696536fa0dfc233ea2f68d39cacfb288f5316c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:29:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1251
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7637
x-xss-protection: 0
server: cafe
etag: 2853818853078434854
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Sep 2021 03:29:12 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame 91DE 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/window_focus_fy2019.js

Requested by

Host: ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com
URL: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:42:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 481
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Sep 2021 03:42:02 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 91DE 124 KB
37 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com
URL: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dc00e6c10812518e5f101fdeef7624851e0431b4931d80e64470b576800f041

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:03 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629718280506303"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38186
x-xss-protection: 0
expires: Tue, 24 Aug 2021 03:50:03 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame 91DE 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com
URL: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:35:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 885
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6205
x-xss-protection: 0
server: cafe
etag: 3431872159862141604
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Sep 2021 03:35:18 GMT

GET
H3-29 200 12305457055883520320
tpc.googlesyndication.com/simgad/ Frame 91DE 38 KB
38 KB 7ms
7ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12305457055883520320

Requested by

Host: ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com
URL: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7251739d49fd91b1541e799306e8fc589561d60dd20a7820d9873851780ad612

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 14:58:35 GMT
x-content-type-options: nosniff
age: 564688
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38762
x-xss-protection: 0
last-modified: Mon, 20 Jan 2020 10:23:35 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 14:58:35 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 91DE 0
0 55ms
55ms Fetch
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Ch-Lfa2wkYYH1GOuolQfdjqzwDO-zxtJkgvuP87UOjd_hlY0OEAEg75PENGDp5MmF2BqgAd-B-vUDyAEJqQKlMwPm47SzPuACAKgDAcgDmwSqBN8BT9BDkn4t_SU8iMQzqgmySyCdPVn0rKPdZAUDQ8yMKsSeAIX2WaZ0kwH0GyUp5X4q3po-xvzq0fIyZ2BGwMY2WmHs5IuPMB2tSN1UneLdDCIA0fhRpASRcGR2wX2sQDtmg1ORz78kIkjCc75Bfrm-OFdkOVpXiDEYnyXeBn3fz07QYVj8rx3IRjBZUETGwbHYJVrEUCm_ufX-Ub4clfaT4G4AhG2CJjE4HYVY_sRQWD8yDRDnHq7UZrO_bdwqh9XcbXiHMzRFvqRgYpaR9-Q_UXmlG58c06Zpe_FwiSctqcAEn_Gx1eAD4AQBoAYugAext7kdqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHAxDwLtIICQiI4YAQEAEYHYAKA8gLAdgTA9AVAYAXAbIXHgocCAASFHB1Yi05NTgyNDIyNzk1OTkxMTE0GJesJA&sigh=C2CpcYtr5BQ&template_id=494
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 40C3 143 B
226 B 6ms
5ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com
URL: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 24 Aug 2021 03:16:33 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2010
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 40C3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

16ms
16ms

Document
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com
URL: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 24 Aug 2021 03:50:03 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Tue, 24-Aug-2021 04:50:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 24 Aug 2021 03:50:03 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 24 Aug 2021 03:50:03 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 91DE 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb5bd49305fd3986b50cc4a0228542f8f6532b3c5523219f3716e84f141c86a8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 560D 0
0 56ms
56ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvJQWwsF2bNHBX8efFxgklLgWq0E9HfXroyWPwPKLRYPJeuz2kl_mqdrr7vw2AgMttVfwc7i0gQ-7cOJE06vsdOR8cBI5x2j4aEqValMTrf7S9JnDZcHLzNfPsqUthv3fcC_z0QbjCoYIirYkCXN3mjHG5Cv6UyytSo921Cl03Nt8pNiiUlUp9sNdh9qCBUaaF8qLDZnNKPN1D_sNwLfswbv5X9xMhSDvcF2wiwnRQxtJIwQhYbhfl8F0UsD2cJVCNp3rWCrOmdrZbNMr0GZWqEuhdO1TpMcoS30NStd482jRIU4L-kODNGqkt8aEPmMYKF9U2SGdLT1gBAYLwuHmKP3nSjdFqnZ9awgwu_fYfzPoNq1ZTFobP-8dryOulQYrUV4A&sai=AMfl-YS_1B44hxKkMEKQpDQNnMP57n0lmnk_wxvzpGBJBki7bkq9Fe5Z6JdBCyjy5JPtKoxJyoVpuiwBd0lsKU86zDyU8OivSuGlWzW9WgaYXQxq70hm3mv_mVzsXbs4klvw&sig=Cg0ArKJSzOmznt-WOEVYEAE&adurl=

Requested by

Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 24 Aug 2021 03:50:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/ Frame 560D 18 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38cae7aa633433ce04ad15167696536fa0dfc233ea2f68d39cacfb288f5316c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:29:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1251
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7637
x-xss-protection: 0
server: cafe
etag: 2853818853078434854
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Sep 2021 03:29:12 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame 560D 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:42:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 481
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Sep 2021 03:42:02 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 560D 124 KB
37 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dc00e6c10812518e5f101fdeef7624851e0431b4931d80e64470b576800f041

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:03 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629718280506303"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38186
x-xss-protection: 0
expires: Tue, 24 Aug 2021 03:50:03 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 560D 0
0 14ms
13ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT6aaDcAyGLMV5NYRU3EbJeZ4Rd5NsRdRbFxw49n6ce-W841D-t-C5OZp1om2OCS1H8-7nwQNkyYb5CNWqjxTimZ7XxLA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 Wave3-Arte_LREC_20210816-Mood_V2.gif
storage.googleapis.com/assets-presslogic/admaterials/ Frame 560D 98 KB
98 KB 27ms
7ms Image
image/gif 2a00:1450:4001:82b::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/assets-presslogic/admaterials/Wave3-Arte_LREC_20210816-Mood_V2.gif
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 9c60b538360889966bd2e4a1adad2fb0291484e18656c0bc9d5ff0112b492593

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:38:59 GMT
age: 664
x-guploader-uploadid: ADPycdvEtatqFd0B9KAgAMPGdke4cSz5qHdSBUskN1Nss_t60YY070i68yg41B1EkMpomgvMf16ThyvSrM5v-BybcsXPEwPG2w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100107
last-modified: Thu, 12 Aug 2021 09:36:24 GMT
server: UploadServer
etag: "9f026df1652a2dc17360cd31f431e7ad"
x-goog-hash: crc32c=pekc6g==, md5=nwJt8WUqLcFzYM0x9DHnrQ==
x-goog-generation: 1628760984940075
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 100107
accept-ranges: bytes
content-type: image/gif
expires: Tue, 24 Aug 2021 04:38:59 GMT

GET
H3-29 200 container.html Show response
ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 55FD 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://holiday.presslogic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://holiday.presslogic.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 24 Aug 2021 03:50:03 GMT
expires: Wed, 24 Aug 2022 03:50:03 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 560D 0
0 104ms
53ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssb8_kGdHpVUWh6kHZrDX_-Kj3BuxMpbvyjKVjkbiQjGhlJBigTFYD2qTSX7hxoCeKb5lntds3QSmHhusOsK2ZxjVVokIumobuLNNHqqBZkWjsJzS7IO2IBwVaQJQjEeSLtinBQCJb_xx9nSqNJg-zUA1j9mtRpOpN6KeZXvMh-J2YCG6XmEmozCJ6g26Th7mBN9REXqgebJvjm4OEBnJMxJ5C29mLX7hBv_W9dFDspUqiQ-_C3VbaFrC2ozw7hf9RyEgzSglgrWrJ7T7HpNeWwVmT44gAMfapQAnVga5sl6-CAshku8yCKrNnolTnnPeIP1_KNKPeKib_H11KIhNHiOi4Fj34K0JeWdFNT8GTWmO3GOQlB5ap1KY4Fx6aYloW8hNJj&sai=AMfl-YTdfIYeq5mffd1G7ZOpbMsv4EGfxCX4uVK4x9hN-ye8l4ED96Z_spe8wGtSSDaqkmfu4GNWCgkVwiyc-hdfa4uapp0Pg8XVYDEVCnCLWZ5Dz2kxUpDL31LlivjKOxoX&sig=Cg0ArKJSzN8gLcLvCHRrEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 24 Aug 2021 03:50:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 24 Aug 2021 03:50:04 GMT

GET
DATA 200
OK truncated
/ Frame 560D 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4c6318d519ef313ff6d9fc90d7e9224f2994c76a958e5674bb1cada183d9a452

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 32ms
32ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gpt_2021081901&jk=2969308710715151&bg=!jI-lj8vNAAZvV8FTb1c7ACkAdvg8WsQLImPgKx9gN13z2HttrErrZ2hU7ggvu6Xiox-PbPsrpDBjmwIAAAC5UgAAACloAQcKAL65OV6jxeNTcW69vFpXSDy1JBotQhTwJtz8jfWunTLAFC6gzds0Eh0S5R2W9Vrqpud_qfNVDwF9SPJBRFPhYNXSqRyx0jAG8tuiE7xVDXDbVWQXb2VampUw2Kvoye7FMSXo0AKmG2RyMahwhciXOq7Xu8h948jBMDRDPVX2RMLSsMSOi0DbIAT0DfurJPIY9q5mgnu1qRrOt5PBM5OCrPIygqjI2dHryLhH6lfD7NS9b9IBjeDDvpLy_cE7l0WPmQJ0ig_OoDJydjMoLw2XCXf61X-dXIVeSsvCRQiswSnO03aB_95hxU3DF9lNIYconetz8AfDbTB19FTtCijFHTxCd0rgjf5QEKW-L76NiwPvbd_542v-3l-X8hF3vadciQSWEqvr6ltJMpx0kMdnY0FpOUAshBMulgSCX5ioGFt2iIklrh8rL3mX-jSBYtxVeeq3Qab0F8FeHI4UyOE1EZ8txNBXsOcMkdVpGjg5mqNWDIYfXRHdt-JzPdnQBhqdct0vvdSB6eivMTCwbhnvRU8z__y5dzoN_MsWRCuOMq-6YhmYhEVUU4cGoivkAPt3xXBnLGtC2xOY8q2WMNx7qbkqtuY7Asi3Zw0Q38uyKwJR3tGwfU-zGWjS6iJ25c_-KRm1CS4QAqXmI7v9KVSzZ9id-QOsTuH8tLKGmWAQrsfNaxgVp-A79y_GbEb1pZ8SZMZI89ykf7c1GL8G9K_Vy2I-A27ycHw95YsW8DJEe5d_fZFc1uPafC9INvza-PPkwU09pGzfUusiazp8LoHitGEo_f42SS1pvWRr6TxbSl1p1_r7oXqkaRNBaEJYn9C9btPvvEaG7TMC0xwwExqZJmgsSDepIBMEPWoSkISUPiDVwqYJw_IEdg3D_1bvOR53eDtV_Di6ukX_vOId79r_He82BtBzFqza98qF1zotBcd1ZVbxnF58aUbSaGx8XQSo8ywEp4GAJtkMpwjhUfDE6hu-rcMbDocY-7NuR71sLA84jLLjOtcGyjUAWKMILeLTpH1lJmMNLs4hfTagoakgO__nk5OlPuSuyhwpTHNfJULHKavvGto0A3efTjw_mcV2bSSxbaKSog
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 ssrh.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 55FD 84 KB
29 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/ssrh.js

Requested by

Host: ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com
URL: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b5312cb2f154f2bd64ee8746195a63df254d10bfd107a61eec3d5d38dd48bff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 01:32:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8234
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30063
x-xss-protection: 0
server: cafe
etag: 16132151104434394549
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 25 Aug 2021 01:32:49 GMT

GET
H3-29 200 8916226963514681782_14153521601245685586.jpeg
static.doubleclick.net/dynamic/5/284154781/ Frame 55FD 30 KB
30 KB 21ms
7ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/284154781/8916226963514681782_14153521601245685586.jpeg

Requested by

Host: ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com
URL: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

783bdee3b98d28761c9365cb84aab079516d78d6915fa15796007004ec106e40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 13:28:05 GMT
x-content-type-options: nosniff
last-modified: Sat, 24 Apr 2021 06:52:02 GMT
server: sffe
age: 570118
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30891
x-xss-protection: 0
expires: Wed, 17 Aug 2022 13:28:05 GMT

GET
H3-29 200 670471605159646876_8467090014335288849.jpeg
static.doubleclick.net/dynamic/5/284154781/ Frame 55FD 20 KB
20 KB 24ms
10ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/284154781/670471605159646876_8467090014335288849.jpeg

Requested by

Host: ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com
URL: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca499618edd15ed29a519fc9002f8e4abc35248b6c07df426bd6d6ab545ca0b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 14:06:10 GMT
x-content-type-options: nosniff
last-modified: Fri, 23 Apr 2021 18:03:35 GMT
server: sffe
age: 567833
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20699
x-xss-protection: 0
expires: Wed, 17 Aug 2022 14:06:10 GMT

GET
H3-29 200 9234287138937948245_3818642961253411685.jpeg
static.doubleclick.net/dynamic/5/284154781/ Frame 55FD 29 KB
29 KB 25ms
12ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/284154781/9234287138937948245_3818642961253411685.jpeg

Requested by

Host: ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com
URL: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425220ba21035ca3cf9fadf13dd9b089153d5e545573b23d67f3e361b3954524

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:26:49 GMT
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 23:34:41 GMT
server: sffe
age: 33794
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30065
x-xss-protection: 0
expires: Tue, 23 Aug 2022 18:26:49 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/ Frame 55FD 18 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/abg_lite_fy2019.js

Requested by

Host: ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com
URL: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38cae7aa633433ce04ad15167696536fa0dfc233ea2f68d39cacfb288f5316c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:29:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1251
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7637
x-xss-protection: 0
server: cafe
etag: 2853818853078434854
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Sep 2021 03:29:12 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame 55FD 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/window_focus_fy2019.js

Requested by

Host: ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com
URL: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:42:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 481
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Sep 2021 03:42:02 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 55FD 124 KB
37 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com
URL: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dc00e6c10812518e5f101fdeef7624851e0431b4931d80e64470b576800f041

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:03 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629718280506303"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38186
x-xss-protection: 0
expires: Tue, 24 Aug 2021 03:50:03 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame 55FD 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com
URL: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:35:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 885
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6205
x-xss-protection: 0
server: cafe
etag: 3431872159862141604
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Sep 2021 03:35:18 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 55FD 0
0 14ms
13ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRIaD1rVTHn2tPdmGhYA2dw7DG0LaiYxPRPt3Vvd2tkjEmbnhYS24g1XcAmp9o6avn98xbQdLRpX_6i8dL1Z3xGoclyHg
Requested by: Host: ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com
URL: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 12305457055883520320
tpc.googlesyndication.com/simgad/ Frame 55FD 38 KB
38 KB 6ms
6ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12305457055883520320

Requested by

Host: ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com
URL: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7251739d49fd91b1541e799306e8fc589561d60dd20a7820d9873851780ad612

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 14:58:35 GMT
x-content-type-options: nosniff
age: 564688
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38762
x-xss-protection: 0
last-modified: Mon, 20 Jan 2020 10:23:35 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 14:58:35 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 55FD 0
0 57ms
57ms Fetch
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CHpo-a2wkYb-kI9LD7_UP5rCSuA_vs8bSZKL8j_O1Do3f4ZWNDhABIO-TxDRg6eTJhdgaoAHfgfr1A8gBCakCpTMD5uO0sz7gAgCoAwHIA5sEqgTfAU_QJcr9-9Q6eK_pEWickqqTfQYkanZ87ovJkenR_0IbzmbsrKhmdOBC9vVfVinEQWyJPr6oKi5QLrvPAK4O84TlWsFSxt8Brc_wqq-pv71yfHMVrFZWXsEa7vGAV1B-t1DZw4r4pxArbngJpoEGSnGeu7MWwrssgE8xpiWPoYFujmhxH1Vk3XqSjBaw9A7mM30uDB1pagQal9UcH83xzNCwD0vg225HKZBpRf7kaLXk5evKm9nIQ3a7ScULXQB5keC53wb-5WIAEO7YlCaht6Hk0gb9g8o9gBItQ2vWnj3ABJ_xsdXgA-AEAaAGLoAHsbe5HagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwMQ8C7SCAkIiOGAEBABGB2ACgPICwHYEwPQFQGAFwGyFx4KHAgAEhRwdWItOTU4MjQyMjc5NTk5MTExNBiXrCQ&sigh=7tR_1NIt91o&template_id=494
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A6B1 143 B
163 B 6ms
5ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com
URL: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnkAe2Ffo6YuVtUptGb8qbFfSmteXM5QnvMNxc6JavPulnXChxST3msOQhaNq4; DSID=NO_DATA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 24 Aug 2021 03:16:33 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2010
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A6B1
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com
URL: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnkAe2Ffo6YuVtUptGb8qbFfSmteXM5QnvMNxc6JavPulnXChxST3msOQhaNq4; DSID=NO_DATA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 24 Aug 2021 03:50:03 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Tue, 24-Aug-2021 04:50:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 24 Aug 2021 03:50:03 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 24 Aug 2021 03:50:03 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 55FD 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e2afdfbe652a904830a43c08071d5cb740565b9ce02bff6e84238453ad50705

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5C9C 0
0 56ms
55ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstXuhOUtgZ60tfatb3eTZNHCBjr9lgcbjl9TEl877IpBRjQGouPFdOdu6Tucw8e_0gszd20WW_W4XK0JdtM0U97gtBCarRXGqR1xqeRtaG78bMY_De91XiDEwKLPYjt-pKM1yLB0luKlLWT6LWFVmtYU__TXJvvokiJSGuyIUumMDgWl09to1UhTf-Goaf-ujZ0orZJX_LVMojFGGixbmkluD_R5Tr9E1pwu-U1vffZmI349NLqFuXPc38f5peMMmt675qEAMYq5LmbCyAn7rLFZtaDGpxXeIVBE4ZCthDzF_NzofUlwVVoM3jND5_sKRY1wxR6qeRuRWMUM8BMbFInEEN1gQ&sai=AMfl-YQ2XwX-s9Ix6DAWaiujKwO6sudAbo7FebC2BPfpqa0dfYxpNeSpTQeD2XpjCw8ndxd9j_RVfn9IJoWJH4z28JS9t5-elcS5mAN7gHmtWpNhLSPT181V6hXCHrYJbFM&sig=Cg0ArKJSzFImYlGeFeDSEAE&urlfix=1&adurl=

Requested by

Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 24 Aug 2021 03:50:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK holidaypresslogic_12227.js Show response
ads.vidoomy.com/ Frame 5C9C 5 KB
6 KB 490ms
170ms Script
application/javascript 3.129.250.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.vidoomy.com/holidaypresslogic_12227.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.129.250.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-129-250-65.us-east-2.compute.amazonaws.com
Software: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash: 768ee57f0df10e58988e486f4b4ba9c039d96f0bad7fa889fb2f930e014e49ee

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 24 Aug 2021 03:50:04 GMT
Server: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=300
Content-Length: 5235

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5C9C 124 KB
37 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dc00e6c10812518e5f101fdeef7624851e0431b4931d80e64470b576800f041

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:04 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629718280506303"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38186
x-xss-protection: 0
expires: Tue, 24 Aug 2021 03:50:04 GMT

GET
H3-29 200 container.html Show response
ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BA95 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://holiday.presslogic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://holiday.presslogic.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 24 Aug 2021 03:50:03 GMT
expires: Wed, 24 Aug 2022 03:50:03 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 5C9C 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3df390f9d9696ef2ac9b37161f576d49a10643bffc089f18b2801b3c30e863a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 566E 624 B
299 B 17ms
16ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLzWGxD_8vACGM_82bEBMAE&v=APEucNWk1K3fDGtszh9wD1X47QsWMmzgCSTDNMT0X8Z1p_Z5-YhX4gtNsYBh1Lh-m9wTx7qJTAag4lCOsQC4MWA9sXfCP0SuO4bdPMgzSIuZeCtURk9-pNGnORn1g2qrMfHvvXv4ePI5onnY4W4BzES600TzThuFRIlILHpmUrRYmLl4AF_9lyw

Requested by

Host: ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com
URL: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CLzWGxD_8vACGM_82bEBMAE&v=APEucNWk1K3fDGtszh9wD1X47QsWMmzgCSTDNMT0X8Z1p_Z5-YhX4gtNsYBh1Lh-m9wTx7qJTAag4lCOsQC4MWA9sXfCP0SuO4bdPMgzSIuZeCtURk9-pNGnORn1g2qrMfHvvXv4ePI5onnY4W4BzES600TzThuFRIlILHpmUrRYmLl4AF_9lyw
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnkAe2Ffo6YuVtUptGb8qbFfSmteXM5QnvMNxc6JavPulnXChxST3msOQhaNq4; DSID=NO_DATA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 24 Aug 2021 03:50:04 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 24 Aug 2021 03:50:04 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_273.js Show response
s0.2mdn.net/879366/ Frame BA95 114 KB
40 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Requested by

Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com
Referer: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 23:04:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17130
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40185
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Aug 2021 23:04:34 GMT

GET
H3-29 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210819/r20110914/elements/html/ Frame BA95 6 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210819/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dff9c5d8bb8ff3117fe17757c275af96ca695dc60d7fb811331cb38815a91a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:09:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2431
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2627
x-xss-protection: 0
server: cafe
etag: 17449454297928180344
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Sep 2021 03:09:33 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210819/r20110914/ Frame BA95 18 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210819/r20110914/abg_lite_fy2019.js

Requested by

Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38cae7aa633433ce04ad15167696536fa0dfc233ea2f68d39cacfb288f5316c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 00:26:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12207
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7637
x-xss-protection: 0
server: cafe
etag: 2853818853078434854
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Sep 2021 00:26:37 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame BA95 42 B
63 B 27ms
27ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DKVEUZTX7Pk4uFnaxqFpAfUmDsX-NbRZp1Qlf0G-tiyqosnCtJVtwKCn-3FJMSl9n_N4tDDl6InOBMTfJhUxfI1O5tpqK5TaoTLxYm2UuzlY5oUsE

Requested by

Host: ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com
URL: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Aug 2021 03:50:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame BA95 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/window_focus_fy2019.js

Requested by

Host: ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com
URL: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:42:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 482
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Sep 2021 03:42:02 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BA95 124 KB
37 KB 66ms
66ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com
URL: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dc00e6c10812518e5f101fdeef7624851e0431b4931d80e64470b576800f041

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:04 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629718280506303"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38186
x-xss-protection: 0
expires: Tue, 24 Aug 2021 03:50:04 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame BA95 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com
URL: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:35:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 886
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6205
x-xss-protection: 0
server: cafe
etag: 3431872159862141604
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Sep 2021 03:35:18 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame BA95 0
0 14ms
14ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSUZT9UNJFUy-w_WsfO_fBWuCWlbps3sca59hgFqvtNAJzb7sIrSZNPypW47-3Tpwh34vAOeT3kqKoQC-r2aIoVmuPyeA
Requested by: Host: ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com
URL: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame BA95 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com
URL: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:55:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32058
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Aug 2022 18:55:46 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 566E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB7vegkjWCqElRcHQRrs87o&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB7vegkjWCqElRcHQRrs87o&google_cver=1&C=1

43 B
1014 B

54ms
53ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB7vegkjWCqElRcHQRrs87o&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLzWGxD_8vACGM_82bEBMAE&v=APEucNWk1K3fDGtszh9wD1X47QsWMmzgCSTDNMT0X8Z1p_Z5-YhX4gtNsYBh1Lh-m9wTx7qJTAag4lCOsQC4MWA9sXfCP0SuO4bdPMgzSIuZeCtURk9-pNGnORn1g2qrMfHvvXv4ePI5onnY4W4BzES600TzThuFRIlILHpmUrRYmLl4AF_9lyw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 24 Aug 2021 03:50:04 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 24 Aug 2021 03:50:04 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 24 Aug 2021 03:50:04 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB7vegkjWCqElRcHQRrs87o&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Tue, 24 Aug 2021 03:50:04 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 566E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YSRsbNxUdBVCM0J27vpkrAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB7vegkjWCqElRcHQRrs87o&google_cver=1

43 B
894 B

55ms
55ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB7vegkjWCqElRcHQRrs87o&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLzWGxD_8vACGM_82bEBMAE&v=APEucNWk1K3fDGtszh9wD1X47QsWMmzgCSTDNMT0X8Z1p_Z5-YhX4gtNsYBh1Lh-m9wTx7qJTAag4lCOsQC4MWA9sXfCP0SuO4bdPMgzSIuZeCtURk9-pNGnORn1g2qrMfHvvXv4ePI5onnY4W4BzES600TzThuFRIlILHpmUrRYmLl4AF_9lyw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 24 Aug 2021 03:50:04 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 24 Aug 2021 03:50:04 GMT

Redirect headers

pragma: no-cache
date: Tue, 24 Aug 2021 03:50:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB7vegkjWCqElRcHQRrs87o&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 566E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHN4kaekz3BIv1EEzn8pyTg&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHN4kaekz3BIv1EEzn8pyTg%26google_cver%3D1

43 B
1 KB

48ms
48ms

Image
image/gif

185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHN4kaekz3BIv1EEzn8pyTg%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLzWGxD_8vACGM_82bEBMAE&v=APEucNWk1K3fDGtszh9wD1X47QsWMmzgCSTDNMT0X8Z1p_Z5-YhX4gtNsYBh1Lh-m9wTx7qJTAag4lCOsQC4MWA9sXfCP0SuO4bdPMgzSIuZeCtURk9-pNGnORn1g2qrMfHvvXv4ePI5onnY4W4BzES600TzThuFRIlILHpmUrRYmLl4AF_9lyw

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 24 Aug 2021 03:50:04 GMT
X-Proxy-Origin: 84.17.55.83; 84.17.55.83; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: e342a5ce-fc05-443a-83b7-7c683376c154
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 24 Aug 2021 03:50:04 GMT
X-Proxy-Origin: 84.17.55.83; 84.17.55.83; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 1176bd93-efa9-4aee-a1c6-760b8308f87e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHN4kaekz3BIv1EEzn8pyTg%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 566E
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ5ODUwODUxMjQ2MjU2MDMxOA%3D%3D

170 B
188 B

63ms
61ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ5ODUwODUxMjQ2MjU2MDMxOA%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Aug 2021 03:50:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 24 Aug 2021 03:50:04 GMT
X-Proxy-Origin: 84.17.55.83; 84.17.55.83; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 4a37ae28-f685-4f16-ad8b-e58ce86ac17f
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ5ODUwODUxMjQ2MjU2MDMxOA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D9F6 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Mon, 23 Aug 2021 18:55:46 GMT
expires: Tue, 23 Aug 2022 18:55:46 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 32058
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 UDeKqTBFYaEY2ioWtDs_l49rHnl3Z0jd0o7HlKSj4tA.js Show response
pagead2.googlesyndication.com/bg/ Frame D9F6 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/UDeKqTBFYaEY2ioWtDs_l49rHnl3Z0jd0o7HlKSj4tA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50378aa9304561a118da2a16b43b3f978f6b1e79776748ddd28ec794a4a3e2d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 20:59:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 543040
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13427
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 15:08:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Aug 2022 20:59:24 GMT

GET
H3-29 200 index.html Show response
s0.2mdn.net/sadbundle/8165978399285854016/300x250_v2/ Frame D60D 6 KB
2 KB 20ms
6ms Document
text/html 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8165978399285854016/300x250_v2/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f466b4a4a787755f88eaf0a743e9d935eec5aa2fa4372c4a548816dfdce2b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /sadbundle/8165978399285854016/300x250_v2/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2313
date: Fri, 20 Aug 2021 11:00:15 GMT
expires: Sat, 20 Aug 2022 11:00:15 GMT
last-modified: Fri, 06 Aug 2021 09:28:20 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 319789
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame BA95 0
592 B 163ms
63ms Ping
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssWvG_dXZTV9-2FaNAyyN_SuUP36k8GgwZvveOJ2Z_teDfSuIVEegkn5EhxM6IdsfGu7PejlhmiAJMp4LTcRZvBj5tIFilsMZyGfhm7-g4Mx_2Fd8Y4SoolsnCWWO5OXMVSGjwd8kbNnGsLYX1k9za8-Z0AoErwuKZosa-WRkHBEABRbXl8aLK4JuJYANWFgDuKxgKCeJjVgl2DQzh1bFA7373_r0afvi_zd7YWRVlW0j-_WzsFhYqvAavd26bGBGWNcxw-MJAqr8pL1BiO_3H3AthP1Jwrv9tTFVY2MIRmYgAo9lT--KI5L_s5K8x8m21NlDKosR_o8BdvzL6Ko3H0djiJo8kFBkLsHw0TZ9psXQeu5P4hkZWhjs6W47h9JV9RaWBdVEUCM6UZmsQNPI1vyAFFTZWqjojkVoWfpEkD1Z2MdnlM3GSX3V72m7hCzfqEPYn-yAXPA1rM8_FE0l8FfleT1wV-AxanAMmJ--f1s8h0TaBnrFXHQZ4If5JzKp92jHOa3pwe-_3j6J1OLuQyCyNGmdXySaYr0ZMhVWIrAtkLBMFFvIb1zVDsAFkv-alHapCgBLUB6VTzQvBIiPTL3RNEiWDS_rQvnldY3psYulS5KTvkyvWmCQ8lxXYlY2HTDIfRVDroITkM6PRRqJJcBjVdhSSvVeRMJ01HCluFr4TR6R7K5JyTLRp8cLevY9tfLSK46RkbqRgJtCqsmzCfFMPCswcP_A_-6QeL4AilhCmdnKdmIrYSczJvlKdzxFDiOMlq4aVWzNnh6YLChZLuq_hdqviGIXrt0GbrcBUD49KCPSKrveq3G8jjjdIrYndMtHfCf4irOx7uJ50Gp53aWUPCm9UKbz0dt4QbBmlxDuabeEXeEq14PrgknO_qT6UGyAg6TsSekTU71dfMPtgQ9N9lkJ9kIowhNcbj8OMO34OQoo6yhi-VcgBfvyviEKChmpHWKweLpIDdInNKrzrh5ZA9XHxLZcEW1wOCW2J7OO7qsWugvzncohZxEooPJRcgzfpM6yHj8riQtsV0jAQXhuK0VzSbH83ifEWjHwo_jIygm4W6zUXSOhp47Ut93eK1FsE14nZ1-95GOtRerUrYI45gvFrLYrK3ABFPigFWx-YgzzpWjTb3YSEQoaw0ThNwLgUFBC-Rm6ImHEOUs-lICwk9MRrEyxI&sai=AMfl-YQqIGCx2Ft5she9C30UJoiG8Tpp3ZbWE_QSnFBJrEibW6SlYGETWlUQ09t7Q-ZsRWPOhkm_XneYUOieyV8W8Ux1rrInLfUXwJGPB_NBCnCjb_HVyccUVJeWFi-MSANxrxx2QKiXIc5Rj61-JJ6zchgQDQdJvxcyfYSer8ssu1e2G8mYDluk7C1ZFigu1ti93yfsYXwFb_Lp9Q3djTHm6FhWE0JM8Xaij8Esv-yK7bTdXHUMTSCkiKcxMRR63It3PH20QLalNckjlf398-8F3hsd-79fAE8c6ReLzW73xAqgNMLr9m7Qdn_FboIKxu205hVZntiwggqt22SUEunJ3LWv0p5ycxwxD1S2SiS-1Y_7HOvM4G1rAePQNkxY504sUp26g9Iu&sig=Cg0ArKJSzFZgY19jXXAxEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=88&cbvp=1&cstd=84&cisv=r20210819.05122&adurl=

Requested by

Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Tue, 24 Aug 2021 03:50:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame BA95 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05f86002e7f5dda148a5ca9059ae57435ca91b19c87b5120996afc5a63504b2e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/032108170213000/ Frame CACA 188 KB
55 KB 41ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032108170213000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a227096643f24e9e13ef446861328967e28c104d96b6766a14e10202e0b8e7bf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 542507
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55229
x-xss-protection: 0
server: sffe
date: Tue, 17 Aug 2021 21:08:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0d6e09fb7d5a5763"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 21:08:17 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/032108170213000/v0/ Frame CACA 13 KB
5 KB 42ms
17ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032108170213000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fae2773cd95cb857866b4b3a54777c88f6c03e0167bf323c2a1f431985887b61

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 542507
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4999
x-xss-protection: 0
server: sffe
date: Tue, 17 Aug 2021 21:08:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6b551ff8c0a78d7e"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 21:08:17 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/032108170213000/v0/ Frame CACA 89 KB
28 KB 43ms
18ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032108170213000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48bb89434a42b4fb519f27e9272e018e8151383b4b7f46f26260f5fd29e5f05e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 542507
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28538
x-xss-protection: 0
server: sffe
date: Tue, 17 Aug 2021 21:08:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "523ca413d5eb4bb0"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 21:08:17 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/032108170213000/v0/ Frame CACA 4 KB
2 KB 44ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032108170213000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4a74fe2cef1d4e3ca293944e20763b350954439d0966a662691d304d9e1aac3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 542507
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1653
x-xss-protection: 0
server: sffe
date: Tue, 17 Aug 2021 21:08:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a4d9605fb26cf0ce"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 21:08:17 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/032108170213000/v0/ Frame CACA 40 KB
13 KB 44ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032108170213000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9158e53d7052a6df65c12e3a59a8c77a8be353425523e4eff057fa5578e654ad

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 542507
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12821
x-xss-protection: 0
server: sffe
date: Tue, 17 Aug 2021 21:08:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bd81b3ba02634f28"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 21:08:17 GMT

GET
DATA 200
OK truncated
/ Frame CACA 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29e2adad23489db92bd33bf65a534c65a6dc29f4c9ee50b552a431aa40a65710

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 4835967247871657071
tpc.googlesyndication.com/simgad/ Frame CACA 72 KB
72 KB 14ms
12ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4835967247871657071?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qn3XksJNtSzUrCrPzg63ZHhghm02w

Requested by

Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a51f1f74393f29d9f9132efaa02f049ff511ae4af3c394ffef23da3a4ac54c2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 11:57:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 21 Feb 2021 18:49:40 GMT
server: sffe
age: 316376
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73415
x-xss-protection: 0
expires: Sat, 20 Aug 2022 11:57:08 GMT

GET
H3-29 200 zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame CACA 3 KB
3 KB 14ms
12ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png

Requested by

Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 Aug 2021 18:42:14 GMT
x-content-type-options: nosniff
server: cafe
age: 32870
etag: 7688947696963022458
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3430
x-xss-protection: 0
expires: Tue, 24 Aug 2021 18:42:14 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame CACA 344 B
368 B 14ms
12ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 Aug 2021 18:40:15 GMT
x-content-type-options: nosniff
server: cafe
age: 32989
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 24 Aug 2021 18:40:15 GMT

GET
H/1.1 200
OK ai.aspx
tagm.tchibo.pl/ Frame CACA 43 B
1 KB 222ms
56ms Image
image/gif 85.14.248.91
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tagm.tchibo.pl/ai.aspx?extProvId=5&extPu=18576-gaw&extLi=12467921710&cb=3074820646

Requested by

Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.14.248.91 Bottrop, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://tagm.tchibo.pl/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: Di, 24 Aug 2021 03:50:04 GMT
Server: Microsoft-IIS/8.5
Date: Tue, 24 Aug 2021 03:50:04 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://holiday.presslogic.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 828
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame CACA 0
0 57ms
55ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CXU8hbGwkYeKfC4G07_UP_dOOuAeC0r-LY7OItL3KDqyJ1NrTGBABIO-TxDRg6eTJhdgaoAGWhdaSA8gBAqkCyXkFx8cykT7gAgCoAwHIAwiqBOMBT9B-n9c-8yWcYi9nPQKfgmr4N89vh_mf09RXBhKzdoANh9quAh3mhRBLc8el1dSY-4yR8rjH0c4oeZNL6GeqSNyWR8HipMmqjblMEUnQByZIrf2IuFk2ThmMK7RdlVFQyPuGKUeaHLyaTZbu8ETVGD6fCoBRbalPccZsiTI0YcIgMy25uRCs72Gz6_cB96Km5scjx8zYKkr3njom4oNDWanx85FQ7ehAKpMmy8fEeA9K9IqxJXpjjLfjOGd8rFq-AhyWt8aNyn7dZC6Q6Jxn1D4nRC8cY6deulEPu_7Xm7FYQYHABLWW5rW4A-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAeVpOTYAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBClggPSCAkIiOGAEBABGB2ACgPICwHYEwvQFQGAFwGyFx4KHAgAEhRwdWItOTU4MjQyMjc5NTk5MTExNBiXrCQ&sigh=9TRB79zIuUA
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame D60D 236 KB
63 KB 46ms
16ms Script
text/javascript 2a02:26f0:6c00::210:ba1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8165978399285854016/300x250_v2/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:04 GMT
content-encoding: gzip
server: Apache
cache-control: max-age=900
vary: Accept-Encoding
content-type: text/javascript
x-n: S
accept-ranges: bytes
expires: Tue, 24 Aug 2021 04:05:04 GMT

GET
H3-29 200 300x250.js Show response
s0.2mdn.net/sadbundle/8165978399285854016/300x250_v2/ Frame D60D 93 KB
20 KB 8ms
7ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8165978399285854016/300x250_v2/300x250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8165978399285854016/300x250_v2/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34aa5231647f35dbcb776f2bebd710c1ac71b7c918026670ffee89b6c16caca7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8165978399285854016/300x250_v2/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 11:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 319789
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20347
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 09:28:20 GMT
server: sffe
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Aug 2022 11:00:15 GMT

GET
H3-29

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame CACA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

14ms
14ms

Image
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Redirect headers

date: Tue, 24 Aug 2021 03:50:04 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-29 200 CA131_p_small2.png
s0.2mdn.net/sadbundle/8165978399285854016/300x250_v2/images/ Frame D60D 12 KB
12 KB 7ms
7ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8165978399285854016/300x250_v2/images/CA131_p_small2.png?1622175986980

Requested by

Host: ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com
URL: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3655dd997297b5782d5c7a56e2e393d1f1336339427b86e3992cd19fa625db1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8165978399285854016/300x250_v2/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 11:00:15 GMT
x-content-type-options: nosniff
age: 319789
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12431
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 09:28:20 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Aug 2022 11:00:15 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame BA95 0
23 B 106ms
54ms Ping
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 24 Aug 2021 03:50:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 e.png
s0.2mdn.net/sadbundle/8165978399285854016/300x250_v2/images/ Frame D60D 3 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8165978399285854016/300x250_v2/images/e.png?1622175986980

Requested by

Host: ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com
URL: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90cf1455f9c446dcb9132e7b24bd0bf4576064ebc9af8908b9899381bfcd313e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8165978399285854016/300x250_v2/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 11:00:16 GMT
x-content-type-options: nosniff
age: 319788
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3325
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 09:28:20 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Aug 2022 11:00:16 GMT

GET
H3-29 200 f.png
s0.2mdn.net/sadbundle/8165978399285854016/300x250_v2/images/ Frame D60D 3 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8165978399285854016/300x250_v2/images/f.png?1622175986980

Requested by

Host: ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com
URL: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

180a7ff9a566a65979ef395ac45863844b33e9a8aa58dcaf4d73b2824567e8f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8165978399285854016/300x250_v2/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 11:00:16 GMT
x-content-type-options: nosniff
age: 319788
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3277
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 09:28:20 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Aug 2022 11:00:16 GMT

GET
H3-29 200 ff.png
s0.2mdn.net/sadbundle/8165978399285854016/300x250_v2/images/ Frame D60D 6 KB
6 KB 7ms
7ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8165978399285854016/300x250_v2/images/ff.png?1622175986980

Requested by

Host: ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com
URL: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

789c1bce0c032eef2d0eff0557db471c50888e721306df2593194685b398a47d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8165978399285854016/300x250_v2/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 11:00:16 GMT
x-content-type-options: nosniff
age: 319788
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6052
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 09:28:20 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Aug 2022 11:00:16 GMT

GET
H2 200 formats.js Show response
ad.lkqd.net/vpaid/ Frame C7F5 118 KB
35 KB 102ms
31ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/formats.js
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:04 GMT
content-encoding: gzip
last-modified: Fri, 11 Dec 2020 00:09:23 GMT
etag: "286704660baa2c113268f28385080796"
x-hw: 1629777004.cds001.wa1.hn,1629777004.cds010.wa1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 35765

GET
H2 200 formats.js Show response
ad.lkqd.net/vpaid/ Frame 0D0D 118 KB
35 KB 137ms
69ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/formats.js
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:04 GMT
content-encoding: gzip
last-modified: Fri, 11 Dec 2020 00:09:23 GMT
etag: "286704660baa2c113268f28385080796"
x-hw: 1629777004.cds001.wa1.hn,1629777004.cds010.wa1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 35765

GET
H2

200

cookie Show response
a.vidoomy.com/api/rtbserver/ Frame 47F5
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent

43 B
290 B

155ms
48ms

Document
image/gif

18.158.22.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
Requested by: Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.22.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-22-228.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

:method: GET
:authority: a.vidoomy.com
:scheme: https
:path: /api/rtbserver/cookie?i=CEN&uid=no-consent
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://holiday.presslogic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://holiday.presslogic.com/

Response headers

date: Tue, 24 Aug 2021 03:50:05 GMT
content-type: image/gif
content-length: 43
content-encoding: none
set-cookie: vidoomy-uids=eyJ1aWRzIjp7IkNFTiI6eyJ1aWQiOiJuby1jb25zZW50IiwiZXhwaXJlcyI6MTYzMjM2OTAwNX19fQ==; Path=/; Domain=vidoomy.com; Expires=Wed, 24 Aug 2022 03:50:05 GMT; Secure; SameSite=None
vary: Origin

Redirect headers

cache-control: max-age=0,no-cache,no-store
pragma: no-cache
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
content-length: 0
date: Tue, 24 Aug 2021 03:50:04 GMT
server: AC1.1

GET
H2 200 p
sb.scorecardresearch.com/ 64 B
442 B 64ms
62ms Image
image/gif 13.224.102.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=2&c2=34403499&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=432080&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va&ns_st_cl=0&ns_st_pt=0&c3=vidoomynet&c4=&c6=&ns_ts=1629777004
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-56.zrh50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:04 GMT
via: 1.1 ebbd7f31e48ea8cf77f6021cdd92bf62.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: GIUxL2OfwIcty5emBszx2sn86TKYR6NFkXsef9S9WNr8ui1pa4L-tA==

GET
H2

200

cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain

https://x.bidswitch.net/sync?ssp=vidoomy&user_id=785891764.67867181702435503.0123776
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=785891764.67867181702435503.0123776
https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dvidoomy%26bsw_param%...
https://x.bidswitch.net/sync?dsp_id=354&user_id=eeece8a5d482410ea956a28919abb878&ssp=vidoomy&bsw_param=dc34095f-2e5b-4117-906f-1cdff7533de3&gdpr=&consent=&gdpr_pd=&expires=7
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=dc34095f-2e5b-4117-906f-1cdff7533de3

43 B
370 B

49ms
48ms

Image
image/gif

18.158.22.228
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=dc34095f-2e5b-4117-906f-1cdff7533de3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.22.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-22-228.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:05 GMT
content-encoding: none
content-length: 43
vary: Origin
content-type: image/gif

Redirect headers

location: //a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=dc34095f-2e5b-4117-906f-1cdff7533de3
date: Tue, 24 Aug 2021 03:50:05 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain

https://sync.1rx.io/usersync2/vidoomy?redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DUN%26uid%3D%5BRX_UUID%5D
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2921611690
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2921611690
https://sync.1rx.io/usersync/tradedesk/7ddc5eb7-c12d-4a35-ac72-1a9ef6b21cea
https://sync.targeting.unrulymedia.com/csync/RX-f13666c8-3cad-4ca3-bb3b-505a2e216d5f-003?redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DUN%26uid%3DRX-f13666c8-3cad-4ca3-bb3b-505...
https://a.vidoomy.com/api/rtbserver/cookie?i=UN&uid=RX-f13666c8-3cad-4ca3-bb3b-505a2e216d5f-003

43 B
459 B

48ms
47ms

Image
image/gif

18.158.22.228
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=UN&uid=RX-f13666c8-3cad-4ca3-bb3b-505a2e216d5f-003
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.22.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-22-228.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:05 GMT
content-encoding: none
content-length: 43
vary: Origin
content-type: image/gif

Redirect headers

location: https://a.vidoomy.com/api/rtbserver/cookie?i=UN&uid=RX-f13666c8-3cad-4ca3-bb3b-505a2e216d5f-003
date: Tue, 24 Aug 2021 03:50:05 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXf13666c83cad4ca3bb3b505a2e216d5f003
content-type: text/html

GET
H/1.1 200
OK auto-user-sync
ads.stickyadstv.com/ 43 B
599 B 164ms
60ms Image
image/gif 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/auto-user-sync
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 24 Aug 2021 03:50:04 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1629777004544059-567
Expires: Tue, 24 Aug 2021 03:50:04 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5C9C 0
0 53ms
53ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv_GERIke_ycGjTF_a1ththHUgsbz5GLINSh8fAWRNP1ZUjtYq1-DLf7IRBVF9wKakTlKT8Kz5rp1c5WidV6lkPryOUuQfM9eODBuz0U1ab5P5YOyqb1S-VqClD-tPyfzoGzH2y5hDN554cn-9V_lq-L4AWOwE8M7_BQYvC1A1FkgtWNUbYh5kH-5XlbiFdl3iZlJwZ8xNRm-6OPkH4JLijnChN0iNNPy3f9r-FCW5xgsYyCTAFJ4Tyg4BHo4Kfa1w3_bcw6C4DxbaMsrCH9zYX8OEmkAWCh9eBfHov6-7zcMJyEcTPJJ2uNC8o8SJpCuH5Tw7z7dj4TUpjzHmxhDGhfp-fukGA&sai=AMfl-YQfKAqR256CazjoJ4tl0av_eiAX6Q61pUBGLjfvSTUhv49zlLg40YACkf2iWAmtuUxlosC-h6wOHLarRYHD4xcTRSQcJOUZ7vbdJaXapalaqBxb6jTcjdiQPcTOMfY&sig=Cg0ArKJSzJAcy5-TzBC1EAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 24 Aug 2021 03:50:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 24 Aug 2021 03:50:04 GMT

GET
H3-29 200 i1.png
s0.2mdn.net/sadbundle/8165978399285854016/300x250_v2/images/ Frame D60D 11 KB
11 KB 7ms
7ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8165978399285854016/300x250_v2/images/i1.png?1622175986980

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c47a0be3bf69616f080ebb95fcae7bf150643db03360bff87511a6048f4989d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8165978399285854016/300x250_v2/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 11:00:16 GMT
x-content-type-options: nosniff
age: 319788
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10786
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 09:28:20 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Aug 2022 11:00:16 GMT

GET
H3-29 200 i2.png
s0.2mdn.net/sadbundle/8165978399285854016/300x250_v2/images/ Frame D60D 5 KB
5 KB 7ms
6ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8165978399285854016/300x250_v2/images/i2.png?1622175986980

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f434917986692fee0c3a2ac583712ad13ad0995e9406c71f93ce3f86616cb07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8165978399285854016/300x250_v2/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 11:00:16 GMT
x-content-type-options: nosniff
age: 319788
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5481
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 09:28:20 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Aug 2022 11:00:16 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D9F6 0
20 B 30ms
29ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B3BCRa2wkYenIL6W5lQekipGABwAAAAA4AeAEAg&bg=!s7ClsPTNAAYXVutgF1Y7ACkAdvg8WpFhAYEa0C5wpK1Y_JO6JK2-phw4UIntcVG-CbBR3XxWLHxTOAIAAAEDUgAAAApoAQcKACs293KkFIoCFAoveGUk8y0RPG-x2G8A7662uorFMBpJNfGBZZ0uDWJQYxuYmQLRvWYpj2AaeJu2EpIIEIvCe7-5gpENGP65FL-4xRjDDwt4AnUHdDVxxPQ_d-m_qkEV-k5r72af1t8FoA4W55LLAATz8H_DYYljSWud0gm_Cv3pTl7JirXX0bdLaTOagBAaqjsZSANNxdsgT888Xy278aflhNQgR6YU7AUdvUBpHE_nYeRdB5Xh_qB7-KS1PH4AOjLG-2oR8abngJtU1xnMXdQVxeZCVYZ-72QGg8oMKIiMbG2ls1hblzLAoHiVPn1h-VbLJxIXuz9mozNATPxA3Obh8iK_axjHd4Sm2tjmtU-UCrpnXnS1ZmDjKmJadGFQiVsz5Dra0FamlPAfR7UHrXKckZvcMg02t-dvnpQnotpW04ihQFFhI-Lpa-oTcLl3ux5VYm14ovbOsPSRelGuDsFBYjkgfteHiLoZgjSyNXWfAvtN8-C72UuJtcObTVzaWzYoRQ5Briw1x01FgVqhL-j0iJbcgwpXfSt2QqvSbNJCRuy7sgvpRr1REqcM3bOdWO7M4l0caZEzvZFUTMFU45IK7isOBUOcHaAgciuaH70CQSWVyypqRjKLaP3yUeIJm_zeOaW5OR5zNgUTsK1aemii3b391abb3dTl1af2aKyBek7LZgy1fuTfR4B5u-iBbxQIhpuKSZjMfp4x1Q5iuLCPWYnAK7L_8CIiXhtTOABzRa8f-GpUz0JpU0zMckI9JhEAd_bJudCatcHH-hrQNH2WR0gglJlt9L7pBqVr2lvCYDRhVA9LhRxAq9RakbMqyn--u5fwq34GhS5rT3sjk7N3bfIZBAPtD9oYAneA5dy7j0eWf_iw62WfXW_N68SVnkv0Bzc6X8L2IP4lTZj-8V6-XcoHwgecNxBhb27fhDjUymG852krOzjFd8dWpTQM2Ke76s8LGqFZUlbWRGm9WywCKZk2YEji9ZqOw0qI1Vo4dQMnwTwHL7IENVObqFVC0g

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Aug 2021 03:50:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 Kontodla.png
s0.2mdn.net/sadbundle/8165978399285854016/300x250_v2/images/ Frame D60D 1 KB
1 KB 7ms
6ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8165978399285854016/300x250_v2/images/Kontodla.png?1622175986980

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

546054264cec5641c643b2754bd69e299e1f5345ddd1e24eb4058fdf710894c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8165978399285854016/300x250_v2/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 11:00:16 GMT
x-content-type-options: nosniff
age: 319788
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 09:28:20 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Aug 2022 11:00:16 GMT

GET
H3-29 200 nota.png
s0.2mdn.net/sadbundle/8165978399285854016/300x250_v2/images/ Frame D60D 30 KB
30 KB 8ms
7ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8165978399285854016/300x250_v2/images/nota.png?1622175986980

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fb98e06edb3a68adeff7e74efc0ab2386ed027bc9dd6baadb3bfc2e45b34d15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8165978399285854016/300x250_v2/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 11:00:16 GMT
x-content-type-options: nosniff
age: 319788
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30972
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 09:28:20 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Aug 2022 11:00:16 GMT

GET
H3-29 200 OCT201.png
s0.2mdn.net/sadbundle/8165978399285854016/300x250_v2/images/ Frame D60D 14 KB
14 KB 7ms
6ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8165978399285854016/300x250_v2/images/OCT201.png?1622175986980

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

603ec40ec354c82a4f558b1c607e4429d938737cf5f67de09121afb008e09913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8165978399285854016/300x250_v2/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 11:00:16 GMT
x-content-type-options: nosniff
age: 319788
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14549
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 09:28:20 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Aug 2022 11:00:16 GMT

GET
H3-29 200 p3.png
s0.2mdn.net/sadbundle/8165978399285854016/300x250_v2/images/ Frame D60D 18 KB
18 KB 7ms
7ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8165978399285854016/300x250_v2/images/p3.png?1622175986980

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51d885065799e9b3c91f79691c90d03df29b028e378f9bfd8fa53cf5d8b17f3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8165978399285854016/300x250_v2/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 11:00:16 GMT
x-content-type-options: nosniff
age: 319788
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18582
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 09:28:20 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Aug 2022 11:00:16 GMT

GET
H3-29 200 pr.png
s0.2mdn.net/sadbundle/8165978399285854016/300x250_v2/images/ Frame D60D 21 KB
21 KB 7ms
6ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8165978399285854016/300x250_v2/images/pr.png?1622175986980

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34655c43a6e1ebebea1679e8504834fcd5ad8df871b3db1270d11e5e69fd3609

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8165978399285854016/300x250_v2/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 11:00:16 GMT
x-content-type-options: nosniff
age: 319788
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21209
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 09:28:20 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Aug 2022 11:00:16 GMT

GET
H3-29 200 s.png
s0.2mdn.net/sadbundle/8165978399285854016/300x250_v2/images/ Frame D60D 3 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8165978399285854016/300x250_v2/images/s.png?1622175986980

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

907d32fc01d4e38d02bdfb47fe972a2e91b379261d287e9bf93bfb78347ae269

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8165978399285854016/300x250_v2/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 11:00:16 GMT
x-content-type-options: nosniff
age: 319788
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2861
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 09:28:20 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Aug 2022 11:00:16 GMT

GET
H3-29 200 z.png
s0.2mdn.net/sadbundle/8165978399285854016/300x250_v2/images/ Frame D60D 3 KB
3 KB 6ms
6ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8165978399285854016/300x250_v2/images/z.png?1622175986980

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3096b675e0d5835f959aabe535d0b22a86215fe4c2706c928b2f96f3d9c24016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8165978399285854016/300x250_v2/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 11:00:16 GMT
x-content-type-options: nosniff
age: 319788
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2801
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 09:28:20 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Aug 2022 11:00:16 GMT

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 40D9 4 KB
2 KB 30ms
30ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3

Request headers

:method: GET
:authority: ad.lkqd.net
:scheme: https
:path: /cookie-sync/usync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:04 GMT
content-encoding: gzip
content-length: 1868
content-type: text/html
last-modified: Thu, 29 Jul 2021 21:50:27 GMT
accept-ranges: bytes
etag: "81f08e6987a7c8675462207e3514d72e"
cache-control: public, max-age=1209600
x-hw: 1629777004.cds001.wa1.hn,1629777004.cds010.wa1.c
access-control-allow-origin: *

GET
H2 200 ad Show response
v.lkqd.net/ Frame C7F5 2 KB
2 KB 433ms
145ms XHR
application/xml 146.20.132.98
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1118955&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fholiday.presslogic.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C57736%2C1%2C&c4=&c5=&c6=57736&rnd=37438074&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.98 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 9c32ac14a4b185fd6ca6417768966f1e4678eaebb6af7d0bd414a9940ee17af8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:05 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://holiday.presslogic.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1359

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 3B52 4 KB
2 KB 30ms
29ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3

Request headers

:method: GET
:authority: ad.lkqd.net
:scheme: https
:path: /cookie-sync/usync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:04 GMT
content-encoding: gzip
content-length: 1868
content-type: text/html
last-modified: Thu, 29 Jul 2021 21:50:27 GMT
accept-ranges: bytes
etag: "81f08e6987a7c8675462207e3514d72e"
cache-control: public, max-age=1209600
x-hw: 1629777004.cds001.wa1.hn,1629777004.cds010.wa1.c
access-control-allow-origin: *

GET
H2 200 ad Show response
v.lkqd.net/ Frame 0D0D 180 B
358 B 447ms
174ms XHR
application/xml 146.20.132.98
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1118956&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fholiday.presslogic.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C57736%2C1%2C&c4=&c5=&c6=57736&rnd=99316370&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.98 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:05 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://holiday.presslogic.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 150

GET
H2 200 cs
cs.lkqd.net/ Frame 40D9 43 B
308 B 418ms
133ms Image
image/gif 146.20.128.154
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.154 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:05 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 40D9 43 B
309 B 417ms
132ms Image
image/gif 146.20.128.154
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.154 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:05 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 40D9 43 B
308 B 418ms
133ms Image
image/gif 146.20.128.154
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.154 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:05 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 40D9 43 B
308 B 417ms
133ms Image
image/gif 146.20.128.154
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.154 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:05 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame 40D9
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3203409742748613029

43 B
308 B

366ms
133ms

Image
image/gif

146.20.128.154
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3203409742748613029
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.154 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:05 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3203409742748613029
pragma: no-cache
date: Tue, 24 Aug 2021 03:50:04 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 560D 42 B
64 B 23ms
22ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssSX9GluhFOv-fbnfx_Lj9hQn8XPWEKpGvuqnGZ9_UdTgoPUTH4Nmn2kf79dlZODJHGRZvKjgBOJ7L-sju3HZNhfbPn7rAZRgfbs6xOSy9z_43Gp8mj&sig=Cg0ArKJSzObeL0aV9jecEAE&id=lidar2&mcvt=1000&p=728,1027,978,1327&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210823&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=2155410361&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1629777003850&rpt=79&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Aug 2021 03:50:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cs
cs.lkqd.net/ Frame 3B52 43 B
308 B 410ms
137ms Image
image/gif 146.20.128.154
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.154 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:05 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 3B52 43 B
308 B 409ms
137ms Image
image/gif 146.20.128.154
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.154 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:05 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 3B52 43 B
308 B 432ms
159ms Image
image/gif 146.20.128.154
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.154 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:05 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 3B52 43 B
308 B 409ms
137ms Image
image/gif 146.20.128.154
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.154 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:05 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame 3B52
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3275467336786540965

43 B
308 B

393ms
160ms

Image
image/gif

146.20.128.154
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3275467336786540965
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.154 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:05 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3275467336786540965
pragma: no-cache
date: Tue, 24 Aug 2021 03:50:04 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 439ms
144ms Preflight
text/plain 146.20.132.174
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.174 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://holiday.presslogic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 24 Aug 2021 03:50:05 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://holiday.presslogic.com

POST
H2 200 t Show response
t.lkqd.net/ Frame 1CB9 0
169 B 405ms
134ms XHR
text/plain 146.20.132.174
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.174 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://holiday.presslogic.com
date: Tue, 24 Aug 2021 03:50:06 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame 1042 230 KB
61 KB 31ms
31ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:05 GMT
content-encoding: gzip
last-modified: Mon, 10 May 2021 16:09:54 GMT
etag: "18431b5d583ab7507824ab63424fc76a"
x-hw: 1629777005.cds001.wa1.hn,1629777005.cds202.wa1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62012

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 422ms
143ms Preflight
text/plain 146.20.132.174
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.174 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://holiday.presslogic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 24 Aug 2021 03:50:05 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://holiday.presslogic.com

POST t
t.lkqd.net/ Frame 38DF 0
0

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame C4B2 4 KB
2 KB 30ms
30ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3

Request headers

:method: GET
:authority: ad.lkqd.net
:scheme: https
:path: /cookie-sync/usync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:05 GMT
content-encoding: gzip
content-length: 1868
content-type: text/html
last-modified: Thu, 29 Jul 2021 21:50:27 GMT
accept-ranges: bytes
etag: "81f08e6987a7c8675462207e3514d72e"
cache-control: public, max-age=1209600
x-hw: 1629777005.cds001.wa1.hn,1629777005.cds010.wa1.c
access-control-allow-origin: *

POST ad
v.lkqd.net/ Frame 1042 0
0

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 492ms
203ms Preflight 146.20.132.98
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1118955&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fholiday.presslogic.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C57736%2C1%2C&c4=&c5=&c6=57736&rnd=37438074&m=&rtv=1&thost=holiday.presslogic.com
Protocol: H2
Server: 146.20.132.98 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://holiday.presslogic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 24 Aug 2021 03:50:05 GMT
content-length: 0
access-control-allow-origin: https://holiday.presslogic.com
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 cs
cs.lkqd.net/ Frame C4B2 43 B
308 B 133ms
132ms Image
image/gif 146.20.128.154
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.154 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:05 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame C4B2 43 B
308 B 134ms
133ms Image
image/gif 146.20.128.154
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.154 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:05 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame C4B2 43 B
308 B 135ms
134ms Image
image/gif 146.20.128.154
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.154 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:05 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame C4B2 43 B
308 B 134ms
134ms Image
image/gif 146.20.128.154
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.154 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:05 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame C4B2
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3203409742748613029

43 B
308 B

132ms
132ms

Image
image/gif

146.20.128.154
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3203409742748613029
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.154 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:05 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3203409742748613029
pragma: no-cache
date: Tue, 24 Aug 2021 03:50:04 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

POST
H2 200 t Show response
t.lkqd.net/ Frame E5AA 0
168 B 409ms
135ms XHR
text/plain 146.20.132.174
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.174 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://holiday.presslogic.com
date: Tue, 24 Aug 2021 03:50:06 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 172ms
140ms Preflight
text/plain 146.20.132.174
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.174 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://holiday.presslogic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 24 Aug 2021 03:50:05 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://holiday.presslogic.com

GET
H2 200 e92b21b3.jpg
image.presslogic.com/holiday.presslogic.com/wp-content/uploads/2021/08/ 73 KB
73 KB 33ms
33ms Image
image/webp 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.presslogic.com/holiday.presslogic.com/wp-content/uploads/2021/08/e92b21b3.jpg?auto=format&w=830

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f975a3eab67f2c1d9e6b0ba3b6726619458a5577378dfb3c9a6a615419a8389a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:08 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 23 Aug 2021 08:25:40 GMT
server: cloudflare
etag: "cfxw72k5jqZba6lQsm3-Jw3Q:a6253d9db939b6a723d054cb432ef7c3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000
content-length: 74830
accept-ranges: bytes
cf-ray: 68399d5f1c6d0eab-FRA
cf-resized: internal=ok/h q=0 n=16 c=59 v=2021.8.11

GET
H2 200 e92b21b3.jpg
image.presslogic.com/holiday.presslogic.com/wp-content/uploads/2021/08/ 73 KB
73 KB 35ms
35ms Image
image/webp 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.presslogic.com/holiday.presslogic.com/wp-content/uploads/2021/08/e92b21b3.jpg?auto=format&w=830

Requested by

Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/a406b00.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f975a3eab67f2c1d9e6b0ba3b6726619458a5577378dfb3c9a6a615419a8389a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:08 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 23 Aug 2021 08:25:40 GMT
server: cloudflare
etag: "cfxw72k5jqZba6lQsm3-Jw3Q:a6253d9db939b6a723d054cb432ef7c3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000
content-length: 74830
accept-ranges: bytes
cf-ray: 68399d5f5ca10eab-FRA
cf-resized: internal=ok/h q=0 n=16 c=59 v=2021.8.11

GET
H2

200

p2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/p?c1=2&c2=34403499&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=468359&ns_st_ec=1&ns_st_cn=1&ns_st_ev=end&ns_st_ct=va&...
https://sb.scorecardresearch.com/p2?c1=2&c2=34403499&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=468359&ns_st_ec=1&ns_st_cn=1&ns_st_ev=end&ns_st_ct=va...

64 B
330 B

63ms
62ms

Image
image/gif

13.224.102.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=2&c2=34403499&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=468359&ns_st_ec=1&ns_st_cn=1&ns_st_ev=end&ns_st_ct=va&ns_st_cl=0&ns_st_pt=0&c3=vidoomynet&c4=&c6=&ns_ts=1629777009
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-56.zrh50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:09 GMT
via: 1.1 ebbd7f31e48ea8cf77f6021cdd92bf62.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: MHCkUE9uduYS03NsXuuIbc2M6Zazrz43vl9GQfVg5usL-GlPFgJAtw==

Redirect headers

date: Tue, 24 Aug 2021 03:50:09 GMT
via: 1.1 ebbd7f31e48ea8cf77f6021cdd92bf62.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/p2?c1=2&c2=34403499&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=468359&ns_st_ec=1&ns_st_cn=1&ns_st_ev=end&ns_st_ct=va&ns_st_cl=0&ns_st_pt=0&c3=vidoomynet&c4=&c6=&ns_ts=1629777009
content-length: 280
x-amz-cf-id: olFC9rafvN9QVY7FKC2iXM_ERs9EL_6-hkZ6lp6hRVhzHd98xWrQ0A==

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 140ms
140ms Preflight
text/plain 146.20.132.174
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.174 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://holiday.presslogic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 24 Aug 2021 03:50:10 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://holiday.presslogic.com

POST t
t.lkqd.net/ Frame E5AA 0
0

GET ad
v.lkqd.net/ Frame C7F5 0
0

GET
H2 200 945b9ca2.jpg
image.presslogic.com/holiday.presslogic.com/wp-content/uploads/2021/08/ 99 KB
99 KB 27ms
26ms Image
image/webp 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.presslogic.com/holiday.presslogic.com/wp-content/uploads/2021/08/945b9ca2.jpg?auto=format&w=830

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d57a1954bff699c30308cccc1371bfdf2372695a56eaf42eb1c705f88060d71f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 23 Aug 2021 05:42:32 GMT
server: cloudflare
etag: "cfHam-xp6H54-gp0EnJEmH7A:07378446318c139fe33f25b9d6fd4385"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000
content-length: 101194
accept-ranges: bytes
cf-ray: 68399d805f2a0eab-FRA
cf-resized: internal=ok/h q=0 n=42 c=133 v=2021.8.11

GET
H2 200 945b9ca2.jpg
image.presslogic.com/holiday.presslogic.com/wp-content/uploads/2021/08/ 99 KB
99 KB 34ms
33ms Image
image/webp 2606:4700::6812:1649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.presslogic.com/holiday.presslogic.com/wp-content/uploads/2021/08/945b9ca2.jpg?auto=format&w=830

Requested by

Host: holiday.presslogic.com
URL: https://holiday.presslogic.com/my/_nuxt/a406b00.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1649 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d57a1954bff699c30308cccc1371bfdf2372695a56eaf42eb1c705f88060d71f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://holiday.presslogic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 23 Aug 2021 05:42:32 GMT
server: cloudflare
etag: "cfHam-xp6H54-gp0EnJEmH7A:07378446318c139fe33f25b9d6fd4385"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000
content-length: 101194
accept-ranges: bytes
cf-ray: 68399d808f4b0eab-FRA
cf-resized: internal=ok/h q=0 n=42 c=133 v=2021.8.11

GET
H2 200 dc_oe=ChMIqar-uuDI8gIVpVzlCh0kRQRwEAEYACD_-5pK;met=1;&timestamp=1629777014724;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame BA95 42 B
515 B 176ms
80ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIqar-uuDI8gIVpVzlCh0kRQRwEAEYACD_-5pK;met=1;&timestamp=1629777014724;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Aug 2021 03:50:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 t Show response
t.lkqd.net/ Frame 1CB9 0
169 B 434ms
143ms XHR
text/plain 146.20.132.174
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.174 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://holiday.presslogic.com
date: Tue, 24 Aug 2021 03:50:15 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 ad Show response
v.lkqd.net/ Frame C7F5 2 KB
2 KB 518ms
236ms XHR
application/xml 146.20.132.98
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1118955&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fholiday.presslogic.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C57736%2C1%2C&c4=&c5=&c6=57736&rnd=46521014&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.98 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: dba71f3f0b2513e13ff4b06aa1e83a05662dfe0ba954dd5114475a095570ff72

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:15 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://holiday.presslogic.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1361

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 140ms
140ms Preflight
text/plain 146.20.132.174
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.174 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://holiday.presslogic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 24 Aug 2021 03:50:14 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://holiday.presslogic.com

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame 2EF1 230 KB
61 KB 30ms
30ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:15 GMT
content-encoding: gzip
last-modified: Mon, 10 May 2021 16:09:54 GMT
etag: "18431b5d583ab7507824ab63424fc76a"
x-hw: 1629777015.cds001.wa1.hn,1629777015.cds202.wa1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62012

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 9CE1 4 KB
2 KB 30ms
30ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3

Request headers

:method: GET
:authority: ad.lkqd.net
:scheme: https
:path: /cookie-sync/usync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:15 GMT
content-encoding: gzip
content-length: 1868
content-type: text/html
last-modified: Thu, 29 Jul 2021 21:50:27 GMT
accept-ranges: bytes
etag: "81f08e6987a7c8675462207e3514d72e"
cache-control: public, max-age=1209600
x-hw: 1629777015.cds001.wa1.hn,1629777015.cds010.wa1.c
access-control-allow-origin: *

POST ad
v.lkqd.net/ Frame 2EF1 0
0

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 141ms
141ms Preflight 146.20.132.98
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1118955&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fholiday.presslogic.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C57736%2C1%2C&c4=&c5=&c6=57736&rnd=46521014&m=&rtv=1&thost=holiday.presslogic.com
Protocol: H2
Server: 146.20.132.98 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://holiday.presslogic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 24 Aug 2021 03:50:15 GMT
content-length: 0
access-control-allow-origin: https://holiday.presslogic.com
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true

GET
H2 200 cs
cs.lkqd.net/ Frame 9CE1 43 B
308 B 134ms
133ms Image
image/gif 146.20.128.154
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.154 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:15 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 9CE1 43 B
308 B 133ms
132ms Image
image/gif 146.20.128.154
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.154 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:15 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 9CE1 43 B
308 B 134ms
133ms Image
image/gif 146.20.128.154
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.154 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:15 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 9CE1 43 B
308 B 134ms
134ms Image
image/gif 146.20.128.154
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.154 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:15 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame 9CE1
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2653986580174607252

43 B
308 B

132ms
132ms

Image
image/gif

146.20.128.154
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2653986580174607252
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.154 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:50:15 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2653986580174607252
pragma: no-cache
date: Tue, 24 Aug 2021 03:50:14 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

POST
H2 200 t Show response
t.lkqd.net/ Frame 1CF8 0
168 B 142ms
142ms XHR
text/plain 146.20.132.174
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.174 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://holiday.presslogic.com
date: Tue, 24 Aug 2021 03:50:15 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 140ms
140ms Preflight
text/plain 146.20.132.174
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.174 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://holiday.presslogic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 24 Aug 2021 03:50:15 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://holiday.presslogic.com

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: t.lkqd.net
URL: https://t.lkqd.net/t

Domain: v.lkqd.net
URL: https://v.lkqd.net/ad?pid=430&sid=1118955&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fholiday.presslogic.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C57736%2C1%2C&c4=&c5=&c6=57736&rnd=37438074&m=&rtv=1&thost=holiday.presslogic.com

Domain: t.lkqd.net
URL: https://t.lkqd.net/t

Domain: v.lkqd.net
URL: https://v.lkqd.net/ad?pid=430&sid=1118955&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fholiday.presslogic.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C57736%2C1%2C&c4=&c5=&c6=57736&rnd=69342168&m=

Domain: v.lkqd.net
URL: https://v.lkqd.net/ad?pid=430&sid=1118955&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=http%3A%2F%2Fholiday.presslogic.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C57736%2C1%2C&c4=&c5=&c6=57736&rnd=46521014&m=&rtv=1&thost=holiday.presslogic.com

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.presslogic.com/	1970-01-19 22:52:33	Name: _fbp Value: fb.1.1629777003001.1268076862
.presslogic.com/	1970-01-20 06:04:33	Name: __gads Value: ID=9cae8982439f7070-22cf69e5acc8001f:T=1629777003:S=ALNI_MZ-o5scbo6oCz_0HYvtTbfdt_8ERg
.presslogic.com/	1970-01-19 20:42:58	Name: __asc Value: c623273a17b764781d555a87764
.presslogic.com/	1970-01-19 20:42:57	Name: _gat_UA-75313505-7 Value: 1
.presslogic.com/	1970-01-19 20:42:57	Name: _gat_UA-75313505-12 Value: 1
.presslogic.com/	1970-01-20 05:29:59	Name: __auc Value: c623273a17b764781d555a87764
.presslogic.com/	1970-01-19 20:44:23	Name: _gid Value: GA1.2.1308648333.1629777003
.presslogic.com/	1970-01-20 14:14:09	Name: _ga Value: GA1.2.1282470622.1629777003

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://holiday.presslogic.com/my/_nuxt/ff27d5f.js(Line 2) Message: <no-ssr> has been deprecated and will be removed in Nuxt 3, please use <client-only> instead
console-api	info	URL: https://cdn.ampproject.org/rtv/032108170213000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2108170213000 https://holiday.presslogic.com/

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.vidoomy.com
ac0009b08116b6c8069dcae674b9b55e.safeframe.googlesyndication.com
ad.lkqd.net
ad.turn.com
ade.googlesyndication.com
ads.stickyadstv.com
ads.vidoomy.com
adservice.google.com
adservice.google.de
assets.presslogic.com
cdn.ampproject.org
certify-js.alexametrics.com
certify.alexametrics.com
cm.g.doubleclick.net
code.createjs.com
connect.facebook.net
cs.lkqd.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
holiday.presslogic.com
ib.adnxs.com
image.presslogic.com
inv-nets.admixer.net
match.adsrvr.org
pagead2.googlesyndication.com
pixel-sync.sitescout.com
platform.instagram.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
sentry.io
static.cloudflareinsights.com
static.doubleclick.net
stats.g.doubleclick.net
storage.googleapis.com
sync.1rx.io
sync.targeting.unrulymedia.com
t.lkqd.net
tagm.tchibo.pl
tpc.googlesyndication.com
v.lkqd.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.instagram.com
x.bidswitch.net
t.lkqd.net
v.lkqd.net
13.224.102.21
13.224.102.56
13.224.102.98
13.248.242.197
142.250.184.226
142.250.185.194
142.250.186.34
146.0.227.110
146.20.128.154
146.20.132.174
146.20.132.98
151.139.128.11
172.217.16.130
18.158.22.228
185.33.221.91
2.18.234.21
2.18.234.233
2001:678:cb4:bbbb::11
213.19.147.44
213.19.147.45
216.58.212.130
2606:4700::6810:5f41
2606:4700::6812:1649
2a00:1450:4001:800::2001
2a00:1450:4001:802::2003
2a00:1450:4001:809::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:810::200e
2a00:1450:4001:812::2004
2a00:1450:4001:813::2004
2a00:1450:4001:827::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2006
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:82b::2010
2a00:1450:4001:82f::2002
2a00:1450:4001:830::200a
2a00:1450:4001:831::2006
2a00:1450:400c:c08::9a
2a02:26f0:6c00::210:ba1a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a03:2880:f21c:81e5:face:b00c:0:4420
2a03:2880:f22d:c4:face:b00c:0:43fe
3.129.250.65
35.188.42.15
52.15.171.234
52.57.230.211
66.155.71.150
85.14.248.91
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
05f86002e7f5dda148a5ca9059ae57435ca91b19c87b5120996afc5a63504b2e
065b3f4764f35e6e8966507cc87575f960719f0687b0429efe56255cf270bead
072cdbe0c3148659b3575f5d5249fa283a53ea8bd3240f84c862125832383433
0795a9add8aaabcf9fc428586bf8e7e73038c95798adeb038a287ff2a586dbb7
090b0d5b9c6fcad898bf80088a9b08666736e32872bfd4329fc14f28dbdd9a5d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0de906a9b095b501c262e6dc066905d118832051499aeff9b581e706b6b28767
0e54da785f2019b940fdac7bceb9204a589ed3b44734b64df5cd529bedb294eb
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299
10451b01ead5e286ee4dd7fba2a18aeae2a0ecc31035fa9eeed6130865bd514a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1108f1916ae7a8c7298e032eeb7a87fb86f0aa24b3883f62911b6206d5107c2b
1121d7f8fb131bce05cbaf9b75a1272f9fbed57a53cd239d2fe91ece63ed9424
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13b8277e949ea93ffc1b329a1f95b2775593340d17fe828ed40f2b3f9e125f9a
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
180a7ff9a566a65979ef395ac45863844b33e9a8aa58dcaf4d73b2824567e8f7
1862f98dd2e7831eca8c835660d5127c6ae5ea78b141dd78ec872e39b8c51077
1ad462c24b7db7dd8b19893f55f6101838f756bbf9473c8ed172389f61ecf1c8
1b2d5e88c36ab8efc1347d619bff25b503bed8c97e9431fb5053bf61ba297426
1c47a0be3bf69616f080ebb95fcae7bf150643db03360bff87511a6048f4989d
1f83c6e3eac9d41d51bc8e3b63f353ea889cc70b9938e2f701719aef80bf8528
21c5cdf88a9219f623264dd4d24e3e0692f58c5618617030fb634b11f8a6116c
24e7a872e97ddca5fc2cacc625c2a147bde894a764ba51300214781560368116
24ed4e4e451c52b3f0b36a0f2bd1449fb89c933caeb024660919ed1c04cb2b0c
26a59f5cd2e558222d7fe0c2883f7e3926c15534d1ea4b846ce1aa2ea79c4adf
29e2adad23489db92bd33bf65a534c65a6dc29f4c9ee50b552a431aa40a65710
2a7695bf1c26b3250de42c8ad42bc4e3abf7418876f76ad67bb58092c9244478
2b7494da41950881d5ce83c1090daf59784803ba847b2fe6bbf8a87a15e3b4d1
2bbba340d2f452e7c662f1e486a08477ae6aa7c10093dfe09f6636674df8a720
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
2ca6497a42e24612a860882911fa235b3a1b94620da002b84af1fead572a282b
2dc00e6c10812518e5f101fdeef7624851e0431b4931d80e64470b576800f041
3096b675e0d5835f959aabe535d0b22a86215fe4c2706c928b2f96f3d9c24016
30ee311dc44fb48fcb6d78e93b07916610075d7191303d3fb52d907887f0de46
313980e71cc69f18608b91680d9ed20c5b888629ee2d8904c168f01a3a21a6eb
34655c43a6e1ebebea1679e8504834fcd5ad8df871b3db1270d11e5e69fd3609
34aa5231647f35dbcb776f2bebd710c1ac71b7c918026670ffee89b6c16caca7
34f4765beef1963a50e6f26df1523b3b0d0db5fcb77331eb5f5a71243e0ac461
35adff49f4f7c4fa7112da10261ed1abecd865549fadc40690a4cc1f2e6bf832
36764ad99858aeabc8630ce12a731d82ec32feb371c88b2572e7f848159127d3
38803ccd696b11446d5922ca1113adedbae3e9f609a44ffc74015b4bb4c5232f
38cae7aa633433ce04ad15167696536fa0dfc233ea2f68d39cacfb288f5316c4
3b838024f7eb1457a19caad1dc9fe45ed130118c7e34da184105f3ae40887898
3c4176795e7304f2d0373d2c3edad1600cab1a1a0e8b202c6cfe3e06c7466172
3fb98e06edb3a68adeff7e74efc0ab2386ed027bc9dd6baadb3bfc2e45b34d15
425050ba5cddd6da2e5c8ca0f0e2b49f4b842c425767dbb1e984861fd64f21f7
425220ba21035ca3cf9fadf13dd9b089153d5e545573b23d67f3e361b3954524
429359266b178dc66a512ca84aec255558c9916a41f3fc8c0ceeea0421b4899d
429c07177f8d9723f4f0a686adc4f4df1aa71837a031db8176e6be06f0d55458
43eea1670a31ec83358d216fa7b94a21abb3dd5dd9657d171bb9a60ad873556b
44fb13854aa442c76f3a69420e5ac500ebef070f9c3796e43115dd1ce851a166
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac
4645e41595da9c672140b15610528c886785a6fa90b17a8ce8458786139c9932
482630e04e56e186b6821c33288f0a5be8ee31638cd5f1dfbb33169b5dd6a204
48b587363801affa439a25c88c4df2baffa4ee1e7aa8f7cd0995a23af0087c95
48bb89434a42b4fb519f27e9272e018e8151383b4b7f46f26260f5fd29e5f05e
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c6318d519ef313ff6d9fc90d7e9224f2994c76a958e5674bb1cada183d9a452
4cee95e28d99d9926f58e1523ee1f80e407fa273226162d92c836693441f39a1
4f0f73603fc825165a86d3f8cea2192f39822851516608324fc3bc0c69f694d5
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
50235ec9793a0ef9fa1e16fc5d47fdfd56f199b343586308c7cbec1e9937435a
50378aa9304561a118da2a16b43b3f978f6b1e79776748ddd28ec794a4a3e2d0
503fdf21c73cbd004617290290875aae1c12e70ea356b10206112cb41bc023e0
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51d885065799e9b3c91f79691c90d03df29b028e378f9bfd8fa53cf5d8b17f3f
51f2b3636134176c96a88442884446f2d1f6362552c5c88bd516785af14aa56a
525f091870c1282bb4823f9e64192983f1652a3bbc84c97ca5e6c4f063ca6e82
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
546054264cec5641c643b2754bd69e299e1f5345ddd1e24eb4058fdf710894c4
5472cbce3d59802ab140c5b8eecfca4d357343c47a1c9ea601ccf1d50145955b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55e4952be9599ffd0c411a904a954ac984ed919d612ac2c044545a373aebd1f8
57e7135d32625d7e1d8117a0571033a7564dc662dfe18bafdefd6633633858b9
59cc7fa40540cc164a9c69d98d697f14010ff99f62cb8afe97610cacd2d32c04
5d05926362e43abfab6f30edefa30cb5877f0786d58095b8c03d788748d8040c
5d52ba9d1eaa9f0e44d54860455271a4c409b0535dda3430c2fe9856d3bfa5cb
5d5ad4161562b6ba4bc9e6a0932600b410753be316b9a1015f731e657ce16a8d
5dffee68234deec6b2364581014e145fc9750f8014571f6a6b54c1430e06c0cc
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
5f5205042d163b67080802e82367c6e61010808437836456d9fc7cb07fa6f2ab
5fa27f35fb69e04575f2b6a30221f1c1641d23346e8587295c6630238d9c9bae
603ec40ec354c82a4f558b1c607e4429d938737cf5f67de09121afb008e09913
60c5faf531c04e9a0436fcf0c1365934af930380a45e1900e59ac70f4742ca2b
61fb409fcea7eda0419035ff2d75faea6742fcccdf5ff99fa44eb783f5053bb3
620d2496ce892dbfea08cde89081ccc445f49c1155faa3fd431f09b0152e3ec1
63a218801054b8267a86e48b10025b463f4fc573ad1c58ea95ccbb69627e9905
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b
66703b9abb25d3f3e8209351e79e43bb40720de5d0d32fbc83ca4b29af1bcc09
696dc8c446a7d7fe301adaa8559eda716ec8d7d391ceba838e77dc4ae1b63a36
6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3
6c1ce9c9a9b386bde0f0788bcf893c32952042c6b409d5a86c184f0cfc967727
705dc880cbf2c75fff6d89cbd6062ab4e2cc3b00f99eb885df47ee34642fbc6d
717de30a4e041b92e5d3aa230aeede4e08434647e627279477a2f642ac2861eb
71fb104a5499ef2737f6ce3ea58393201caf2fa6dd8d12d22b97b6785d161711
720540fdf6be1b3d2aee9c54172a0b328457b3e6860da752f37c88a0860607cb
7251739d49fd91b1541e799306e8fc589561d60dd20a7820d9873851780ad612
747de4f700fc38ad6aec697eca9a96c31b522213c90f3b50211c869a5d7f0464
74e0a79ef6d63e8502a4efc5db37400f4da1facea09eec134af5db57ebd0f84c
768ee57f0df10e58988e486f4b4ba9c039d96f0bad7fa889fb2f930e014e49ee
77c3d215298f95357de947f102cc00bded45bdb71ab3c20f9dfdc64e490729c6
783bdee3b98d28761c9365cb84aab079516d78d6915fa15796007004ec106e40
789c1bce0c032eef2d0eff0557db471c50888e721306df2593194685b398a47d
79a23dca95e4bb730b33af450264d22633e9c68cfb5a0fe118466f7bcd0dd919
79ded6103b2d8c990e502c9de24dc6a96f0eeb6038cd5f2db8c8e6c7fea1b4a6
7c83d3b2626e5c7be290676f31d079ab4a3c1013458e1748494cbe3e05145b27
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5
7f434917986692fee0c3a2ac583712ad13ad0995e9406c71f93ce3f86616cb07
812f8be8df3e614cc2c0c83f37b4448e0c7d9cbcee2d7f87e8dd83344c4e72d1
82f7485255164ff17c3a7c718d8893f5633192de5fc3f0951b7416bd5feda2be
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
858c67a87c1e3521cb7ed90b52eb2815b41ce7f27b21160d8a0941da25ea38d2
87f89557eebee9305eeda94f705ea5155509685cb4a274f042e9b3bb43f43ae0
881d7ee9c548267e8868c706be137e571769363579475059b680777d2f8ad88d
891b590b7c68d10805cba9374cd11d711d160e92466c23759590ed50039aa585
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8da0c3872beb7b2262f0405bef8d4f6a35b74cfd167d443ba4d2ecd0caf3c9e0
8e5af3f36b5da786e812a77ff69c209bf59074d545038c1b26aa14e8cc284dfa
8e65f82f6a83a9037b41abe38e84b5095104efa3c0a1a7c086240644c0b0d6c4
907d32fc01d4e38d02bdfb47fe972a2e91b379261d287e9bf93bfb78347ae269
90cf1455f9c446dcb9132e7b24bd0bf4576064ebc9af8908b9899381bfcd313e
9158e53d7052a6df65c12e3a59a8c77a8be353425523e4eff057fa5578e654ad
918ba0dc0f0ad5e21feceaa8882c3377f777dfc684f8238b9866cb9b8e70a30f
95e572491860557badd4d4d1d3e37f1f3c602cc3d163a0cdac6b6523fbee67c3
9625dd5f36e9196b741bfb4558fb8809318495207eb6213427f4ee42b7baa57e
99f6048e026a358bcd25087b08a35840836764c0c3a97cd18569a0dab3263b7b
9a43607be29f655abb526294f1c784c828dc78d6d39786a5f1bb400ac0c13725
9b5312cb2f154f2bd64ee8746195a63df254d10bfd107a61eec3d5d38dd48bff
9b9353072230617ff936b852cd96e695e4dd987098dbd985b28e2b5d06bd53bb
9c32ac14a4b185fd6ca6417768966f1e4678eaebb6af7d0bd414a9940ee17af8
9c60b538360889966bd2e4a1adad2fb0291484e18656c0bc9d5ff0112b492593
9dff9c5d8bb8ff3117fe17757c275af96ca695dc60d7fb811331cb38815a91a6
9e2afdfbe652a904830a43c08071d5cb740565b9ce02bff6e84238453ad50705
9f2b4365d34a3674dca8130a0ad100fb822c288485faac1afed2eca07af7acb9
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a227096643f24e9e13ef446861328967e28c104d96b6766a14e10202e0b8e7bf
a35b16842e7a94ad17e249476a91b63299264b016df9efa797790c4d58b0a514
a3918f5549f6a86dadacaa9ac21d53eaec20f6f88e45c3575051d6d7a3999143
a3df390f9d9696ef2ac9b37161f576d49a10643bffc089f18b2801b3c30e863a
a4921546c0a359575d12e5e7c7990a501872a1bd67f91b7bc4f95003bdf6f84d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a51f1f74393f29d9f9132efaa02f049ff511ae4af3c394ffef23da3a4ac54c2d
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b12be8ea0b99ddff6a37e0b868de5a4b7f8cf1c8b9d13de72e675d13b46bc83c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1a4276cc356a6b35abd1932607bfe1fbdaacd3ea50c6c465cb636b63c9b80d1
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b95161460d1f4437aa714cfa1876d0419defa2c6ea42a2fbc78dd487900a1d3d
bbb57cb79323d071cdd8071a2cb16292a6aa9dcaf41f701c760e4c927570340a
c04ab3e8b18d11a14600fd622617ea35e19e0b2508a8c35f2c422d9cd489e552
c2abab588ed1aa226fff507bb12cc00b354738c203f4b6cd202f40352cdc6591
c38e0daca00b89a7abd05c03405d75e8c23b5c341754fdfce5663f0f36e1d845
c69739431e5aff1b7174a81209cbd0658da6c4d1b6527580f9f2f070df848290
c863026af0aca0b6e8067015b05c5be855682e861c8cb376075ad8e7b313f06f
c9f94f957c781ac27e4257c276659d678b1cd9dcd5931b6c0b068da46198378e
ca499618edd15ed29a519fc9002f8e4abc35248b6c07df426bd6d6ab545ca0b6
cd52c122328222aa09da5268422e69f9cd61111fbcd7b125cfcf5a7f03a22384
d3655dd997297b5782d5c7a56e2e393d1f1336339427b86e3992cd19fa625db1
d39496cf0e486697bb3a01d0f25bb7ac560b794bb01793382402e234744ca9ee
d57a1954bff699c30308cccc1371bfdf2372695a56eaf42eb1c705f88060d71f
d5a369d3d8be69eaf6a54f958015e687947252be07dbb197750fa8147caea4dc
d7115b000d09e26c8d4acddcdc655544309634c73189e9dbdd7160b5e2cb9582
d7d8388031f5fdf89c50b8a437841156016b65640cf9a19ed0b663aea62c2e6d
d810d62c27c55c915feaca97af37fac9580073e4c1482b7f1665912d74627ac1
db8e982e9d4aee00d8b7052edd851e00a8cf4ae33ca811272b67c6e048d93a25
dba71f3f0b2513e13ff4b06aa1e83a05662dfe0ba954dd5114475a095570ff72
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0583d749537c347d42a4ca3c939933db2d7c2b2cf87ef6206f8525de99aba10
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e5670a724acb6d419f617893e95a8545fd4228c56d4a998900daf69495adb76e
e5ab65d9bc23ec6f0a9aa0777bcedb0b5c81722ca1baeb73070fed2421bcbd0c
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e647c5d18350402817098a6f79853790ace79be9a1bf94cc3c8797addc5cdd34
e6d9014a237b2b9ad7c03a94d1f7ff0534ea0f9b941ee9df4a73f6d440f84fe1
e88efe32efdb6348bf7e652f94fe2ac0b4fc2de4e372d2a9fe436db686e0a99d
e9bc60b625ef89de00f22bc264e3f085526b4bd0fed14e2f5ebf3b8ab7ac8b95
ea5f4e9308304ce3c98c57fe78bcce332a4cf962e48cbd6c6d443a2e1b78b900
eb5bd49305fd3986b50cc4a0228542f8f6532b3c5523219f3716e84f141c86a8
eb8c12f38c58542a19e9bc876eea0078159aa560794bc0244608946d0f7ec64b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f
ef7ddeaf31d487bf07b79b1aeb4f9cad24ffa35c280e0702c276dd5cf709cf67
efeea300476f645fad693f5f1940f09d4bc36f06218062be64554d670927cee1
f32e5a054bca9ebc3601a7a908ca341f2de553f2a18b83b61e8f1c040cb936bc
f4a74fe2cef1d4e3ca293944e20763b350954439d0966a662691d304d9e1aac3
f79c4cf2b5494dac51a38f8c149d66042f46e6a3bb07510fb5d64f296895ea75
f7f466b4a4a787755f88eaf0a743e9d935eec5aa2fa4372c4a548816dfdce2b5
f975a3eab67f2c1d9e6b0ba3b6726619458a5577378dfb3c9a6a615419a8389a
fa21139e68e8398007aa02e976493467cc6699ef57f9a1e54919b5cda680f2f1
fae2773cd95cb857866b4b3a54777c88f6c03e0167bf323c2a1f431985887b61
fcba340c9bc5486c71ff1141807a0fcfc21e3492981f0a78c69b33a6e3a572cc
fdd3e502fbd1bda1da8283465cb8fe741ed9543e851e645711d9383280fbe3b3
ffce136a8f1516b57b0a4c1ad896246c5fc44dfdf513d8f5f0768881fefb71a4

holiday.presslogic.com Open in urlscan Pro 2606:4700::6812:1649 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

300 Requests

97 %HTTPS

52 %IPv6

34 Domains

53 Subdomains

46 IPs

6 Countries

4215 kBTransfer

8872 kBSize

8 Cookies

7 Outgoing links

Redirected requests

300 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

holiday.presslogic.com Open in urlscan Pro
2606:4700::6812:1649 Public Scan

Screenshot
Live screenshot

Full Image

300
Requests

97 %
HTTPS

52 %
IPv6

34
Domains

53
Subdomains

46
IPs

6
Countries

4215 kB
Transfer

8872 kB
Size

8
Cookies

300 HTTP transactions
3 data transactions