urlscan.io logo urlscan.io
SecurityTrails logo

biggbos.live Open in urlscan Pro
2606:4700:3034::ac43:a421  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://biggbos.live/
Effective URL: https://biggbos.live/
Submission: On November 15 via manual from FR — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 50 IPs in 9 countries across 52 domains to perform 508 HTTP transactions. The main IP is 2606:4700:3034::ac43:a421, located in United States and belongs to CLOUDFLARENET, US. The main domain is biggbos.live.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 6th 2021. Valid for: a year.
This is the only time biggbos.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 34 2606:4700:303... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
4 2600:9000:21f... 16509 (AMAZON-02)
2 2606:4700:303... 13335 (CLOUDFLAR...)
4 178.162.196.156 28753 (LEASEWEB-...)
4 192.243.59.20 39572 (ADVANCEDH...)
8 104.18.17.65 13335 (CLOUDFLAR...)
1 142.91.159.144 7979 (SERVERS-COM)
19 142.250.185.66 15169 (GOOGLE)
6 139.45.197.236 9002 (RETN-AS)
54 2606:4700:303... 13335 (CLOUDFLAR...)
11 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 139.45.195.8 9002 (RETN-AS)
3 139.45.197.156 9002 (RETN-AS)
33 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 9 2a00:1450:400... 15169 (GOOGLE)
1 104.19.132.80 13335 (CLOUDFLAR...)
3 104.18.16.65 13335 (CLOUDFLAR...)
39 2a00:1450:400... 15169 (GOOGLE)
139 151.101.129.44 54113 (FASTLY)
13 2a00:1450:400... 15169 (GOOGLE)
3 9 13.225.78.42 16509 (AMAZON-02)
6 185.29.132.242 30419 (MEDIAMATH...)
2 142.250.186.131 15169 (GOOGLE)
4 29 142.250.186.130 15169 (GOOGLE)
3 5 2.18.234.21 16625 (AKAMAI-AS)
2 3 185.33.221.15 29990 (ASN-APPNEX)
7 2a00:1450:400... 15169 (GOOGLE)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 2620:112:f002... 6336 (TURN-US-ASN)
2 2 52.58.94.171 16509 (AMAZON-02)
2 2 169.50.137.184 36351 (SOFTLAYER)
1 213.155.156.165 1299 (TWELVE99 ...)
4 4 216.52.2.48 30282 (AS-INAPCD...)
2 138.201.135.164 24940 (HETZNER-AS)
2 2.18.233.201 16625 (AKAMAI-AS)
1 1 151.101.66.49 54113 (FASTLY)
1 3.33.220.150 16509 (AMAZON-02)
2 2 85.114.159.93 24961 (MYLOC-AS ...)
1 178.162.133.149 60781 (LEASEWEB-...)
2 2 18.156.0.31 16509 (AMAZON-02)
2 142.250.184.194 15169 (GOOGLE)
1 2 52.51.58.216 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
1 4 138.201.63.165 24940 (HETZNER-AS)
1 4 138.201.84.245 24940 (HETZNER-AS)
3 141.226.228.48 200478 (TABOOLA-AS)
1 1 52.18.11.109 16509 (AMAZON-02)
2 2 185.29.132.241 30419 (MEDIAMATH...)
3 3 18.157.70.90 16509 (AMAZON-02)
2 2 35.210.53.219 15169 (GOOGLE)
2 2 37.157.5.142 198622 (ADFORM)
1 1 69.173.144.139 26667 (RUBICONPR...)
1 1 2600:9000:20e... 16509 (AMAZON-02)
2 2 213.19.147.44 26120 (RHYTHMONE)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
1 1 2a00:1288:110... 34010 (YAHOO-IRD)
1 1 35.205.207.25 15169 (GOOGLE)
3 88.99.69.161 24940 (HETZNER-AS)
3 2a04:4e42:400... 54113 (FASTLY)
3 141.226.224.32 200478 (TABOOLA-AS)
508 50
34    2606:4700:3034::ac43:a421 (United States)

ASN13335 (CLOUDFLARENET, US)
biggbos.live
6    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2600:9000:21f3:c600:2:e529:700:93a1 (United States)

ASN16509 (AMAZON-02, US)
tags.orquideassp.com
2    2606:4700:3036::ac43:96a6 (United States)

ASN13335 (CLOUDFLARENET, US)
vmuid.com
4    178.162.196.156 (Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
prefleks.com
patalogs.com
4    192.243.59.20 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
prowesshearing.com
8    104.18.17.65 (None, )

ASN13335 (CLOUDFLARENET, US)
jsc.adskeeper.com
c.adskeeper.com
servicer.adskeeper.com
cm.adskeeper.com
1    142.91.159.144 (Netherlands)

ASN7979 (SERVERS-COM, US)
zeroethgipsy.com
19    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
securepubads.g.doubleclick.net
6    139.45.197.236 (United Kingdom)

ASN9002 (RETN-AS, GB)
rndhaunteran.com
54    2606:4700:3034::ac43:ce35 (United States)

ASN13335 (CLOUDFLARENET, US)
hellonewyork.xyz
11    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
www.gstatic.com
5    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.fr
5    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
7    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
5f2eda5863d9461a244c21ad04e9945e.safeframe.googlesyndication.com
fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com
79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com
69177f9f531aa1006a27a6b1cc644f57.safeframe.googlesyndication.com
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
3    139.45.197.156 (United Kingdom)

ASN9002 (RETN-AS, GB)
static.cdnativepush.com
33    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
9    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    104.19.132.80 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.adskeeper.co.uk
3    104.18.16.65 (None, )

ASN13335 (CLOUDFLARENET, US)
s-img.adskeeper.com
39    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
139    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
images.taboola.com
13    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
9    13.225.78.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-42.fra2.r.cloudfront.net
sb.scorecardresearch.com
6    185.29.132.242 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
tags.mathtag.com
2    142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net
p4-atfgjzduejpb2-chhulcweoy55jjcb-if-v6exp3-v4.metric.gstatic.com
29    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
cm.g.doubleclick.net
5    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
3    185.33.221.15 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
7    2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
r.turn.com
2    52.58.94.171 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-94-171.eu-central-1.compute.amazonaws.com
pm.w55c.net
2    169.50.137.184 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b8.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
1    213.155.156.165 (Uppsala, Sweden)

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-165.teliacarrier-cust.com
d5p.de17a.com
4    216.52.2.48 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
2    138.201.135.164 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.135.201.138.clients.your-server.de
hal9000.redintelligence.net
2    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    178.162.133.149 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
2    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
googleads4.g.doubleclick.net
2    52.51.58.216 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-58-216.eu-west-1.compute.amazonaws.com
amplifon.demdex.net
5    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
4    138.201.63.165 (Hockenheim, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.165.63.201.138.clients.your-server.de
hal90005.redintelligence.net
4    138.201.84.245 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.245.84.201.138.clients.your-server.de
hal900025.redintelligence.net
3    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-trc-events.taboola.com
1    52.18.11.109 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-11-109.eu-west-1.compute.amazonaws.com
pixel.everesttech.net
2    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    18.157.70.90 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-70-90.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    35.210.53.219 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
2    37.157.5.142 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    2600:9000:20eb:b200:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
2    213.19.147.44 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    2a05:d018:24:b002:2591:850:d183:b9b4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
1    2a00:1288:110:c305::8000 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
1    35.205.207.25 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 25.207.205.35.bc.googleusercontent.com
ads.avads.net
3    88.99.69.161 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.161.69.99.88.clients.your-server.de
cdn.contentspread.net
3    2a04:4e42:400::300 (United States)

ASN54113 (FASTLY, US)
pips.taboola.com
3    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
Apex Domain
Subdomains		 Transfer
148 taboola.com
cdn.taboola.com
trc.taboola.com
am-trc-events.taboola.com
images.taboola.com
pips.taboola.com
cds.taboola.com
2 MB
79 googlesyndication.com
5f2eda5863d9461a244c21ad04e9945e.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com
79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com
69177f9f531aa1006a27a6b1cc644f57.safeframe.googlesyndication.com
946 KB
63 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
googleads4.g.doubleclick.net
799 KB
54 hellonewyork.xyz
hellonewyork.xyz
750 KB
34 biggbos.live
biggbos.live
482 KB
14 google.com
adservice.google.com
www.google.com
4 KB
13 gstatic.com
fonts.gstatic.com
www.gstatic.com
p4-atfgjzduejpb2-chhulcweoy55jjcb-if-v6exp3-v4.metric.gstatic.com
187 KB
11 adskeeper.com
jsc.adskeeper.com
c.adskeeper.com
servicer.adskeeper.com
s-img.adskeeper.com
cm.adskeeper.com
130 KB
10 redintelligence.net
hal9000.redintelligence.net
hal90005.redintelligence.net
hal900025.redintelligence.net
17 KB
10 mathtag.com
tags.mathtag.com
pixel.mathtag.com
sync.mathtag.com
7 KB
9 scorecardresearch.com
sb.scorecardresearch.com
7 KB
7 2mdn.net
s0.2mdn.net
199 KB
6 rndhaunteran.com
rndhaunteran.com
28 KB
6 googleapis.com
fonts.googleapis.com
3 KB
5 ampproject.org
cdn.ampproject.org
103 KB
5 casalemedia.com
dsum-sec.casalemedia.com
4 KB
5 googletagservices.com
www.googletagservices.com
182 KB
5 google.fr
adservice.google.fr
1 KB
5 google-analytics.com
www.google-analytics.com
79 KB
4 lijit.com
ap.lijit.com
3 KB
4 prowesshearing.com
prowesshearing.com
4 orquideassp.com
tags.orquideassp.com
4 KB
4 googletagmanager.com
www.googletagmanager.com
142 KB
3 contentspread.net
cdn.contentspread.net
80 KB
3 bidswitch.net
x.bidswitch.net
2 KB
3 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
2 KB
3 adnxs.com
ib.adnxs.com
3 KB
3 cdnativepush.com
static.cdnativepush.com
26 KB
3 patalogs.com
patalogs.com
903 B
2 tidaltv.com
sync.tidaltv.com
830 B
2 adform.net
c1.adform.net
1 KB
2 admedo.com
pool.admedo.com
717 B
2 demdex.net
amplifon.demdex.net
2 KB
2 adition.com
dsp.adfarm1.adition.com
1 KB
2 everesttech.net
sync-tm.everesttech.net
pixel.everesttech.net
911 B
2 simpli.fi
um.simpli.fi
1 KB
2 w55c.net
pm.w55c.net
2 KB
2 turn.com
ad.turn.com
r.turn.com
878 B
2 vmuid.com
vmuid.com
5 KB
1 avads.net
ads.avads.net
520 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
582 B
1 1rx.io
sync.1rx.io
697 B
1 smaato.net
s.ad.smaato.net
441 B
1 rubiconproject.com
pixel.rubiconproject.com
456 B
1 sonobi.com
sync.go.sonobi.com
478 B
1 adsrvr.org
match.adsrvr.org
265 B
1 de17a.com
d5p.de17a.com
125 B
1 adskeeper.co.uk
cdn.adskeeper.co.uk
2 KB
1 rtmark.net
my.rtmark.net
543 B
1 zeroethgipsy.com
zeroethgipsy.com
1 prefleks.com
prefleks.com
40 KB
0 travelaudience.com Failed
ads.travelaudience.com Failed
508 52
Domain Requested by
110 images.taboola.com hellonewyork.xyz
cdn.taboola.com
biggbos.live
54 hellonewyork.xyz biggbos.live
hellonewyork.xyz
39 pagead2.googlesyndication.com hellonewyork.xyz
tags.orquideassp.com
pagead2.googlesyndication.com
fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com
biggbos.live
securepubads.g.doubleclick.net
34 biggbos.live 1 redirects biggbos.live
33 tpc.googlesyndication.com 5f2eda5863d9461a244c21ad04e9945e.safeframe.googlesyndication.com
79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com
googleads.g.doubleclick.net
fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
hellonewyork.xyz
cdn.ampproject.org
securepubads.g.doubleclick.net
29 cm.g.doubleclick.net 4 redirects googleads.g.doubleclick.net
fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com
79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com
21 cdn.taboola.com hellonewyork.xyz
cdn.taboola.com
19 securepubads.g.doubleclick.net tags.orquideassp.com
securepubads.g.doubleclick.net
hellonewyork.xyz
biggbos.live
13 googleads.g.doubleclick.net pagead2.googlesyndication.com
fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com
biggbos.live
googleads.g.doubleclick.net
9 sb.scorecardresearch.com 3 redirects cdn.taboola.com
hellonewyork.xyz
9 www.google.com 2 redirects 5f2eda5863d9461a244c21ad04e9945e.safeframe.googlesyndication.com
79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
8 trc.taboola.com cdn.taboola.com
hellonewyork.xyz
biggbos.live
8 fonts.gstatic.com fonts.googleapis.com
7 s0.2mdn.net biggbos.live
s0.2mdn.net
fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com
hellonewyork.xyz
6 tags.mathtag.com 79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tags.mathtag.com
6 rndhaunteran.com biggbos.live
rndhaunteran.com
6 fonts.googleapis.com biggbos.live
5f2eda5863d9461a244c21ad04e9945e.safeframe.googlesyndication.com
hellonewyork.xyz
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 www.googletagservices.com 5f2eda5863d9461a244c21ad04e9945e.safeframe.googlesyndication.com
79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com
googleads.g.doubleclick.net
fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com
5 adservice.google.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
5 adservice.google.fr securepubads.g.doubleclick.net
pagead2.googlesyndication.com
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 hal900025.redintelligence.net 1 redirects googleads.g.doubleclick.net
hal900025.redintelligence.net
4 hal90005.redintelligence.net 1 redirects 79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com
hal90005.redintelligence.net
4 ap.lijit.com 4 redirects
4 prowesshearing.com biggbos.live
hellonewyork.xyz
4 tags.orquideassp.com biggbos.live
hellonewyork.xyz
4 www.googletagmanager.com biggbos.live
hellonewyork.xyz
3 cds.taboola.com cdn.taboola.com
3 pips.taboola.com cdn.taboola.com
3 cdn.contentspread.net hal900025.redintelligence.net
hal90005.redintelligence.net
3 x.bidswitch.net 3 redirects
3 am-trc-events.taboola.com hellonewyork.xyz
biggbos.live
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 s-img.adskeeper.com biggbos.live
3 c.adskeeper.com jsc.adskeeper.com
3 www.gstatic.com 5f2eda5863d9461a244c21ad04e9945e.safeframe.googlesyndication.com
3 static.cdnativepush.com biggbos.live
3 patalogs.com prefleks.com
2 sync.tidaltv.com 2 redirects
2 c1.adform.net 2 redirects
2 pool.admedo.com 2 redirects
2 sync.mathtag.com 2 redirects
2 amplifon.demdex.net 1 redirects fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com
2 googleads4.g.doubleclick.net biggbos.live
2 ups.analytics.yahoo.com 2 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 pixel.mathtag.com tags.mathtag.com
2 hal9000.redintelligence.net biggbos.live
2 um.simpli.fi 2 redirects
2 pm.w55c.net 2 redirects
2 p4-atfgjzduejpb2-chhulcweoy55jjcb-if-v6exp3-v4.metric.gstatic.com googleads.g.doubleclick.net
p4-atfgjzduejpb2-chhulcweoy55jjcb-if-v6exp3-v4.metric.gstatic.com
2 79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 cm.adskeeper.com jsc.adskeeper.com
2 5f2eda5863d9461a244c21ad04e9945e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 jsc.adskeeper.com biggbos.live
jsc.adskeeper.com
2 vmuid.com biggbos.live
vmuid.com
1 ads.avads.net 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 sync.1rx.io 1 redirects
1 s.ad.smaato.net 1 redirects
1 pixel.rubiconproject.com 1 redirects
1 pixel.everesttech.net 1 redirects
1 sync.go.sonobi.com fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com
1 match.adsrvr.org fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com
1 sync-tm.everesttech.net 1 redirects
1 d5p.de17a.com googleads.g.doubleclick.net
1 r.turn.com googleads.g.doubleclick.net
1 ad.turn.com 1 redirects
1 69177f9f531aa1006a27a6b1cc644f57.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 servicer.adskeeper.com jsc.adskeeper.com
1 cdn.adskeeper.co.uk biggbos.live
1 my.rtmark.net rndhaunteran.com
1 zeroethgipsy.com biggbos.live
1 prefleks.com biggbos.live
0 ads.travelaudience.com Failed 79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com
508 79
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-01-06 -
2022-01-05		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
tags.orquideassp.com
Amazon		 2021-06-29 -
2022-07-28		 a year crt.sh
prefleks.com
R3		 2021-10-03 -
2022-01-01		 3 months crt.sh
prowesshearing.com
R3		 2021-09-26 -
2021-12-25		 3 months crt.sh
zeroethgipsy.com
R3		 2021-10-26 -
2022-01-24		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
rndhaunteran.com
R3		 2021-11-04 -
2022-02-02		 3 months crt.sh
patalogs.com
R3		 2021-10-03 -
2022-01-01		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.google.fr
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.rtmark.net
Sectigo RSA Domain Validation Secure Server CA		 2020-10-27 -
2021-11-26		 a year crt.sh
cdnativepush.com
R3		 2021-10-02 -
2021-12-31		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.mathtag.com
DigiCert SHA2 Secure Server CA		 2020-04-15 -
2022-04-22		 2 years crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.de17a.com
Sectigo ECC Domain Validation Secure Server CA		 2020-11-25 -
2021-12-25		 a year crt.sh
redintelligence.net
R3		 2021-10-21 -
2022-01-19		 3 months crt.sh
pixel.mathtag.com
DigiCert SHA2 Secure Server CA		 2021-06-29 -
2022-07-07		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
contentspread.net
R3		 2021-10-04 -
2022-01-02		 3 months crt.sh

This page contains 45 frames:

Primary Page: https://biggbos.live/
Frame ID: FFA86E9A0C6A4F32214FC620FF0762CB
Requests: 76 HTTP requests in this frame

Frame: https://hellonewyork.xyz/hats.php?utm_source=google&utm_medium=Organic&utm_campaign=remarketing&utm_term=starcush
Frame ID: 358F533CD2A069BCDA6C6A0D2E1F6BB8
Requests: 1 HTTP requests in this frame

Frame: https://hellonewyork.xyz/ad2.php?utm_source=google&utm_medium=Organic&utm_campaign=remarketing&utm_term=starcush+latest+apps+news
Frame ID: A8DA85B3E9C898A96EF580DBD4516E56
Requests: 1 HTTP requests in this frame

Frame: https://hellonewyork.xyz/hats.php?utm_source=google&utm_medium=Organic&utm_campaign=remarketing&utm_term=starcush
Frame ID: C1305E44EA163D32417024F000085F5D
Requests: 1 HTTP requests in this frame

Frame: https://5f2eda5863d9461a244c21ad04e9945e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A7EF61908D90B50EC78C08A3A217E6A7
Requests: 1 HTTP requests in this frame

Frame: https://hellonewyork.xyz/nine-weight-loss-mistakes/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Frame ID: 2AF5116E001852D8DD20585B0DCDC5DB
Requests: 103 HTTP requests in this frame

Frame: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Frame ID: 2BC7C3128D8038096079E2B8C0E6429D
Requests: 84 HTTP requests in this frame

Frame: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Frame ID: A97EFDC7D2DB87D8999069F95B2B29C7
Requests: 80 HTTP requests in this frame

Frame: https://5f2eda5863d9461a244c21ad04e9945e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A07282BDD1C6812E104A7A80BE5288C3
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 9A6B2132F21122E7A255AA485C5C8C83
Requests: 8 HTTP requests in this frame

Frame: https://cm.adskeeper.com/i-noref.js?cbuster=1636970261758425642261
Frame ID: C5591EB69118F7225973FE8B3491AED8
Requests: 1 HTTP requests in this frame

Frame: https://fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: D76B667DBEFBF9B0E2E66BF302151FC0
Requests: 1 HTTP requests in this frame

Frame: https://79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: EC45909CACA2FF62AA2EFDA00526A4C7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20190131/zrt_lookup.html
Frame ID: 6F71E807BD3B81EF6C44A3B4531104CF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=50&slotname=www.hellonewyork.xyz&adk=3010877171&adf=3552636263&pi=t.ma~as.www.hellonewyork.xyz&w=320&lmt=1636970262&url=https%3A%2F%2Fhellonewyork.xyz%2Fthe-health-benefits-of-tea-and-coffee%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636970262088&bpp=20&bdt=399&idt=324&shv=r20211109&mjsv=m202111080101&ptt=5&saldr=sa&correlator=8707385499887&frm=22&ife=1&pv=2&ga_vid=1554387818.1636970262&ga_sid=1636970262&ga_hid=1997930561&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=306&ish=432&ifk=2354337978&scr_x=-12245933&scr_y=-12245933&eid=21066429&oid=2&pvsid=4162867029326899&pem=594&tmod=1125090641&top=https%3A%2F%2Fbiggbos.live%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C306%2C432&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.fj1c0kcayvs0&fsb=1&xpc=A43YqvkZBJ&p=https%3A//hellonewyork.xyz&dtd=337
Frame ID: 355A2B9285D81E8A2364F6C777FA5CA9
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=50&slotname=www.hellonewyork.xyz&adk=3010877171&adf=3552636260&pi=t.ma~as.www.hellonewyork.xyz&w=320&lmt=1636970262&url=https%3A%2F%2Fhellonewyork.xyz%2Fnine-weight-loss-mistakes%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636970262130&bpp=16&bdt=429&idt=324&shv=r20211109&mjsv=m202111080101&ptt=5&saldr=sa&correlator=3315091412403&frm=22&ife=1&pv=2&ga_vid=995182780.1636970262&ga_sid=1636970262&ga_hid=264937165&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=303&ish=385&ifk=3020273950&scr_x=-12245933&scr_y=-12245933&eid=31063685&oid=2&pvsid=224540066830682&pem=594&tmod=387639656&top=https%3A%2F%2Fbiggbos.live%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C303%2C385&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7dkcuzndbxa2&fsb=1&xpc=KmroDWfNV0&p=https%3A//hellonewyork.xyz&dtd=338
Frame ID: 3449A2B3F751A3F3A10AE6CFDB1AC8E1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4160146996525608&output=html&adk=3046330955&adf=1929293502&plat=1%3A16843264%2C2%3A66048%2C3%3A32%2C4%3A32%2C8%3A66048%2C9%3A66048%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fhellonewyork.xyz%2Fhats.php%3Futm_source%3Dgoogle%26utm_medium%3DOrganic%26utm_campaign%3Dremarketing%26utm_term%3Dstarcush&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636970262379&bpp=1&bdt=690&idt=111&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&prev_slotnames=www.hellonewyork.xyz&nras=1&correlator=8707385499887&frm=24&ife=1&pv=2&ga_vid=1554387818.1636970262&ga_sid=1636970262&ga_hid=1997930561&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=306&ish=432&ifk=2354337978&scr_x=-12245933&scr_y=-12245933&eid=21066429&oid=2&pvsid=4162867029326899&pem=594&tmod=1125090641&top=https%3A%2F%2Fbiggbos.live%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C306%2C432&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=3&uci=3.vp9dcudlyu16&fsb=1&dtd=119
Frame ID: FEB9586C70A0EB3333B3EF62A9C145CB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4160146996525608&output=html&adk=3046330955&adf=1929293503&plat=1%3A16843264%2C2%3A66048%2C3%3A32%2C4%3A32%2C8%3A66048%2C9%3A66048%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fhellonewyork.xyz%2Fad2.php%3Futm_source%3Dgoogle%26utm_medium%3DOrganic%26utm_campaign%3Dremarketing%26utm_term%3Dstarcush%2Blatest%2Bapps%2Bnews&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636970262445&bpp=2&bdt=744&idt=55&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&prev_slotnames=www.hellonewyork.xyz&nras=1&correlator=3315091412403&frm=24&ife=1&pv=2&ga_vid=995182780.1636970262&ga_sid=1636970262&ga_hid=264937165&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=303&ish=385&ifk=3020273950&scr_x=-12245933&scr_y=-12245933&eid=31063685&oid=2&pvsid=224540066830682&pem=594&tmod=387639656&top=https%3A%2F%2Fbiggbos.live%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C303%2C385&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=2&uci=2.f53hdom5m2j3&fsb=1&dtd=70
Frame ID: 8CA8F88619E458BADB8DD47889565F86
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=50&slotname=www.hellonewyork.xyz&adk=3010877171&adf=3552636261&pi=t.ma~as.www.hellonewyork.xyz&w=320&lmt=1636970262&url=https%3A%2F%2Fhellonewyork.xyz%2Fthe-health-benefits-of-tea-and-coffee%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636970262164&bpp=11&bdt=448&idt=380&shv=r20211109&mjsv=m202111080101&ptt=5&saldr=sa&correlator=3004978434039&frm=22&ife=1&pv=2&ga_vid=1843449854.1636970262&ga_sid=1636970262&ga_hid=1155179708&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=306&ish=432&ifk=2354337978&scr_x=-12245933&scr_y=-12245933&oid=2&pvsid=784279982248323&pem=594&tmod=1961044485&top=https%3A%2F%2Fbiggbos.live%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C306%2C432&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cp1ytyh3ieht&fsb=1&xpc=Uca5JMde6z&p=https%3A//hellonewyork.xyz&dtd=394
Frame ID: EAC2386423824A58210EF5F9033CBEF3
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4160146996525608&output=html&adk=3046330955&adf=1929293632&plat=1%3A16843264%2C2%3A66048%2C3%3A32%2C4%3A32%2C8%3A66048%2C9%3A66048%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fhellonewyork.xyz%2Fhats.php%3Futm_source%3Dgoogle%26utm_medium%3DOrganic%26utm_campaign%3Dremarketing%26utm_term%3Dstarcush&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636970262401&bpp=2&bdt=685&idt=189&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&prev_slotnames=www.hellonewyork.xyz&nras=1&correlator=3004978434039&frm=24&ife=1&pv=2&ga_vid=1843449854.1636970262&ga_sid=1636970262&ga_hid=1155179708&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=306&ish=432&ifk=2354337978&scr_x=-12245933&scr_y=-12245933&oid=2&pvsid=784279982248323&pem=594&tmod=1961044485&top=https%3A%2F%2Fbiggbos.live%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C306%2C432&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=3&uci=3.8b3v4kchsnl7&fsb=1&dtd=200
Frame ID: FB3DE74870E8FF7D2E3CF38E3993A52F
Requests: 1 HTTP requests in this frame

Frame: https://79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 4D0982E43A0FC7B3492B6380181F6691
Requests: 14 HTTP requests in this frame

Frame: https://fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: FAF405FCEFA867BB8DA290A4D9461425
Requests: 14 HTTP requests in this frame

Frame: https://69177f9f531aa1006a27a6b1cc644f57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 84E4A5FD4F5758E465FA11ECCF76CF36
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNSVcxDwz3UYv-CctAEwAQ&v=APEucNUqFAeG6wbDtxKzQBXjYNnzkUTISAwGbUxqAIB-hX9vulu6RYTxmzR4b2Br4tY72xhAnpqlCbrtPTFT38EHF4nFBpM0cb0b3aJRTgAFd7wNHCEbwlSc7KJHTNetWFmEsy5XllGwINNuvxNaclYiIl_U8yhB4Si0J5tIbrTxy1PryOfWXpY
Frame ID: AD14ABA89224AF79B78C549233176D4E
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 4D0E036A92FAFDE609FBA471792C7911
Requests: 2 HTTP requests in this frame

Frame: https://p4-atfgjzduejpb2-chhulcweoy55jjcb-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 74EB6DA786892EF961434F34D770356B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FCB983E08CEF9E23E124FE553A271DD9
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6761FBB68BF7CEA446F2ECA85CFEFD21
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 538D42ED00FB070B3652771867DBC1D0
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8998710015823275372/index.html
Frame ID: 0621C65829A78802DBF1845FE15D00D0
Requests: 6 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs
Frame ID: 1574CC1A552004D3D3DE478229CE2572
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 19DA34DB837034EAADCE715F718D71F4
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7CF18E9137EB682562ACFC6BEDD74FF9
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js
Frame ID: BBF3C630B2AD1E4A742695A7070486B9
Requests: 1 HTTP requests in this frame

Frame: https://hal900025.redintelligence.net/request_content.php?s=56767000062595500973112011779025&a=ff7a2b3f
Frame ID: A64770CBCD1D233A12D627AAA75EEAF1
Requests: 4 HTTP requests in this frame

Frame: https://hal90005.redintelligence.net/request_content.php?s=36608600067570300973098011779005&a=4d4ae97d
Frame ID: 67A9CBC05693F7F0E330320AAE715E4A
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9EB8C227A6B1FAD95BCF1A6186043BDB
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AD8E3F4C53F513AFF81E90050B26EEAB
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: F53B2CF706EA9B60BB778C828B49EA1C
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7A2059E606B13B87281BF7FAC863A8D2
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 42A2FEE9E1B3E88387177C72A5D501B7
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 67840F63DD3368F81C28CDDF27276CD7
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: CFEF81BC0CC92B1C7F21305E931F0832
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6AE7C03CCDDF99E831C34B5D585A6D20
Requests: 2 HTTP requests in this frame

Frame: https://static.cdnativepush.com/contents/s/b7/03/48/610dd9904996ce353cefbd6227/0906776135698.png
Frame ID: 60E4ADDBB7CBBCC8005E845BD10B6494
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bigg Boss 15 Colors Tv Show Watch Full Video Episodes Online

Page URL History Show full URLs

  1. http://biggbos.live/ HTTP 301
    https://biggbos.live/ Page URL

Page Statistics

508
Requests

93 %
HTTPS

36 %
IPv6

52
Domains

79
Subdomains

50
IPs

9
Countries

6380 kB
Transfer

14417 kB
Size

53
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://biggbos.live/ HTTP 301
    https://biggbos.live/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 210
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1636970262751&ns_c=UTF-8&ns_if=1&cv=3.5&c8=The%20health%20benefits%20of%20tea%20and%20coffee%20-%20HelloNewyork&c7=https%3A%2F%2Fhellonewyork.xyz%2Fthe-health-benefits-of-tea-and-coffee%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&c9=https%3A%2F%2Fhellonewyork.xyz%2Fhats.php%3Futm_source%3Dgoogle%26utm_medium%3DOrganic%26utm_campaign%3Dremarketing%26utm_term%3Dstarcush HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1636970262751&ns_c=UTF-8&ns_if=1&cv=3.5&c8=The%20health%20benefits%20of%20tea%20and%20coffee%20-%20HelloNewyork&c7=https%3A%2F%2Fhellonewyork.xyz%2Fthe-health-benefits-of-tea-and-coffee%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&c9=https%3A%2F%2Fhellonewyork.xyz%2Fhats.php%3Futm_source%3Dgoogle%26utm_medium%3DOrganic%26utm_campaign%3Dremarketing%26utm_term%3Dstarcush
Request Chain 211
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1636970262752&ns_c=UTF-8&ns_if=1&cv=3.5&c8=The%20health%20benefits%20of%20tea%20and%20coffee%20-%20HelloNewyork&c7=https%3A%2F%2Fhellonewyork.xyz%2Fthe-health-benefits-of-tea-and-coffee%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&c9=https%3A%2F%2Fhellonewyork.xyz%2Fhats.php%3Futm_source%3Dgoogle%26utm_medium%3DOrganic%26utm_campaign%3Dremarketing%26utm_term%3Dstarcush HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1636970262752&ns_c=UTF-8&ns_if=1&cv=3.5&c8=The%20health%20benefits%20of%20tea%20and%20coffee%20-%20HelloNewyork&c7=https%3A%2F%2Fhellonewyork.xyz%2Fthe-health-benefits-of-tea-and-coffee%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&c9=https%3A%2F%2Fhellonewyork.xyz%2Fhats.php%3Futm_source%3Dgoogle%26utm_medium%3DOrganic%26utm_campaign%3Dremarketing%26utm_term%3Dstarcush
Request Chain 212
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1636970262753&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Nine%20weight%20loss%20mistakes%20-%20HelloNewyork&c7=https%3A%2F%2Fhellonewyork.xyz%2Fnine-weight-loss-mistakes%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&c9=https%3A%2F%2Fhellonewyork.xyz%2Fad2.php%3Futm_source%3Dgoogle%26utm_medium%3DOrganic%26utm_campaign%3Dremarketing%26utm_term%3Dstarcush%2Blatest%2Bapps%2Bnews HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1636970262753&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Nine%20weight%20loss%20mistakes%20-%20HelloNewyork&c7=https%3A%2F%2Fhellonewyork.xyz%2Fnine-weight-loss-mistakes%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&c9=https%3A%2F%2Fhellonewyork.xyz%2Fad2.php%3Futm_source%3Dgoogle%26utm_medium%3DOrganic%26utm_campaign%3Dremarketing%26utm_term%3Dstarcush%2Blatest%2Bapps%2Bnews
Request Chain 245
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO7JFBhqd-lsgJTEwNT35vk&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO7JFBhqd-lsgJTEwNT35vk&google_cver=1&C=1
Request Chain 246
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZIvFvPOIpWQV7zE66BtSAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPK6vcv2XfwKgw_-g9nfScg&google_cver=1
Request Chain 247
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEC3GGL2M6rfo4TFtr7ui5r8&google_cver=1
Request Chain 248
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkwNjc3NDE5MDQzOTQ2MzYwOQ%3D%3D
Request Chain 253
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEN0MsgxIO6KgwC2rsQJf4BE&google_cver=1&google_push=AYg5qPJbkx7MJlXEKFuCHzTTV9RzngyEHDvFbERjUs0cLRtkvB4xz3cvx1dBrgwtFsT2T3lTqQg_DNg7MZBKOGdThbTAfC9AfPAq HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODgxODc3NjE4NTQxMzEyNzcyNw==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFbTTm1ILqqkiwn1T8S_I1g&google_cver=1
Request Chain 254
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDuYrYxBOepxLgjYmcZba3w&google_cver=1&google_push=AYg5qPILJ7Ey-ozezR10VjVuWK6nxmrrzG_YlmSMaS7FnAU0qwOlG04dOBWi7Osf5ql37RTvj8UDE-ynYSfsBpPgSlXKhftwhdUC HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDuYrYxBOepxLgjYmcZba3w&google_cver=1&google_push=AYg5qPILJ7Ey-ozezR10VjVuWK6nxmrrzG_YlmSMaS7FnAU0qwOlG04dOBWi7Osf5ql37RTvj8UDE-ynYSfsBpPgSlXKhftwhdUC HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MlNzT2txdXMxTU15S2I1&google_gid=CAESEDuYrYxBOepxLgjYmcZba3w&google_cver=1&google_push=AYg5qPILJ7Ey-ozezR10VjVuWK6nxmrrzG_YlmSMaS7FnAU0qwOlG04dOBWi7Osf5ql37RTvj8UDE-ynYSfsBpPgSlXKhftwhdUC
Request Chain 255
  • https://um.simpli.fi/gp_match?google_gid=CAESED1kpOUECYFCcg_rou-GD4s&google_cver=1&google_push=AYg5qPJcpCawb4oI5waPr8e9Ve0uw9BPCFCcDrb-zefWpfjk-3s6KCaaWQfMgD-CCcAoJWMDo3CUQvE2WFBbp7_rz7xrm26a0DU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F8E22F2882BA4B809AC6435785194E97&google_push=AYg5qPJcpCawb4oI5waPr8e9Ve0uw9BPCFCcDrb-zefWpfjk-3s6KCaaWQfMgD-CCcAoJWMDo3CUQvE2WFBbp7_rz7xrm26a0DU
Request Chain 257
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEH4VfR_dcEzG5kQYvc6P3co&google_cver=1&google_push=AYg5qPLexGEQ_hZ1eL_QkcYK728ziTUTu6eUA5geeuDuBb4kcsLP-dpF-vJrAAQF7_HgDg9PzMFjj2w9V193UIQhzCPXZrx5EWdE HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEH4VfR_dcEzG5kQYvc6P3co&google_push=AYg5qPLexGEQ_hZ1eL_QkcYK728ziTUTu6eUA5geeuDuBb4kcsLP-dpF-vJrAAQF7_HgDg9PzMFjj2w9V193UIQhzCPXZrx5EWdE&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZIvF62JHoSTdaj29yaqRgAABH4AAAAB&google_gid=CAESEH4VfR_dcEzG5kQYvc6P3co&google_push=AYg5qPLexGEQ_hZ1eL_QkcYK728ziTUTu6eUA5geeuDuBb4kcsLP-dpF-vJrAAQF7_HgDg9PzMFjj2w9V193UIQhzCPXZrx5EWdE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZIvF62JHoSTdaj29yaqRgAABH4AAAAB&google_gid=CAESEH4VfR_dcEzG5kQYvc6P3co&google_push=AYg5qPLexGEQ_hZ1eL_QkcYK728ziTUTu6eUA5geeuDuBb4kcsLP-dpF-vJrAAQF7_HgDg9PzMFjj2w9V193UIQhzCPXZrx5EWdE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZIvF62JHoSTdaj29yaqRgAABH4AAAAB&google_gid=CAESEH4VfR_dcEzG5kQYvc6P3co&google_push=AYg5qPLexGEQ_hZ1eL_QkcYK728ziTUTu6eUA5geeuDuBb4kcsLP-dpF-vJrAAQF7_HgDg9PzMFjj2w9V193UIQhzCPXZrx5EWdE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZIvF62JHoSTdaj29yaqRgAABH4AAAAB&google_gid=CAESEH4VfR_dcEzG5kQYvc6P3co&google_push=AYg5qPLexGEQ_hZ1eL_QkcYK728ziTUTu6eUA5geeuDuBb4kcsLP-dpF-vJrAAQF7_HgDg9PzMFjj2w9V193UIQhzCPXZrx5EWdE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZIvF62JHoSTdaj29yaqRgAABH4AAAAB&google_gid=CAESEH4VfR_dcEzG5kQYvc6P3co&google_push=AYg5qPLexGEQ_hZ1eL_QkcYK728ziTUTu6eUA5geeuDuBb4kcsLP-dpF-vJrAAQF7_HgDg9PzMFjj2w9V193UIQhzCPXZrx5EWdE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZIvF62JHoSTdaj29yaqRgAABH4AAAAB&google_gid=CAESEH4VfR_dcEzG5kQYvc6P3co&google_push=AYg5qPLexGEQ_hZ1eL_QkcYK728ziTUTu6eUA5geeuDuBb4kcsLP-dpF-vJrAAQF7_HgDg9PzMFjj2w9V193UIQhzCPXZrx5EWdE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZIvF62JHoSTdaj29yaqRgAABH4AAAAB&google_gid=CAESEH4VfR_dcEzG5kQYvc6P3co&google_push=AYg5qPLexGEQ_hZ1eL_QkcYK728ziTUTu6eUA5geeuDuBb4kcsLP-dpF-vJrAAQF7_HgDg9PzMFjj2w9V193UIQhzCPXZrx5EWdE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZIvF62JHoSTdaj29yaqRgAABH4AAAAB&google_gid=CAESEH4VfR_dcEzG5kQYvc6P3co&google_push=AYg5qPLexGEQ_hZ1eL_QkcYK728ziTUTu6eUA5geeuDuBb4kcsLP-dpF-vJrAAQF7_HgDg9PzMFjj2w9V193UIQhzCPXZrx5EWdE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZIvF62JHoSTdaj29yaqRgAABH4AAAAB&google_gid=CAESEH4VfR_dcEzG5kQYvc6P3co&google_push=AYg5qPLexGEQ_hZ1eL_QkcYK728ziTUTu6eUA5geeuDuBb4kcsLP-dpF-vJrAAQF7_HgDg9PzMFjj2w9V193UIQhzCPXZrx5EWdE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZIvF62JHoSTdaj29yaqRgAABH4AAAAB&google_gid=CAESEH4VfR_dcEzG5kQYvc6P3co&google_push=AYg5qPLexGEQ_hZ1eL_QkcYK728ziTUTu6eUA5geeuDuBb4kcsLP-dpF-vJrAAQF7_HgDg9PzMFjj2w9V193UIQhzCPXZrx5EWdE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZIvF62JHoSTdaj29yaqRgAABH4AAAAB&google_gid=CAESEH4VfR_dcEzG5kQYvc6P3co&google_push=AYg5qPLexGEQ_hZ1eL_QkcYK728ziTUTu6eUA5geeuDuBb4kcsLP-dpF-vJrAAQF7_HgDg9PzMFjj2w9V193UIQhzCPXZrx5EWdE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZIvF62JHoSTdaj29yaqRgAABH4AAAAB&google_gid=CAESEH4VfR_dcEzG5kQYvc6P3co&google_push=AYg5qPLexGEQ_hZ1eL_QkcYK728ziTUTu6eUA5geeuDuBb4kcsLP-dpF-vJrAAQF7_HgDg9PzMFjj2w9V193UIQhzCPXZrx5EWdE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZIvF62JHoSTdaj29yaqRgAABH4AAAAB&google_gid=CAESEH4VfR_dcEzG5kQYvc6P3co&google_push=AYg5qPLexGEQ_hZ1eL_QkcYK728ziTUTu6eUA5geeuDuBb4kcsLP-dpF-vJrAAQF7_HgDg9PzMFjj2w9V193UIQhzCPXZrx5EWdE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZIvF62JHoSTdaj29yaqRgAABH4AAAAB&google_gid=CAESEH4VfR_dcEzG5kQYvc6P3co&google_push=AYg5qPLexGEQ_hZ1eL_QkcYK728ziTUTu6eUA5geeuDuBb4kcsLP-dpF-vJrAAQF7_HgDg9PzMFjj2w9V193UIQhzCPXZrx5EWdE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZIvF62JHoSTdaj29yaqRgAABH4AAAAB&google_gid=CAESEH4VfR_dcEzG5kQYvc6P3co&google_push=AYg5qPLexGEQ_hZ1eL_QkcYK728ziTUTu6eUA5geeuDuBb4kcsLP-dpF-vJrAAQF7_HgDg9PzMFjj2w9V193UIQhzCPXZrx5EWdE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZIvF62JHoSTdaj29yaqRgAABH4AAAAB&google_gid=CAESEH4VfR_dcEzG5kQYvc6P3co&google_push=AYg5qPLexGEQ_hZ1eL_QkcYK728ziTUTu6eUA5geeuDuBb4kcsLP-dpF-vJrAAQF7_HgDg9PzMFjj2w9V193UIQhzCPXZrx5EWdE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZIvF62JHoSTdaj29yaqRgAABH4AAAAB&google_gid=CAESEH4VfR_dcEzG5kQYvc6P3co&google_push=AYg5qPLexGEQ_hZ1eL_QkcYK728ziTUTu6eUA5geeuDuBb4kcsLP-dpF-vJrAAQF7_HgDg9PzMFjj2w9V193UIQhzCPXZrx5EWdE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZIvF62JHoSTdaj29yaqRgAABH4AAAAB&google_gid=CAESEH4VfR_dcEzG5kQYvc6P3co&google_push=AYg5qPLexGEQ_hZ1eL_QkcYK728ziTUTu6eUA5geeuDuBb4kcsLP-dpF-vJrAAQF7_HgDg9PzMFjj2w9V193UIQhzCPXZrx5EWdE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZIvF62JHoSTdaj29yaqRgAABH4AAAAB&google_gid=CAESEH4VfR_dcEzG5kQYvc6P3co&google_push=AYg5qPLexGEQ_hZ1eL_QkcYK728ziTUTu6eUA5geeuDuBb4kcsLP-dpF-vJrAAQF7_HgDg9PzMFjj2w9V193UIQhzCPXZrx5EWdE&google_cver=1
Request Chain 258
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEM6Nq2pyWy5PkopXElLz0h0&google_cver=1&google_push=AYg5qPKlJj0N5T4gvy25XrBsA8vRPQiRhM6-87BzIP46wcOCvyfoWmCs1Go3EofWTdnwx95ijonO2lEtKVhvPKURQp3xyi63SA0 HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEM6Nq2pyWy5PkopXElLz0h0&google_cver=1&google_push=AYg5qPKlJj0N5T4gvy25XrBsA8vRPQiRhM6-87BzIP46wcOCvyfoWmCs1Go3EofWTdnwx95ijonO2lEtKVhvPKURQp3xyi63SA0&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKlJj0N5T4gvy25XrBsA8vRPQiRhM6-87BzIP46wcOCvyfoWmCs1Go3EofWTdnwx95ijonO2lEtKVhvPKURQp3xyi63SA0&google_hm=a3a62a171d0dd4f542089e8f
Request Chain 259
  • https://match.360yield.com/match/ebda?google_gid=CAESEEY568-apsfxUYMEcOH2TOw&google_cver=1&google_push=AYg5qPK1-U6tCEMUoG8-6fJykXIYDZO9SWdsBUAkU0AAkRTtbReHxyn2DWNUNLYrZdDIfYE85FHA9V4gfEnCDyDiscDvJenjjKI HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEEY568-apsfxUYMEcOH2TOw&google_cver=1&google_push=AYg5qPK1-U6tCEMUoG8-6fJykXIYDZO9SWdsBUAkU0AAkRTtbReHxyn2DWNUNLYrZdDIfYE85FHA9V4gfEnCDyDiscDvJenjjKI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=lD81222pSZeECg1a4i7tGg&google_push=AYg5qPK1-U6tCEMUoG8-6fJykXIYDZO9SWdsBUAkU0AAkRTtbReHxyn2DWNUNLYrZdDIfYE85FHA9V4gfEnCDyDiscDvJenjjKI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=lD81222pSZeECg1a4i7tGg&google_push=AYg5qPK1-U6tCEMUoG8-6fJykXIYDZO9SWdsBUAkU0AAkRTtbReHxyn2DWNUNLYrZdDIfYE85FHA9V4gfEnCDyDiscDvJenjjKI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=lD81222pSZeECg1a4i7tGg&google_push=AYg5qPK1-U6tCEMUoG8-6fJykXIYDZO9SWdsBUAkU0AAkRTtbReHxyn2DWNUNLYrZdDIfYE85FHA9V4gfEnCDyDiscDvJenjjKI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=lD81222pSZeECg1a4i7tGg&google_push=AYg5qPK1-U6tCEMUoG8-6fJykXIYDZO9SWdsBUAkU0AAkRTtbReHxyn2DWNUNLYrZdDIfYE85FHA9V4gfEnCDyDiscDvJenjjKI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=lD81222pSZeECg1a4i7tGg&google_push=AYg5qPK1-U6tCEMUoG8-6fJykXIYDZO9SWdsBUAkU0AAkRTtbReHxyn2DWNUNLYrZdDIfYE85FHA9V4gfEnCDyDiscDvJenjjKI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=lD81222pSZeECg1a4i7tGg&google_push=AYg5qPK1-U6tCEMUoG8-6fJykXIYDZO9SWdsBUAkU0AAkRTtbReHxyn2DWNUNLYrZdDIfYE85FHA9V4gfEnCDyDiscDvJenjjKI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=lD81222pSZeECg1a4i7tGg&google_push=AYg5qPK1-U6tCEMUoG8-6fJykXIYDZO9SWdsBUAkU0AAkRTtbReHxyn2DWNUNLYrZdDIfYE85FHA9V4gfEnCDyDiscDvJenjjKI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=lD81222pSZeECg1a4i7tGg&google_push=AYg5qPK1-U6tCEMUoG8-6fJykXIYDZO9SWdsBUAkU0AAkRTtbReHxyn2DWNUNLYrZdDIfYE85FHA9V4gfEnCDyDiscDvJenjjKI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=lD81222pSZeECg1a4i7tGg&google_push=AYg5qPK1-U6tCEMUoG8-6fJykXIYDZO9SWdsBUAkU0AAkRTtbReHxyn2DWNUNLYrZdDIfYE85FHA9V4gfEnCDyDiscDvJenjjKI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=lD81222pSZeECg1a4i7tGg&google_push=AYg5qPK1-U6tCEMUoG8-6fJykXIYDZO9SWdsBUAkU0AAkRTtbReHxyn2DWNUNLYrZdDIfYE85FHA9V4gfEnCDyDiscDvJenjjKI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=lD81222pSZeECg1a4i7tGg&google_push=AYg5qPK1-U6tCEMUoG8-6fJykXIYDZO9SWdsBUAkU0AAkRTtbReHxyn2DWNUNLYrZdDIfYE85FHA9V4gfEnCDyDiscDvJenjjKI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=lD81222pSZeECg1a4i7tGg&google_push=AYg5qPK1-U6tCEMUoG8-6fJykXIYDZO9SWdsBUAkU0AAkRTtbReHxyn2DWNUNLYrZdDIfYE85FHA9V4gfEnCDyDiscDvJenjjKI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=lD81222pSZeECg1a4i7tGg&google_push=AYg5qPK1-U6tCEMUoG8-6fJykXIYDZO9SWdsBUAkU0AAkRTtbReHxyn2DWNUNLYrZdDIfYE85FHA9V4gfEnCDyDiscDvJenjjKI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=lD81222pSZeECg1a4i7tGg&google_push=AYg5qPK1-U6tCEMUoG8-6fJykXIYDZO9SWdsBUAkU0AAkRTtbReHxyn2DWNUNLYrZdDIfYE85FHA9V4gfEnCDyDiscDvJenjjKI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=lD81222pSZeECg1a4i7tGg&google_push=AYg5qPK1-U6tCEMUoG8-6fJykXIYDZO9SWdsBUAkU0AAkRTtbReHxyn2DWNUNLYrZdDIfYE85FHA9V4gfEnCDyDiscDvJenjjKI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=lD81222pSZeECg1a4i7tGg&google_push=AYg5qPK1-U6tCEMUoG8-6fJykXIYDZO9SWdsBUAkU0AAkRTtbReHxyn2DWNUNLYrZdDIfYE85FHA9V4gfEnCDyDiscDvJenjjKI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=lD81222pSZeECg1a4i7tGg&google_push=AYg5qPK1-U6tCEMUoG8-6fJykXIYDZO9SWdsBUAkU0AAkRTtbReHxyn2DWNUNLYrZdDIfYE85FHA9V4gfEnCDyDiscDvJenjjKI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=lD81222pSZeECg1a4i7tGg&google_push=AYg5qPK1-U6tCEMUoG8-6fJykXIYDZO9SWdsBUAkU0AAkRTtbReHxyn2DWNUNLYrZdDIfYE85FHA9V4gfEnCDyDiscDvJenjjKI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=lD81222pSZeECg1a4i7tGg&google_push=AYg5qPK1-U6tCEMUoG8-6fJykXIYDZO9SWdsBUAkU0AAkRTtbReHxyn2DWNUNLYrZdDIfYE85FHA9V4gfEnCDyDiscDvJenjjKI
Request Chain 261
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 276
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEO_OREPGoF8psTCfPaeDzM8&google_cver=1&google_push=AYg5qPKcVssiMRtzvveJ3CmQY4AG11mNaoUsUHe69ivaLpE0h_IRGRwbzhpLR2i7D0uvi_ejZ4403B0If3KCQW-5GQF0EtAooXgu HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEO_OREPGoF8psTCfPaeDzM8&google_push=AYg5qPKcVssiMRtzvveJ3CmQY4AG11mNaoUsUHe69ivaLpE0h_IRGRwbzhpLR2i7D0uvi_ejZ4403B0If3KCQW-5GQF0EtAooXgu
Request Chain 277
  • https://um.simpli.fi/gp_match?google_gid=CAESEL_3KY2FQ1VcOJwP1KLTq8M&google_cver=1&google_push=AYg5qPLLblAGWn81TRJRz8N9gNiL6tau88Xs5Y9w4WpTYIqWXMXOvIvHCYFgPUkwIaAJss50DTadjl8WuQDnuh2HKUPz51l3Ssh6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E2DB430CE61346E690F549582784D71A&google_push=AYg5qPLLblAGWn81TRJRz8N9gNiL6tau88Xs5Y9w4WpTYIqWXMXOvIvHCYFgPUkwIaAJss50DTadjl8WuQDnuh2HKUPz51l3Ssh6
Request Chain 279
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEB3X2jAxjx0gp3TTROmaEVA&google_cver=1&google_push=AYg5qPKNLxMrP3mmDMgcw4fuhrdos7C4gsK7HKNVz4ljKLn2q8F1Ut-FStj8AOg30KdquvU6Txynk0ba36wxNcy8QyVwM42peIU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAzMDczMzc0NDExMjkyNDgyNw%3D%3D&google_push=AYg5qPKNLxMrP3mmDMgcw4fuhrdos7C4gsK7HKNVz4ljKLn2q8F1Ut-FStj8AOg30KdquvU6Txynk0ba36wxNcy8QyVwM42peIU
Request Chain 281
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIWsT42MlnTlQ4lrGW2BIOs&google_cver=1&google_push=AYg5qPIEkoF-cEB7AIh9eRqE5qmnYKpFmHbmTIp9WoRTs0vl5_LPLgdVBrawXa9Fim7D8FYWrQO8F70bhqrhNjjgffy47iT6MsiR HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIWsT42MlnTlQ4lrGW2BIOs&google_cver=1&google_push=AYg5qPIEkoF-cEB7AIh9eRqE5qmnYKpFmHbmTIp9WoRTs0vl5_LPLgdVBrawXa9Fim7D8FYWrQO8F70bhqrhNjjgffy47iT6MsiR&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIEkoF-cEB7AIh9eRqE5qmnYKpFmHbmTIp9WoRTs0vl5_LPLgdVBrawXa9Fim7D8FYWrQO8F70bhqrhNjjgffy47iT6MsiR&google_hm=a3a62a171d0dd4f542089e8f
Request Chain 282
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEANQYyV7immIZPnVUJ_s8ro&google_cver=1&google_push=AYg5qPJTuXtPwRjcohIZ2SX-gZ4nhNHK5b0eoW9OW-0sp5b0edLhgG0dM5Fg1q14E03axcCsx9z4EPFGSObdsQ_S-2ljttALretbtA HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEANQYyV7immIZPnVUJ_s8ro&google_cver=1&google_push=AYg5qPJTuXtPwRjcohIZ2SX-gZ4nhNHK5b0eoW9OW-0sp5b0edLhgG0dM5Fg1q14E03axcCsx9z4EPFGSObdsQ_S-2ljttALretbtA&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1VNHIxb0lKRTJ1RUtoTWJkRVdGVHgzbEFNMGRRYUhzNn5B&google_push=AYg5qPJTuXtPwRjcohIZ2SX-gZ4nhNHK5b0eoW9OW-0sp5b0edLhgG0dM5Fg1q14E03axcCsx9z4EPFGSObdsQ_S-2ljttALretbtA
Request Chain 286
  • https://amplifon.demdex.net/event?d_event=imp&d_src=147961&d_site=4222085&d_creative=157529570&&d_placement=313787404&d_campaign=157529570&d_bust=2767105234 HTTP 302
  • https://amplifon.demdex.net/firstevent?d_event=imp&d_src=147961&d_site=4222085&d_creative=157529570&&d_placement=313787404&d_campaign=157529570&d_bust=2767105234
Request Chain 298
  • https://hal90005.redintelligence.net/request.php?zone=dexpma8tj0av&nw=20&renderingType=javascript&namespace=1e90be5548&subid=&uid=939caf056f0a7004&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7373786865798782585%26mt_id%3D6686398%26mt_adid%3D216536%26mt_sid%3D4637209%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D9d236192-2f16-4801-9979-7c58e18d5ae1%26mt_cid%3D9d236192-2f16-4801-9979-7c58e18d5ae1%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCuWaIFi-SYeyBGYX2gAfk6YGYAc-HjptcwIbZgsYCwI23ARABIABg-4GAgIgKggEXY2EtcHViLTg4MDQzMDM3ODE2NDE5MjXIAQngAgCoAwGqBL0CT9Cr3x5ucjVIhEOpYweMo_nj88wPYb1nJVkoSLg-dY2svbDTmeJnYqgigXFqKe9BMK0Fx1ZqyOpUnIIdmr0f2tiAeSVFK-OS48dnoS9hquSsLVZiLV9TfKjDj8M3YXC0_7iOhBZQct21itVXtvcVr5RJJ2ULxgTczps-aKqQ3Z8QTsgAmunUjP_3_bhDiT9hufxEa0r95X8RljOu0Bv_N9Z6Q-NoFsKpz_9gcCJ5SDZo9dLQIeA-961YV5zQnKuH1-kfWw9gQazjWD8gOR_TxZDqDSXoUiyJeRbn0hcRjtn_MM3mkxFgNK-YhGjBFE9JOPEuukCDFtk4AoSMHLBfVzz5bqAghfyjsETZMPmJbSteHBnBC-bIjHFmWHVerdqWrelYE6RcHD8pQhpf-dhQxzNhbS3SOP6uvIHIoJjgBAGABtLbseKiuIKJVqAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0zMTk5MjE5ODM4MDQ0MDAz-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1eFyIr-w9KVTkIoOapPS6N7AOVNw%2526client%253Dca-pub-8804303781641925%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fhellonewyork.xyz%2F&ancestorOrigins=https%3A%2F%2Fhellonewyork.xyz%2Chttps%3A%2F%2Fhellonewyork.xyz%2Chttps%3A%2F%2Fbiggbos.live&random=617968170106&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal90005.redintelligence.net/request.php?zone=dexpma8tj0av&nw=20&renderingType=javascript&namespace=1e90be5548&subid=&uid=939caf056f0a7004&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7373786865798782585%26mt_id%3D6686398%26mt_adid%3D216536%26mt_sid%3D4637209%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D9d236192-2f16-4801-9979-7c58e18d5ae1%26mt_cid%3D9d236192-2f16-4801-9979-7c58e18d5ae1%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCuWaIFi-SYeyBGYX2gAfk6YGYAc-HjptcwIbZgsYCwI23ARABIABg-4GAgIgKggEXY2EtcHViLTg4MDQzMDM3ODE2NDE5MjXIAQngAgCoAwGqBL0CT9Cr3x5ucjVIhEOpYweMo_nj88wPYb1nJVkoSLg-dY2svbDTmeJnYqgigXFqKe9BMK0Fx1ZqyOpUnIIdmr0f2tiAeSVFK-OS48dnoS9hquSsLVZiLV9TfKjDj8M3YXC0_7iOhBZQct21itVXtvcVr5RJJ2ULxgTczps-aKqQ3Z8QTsgAmunUjP_3_bhDiT9hufxEa0r95X8RljOu0Bv_N9Z6Q-NoFsKpz_9gcCJ5SDZo9dLQIeA-961YV5zQnKuH1-kfWw9gQazjWD8gOR_TxZDqDSXoUiyJeRbn0hcRjtn_MM3mkxFgNK-YhGjBFE9JOPEuukCDFtk4AoSMHLBfVzz5bqAghfyjsETZMPmJbSteHBnBC-bIjHFmWHVerdqWrelYE6RcHD8pQhpf-dhQxzNhbS3SOP6uvIHIoJjgBAGABtLbseKiuIKJVqAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0zMTk5MjE5ODM4MDQ0MDAz-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1eFyIr-w9KVTkIoOapPS6N7AOVNw%2526client%253Dca-pub-8804303781641925%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fhellonewyork.xyz%2F&ancestorOrigins=https%3A%2F%2Fhellonewyork.xyz%2Chttps%3A%2F%2Fhellonewyork.xyz%2Chttps%3A%2F%2Fbiggbos.live&random=617968170106&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 299
  • https://hal900025.redintelligence.net/request.php?zone=le2lgnpkuh55&nw=20&renderingType=javascript&namespace=f161743635&subid=&uid=83f2007a7c1f47f1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x50&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2762100848445149922%26mt_id%3D6686406%26mt_adid%3D216536%26mt_sid%3D4637209%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D38c46192-2f16-4401-be54-1395eade9f3f%26mt_cid%3D38c46192-2f16-4401-be54-1395eade9f3f%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCuHLaFi-SYevrI8_I7gPVm6GoDM-HjptcwIbZgsYCwI23ARABIABg-4GAgIgKggEXY2EtcHViLTc5MTMwNDQwMDI5MTgwNzLIAQmoAwGqBPABT9ASTs1FUqy-uAX0e-_YLW3NsEzvb5YA1nhsgFc0yW52DMsqv4QhJI6Zk3gkD4IpdzZnxb4r7ewQbMbIrgSYiIKPIroX64B21cysfK2T4orOpXZ5Y11pZgWfHWZV5Cq3zebxNysPMyzokIPGCmxG4iufm8yNK8Fr41TUf2MmWad33Bf9xKlsEaSVJoQ8ie8ksy8KueTn3GhrQWufK0cg2qqpeu0zj3yniWJwAEZC9DvmQ0oUmiYBPzH5-18Pxa4SAZgM7ZNB0EWkTkFLWGzR9S6iLxXrqZMvzSYHW5geVg5xmOGcOSCYcxsXnV5skYfZgAbv57T24_fuxfEBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTc1ODQ3MTA4MDI4ODE2NTT6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0B5KFrJzvUKxPQu45sxCtE8O0Wmw%2526client%253Dca-pub-7913044002918072%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fhellonewyork.xyz%2F&ancestorOrigins=https%3A%2F%2Fhellonewyork.xyz%2Chttps%3A%2F%2Fhellonewyork.xyz%2Chttps%3A%2F%2Fbiggbos.live&random=789195292845&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900025.redintelligence.net/request.php?zone=le2lgnpkuh55&nw=20&renderingType=javascript&namespace=f161743635&subid=&uid=83f2007a7c1f47f1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x50&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2762100848445149922%26mt_id%3D6686406%26mt_adid%3D216536%26mt_sid%3D4637209%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D38c46192-2f16-4401-be54-1395eade9f3f%26mt_cid%3D38c46192-2f16-4401-be54-1395eade9f3f%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCuHLaFi-SYevrI8_I7gPVm6GoDM-HjptcwIbZgsYCwI23ARABIABg-4GAgIgKggEXY2EtcHViLTc5MTMwNDQwMDI5MTgwNzLIAQmoAwGqBPABT9ASTs1FUqy-uAX0e-_YLW3NsEzvb5YA1nhsgFc0yW52DMsqv4QhJI6Zk3gkD4IpdzZnxb4r7ewQbMbIrgSYiIKPIroX64B21cysfK2T4orOpXZ5Y11pZgWfHWZV5Cq3zebxNysPMyzokIPGCmxG4iufm8yNK8Fr41TUf2MmWad33Bf9xKlsEaSVJoQ8ie8ksy8KueTn3GhrQWufK0cg2qqpeu0zj3yniWJwAEZC9DvmQ0oUmiYBPzH5-18Pxa4SAZgM7ZNB0EWkTkFLWGzR9S6iLxXrqZMvzSYHW5geVg5xmOGcOSCYcxsXnV5skYfZgAbv57T24_fuxfEBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTc1ODQ3MTA4MDI4ODE2NTT6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0B5KFrJzvUKxPQu45sxCtE8O0Wmw%2526client%253Dca-pub-7913044002918072%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fhellonewyork.xyz%2F&ancestorOrigins=https%3A%2F%2Fhellonewyork.xyz%2Chttps%3A%2F%2Fhellonewyork.xyz%2Chttps%3A%2F%2Fbiggbos.live&random=789195292845&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 419
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 449
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPK2LIvbOZp-3DY_h58bwL2aImTWPDdd_K5Oofp-ZYpFl9vXfeXs4ZMB6yXUAYLbhIWJWdRsdx2tQyAbJz-EqqxuT75oEA8a&google_gid=CAESEDnqxJe-iLkgozxxJHZT5Oo&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVpJdkZ3QUVzNlVBSGdBeg&google_push=AYg5qPK2LIvbOZp-3DY_h58bwL2aImTWPDdd_K5Oofp-ZYpFl9vXfeXs4ZMB6yXUAYLbhIWJWdRsdx2tQyAbJz-EqqxuT75oEA8a
Request Chain 450
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEBDudzxPXNIRlEZnXP1lbXA&google_cver=1&google_push=AYg5qPKqEQpA8ojvx3oGtK--d_rVqTwOzDQM2Y7awwig-L7hjVlZuKm_mV8Lc5WG8YeTZLeD2l0R88rStuiQfML2HP2rb0S_7KKj HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=OMRhki8WRAG-VBOV6t6fPw&google_push=AYg5qPKqEQpA8ojvx3oGtK--d_rVqTwOzDQM2Y7awwig-L7hjVlZuKm_mV8Lc5WG8YeTZLeD2l0R88rStuiQfML2HP2rb0S_7KKj
Request Chain 451
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEEjIEuf787a0o7ZDRqDEmwI&google_cver=1&google_push=AYg5qPLgt8YjGCShDtCHKWfBYgjmnbt-8iIxg1D5hdnSfYYhWRRG-wR1PjNqO_jEJyYsW3ndvmbWbDqzijUoSXTj1InRLQasfxT9 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEEjIEuf787a0o7ZDRqDEmwI&google_cver=1&google_push=AYg5qPLgt8YjGCShDtCHKWfBYgjmnbt-8iIxg1D5hdnSfYYhWRRG-wR1PjNqO_jEJyYsW3ndvmbWbDqzijUoSXTj1InRLQasfxT9 HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=ab6abc1f-ba73-4332-9c35-4fb6b511407d HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=ab6abc1f-ba73-4332-9c35-4fb6b511407d HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=d7d95a89-e0ce-4898-b5d7-0e1d20fdad60&user_group=1&ssp=google&bsw_param=ab6abc1f-ba73-4332-9c35-4fb6b511407d HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPLgt8YjGCShDtCHKWfBYgjmnbt-8iIxg1D5hdnSfYYhWRRG-wR1PjNqO_jEJyYsW3ndvmbWbDqzijUoSXTj1InRLQasfxT9&google_hm=q2q8H7pzQzKcNU-2tRFAfQ==
Request Chain 452
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPVALoQ8P_Ge4mLkZsYzHaQ&google_cver=1&google_push=AYg5qPL1i-_oqPe_Jzb7rUubNTtYPh6duNkEfoFoX6Jivwr58e0X0Kq0FDJhTLw6oR81XtV222Htrelv9k7Ix27qqBPZ-Kv3en0P HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPVALoQ8P_Ge4mLkZsYzHaQ&google_cver=1&google_push=AYg5qPL1i-_oqPe_Jzb7rUubNTtYPh6duNkEfoFoX6Jivwr58e0X0Kq0FDJhTLw6oR81XtV222Htrelv9k7Ix27qqBPZ-Kv3en0P HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDQ3NTE1MTIwNTE1Mzg3NDU4Mw&google_push=AYg5qPL1i-_oqPe_Jzb7rUubNTtYPh6duNkEfoFoX6Jivwr58e0X0Kq0FDJhTLw6oR81XtV222Htrelv9k7Ix27qqBPZ-Kv3en0P
Request Chain 453
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFa8n_8kTwdSvHSfuX6kcYM&google_cver=1&google_push=AYg5qPJoqxGJtdk1JSaq9tUE0313BCTz0XKdfrxgMhloB13XGr5FXM6ka8MxkANXGMKW8MBk2OU2mUdquyRK6tfEWjl8TjDmIKc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1cwSFRWQ1ItRy03N1JJ&google_push=AYg5qPJoqxGJtdk1JSaq9tUE0313BCTz0XKdfrxgMhloB13XGr5FXM6ka8MxkANXGMKW8MBk2OU2mUdquyRK6tfEWjl8TjDmIKc
Request Chain 454
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEFqC61bQNXaAjy1K9NmYaIk&google_cver=1&google_push=AYg5qPJV3ewNwbqe7f43PQKXjXOqrppjVCkiVrryLjZOuL91E3Mu1hiUWFvc5jwUKgH1Y0yZGCcuAb4g922U9hNuAAMGnWV--iOm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJV3ewNwbqe7f43PQKXjXOqrppjVCkiVrryLjZOuL91E3Mu1hiUWFvc5jwUKgH1Y0yZGCcuAb4g922U9hNuAAMGnWV--iOm
Request Chain 455
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEM6AtGcmIYYBTbrs8WI_h8I&google_cver=1&google_push=AYg5qPJo20B5ibgkKVyImGcbyvm9FGJsV9TfxsFNvp0mymERs-QHQeEfNVy6QuPGIkv32FDpGhB4QK72M0bg4L3zmAXH58Ip_cS4 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-383dadb4-9039-44a7-aea8-3792efad620b-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPJo20B5ibgkKVyImGcbyvm9FGJsV9TfxsFNvp0mymERs-QHQeEfNVy6QuPGIkv32FDpGhB4QK72M0bg4L3zmAXH58Ip_cS4%26google_hm%3DAzg9rbSQOUSnrqg3ku-tYgs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPJo20B5ibgkKVyImGcbyvm9FGJsV9TfxsFNvp0mymERs-QHQeEfNVy6QuPGIkv32FDpGhB4QK72M0bg4L3zmAXH58Ip_cS4&google_hm=Azg9rbSQOUSnrqg3ku-tYgs
Request Chain 457
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEH4r7QpifDf464nm74E2bKk&google_cver=1&google_push=AYg5qPJl4OdNZXnGfpI_A7pVcsvigwg_F7dSlJMnq1fpNdUvTgT8KhGuRxVtNlaYvNnf30yU27BH6tm6jMqFXvSozsM5EkUgQFVUBA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=OMRhki8WRAG-VBOV6t6fPw&google_push=AYg5qPJl4OdNZXnGfpI_A7pVcsvigwg_F7dSlJMnq1fpNdUvTgT8KhGuRxVtNlaYvNnf30yU27BH6tm6jMqFXvSozsM5EkUgQFVUBA
Request Chain 458
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEGPoZVUbXC23w17aW5V4W1E&google_cver=1&google_push=AYg5qPLUcd0ZPBQ-iV1W_Sa095otu8GZcF17bLxWZY03Czf7tKqHb9chyeY4Gy_-2Csr5jUWHq1Zn27hAtDfR-upk7DCQIsTPKkQ8Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAzMDczMzc0NDExMjkyNDgyNw%3D%3D&google_push=AYg5qPLUcd0ZPBQ-iV1W_Sa095otu8GZcF17bLxWZY03Czf7tKqHb9chyeY4Gy_-2Csr5jUWHq1Zn27hAtDfR-upk7DCQIsTPKkQ8Q
Request Chain 459
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEKCV9cDhVlncCrogYQ7Ahxo&google_cver=1&google_push=AYg5qPL2RxNma2AGkYf__Pvz-NTKYsDBEf5rZt0bXpUN2Rbg686N45fPLMV-JVl6MgYQjihQtLIeOvnCH06FIXVu1OaIqH3AyKWF3Q HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEKCV9cDhVlncCrogYQ7Ahxo&google_cver=1&google_push=AYg5qPL2RxNma2AGkYf__Pvz-NTKYsDBEf5rZt0bXpUN2Rbg686N45fPLMV-JVl6MgYQjihQtLIeOvnCH06FIXVu1OaIqH3AyKWF3Q&s_h=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=WZr0HFuFTq--3vzZWocNDw&gdpr=1&gdpr_consent=
Request Chain 461
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKqtp3hCf3aUCuIzyQOA-qg&google_cver=1&google_push=AYg5qPKZFgUD2e43l7QnJ8ciYo-VqLc9T_k8TCMnvWALZ6eVJo-zAevCK9gNqVyfbuajZ2WxGc2EfpSrxnqqxB5EcVlE9LjOLLGwdg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKZFgUD2e43l7QnJ8ciYo-VqLc9T_k8TCMnvWALZ6eVJo-zAevCK9gNqVyfbuajZ2WxGc2EfpSrxnqqxB5EcVlE9LjOLLGwdg&google_hm=MTM1MTI1MTMwMjAxNjQ3MDMy
Request Chain 462
  • https://ads.avads.net/sync/ggl?google_gid=CAESEDAYAV1vGQNQQ4TfROLuxeM&google_cver=1&google_push=AYg5qPJ349H6Atpt2gjfBl51nBcP776_kgBTJ9TtRb-vukHSSKtiF2a9NfBcdzid1E5EGhRILY02QcuV6DavTEVHJZSGj_AQm91qFBw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NDI3YjljYjAtMWNiOC00Y2IyLWJmNTktYzE5ZGQzMTY0NTkx&google_push=AYg5qPJ349H6Atpt2gjfBl51nBcP776_kgBTJ9TtRb-vukHSSKtiF2a9NfBcdzid1E5EGhRILY02QcuV6DavTEVHJZSGj_AQm91qFBw

508 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
biggbos.live/
Redirect Chain
  • http://biggbos.live/
  • https://biggbos.live/
35 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a421 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1966a866f1d6cabd0e61447b6711a54b2f622758bf64c103b058ae201b135188

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9

Response headers

date
Mon, 15 Nov 2021 09:57:40 GMT
content-type
text/html; charset=UTF-8
link
<https://biggbos.live/wp-json/>; rel="https://api.w.org/", <https://biggbos.live/wp-json/wp/v2/pages/685>; rel="alternate"; type="application/json", <https://biggbos.live/>; rel=shortlink
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F9MQNsPo2AXgv1G1sa2I6PUDnK5ZY%2BXaqXKsFZB31EDms2htJwKcd3NVL1KngNmSX1lpYZYU3kH9u5117g%2B4XH11A3Q9SF6pGoTczFwC6Yn1fj8ClyYExWoHjD85zsakQ%2B9L0wYQvNWcx6s%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6ae79ddd88580f82-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date
Mon, 15 Nov 2021 09:57:39 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Mon, 15 Nov 2021 10:57:39 GMT
Location
https://biggbos.live/
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zk5dASL1doi15zLyWbJE44WN9JPsdYRGFDYbmt%2B6lt8qRtKxqfw4IzIizkQUcaPjagEpylA14blygMK4CeDLKjDBvcWk5GCsDKlbxomnZtEJRx1GOAFjdVz9r9b7YeYukRrnOiF%2B0m34cB4%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6ae79ddc9e233754-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
style.min.css
biggbos.live/wp-includes/css/dist/block-library/ 		79 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://biggbos.live/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a421 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:40 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sat, 07 Aug 2021 08:23:25 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UDJ74HoSeQKPiKVuJ%2Fn0hKgO5dkaGsJajLfxEkkZrmLDnB%2FIFs6ptLCmoBNiUyolDURkvxzNvesLtGjRNZSpLiRmCegF3bbTNgc3M%2B4eD%2BE97x9n46sqCksq2tqoyT5o3MoOuoucgjFGXuI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ae79ddfdcb90f82-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
style.css
biggbos.live/wp-content/themes/sahifa/ 		159 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://biggbos.live/wp-content/themes/sahifa/style.css
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a421 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ca45d4a78b01e0b828d158620ef8bc0034d1d8634ad135bfdaea5bf28a07cb6

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2405
cf-polished
origSize=200540
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 23 Nov 2020 05:30:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X0fHpOydz%2B4RpMwzUDbHpm9icSXOQjkTad1FCq%2FTS3RqazTMucUvhmy6CsSoaOG2WmM2MhqhNFHYam8hdKPq9myd8JmbsWXgjjiw5vO8K9atpG9Hhmd6lzc5veAut5NWy9P4JNxNkdMnPbE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
6ae79ddfdcbb0f82-MXP
cf-bgj
minify
skin.css
biggbos.live/wp-content/themes/sahifa/css/ilightbox/dark-skin/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://biggbos.live/wp-content/themes/sahifa/css/ilightbox/dark-skin/skin.css
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a421 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e93414f896d6002f025697fd592d2393994fc8b21be6061dd55b8df904aa245

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:40 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 23 Nov 2020 05:30:08 GMT
server
cloudflare
cf-polished
origSize=7289
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nXaFe1kmO6dfoGDLZgaDqs47fqkXyxjNFCe%2B7ncoy0IsoEPadmMKqxpF154%2FDqmTdNXYlFwkE64zm%2FXzxFo5q2WooO4CheoTzpTDWGZ2np7qs3gv0Z5v3Iqu7fpp5inK54q%2FAhSCOTJuUe4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ae79ddfdcbc0f82-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
minify
css
fonts.googleapis.com/ 		754 B
671 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0665f5f3dfc038e410e2f0004a1a5ff6d2d91f392dd32208606eb8ff51195172
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
clear
x-xss-protection
0
last-modified
Mon, 15 Nov 2021 09:12:25 GMT
server
ESF
date
Mon, 15 Nov 2021 09:57:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 Nov 2021 09:57:40 GMT
jquery.min.js
biggbos.live/wp-includes/js/jquery/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://biggbos.live/wp-includes/js/jquery/jquery.min.js
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a421 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 07 Aug 2021 08:23:25 GMT
server
cloudflare
age
2405
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZPjxx3x5NjaoY1XaWVWCTwdJ%2Fvvw0lzs3Wm4%2FBnNpg6rarqV7U2aI4FbSg7iYAG%2FhFNxhZbPlJ%2F4eL3PEoqilsbD%2FmuDs38AcAs7QEIQoTQydxh8NZOXvLve5QdchF5tmFVsO%2BGPh8zR3CE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ae79ddfdcbd0f82-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
jquery-migrate.min.js
biggbos.live/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://biggbos.live/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a421 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:40 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 06 Jan 2021 18:44:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VIIWtezoONb0HkXLojJpC151wgsSfhrLlUWwjbNZt09r4mcpKEftlQUqh7Vkwc7nPWVPKEycRiKIaA1UchP100XTNpXn7mFsUV6c6mRuZbfRcFLvmpBOzu7YFqmKeRQcajXkBhT8OnKJNi4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ae79ddfdcbe0f82-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
sab_bar_script.js
biggbos.live/wp-content/plugins/sticky-ad-bar/js/ 		613 B
737 B 		Script
General
Check archive.org
Download Go to
Full URL
https://biggbos.live/wp-content/plugins/sticky-ad-bar/js/sab_bar_script.js
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a421 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f23e92f2ad9c1b20e84ae45b1e9290d020e47977550fa2fd235ef480378db35d

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:40 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 20 Jan 2021 07:21:34 GMT
server
cloudflare
cf-polished
origSize=692
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hzl1Xgh3b6KMrzRkSn24JyhO8KY8RM8CCnxvKcDLYPhc7dmxsiEaSq3tS1NlxqzDRVf7Av8Kbm%2FZlpRfxLbwkhr6C9Ua1hgw%2Bt%2Fai7jtlTEVFTT6SHgYF8%2FdTiWD01am2WTqNiVFyW433Vg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ae79ddfdcbf0f82-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
minify
jquery.cookie.js
biggbos.live/wp-content/plugins/sticky-ad-bar/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://biggbos.live/wp-content/plugins/sticky-ad-bar/js/jquery.cookie.js
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a421 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0caab7de2b6d190e7fad15e5e81b2e8130ac073fe1960149c597b9ac12509d1c

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3512429
cf-polished
origSize=3121
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 20 Jan 2021 07:21:34 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GQ45EE83tTqUL9VTTpmVrHl0jmAah2WtDSSrS05csFQJp5WbOTACh2Nd215dGepYiOYsbqmsnOuoOprengZ455QiVV0UlN7DVGMihiplAw1dxk0kXgiR3BInNTk%2BfssQ0cNzAKwk%2BToDdOQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=10368000
cf-ray
6ae79ddfdcc00f82-MXP
expires
max-age=A10368000, public
js
www.googletagmanager.com/gtag/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-186889619-1
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a6298dfc2f08ab2835f77d1008e62da43f8210d17d784c51b694e90cc95fbf2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:40 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
36163
x-xss-protection
0
last-modified
Mon, 15 Nov 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 15 Nov 2021 09:57:40 GMT
9520
tags.orquideassp.com/tag/ 		993 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.orquideassp.com/tag/9520
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:c600:2:e529:700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
0550f5fabc287e8491f8a0c4cf0076e3f0a6fc685a5da6bdca2c4e582a3946f6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
3336
x-dns-prefetch-control
off
x-cache
Hit from cloudfront
date
Mon, 15 Nov 2021 09:39:36 GMT
content-length
993
x-xss-protection
1; mode=block
server
nginx/1.16.1
etag
W/"3e1-xYoAGH8yrjSyiyyFZPKyIf58uGA"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
uVPbpkNWQHw5rxAtFKZ5IfmE_RQSPkNfOXqUmu3bBuIM2RG6PZ6l2Q==
script.js
vmuid.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vmuid.com/script.js?sid=c2863ca5-1af5-4773-9039-fc20250e9e86
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:96a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d6050216a4bae779bcca48452cb92f7b26a0bae6670496207ed927de8789e48

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:40 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q0Vylsyb%2B%2Fku1p1R3LXCQi0vIvcqJhIyj1%2FH2aJ6Lu3csb%2FtxwoiQSZ3Nb0J9oogw3cmPp25yHdge2VE36ex5wNzSUZibmNXcz5fXjt5OWJEk%2Fl9JeMjlGnd%2BDhP6lF7wP1WJOtFPbs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
no-store, max-age=0
cf-ray
6ae79de0ca57f937-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
sdk.js
prefleks.com/ 		40 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prefleks.com/sdk.js?sid=c2863ca5-1af5-4773-9039-fc20250e9e86
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
178.162.196.156 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
5007a747602388ec2a3c6a9fa494642d8e348bcd08aa85ec2f2f78f2e32e913a

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 15 Nov 2021 09:57:40 GMT
Server
nginx/1.14.1
X-Cache-Status
MISS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-store, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
40686
biggbos.png
biggbos.live/wp-content/uploads/2021/01/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://biggbos.live/wp-content/uploads/2021/01/biggbos.png
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a421 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b13a064c1d5cb212e70dd677d1b0c617d119145b71e158c9ed62da5d16193a7

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:40 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 06 Jan 2021 19:09:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cajItxCqcY7Vlc3Li3q5V1Hm58mqC%2FtizPbWBiltAR0X16hx%2BKW9ca%2FGYQJ0yOWIDjb9FqBfh0QxU%2FROjmthsHJRIUQSKNzxAdfzlHBwOP7nh9MaAIQrUgiiRqwjHX9bOk3FVPqudG1JqyE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6ae79de0de900f82-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12829
invoke.js
prowesshearing.com/fe68b3c729f3c6872dd30af94f1fcf87/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://prowesshearing.com/fe68b3c729f3c6872dd30af94f1fcf87/invoke.js
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 15 Nov 2021 09:57:41 GMT
server
nginx/1.17.9
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
naagin5.co.1208464.js
jsc.adskeeper.com/n/a/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.adskeeper.com/n/a/naagin5.co.1208464.js
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6104fd34a854f1501aa6ca3969f4d07084b48c78aa530879daa10f4119f5804

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:40 GMT
content-encoding
gzip
cf-cache-status
HIT
age
4675
cf-ray
6ae79de12ed139b1-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
741
x-amz-id-2
hHT+gfCuOdjJqw/QSIA/BAaMtma/Isu8iKDHmWBYX5LmcudKbH8ZvTZoFjOv9hD8HPB7B+Ucnak=
last-modified
Tue, 02 Nov 2021 13:56:12 GMT
server
cloudflare
etag
"5f92537349b3e564447bbb6854a12369"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
S9JSRDCWY44XXY20
cache-control
public, max-age=14400
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 15 Nov 2021 13:57:40 GMT
tie-scripts.js
biggbos.live/wp-content/themes/sahifa/js/ 		70 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://biggbos.live/wp-content/themes/sahifa/js/tie-scripts.js
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a421 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f63de180098b5669cddeef897441f372161e25dde239a7f6fc03f5cb5ecec4be

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:40 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 23 Nov 2020 05:30:08 GMT
server
cloudflare
cf-polished
origSize=74081
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vT3hvAR1addjSjRF82ACNjpHIFn5U%2F%2BwdJ97X2U7Xvyc14%2BztxGslHezyi8vnp0j5KvdP8oiNZWxLH7Qq%2FMCZwGEbLN1lgoZt4qdPgAWZ35QBNKGtg1s9gKWW%2FbfFHhMIo0Xi9UQz33wblI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ae79de0ce7f0f82-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
minify
ilightbox.packed.js
biggbos.live/wp-content/themes/sahifa/js/ 		78 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://biggbos.live/wp-content/themes/sahifa/js/ilightbox.packed.js
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a421 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d172c7a7d560ee869c812c4ac36c85cc951ff822a10f4a1c8a845ae5769b8e7a

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:40 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 23 Nov 2020 05:30:08 GMT
server
cloudflare
cf-polished
origSize=79789
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GUfVxrUN240PiFxOHvCUVQ%2Bt6iUDE2ElrtLoqDW2j2%2BTISHRlfbEK9x4uh5NMKuYuZia%2BURRdGOARXw%2Fr81OtwrHEh9sSusjcifEdiMCLcku%2FKIvIGq%2BG1YGrRBGQPSF65CTaOO14anVTLM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ae79de0de8b0f82-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
minify
wp-embed.min.js
biggbos.live/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://biggbos.live/wp-includes/js/wp-embed.min.js
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a421 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:40 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 04 Feb 2021 06:38:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QcTR9IsfofQ4b8FXUT0J5z1us8iHx4ZGkFshVCdVol2nLWqFhwTAR5i48jDWch4lajUziwYu4lnvC36buA6WS4cOpyOQ1yubgy1hqqLJK8%2BX0Kui4P0JVEuL%2BkvyLm5uKDu%2B2bysy2Q5Ie8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ae79de0de8e0f82-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
26717
zeroethgipsy.com/f8JVCk7bJu0AldWW/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://zeroethgipsy.com/f8JVCk7bJu0AldWW/26717
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
142.91.159.144 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
wp-emoji-release.min.js
biggbos.live/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://biggbos.live/wp-includes/js/wp-emoji-release.min.js
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a421 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 07 Aug 2021 08:23:25 GMT
server
cloudflare
age
3512429
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cnFs8%2F%2Fqbk7rpA7mB3SrthWwPzreZn4xO6p2pmE9sCmMlKu7VemQw%2BadfsUvWCqwHqIDIm5mKlMHV3ksd%2BkTxVx9hEcN2nsqGqrAwHx3NWSshR%2BucyzBMkDVWWz2iePWXBYWg2WFjoPl3xI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=10368000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ae79de0de910f82-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
max-age=A10368000, public
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		77 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tags.orquideassp.com
URL: https://tags.orquideassp.com/tag/9520
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
62f3d3d0c242e891ce6b71214501d2cb97f4b9d1ecfbe03031dbc5c7c76ff64a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1044 / 759 of 1000 / last-modified: 1636969124"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
clear
content-length
26744
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 15 Nov 2021 09:57:40 GMT
4637408
rndhaunteran.com/400/ 		66 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rndhaunteran.com/400/4637408
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
d0aef6396a0bc8404f181d447b82ee3e9704b4cab859aaa677fb4c9ef54e042d
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-trace-id
028bdc32f7a941c14d60e23e1bde42bd
pragma
no-cache
date
Mon, 15 Nov 2021 09:57:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Origin
content-type
application/javascript
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security
max-age=1
timing-allow-origin
*
expires
Wed, 31 Dec 1969 19:00:00 EST
body-bg25.png
biggbos.live/wp-content/themes/sahifa/images/patterns/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://biggbos.live/wp-content/themes/sahifa/images/patterns/body-bg25.png
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a421 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86d2d9b569b96e40e9d8d51322980d729cc34f7e299984639ae15aa9a96d4991

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:40 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 23 Nov 2020 05:30:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wF%2BDC8BpBpEuKreHnEHXdF6QC0sxLsZEIiPpW%2FrrYkkceslt7KnytMOgvjAyyb82qREqQq06l2fy5siJT0n8Cu7GCdjxP%2BL6jxduQN6uN80RL4xoDvsyAIqKOw5F1VeqXwt34C44KdXq3RE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6ae79de0de940f82-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
10042
send
vmuid.com/uid/ 		65 B
624 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vmuid.com/uid/send
Requested by
Host: vmuid.com
URL: https://vmuid.com/script.js?sid=c2863ca5-1af5-4773-9039-fc20250e9e86
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:96a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e2d12a8b66e4eea33f560a296762254c21d07251a413f9b1d5421fe5fcb0c38

Request headers

Accept
application/json
Referer
https://biggbos.live/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryk5wsKAEAW3RMPAJX

Response headers

date
Mon, 15 Nov 2021 09:57:40 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-headers
X-Requested-With, content-type, access-control-allow-origin, access-control-allow-methods, access-control-allow-headers, set-cookie, Cookie
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kWEFSC8XxYykVxIbrnEIH5NcScvYAEZfuhBEAN3olklpJ5wO49xFOR2aIVZo%2BplUyhDtaIO%2FMC4jpBIeudD6djEbVtnoDeycXmBNkw6tNY3%2Fhk%2BEMdFaV6%2F6pgo414pYJbw2yvokfks%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://biggbos.live
cache-control
no-store, max-age=0
access-control-allow-credentials
true
cf-ray
6ae79de19b87f937-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
hit
patalogs.com/ 		2 B
359 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://patalogs.com/hit
Requested by
Host: prefleks.com
URL: https://prefleks.com/sdk.js?sid=c2863ca5-1af5-4773-9039-fc20250e9e86
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
178.162.196.156 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://biggbos.live/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryWaQrfq2agEMLQDlQ

Response headers

Date
Mon, 15 Nov 2021 09:57:40 GMT
Server
nginx/1.14.1
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
hats.php
hellonewyork.xyz/ Frame 358F 		542 B
551 B 		Document
General
Check archive.org
Download Go to
Full URL
https://hellonewyork.xyz/hats.php?utm_source=google&utm_medium=Organic&utm_campaign=remarketing&utm_term=starcush
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ce35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44c0c901ab84306965a25fc48d0cb5b7bbc4f4aa3eea40596b5e18b67574ed19

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/

Response headers

date
Mon, 15 Nov 2021 09:57:40 GMT
content-type
text/html; charset=UTF-8
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yOlaW7mJkXkPD0q6J%2BAIH6fwEucKcB7M4ojkzQEv1GWigmtjZmIrAA7%2FRbdu3fDYUenTzeVHlRoH8%2Fa7zcJJ9z1vgHDAzd6%2FvpSXegL1IsdT4WLpvKE8xrVani3zuO5f1z%2BfmR1KzHP9O7DB%2F%2FmH"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6ae79de2399a59a1-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
ad2.php
hellonewyork.xyz/ Frame A8DA 		529 B
845 B 		Document
General
Check archive.org
Download Go to
Full URL
https://hellonewyork.xyz/ad2.php?utm_source=google&utm_medium=Organic&utm_campaign=remarketing&utm_term=starcush+latest+apps+news
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ce35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa5fb3483b99e673434a662e3bfe4d9df8a2d2d8af2ed1b6037ee6376d19312f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/

Response headers

date
Mon, 15 Nov 2021 09:57:40 GMT
content-type
text/html; charset=UTF-8
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J1NMgE8gGR8j2UIvWyz9hbA3MhkCNMUL4EC0w1Z32eLCytIjboSTWfBOQXPbOg%2FWaXJW6mHOs1dI7IqVN7L0lgm%2FeodYqIOzCsosIb0IwdOeSP%2FZ%2BxHQxCIHV62YQbesSzu4CAVDznUy0jKuM7Bj"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6ae79de2399b59a1-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
stripe.png
biggbos.live/wp-content/themes/sahifa/images/ 		93 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://biggbos.live/wp-content/themes/sahifa/images/stripe.png
Requested by
Host: biggbos.live
URL: https://biggbos.live/wp-content/themes/sahifa/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a421 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23c79bb552706be2ca97bdb259921e3269a5263326b147676c2f7909a45b58c9

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/wp-content/themes/sahifa/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:40 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 23 Nov 2020 05:30:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xB8gLRMGUKngy1le0Gg%2BwdU1vKZAp%2Fe2F%2FGW37qIkUaE7WjZRzH4t%2FWci7Hsf%2BbLzou3CYRrQJ01lA13w92xezP2lfepiD7%2FQkEe484OaW5CKnbIXb5s72mWd4gpXt9bbNGsSJQnfbNi4sY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6ae79de19fd30f82-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
93
fontawesome-webfont.woff2
biggbos.live/wp-content/themes/sahifa/fonts/fontawesome/ 		70 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://biggbos.live/wp-content/themes/sahifa/fonts/fontawesome/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: biggbos.live
URL: https://biggbos.live/wp-content/themes/sahifa/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a421 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer
https://biggbos.live/wp-content/themes/sahifa/style.css
Origin
https://biggbos.live
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:40 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 23 Nov 2020 05:30:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KxKExTu798LJDWlqNRplg9K9hQ0nb0eB3YAisD0QmH%2BCl%2BeNihaQ0JAPBX9%2FuZRaiaZZNiCaGGLr1cykuIm2BksZWa0X7DazPRbc4s9bTBk7fImuIahbImE%2FgNPVhLjggwgwOzIKNIKWqSs%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6ae79de19fda0f82-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
71896
SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
fonts.gstatic.com/s/droidsans/v12/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/droidsans/v12/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06c572e99c878362d40d1f358efdfe400ae1310f35cf22174dcdd5db022dd810
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://biggbos.live
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 13:47:02 GMT
x-content-type-options
nosniff
age
245438
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
22340
x-xss-protection
0
last-modified
Thu, 20 Feb 2020 02:52:18 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 12 Nov 2022 13:47:02 GMT
BebasNeue-webfont.woff
biggbos.live/wp-content/themes/sahifa/fonts/BebasNeue/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://biggbos.live/wp-content/themes/sahifa/fonts/BebasNeue/BebasNeue-webfont.woff
Requested by
Host: biggbos.live
URL: https://biggbos.live/wp-content/themes/sahifa/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a421 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8c2e4d6ab0ad2f055a6cc3c777d31531e665758db5ca815f2613afad72f7088

Request headers

Referer
https://biggbos.live/wp-content/themes/sahifa/style.css
Origin
https://biggbos.live
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:40 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 23 Nov 2020 05:30:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jblEqbXGyDnP1QYYNh1aZxXpPJL3gdngAaWjvFrgoCZhRdjjSwZQ0Y127PiJoF7OFoizx6pkkcSCM6djelA%2Bv%2FOeO2vJEOHtMybm5flcMUdf%2BbRG7D3TIwUwpJpNYGDPRYGovy17D4Yv6TU%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6ae79de19fdc0f82-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19996
SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
fonts.gstatic.com/s/droidsans/v12/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/droidsans/v12/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a615849237c0ce94e73fc69d86e5f9c58bdaca8d9756a5ff4c88fa86b14e6177
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://biggbos.live
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 01:05:44 GMT
x-content-type-options
nosniff
age
377516
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
21232
x-xss-protection
0
last-modified
Thu, 20 Feb 2020 01:56:42 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 11 Nov 2022 01:05:44 GMT
Bigg-Boss-15-Colors-Tv.jpg
biggbos.live/wp-content/uploads/2021/10/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://biggbos.live/wp-content/uploads/2021/10/Bigg-Boss-15-Colors-Tv.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a421 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c8bdfb3947348c8750cfcbd43c7ca3153db740b0b61f7039ef25729ad919849

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:40 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 05 Oct 2021 20:17:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DIK%2Bu53TYeCkxTbm%2B%2Bv5UP6kt8EZ3Uia1LoF7uGPujpyG6ntwn42OG2CFsZP124dPQQ4WmpfAB4nTKoWj%2F8EaSazhPt8Ve2BEwwKcSRYXOqTifx3xbbIX9dCTbrRmm2gA9YJYih1tlGPMTk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6ae79de1b8310f82-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
47726
Bigg-Boss-15-Colors-Tv-310x165.jpg
biggbos.live/wp-content/uploads/2021/10/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://biggbos.live/wp-content/uploads/2021/10/Bigg-Boss-15-Colors-Tv-310x165.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a421 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e91e908fe630a9db9e41c8196c998fdd4cbd6d0a290586a23fe30890645f21a7

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:40 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 05 Oct 2021 20:17:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GJVJF5M5HRrGlr2zNpM%2BBbNqBVjp8RXZQnTm%2FOycrfkKNK2qsbmI6FhFQeq2QQPQEzZIAhxVLYaRpV7Uhec3jLD9jGH7opg%2FnF8EBXxvODXtIF5B%2FA1yGHeZSO3LE9YsM1QFOs7lZGbgyBM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6ae79de1b8330f82-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
16349
Bigg-Boss-15-14th-November-2021-310x165.jpg
biggbos.live/wp-content/uploads/2021/11/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://biggbos.live/wp-content/uploads/2021/11/Bigg-Boss-15-14th-November-2021-310x165.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a421 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6e810bd35b5e9925e99ba612ae503f219e8792fe8150f54fd5413ed97cc80a6

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:40 GMT
cf-cache-status
MISS
last-modified
Mon, 15 Nov 2021 07:49:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QVI%2FuxS0eOCypr%2FmksW51S5oJZBjsXh01nAOfv6p6U1nC77CwPZ37wq3Oicxqf%2FOtlYK0JVHKEgDpwbDjLTp0iHWoxrCAgOr86LXyDDFqFvPeaTG7jKgLiE%2F36oKe2BYvqIWk6BO%2FfSHsTQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6ae79de1b8340f82-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12291
Bigg-Boss-15-13th-November-2021-310x165.jpg
biggbos.live/wp-content/uploads/2021/11/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://biggbos.live/wp-content/uploads/2021/11/Bigg-Boss-15-13th-November-2021-310x165.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a421 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eed51655172cef00ed2056d1ced57cc0c55bfa509628a58b3bbdb5b295cfbed

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:40 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 14 Nov 2021 09:09:39 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5rWvcAxseI3lndYNUD7PC2lN6Lh3eeY%2BnhV5FegAFyq1oHPcL2sYS0Hc%2FrQq4JhVG7SZnTjEMhM7vNq%2FZC2rRIvxIZtJYVvMtHhEU8rVXZXBZG%2BD1qmHrIeBX53ghNEt98qVoKSQsVwFTkY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6ae79de1c8380f82-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9746
Bigg-Boss-15-12th-November-2021-310x165.jpg
biggbos.live/wp-content/uploads/2021/11/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://biggbos.live/wp-content/uploads/2021/11/Bigg-Boss-15-12th-November-2021-310x165.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a421 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38e69614b0f67b202bcd31b6789208013c17f67acb593f6f3c4ee46320569634

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:40 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 14 Nov 2021 08:56:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C13kUOQes82ABC2HDyJUJPoM4eHHRJ5amHhr8Qql1oRCyM4zIVslI7ZSnsF0mqR7VApMItMBn51zgkToAXv6vuYcmKo1J%2FLsfp710KlmWxTQbntcCs8guBPnGmsBit8CGB6xesK5FOISSuE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6ae79de1c8390f82-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12289
Bigg-Boss-15-11th-November-2021-310x165.jpg
biggbos.live/wp-content/uploads/2021/11/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://biggbos.live/wp-content/uploads/2021/11/Bigg-Boss-15-11th-November-2021-310x165.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a421 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c996167bb8151312bf408ea47db08a5da8456c2394aedc5efb8cc4c2b1f4211e

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:40 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 12 Nov 2021 08:24:25 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zlFTjQ%2FdRHLV8VaP2pjk%2FwKdFvNPK78DWTkuqX5IaYX1o0MtjRcWxTH0hK64qJMj%2BjzERuUnPbJ6sbg6onS1pbNOnswFEwDk%2FadEaHFE6vOfRgc5Fho9NAwiyX72jt4%2FuIltpMVwRNmxFMc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6ae79de1c83d0f82-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
13226
Bigg-Boss-15-10th-November-2021-310x165.jpg
biggbos.live/wp-content/uploads/2021/11/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://biggbos.live/wp-content/uploads/2021/11/Bigg-Boss-15-10th-November-2021-310x165.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a421 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62e5e94d76620aa07fe28e06d03983a146409c8011aaea93dc8bbbb497ff9a6a

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:40 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 11 Nov 2021 08:17:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3WX5wbjQHx4VvFXils1vvpiX7NOFGi5XkfxScXRkIl8jRAr37iSYTIlxe52pZX9ByxC4kIq0PnGl32%2Bv2sAgK60sQcliJctoC78mld7QiHIml0zPawGUOdjYykTfAlC%2FC4a4cWk%2B1y8LYEU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6ae79de1c83e0f82-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
10699
Bigg-Boss-15-9th-November-2021-310x165.jpg
biggbos.live/wp-content/uploads/2021/11/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://biggbos.live/wp-content/uploads/2021/11/Bigg-Boss-15-9th-November-2021-310x165.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a421 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4445068dc1c8f4c4ad45314d19806176220b9c3c63be9437e8553008f5270953

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:40 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 10 Nov 2021 08:44:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sqOWTm%2BEH8E%2F5EpmgEEvuPh6vqaRF9XwrfJjtWgBdZVpdWfUB4ourc4cMumOn3p9aRW1%2BiWRKQC2R%2Bfs91cn46648ibOH%2F6CKFkJu8BBhNvQ1ykJD6%2BSAmlshbFIghzTJG1%2FUtqe%2FYlTpE8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6ae79de1c83f0f82-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
13615
Bigg-Boss-15-8th-November-2021-310x165.jpg
biggbos.live/wp-content/uploads/2021/11/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://biggbos.live/wp-content/uploads/2021/11/Bigg-Boss-15-8th-November-2021-310x165.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a421 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ef9559a975465f64359a069d1b66b8a3b7527b75ecabdc1822478e0b61dee0e

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:40 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 09 Nov 2021 08:01:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZwSKJFyC6FaldonJdyKdjLMB8cUCWQJnczWXO3CLH8dwj0YoAh%2BDqWAwmXsXIE4d%2BLyhFo0zxmqqL5G1%2BVLZDSEJILThLlrSxj6aKOXeY9BC%2FZIAaL%2FoTuVTA4PBwjexHP7kqum3rPmXVTE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6ae79de1c8400f82-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12048
Bigg-Boss-15-7th-November-2021-310x165.jpg
biggbos.live/wp-content/uploads/2021/11/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://biggbos.live/wp-content/uploads/2021/11/Bigg-Boss-15-7th-November-2021-310x165.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a421 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d60244b3722b4b538ee8773eb991cf38c7c0508e9f9e8e70a4ff79392cb4467c

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:40 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 08 Nov 2021 16:17:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=54d3KaUadE3sAgyTlfyJIKL4vObLpFOZZ0QDi8RQt%2BDik9Mrk%2FF8z74rANWcRmH6hO9qLUoZjihBef8XqUTy5bfATyeqTg1QzksEtQ3V7ra2AgeVLfN6BH3R%2Fscm16AELiY89HluJkcl%2B6U%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6ae79de1c8420f82-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
14072
Bigg-Boss-15-6th-November-2021-310x165.jpg
biggbos.live/wp-content/uploads/2021/11/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://biggbos.live/wp-content/uploads/2021/11/Bigg-Boss-15-6th-November-2021-310x165.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a421 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf2c18dc823e0a901e3edbcf1e49dbdffd9dc23e4c99e7c6a3c8f515bd3d41c1

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:40 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 07 Nov 2021 14:36:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cbggAU57DjSRRpauFpy6y3YsNr0wpBmgZR345txC3jSv8SXOS37wQn%2FsFvRspTZfrKFtCFZvfbhZWMzGsA801tqtyvzmUrN5ygzK9a1%2FoZVOReYfGrg3JgKlDq%2F5cyFng%2F6UHIH8Oi7BStU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6ae79de1c8440f82-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
11497
Bigg-Boss-15-5th-November-2021-310x165.jpg
biggbos.live/wp-content/uploads/2021/11/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://biggbos.live/wp-content/uploads/2021/11/Bigg-Boss-15-5th-November-2021-310x165.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a421 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
914cc50cb4d587364c7ea88a0894c8b403e8817b2befd382523767cc73707c9a

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:40 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 06 Nov 2021 08:19:36 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rCkGBLur3d8Qkm%2BQtnDKn1NVc1RkLBs3g4oiGSjbPsWmuj6uXtwbdOnoVr6P8NW4Rv5rYdLcZ9R15nfLM8TgaGghTy7jNrx%2F2v1U9zrBxv2Fqv8o9Xjbmpt3f9ONdQPBFP41NMAIv0Q%2BBHc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6ae79de1c8450f82-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
11640
Bigg-Boss-15-4th-November-2021-310x165.jpg
biggbos.live/wp-content/uploads/2021/11/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://biggbos.live/wp-content/uploads/2021/11/Bigg-Boss-15-4th-November-2021-310x165.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a421 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7807b1d55098c7379ffb675b059581a14b95fee7eec3ca4fa9e880c03ddbeae3

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:40 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 05 Nov 2021 09:55:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sh5cwLqx0YBU%2BfRp7hR8oVitORwN2Aq3KKXUkIc42pcWpcD5DfeWZsaXO79nw14JKFGCjjRGwg9upagN7ZSlRRo0N%2BlKl%2B%2F8F6%2FWAMUoEL43uOU17uzrOjyfOfo1wSdB1Utlb6P7fOhazGM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6ae79de1c8470f82-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
13086
Bigg-Boss-15-3rd-November-2021-310x165.jpg
biggbos.live/wp-content/uploads/2021/11/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://biggbos.live/wp-content/uploads/2021/11/Bigg-Boss-15-3rd-November-2021-310x165.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a421 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e37956831bf8db49aea501243fa101d728424eec19a4a3c8cc8787a2f95c8ab

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:40 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 04 Nov 2021 07:28:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EZDZcmnM6Stj25i8qNRla3webJSw4IVK5jkRqEPWo5JaouergJm33joeo3TqARMZrgTd8N5m2XXDPboq5vPkKO7lz8hduwTQAqyngzzjV%2BVxf7L5mrc9fSMZRG9PSn9g6pjpr7O1e0rKru0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6ae79de1d8710f82-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9745
Bigg-Boss-15-2nd-November-2021-310x165.jpg
biggbos.live/wp-content/uploads/2021/11/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://biggbos.live/wp-content/uploads/2021/11/Bigg-Boss-15-2nd-November-2021-310x165.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a421 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a31d8cd4d7ab8945e7a131d93e8e6670434ddbb043e64cb5312977737a0647d6

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:40 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 03 Nov 2021 09:25:24 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HHRb1NjlY2zzLtLOttx0vAGpDid0IvLHY4q5F%2FJJv96xBgSom3F09R7ql2MKclTe1T0YQUwVEXdLZ3xctyV8qqenXOE0MrsiSiKECAlTLCuVTpBkiA5N4dxZhU6RPRVlPAfxFw%2FCKUYo%2Ftg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6ae79de1d8760f82-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
8796
Bigg-Boss-15-1st-November-2021-310x165.jpg
biggbos.live/wp-content/uploads/2021/11/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://biggbos.live/wp-content/uploads/2021/11/Bigg-Boss-15-1st-November-2021-310x165.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a421 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25ab6ceec7755ece499574d34bde990706bdb16ecbfac4ac211a7b89fa0b3928

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:40 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 02 Nov 2021 07:30:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OTZCzZQH00hAYm9lRvBKUMVgxCfvUpzrJBcSu9O3KGbJJgIvmGcH3HXPDFNZvMdgXFc2ZbLfEKK04s37FZCmzXEEueMDLWF5UCOmbNXVP0mxjVLGzrd%2Bc9sAfZwS9j%2FLKdr%2F89UND1g%2FQBo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6ae79de1d8780f82-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
7682
report
patalogs.com/api/ 		2 B
272 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://patalogs.com/api/report
Requested by
Host: prefleks.com
URL: https://prefleks.com/sdk.js?sid=c2863ca5-1af5-4773-9039-fc20250e9e86
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
178.162.196.156 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://biggbos.live/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryeKZoMe8eLDRmhtPM

Response headers

Date
Mon, 15 Nov 2021 09:57:41 GMT
Server
nginx/1.14.1
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
naagin5.co.1208464.es6.js
jsc.adskeeper.com/n/a/ 		232 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.adskeeper.com/n/a/naagin5.co.1208464.es6.js
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/n/a/naagin5.co.1208464.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05974ceee889428857a6807825d8ceb76b499ba9a7c57a1701a326742bc07076

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:40 GMT
content-encoding
gzip
cf-cache-status
HIT
age
4669
cf-ray
6ae79de1b80839b1-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
67621
x-amz-id-2
gy1hmht1f3DNFRr51tUXU+vN7jJNivpUu37L9SU4XOOEgU/EC162qaXn2tUCh5gADc0Ok31cBXM=
last-modified
Tue, 02 Nov 2021 13:56:12 GMT
server
cloudflare
etag
"98e683e08b16edfb5f89af84536fe150"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
K6274XYC418QH930
cache-control
public, max-age=14400
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 15 Nov 2021 13:57:40 GMT
hats.php
hellonewyork.xyz/ Frame C130 		542 B
550 B 		Document
General
Check archive.org
Download Go to
Full URL
https://hellonewyork.xyz/hats.php?utm_source=google&utm_medium=Organic&utm_campaign=remarketing&utm_term=starcush
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ce35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44c0c901ab84306965a25fc48d0cb5b7bbc4f4aa3eea40596b5e18b67574ed19

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/

Response headers

date
Mon, 15 Nov 2021 09:57:40 GMT
content-type
text/html; charset=UTF-8
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p1ews%2FfBeRuZN2PNYgoc%2F4N0PGT2V73ztj5kmG1MNxw%2B%2BOtvYqufVhsgQCp9oVwksS5Mkxi6C5QBPUEL8eI%2BhY87D%2F68bhZXmYQ4uTz8OkMO8L0Ew46E5nVUr5z3Q5momm8xO9fIOqfKEx6Tjxwj"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6ae79de2399f59a1-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pubads_impl_2021110901.js
securepubads.g.doubleclick.net/gpt/ 		344 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
290cb5d09439fb608eeeb01483d09a76d15f0056e3ff581a1a3d645f5ce9fb21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
118212
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 09:34:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 15 Nov 2021 09:57:40 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		66 B
580 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=biggbos.live
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
3aec4d2c04534a584ea1499663a155c84eef58f100c8c576ac4a4976fccafdf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 15 Nov 2021 09:57:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
clear
content-length
69
x-xss-protection
0
expires
Mon, 15 Nov 2021 09:57:40 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-186889619-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
7026
date
Mon, 15 Nov 2021 08:00:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
20006
expires
Mon, 15 Nov 2021 10:00:34 GMT
integrator.js
adservice.google.fr/adsid/ 		107 B
424 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.fr/adsid/integrator.js?domain=biggbos.live
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 15 Nov 2021 09:57:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
clear
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
424 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=biggbos.live
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 15 Nov 2021 09:57:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
clear
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		110 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3236105699743304&correlator=446374524338637&output=ldjh&impl=fifs&eid=44754276&vrg=2021110901&ptt=17&sc=1&sfv=1-0-38&ecs=20211115&iu_parts=21984817904%2Cwww.hellonewyork.xyz_Interstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ists=1&fas=8&eri=4&cookie_enabled=1&cdm=biggbos.live&bc=31&abxe=1&dt=1636970260927&dlt=1636970260420&idt=474&frm=20&biw=1600&bih=1200&oid=2&adxs=-9&adys=-9&adks=2179003018&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fhellonewyork.xyz%2F&loc=https%3A%2F%2Fbiggbos.live%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1044975218.1636970261&ga_sid=1636970261&ga_hid=530485573&ga_fc=false&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
9e819673c2da0d49dab476365ac96992c250af9147fc107f371f2be7e1e36868
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
30201
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://biggbos.live
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
5f2eda5863d9461a244c21ad04e9945e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A7EF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5f2eda5863d9461a244c21ad04e9945e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 15 Nov 2021 09:57:41 GMT
expires
Tue, 15 Nov 2022 09:57:41 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
clear
pubads_impl_page_level_ads_2021110901.js
securepubads.g.doubleclick.net/gpt/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2021110901.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
b10b7cef548974d25fa454cd1224a00611988013e2232d6445190372ec6c6931
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
13474
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 09:34:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 15 Nov 2021 09:57:40 GMT
gid.js
my.rtmark.net/ 		65 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: rndhaunteran.com
URL: https://rndhaunteran.com/400/4637408
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
6404d19708c5b5159d3789e2b85df908016576f30ac88c1e8ad7a2bfe83acd2a
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://biggbos.live
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
collect
www.google-analytics.com/j/ 		1 B
204 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=530485573&t=pageview&_s=1&dl=https%3A%2F%2Fbiggbos.live%2F&ul=en-us&de=UTF-8&dt=Bigg%20Boss%2015%20Colors%20Tv%20Show%20Watch%20Full%20Video%20Episodes%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=1541425241&gjid=1538528380&cid=1044975218.1636970261&tid=UA-186889619-1&_gid=1012286541.1636970261&_r=1&gtm=2ouba1&z=1246634293
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://biggbos.live/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 Nov 2021 09:57:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://biggbos.live
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
hellonewyork.xyz/nine-weight-loss-mistakes/ Frame 2AF5 		44 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hellonewyork.xyz/nine-weight-loss-mistakes/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/ad2.php?utm_source=google&utm_medium=Organic&utm_campaign=remarketing&utm_term=starcush+latest+apps+news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ce35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
243dbeb2bc1666cd6dc5186731609c25d820c6bb1ad4f30c6073287133a45251

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/ad2.php?utm_source=google&utm_medium=Organic&utm_campaign=remarketing&utm_term=starcush+latest+apps+news

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
content-type
text/html; charset=UTF-8
x-pingback
https://hellonewyork.xyz/xmlrpc.php
link
<https://hellonewyork.xyz/wp-json/>; rel="https://api.w.org/", <https://hellonewyork.xyz/wp-json/wp/v2/posts/816>; rel="alternate"; type="application/json", <https://hellonewyork.xyz/?p=816>; rel=shortlink
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IZY0pOYSPBLu0NpNNlNoufYiGD5ng5dt7Md86HXJvn15GQxJbxAbktkEwaxZC1%2Bcpws6m7gQ8U%2BzyURaxm0f%2Fz%2Fdw8dZrkatNsUcP1TsBgLBRAhntpJosRB2IS7diDe%2BHPslTteFLSMWP2LVAN6j"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6ae79de5da6659a1-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/ Frame 2BC7 		40 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/hats.php?utm_source=google&utm_medium=Organic&utm_campaign=remarketing&utm_term=starcush
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ce35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b694472a4d7c89c05504feae234eb45fd123b4a88b579c2384993cdf2df51166

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/hats.php?utm_source=google&utm_medium=Organic&utm_campaign=remarketing&utm_term=starcush

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
content-type
text/html; charset=UTF-8
x-pingback
https://hellonewyork.xyz/xmlrpc.php
link
<https://hellonewyork.xyz/wp-json/>; rel="https://api.w.org/", <https://hellonewyork.xyz/wp-json/wp/v2/posts/798>; rel="alternate"; type="application/json", <https://hellonewyork.xyz/?p=798>; rel=shortlink
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5vpdnWscX%2FI6REBUJLi8oW4tkHbpFKCCU1aCOt0%2FtYq12Y3vuF1QWHOSr5PptT9Zc4F3TO6ePTg62WXQxVbs56hc99CE8aUgqsrkBZh7KYPbg6%2Bcg5o2mycrsqsyDx2kNz1hHL2qKLZN9Fwidmj6"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6ae79de5da6959a1-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/ Frame A97E 		40 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/hats.php?utm_source=google&utm_medium=Organic&utm_campaign=remarketing&utm_term=starcush
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ce35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
463b7ce96730a74d575769bd628c6f09fc47b1301b4187183f13a33a4418e5a9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/hats.php?utm_source=google&utm_medium=Organic&utm_campaign=remarketing&utm_term=starcush

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
content-type
text/html; charset=UTF-8
x-pingback
https://hellonewyork.xyz/xmlrpc.php
link
<https://hellonewyork.xyz/wp-json/>; rel="https://api.w.org/", <https://hellonewyork.xyz/wp-json/wp/v2/posts/798>; rel="alternate"; type="application/json", <https://hellonewyork.xyz/?p=798>; rel=shortlink
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mn7QEL72yLaeM82SIPx%2BWO%2Bf5PHXT9Y%2BeFM26vXNOJ%2BZF4VQo%2FZOmpCCXkEcadLM%2F7F04wpIRIkJJ3LaIHvzJIjd1Ppdq2iHvOF3BS%2B8GYmigstTVw5itBOEzc5o6FMv03qGeQnHz195tFSJkvX%2F"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6ae79de5da6a59a1-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
report
patalogs.com/api/ 		2 B
272 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://patalogs.com/api/report
Requested by
Host: prefleks.com
URL: https://prefleks.com/sdk.js?sid=c2863ca5-1af5-4773-9039-fc20250e9e86
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
178.162.196.156 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://biggbos.live/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryRHRAzBNvwP9NTXsH

Response headers

Date
Mon, 15 Nov 2021 09:57:41 GMT
Server
nginx/1.14.1
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
4637408
rndhaunteran.com/500/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rndhaunteran.com/500/4637408?excludes=&oaid=60fd4b12a5c749948bf20b2a061b97ff&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=4&pl=https%3A%2F%2Fbiggbos.live%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Requested by
Host: rndhaunteran.com
URL: https://rndhaunteran.com/400/4637408
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
a8c1f3cf2241cebdb69cb7f6f1980e11aa384b1bc6ac8f2873bf6a624de691c5
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://biggbos.live/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
643593be7888fcd107ef9b21be538ce4
pragma
no-cache
date
Mon, 15 Nov 2021 09:57:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://biggbos.live
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
strict-transport-security
max-age=1
timing-allow-origin
*
expires
Wed, 31 Dec 1969 19:00:00 EST
4637408
rndhaunteran.com/500/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://rndhaunteran.com/500/4637408?excludes=&oaid=60fd4b12a5c749948bf20b2a061b97ff&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=4&pl=https%3A%2F%2Fbiggbos.live%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://biggbos.live
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Mon, 15 Nov 2021 09:57:41 GMT
content-length
0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET
access-control-allow-origin
https://biggbos.live
access-control-max-age
300
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
strict-transport-security
max-age=1
x-content-type-options
nosniff
timing-allow-origin
*
0906776135698.png
static.cdnativepush.com/contents/s/b7/03/48/610dd9904996ce353cefbd6227/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.cdnativepush.com/contents/s/b7/03/48/610dd9904996ce353cefbd6227/0906776135698.png
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.197.156 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4f32e56f82a897f4e93c94bc9734ad7dd609e06d12710cc252e0bac847217a1a

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 15 Nov 2021 09:57:41 GMT
Last-Modified
Fri, 18 Jun 2021 10:34:23 GMT
Server
nginx
ETag
"60cc76af-26a1"
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length
9889
container.html
5f2eda5863d9461a244c21ad04e9945e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A072 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5f2eda5863d9461a244c21ad04e9945e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 15 Nov 2021 09:57:41 GMT
expires
Tue, 15 Nov 2022 09:57:41 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
clear
css2
fonts.googleapis.com/ Frame A072 		4 KB
706 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 5f2eda5863d9461a244c21ad04e9945e.safeframe.googlesyndication.com
URL: https://5f2eda5863d9461a244c21ad04e9945e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://5f2eda5863d9461a244c21ad04e9945e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
clear
x-xss-protection
0
last-modified
Mon, 15 Nov 2021 07:57:58 GMT
server
ESF
date
Mon, 15 Nov 2021 09:57:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 Nov 2021 09:57:41 GMT
css
fonts.googleapis.com/ Frame 9A6B 		3 KB
674 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: 5f2eda5863d9461a244c21ad04e9945e.safeframe.googlesyndication.com
URL: https://5f2eda5863d9461a244c21ad04e9945e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://5f2eda5863d9461a244c21ad04e9945e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
clear
x-xss-protection
0
last-modified
Mon, 15 Nov 2021 08:00:04 GMT
server
ESF
date
Mon, 15 Nov 2021 09:57:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 Nov 2021 09:57:41 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 9A6B 		1 KB
960 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 5f2eda5863d9461a244c21ad04e9945e.safeframe.googlesyndication.com
URL: https://5f2eda5863d9461a244c21ad04e9945e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://5f2eda5863d9461a244c21ad04e9945e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:53:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
278
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
853
x-xss-protection
0
server
cafe
etag
7170004918125193417
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 Nov 2021 09:53:03 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/ Frame 9A6B 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/abg_lite_fy2019.js
Requested by
Host: 5f2eda5863d9461a244c21ad04e9945e.safeframe.googlesyndication.com
URL: https://5f2eda5863d9461a244c21ad04e9945e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
777750fd9d46194a2030dfa9a045e3890cbec3a8f38aa5c761b6e3cedfd8c72b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://5f2eda5863d9461a244c21ad04e9945e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:55:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
121
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
7882
x-xss-protection
0
server
cafe
etag
2787528384799239804
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 Nov 2021 09:55:40 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 9A6B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js
Requested by
Host: 5f2eda5863d9461a244c21ad04e9945e.safeframe.googlesyndication.com
URL: https://5f2eda5863d9461a244c21ad04e9945e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://5f2eda5863d9461a244c21ad04e9945e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:53:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
255
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 Nov 2021 09:53:26 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9A6B 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 5f2eda5863d9461a244c21ad04e9945e.safeframe.googlesyndication.com
URL: https://5f2eda5863d9461a244c21ad04e9945e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://5f2eda5863d9461a244c21ad04e9945e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
clear
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 15 Nov 2021 09:57:41 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 9A6B 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 5f2eda5863d9461a244c21ad04e9945e.safeframe.googlesyndication.com
URL: https://5f2eda5863d9461a244c21ad04e9945e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://5f2eda5863d9461a244c21ad04e9945e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:53:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
231
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
6461
x-xss-protection
0
server
cafe
etag
16025856826866802794
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 Nov 2021 09:53:50 GMT
l
www.google.com/ads/measurement/ Frame 9A6B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSxzNoP18ncF8nwjsosPOIvgU5JOwvteU5S6Sq49oYcLqIynqR9QUnAz6E1G2JuWgt8v0xwly-18JyolGEnueTDVcr9dA
Requested by
Host: 5f2eda5863d9461a244c21ad04e9945e.safeframe.googlesyndication.com
URL: https://5f2eda5863d9461a244c21ad04e9945e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://5f2eda5863d9461a244c21ad04e9945e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
c5d443f94f59031b290788a54ae3dbc2.js
www.gstatic.com/mysidia/ Frame 9A6B 		27 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/c5d443f94f59031b290788a54ae3dbc2.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 5f2eda5863d9461a244c21ad04e9945e.safeframe.googlesyndication.com
URL: https://5f2eda5863d9461a244c21ad04e9945e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01a10be28bdad9ed81f9a7f1e09f4913d314f13abc7a7bb2d52be9666eff599d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://5f2eda5863d9461a244c21ad04e9945e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 09:00:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
262628
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
11508
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 03:19:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 10 Feb 2022 09:00:33 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/ Frame A072 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: 5f2eda5863d9461a244c21ad04e9945e.safeframe.googlesyndication.com
URL: https://5f2eda5863d9461a244c21ad04e9945e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4fb21b68aa33aef8b3b83a7677cdd0439bd297729677ca8a8ac9f125e60de57c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://5f2eda5863d9461a244c21ad04e9945e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:39:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1062
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
8107
x-xss-protection
0
server
cafe
etag
4972561305884240788
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 Nov 2021 09:39:59 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame A072 		205 B
520 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: 5f2eda5863d9461a244c21ad04e9945e.safeframe.googlesyndication.com
URL: https://5f2eda5863d9461a244c21ad04e9945e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://5f2eda5863d9461a244c21ad04e9945e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 20:30:40 GMT
x-content-type-options
nosniff
age
307621
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 11 Nov 2022 20:30:40 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame A072 		604 B
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: 5f2eda5863d9461a244c21ad04e9945e.safeframe.googlesyndication.com
URL: https://5f2eda5863d9461a244c21ad04e9945e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://5f2eda5863d9461a244c21ad04e9945e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 14:20:19 GMT
x-content-type-options
nosniff
age
70642
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 14 Nov 2022 14:20:19 GMT
/
c.adskeeper.com/pv/ 		0
307 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.adskeeper.com/pv/?pv=5&cbuster=1636970261496410961031&uniqId=0b5ec&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fbiggbos.live%2F&lu=https%3A%2F%2Fbiggbos.live%2F&sessionId=61922f15-0ef8f&pageView=1&pvid=17d2307ebf9b8406011&site=657196&implVersion=11&dpr=1
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/n/a/naagin5.co.1208464.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Nov 2021 09:57:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6ae79de6786b39b1-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
content-encoding
br
cf-cache-status
HIT
age
1710
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
CTQXSDT6RTMA81H0
x-amz-id-2
IhG6gk3nsij+3Sp0K8wPbmYE9Lztrmdifpql2Uv2X3N+vUrXYP08hhFpzbnDJYbQeUg6nyp96l0=
last-modified
Tue, 08 Dec 2020 08:34:59 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag
W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
6ae79de6dafe3fef-CDG
expires
Mon, 15 Nov 2021 13:57:41 GMT
1
servicer.adskeeper.com/1208464/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.adskeeper.com/1208464/1?pv=5&cbuster=1636970261570848218406&uniqId=0b5ec&niet=4g&nisd=false&jsv=es6&w=290&h=764&cols=1&ref=&cxurl=https%3A%2F%2Fbiggbos.live%2F&lu=https%3A%2F%2Fbiggbos.live%2F&sessionId=61922f15-0ef8f&pageView=1&pvid=17d2307ebf9b8406011&implVersion=11&dpr=1
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/n/a/naagin5.co.1208464.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adfa36ec7e8273e9497ddff9336d957adf4d2115ca9af4da8ec3c8c18378ad5

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Nov 2021 09:57:41 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6ae79de6e92139b1-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTAvMTAxOTI0LzMwZTFkZDE0NjhhNDUxMjZkNWQzM2RhNjYxODI5ZTRhLmpwZWc.webp
s-img.adskeeper.com/g/8164901/492x328/0x65x849x566/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/8164901/492x328/0x65x849x566/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTAvMTAxOTI0LzMwZTFkZDE0NjhhNDUxMjZkNWQzM2RhNjYxODI5ZTRhLmpwZWc.webp?v=1636970261-axisgW-o8RPUwERAUc7DflBceSu5WM73KWAfPo8M1mg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02ef66b1e382dc94c0a75f7fee02d17c0421830f47d55899ba57bbdabaf8b5f1

Request headers

Referer
https://biggbos.live/
Origin
https://biggbos.live
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
cf-cache-status
HIT
last-modified
Thu, 21 Oct 2021 10:23:06 GMT
x-mg-request-uuid
b1d085e8-25fe-4125-932e-cbaa11f11832
age
347753
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ae79de80a143b25-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
14470
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTAzLzEwMTkyNC85NWJkY2QxMGI5Zjg2ZTQzY...
s-img.adskeeper.com/g/10881028/492x328/-/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/10881028/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTAzLzEwMTkyNC85NWJkY2QxMGI5Zjg2ZTQzYTljMTEwNzc5YTZmNmM4Yi5qcGVn.webp?v=1636970261-b1mMsnUtKxITsziHFYgHbnnNJ5nz6IVolv3mmbrVi5E
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36731f024e5f8a4eec7440d6226de40b20292560e578250df5a055a3e9a342e6

Request headers

Referer
https://biggbos.live/
Origin
https://biggbos.live
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:42 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Nov 2021 15:44:15 GMT
x-mg-request-uuid
641924f7-bd80-421f-99f5-79e16fb6130b
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ae79de80a153b25-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
21508
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2ZkMzViOWNiZmM0MjljYTA3MWZkOWMzM2NhY2NmNTIwLmpwZWc.webp
s-img.adskeeper.com/g/4023131/492x328/0x0x900x600/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/4023131/492x328/0x0x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2ZkMzViOWNiZmM0MjljYTA3MWZkOWMzM2NhY2NmNTIwLmpwZWc.webp?v=1636970261-Vs3ucPtlD-ea1q7JyJ0nLtz7gXKK2N306SvKBsIKiF8
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72daeda089b97705aef40b6be9adb4d9ffb80f47191eb0f8c9595d157b0340b0

Request headers

Referer
https://biggbos.live/
Origin
https://biggbos.live
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:42 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Nov 2021 15:59:13 GMT
x-mg-request-uuid
e2b16cbf-a09f-4acd-802f-f52ae86964af
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ae79de80a173b25-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
24540
server
cloudflare
style.min.css
hellonewyork.xyz/wp-includes/css/dist/block-library/ Frame 2BC7 		79 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hellonewyork.xyz/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ce35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 20 Aug 2021 16:32:56 GMT
server
cloudflare
age
689
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B1chpRnjqrul4PtNmkWfp4PJnM8GPRmB3Cyk0fPw2ZixobpgGXi20ghsvNzbDjn82byBb1euhZ3B%2F5MVI3RaXpxBmv3Bt2lIBUiyV8oqVL%2BjxuvJE49zBNGuL1xbVHs6aPWeT5AAKinnAZ5wQxwz"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ae79de7cf0d59a1-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
style.css
hellonewyork.xyz/wp-content/themes/sahifa/ Frame 2BC7 		159 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hellonewyork.xyz/wp-content/themes/sahifa/style.css
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ce35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ca45d4a78b01e0b828d158620ef8bc0034d1d8634ad135bfdaea5bf28a07cb6

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
689
cf-polished
origSize=200540
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 19 Mar 2021 21:33:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=omWSGx4G9ZPkOVqO22nqSLT8xq1w%2FA7%2FJaz7fJWVAeF7K20QCQPuu846btdg%2BNcWgBeqshSXXsYSsmFj8y5AzQTID2vgs47cllAzEbbBjfDl%2FSJ%2Ba0d5D45OXAlHDCH4mS7uQ2Ajlb5Qe7dW0b5z"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
6ae79de7cf0f59a1-MXP
cf-bgj
minify
skin.css
hellonewyork.xyz/wp-content/themes/sahifa/css/ilightbox/dark-skin/ Frame 2BC7 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hellonewyork.xyz/wp-content/themes/sahifa/css/ilightbox/dark-skin/skin.css
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ce35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e93414f896d6002f025697fd592d2393994fc8b21be6061dd55b8df904aa245

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
688
cf-polished
origSize=7289
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 19 Mar 2021 21:33:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gz7r6WFw3vTVCo8Awe6ZwbOdsZ%2BX3Aqjd2u1EYE4PYDqfm32k0PipZ07aD1grrVesUD77%2BaoWGlJ%2BNIZip4%2F93naOuSAAZgMnfoNOm%2FZRLHn2cifjKaNPOsfTU2ySlLdnMzdohxNS%2FMLoOmaTKXz"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
6ae79de7cf1159a1-MXP
cf-bgj
minify
css
fonts.googleapis.com/ Frame 2BC7 		754 B
404 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0665f5f3dfc038e410e2f0004a1a5ff6d2d91f392dd32208606eb8ff51195172
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
clear
x-xss-protection
0
last-modified
Mon, 15 Nov 2021 08:57:15 GMT
server
ESF
date
Mon, 15 Nov 2021 09:57:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 Nov 2021 09:57:41 GMT
jquery.min.js
hellonewyork.xyz/wp-includes/js/jquery/ Frame 2BC7 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hellonewyork.xyz/wp-includes/js/jquery/jquery.min.js
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ce35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 20 Aug 2021 16:32:56 GMT
server
cloudflare
age
688
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nYpLM3BzgAn4iosjE03gQy4j5az8B7y8LY%2FtcXH815EZg6cCwr8gUBH2iCvUxQw3EX8606aTHs06b0kDBxuGB31XdP%2BP9UIXbtt4M0MnLS3%2FBuy0Gb8MZE7neSFwvUBoQ%2F597HGxS7EOsMZMWmvu"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ae79de7cf1359a1-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
jquery-migrate.min.js
hellonewyork.xyz/wp-includes/js/jquery/ Frame 2BC7 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hellonewyork.xyz/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ce35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 16 Mar 2021 11:03:32 GMT
server
cloudflare
age
688
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UUobTSUoIdLmZxF2IZE7eLbDtBtpFn4hLIafuyvJdk%2BfJ5RjaryrFk5EF03qyw9nizFn%2F3adOoB5jB10%2FdnUlvTHzQaVcbkJrjYRLMNwZYFysva%2FsUVBFu5smqkSHdiStCFQVuscsvA7hFMWB6ws"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ae79de7cf1459a1-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
sab_bar_script.js
hellonewyork.xyz/wp-content/plugins/sticky-ad-bar/js/ Frame 2BC7 		613 B
757 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hellonewyork.xyz/wp-content/plugins/sticky-ad-bar/js/sab_bar_script.js
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ce35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f23e92f2ad9c1b20e84ae45b1e9290d020e47977550fa2fd235ef480378db35d

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
688
cf-polished
origSize=692
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 07 Apr 2021 12:10:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zORIK15KGyI4gn5hbd%2FbtrsjvPlpPZmyfIzbBIZni7ZZUXS9fywyHvogHPktR5xva2iCT2ggFPgYgDkuji1ZOGiWInFE%2BxoCB1JOD7gQXqgsXNQFqexPuC41ICcQKiXIXhpnDsByDNOmH3J%2Bn0h4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6ae79de7cf1559a1-MXP
cf-bgj
minify
jquery.cookie.js
hellonewyork.xyz/wp-content/plugins/sticky-ad-bar/js/ Frame 2BC7 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hellonewyork.xyz/wp-content/plugins/sticky-ad-bar/js/jquery.cookie.js
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ce35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0caab7de2b6d190e7fad15e5e81b2e8130ac073fe1960149c597b9ac12509d1c

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
688
cf-polished
origSize=3121
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 07 Apr 2021 12:10:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OvlOupl1%2BTompdQYKyRcL7oAgu8rutDT9tfVNcwNphhh83wvwiJ8VksQYdO7tvZi0bl5PnKgLFkM3NSRYE1yBXXlK9yM8bIttKTJ00zytIzB2Vyqaoiu2gZTHB7tRj6izCozDfPKJBxiTw%2FBqy0a"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6ae79de7cf1659a1-MXP
cf-bgj
minify
js
www.googletagmanager.com/gtag/ Frame 2BC7 		90 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-194990350-1
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d3e2307e387efe806cb67fd157c273e2d256e5a3cc4b3ce50494315a4c248f62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
36162
x-xss-protection
0
last-modified
Mon, 15 Nov 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 15 Nov 2021 09:57:41 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 2BC7 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d448abce537da88c348b0b810fd060c0cce547ccfdd1a9eebfa560963159ecc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
51359
x-xss-protection
0
server
cafe
etag
13200818848763619794
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 15 Nov 2021 09:57:42 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 2BC7 		77 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
54aca4273834170f28ec1bcad65ad626db1f44c7315c36d4944a1f2e14075e0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1044 / 652 of 1000 / last-modified: 1636969215"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
clear
content-length
26745
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 15 Nov 2021 09:57:41 GMT
invoke.js
prowesshearing.com/764e49652f3b5b90f5aa525afaea43ab/ Frame 2BC7 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://prowesshearing.com/764e49652f3b5b90f5aa525afaea43ab/invoke.js
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 15 Nov 2021 09:57:41 GMT
server
nginx/1.17.9
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
9517
tags.orquideassp.com/tag/ Frame 2BC7 		346 B
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.orquideassp.com/tag/9517
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:c600:2:e529:700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
d7b78aa51f2b5b51d96a9a575479435e73dfcfc3a5a9824910a0de00d4268967
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
1691
x-dns-prefetch-control
off
x-cache
Hit from cloudfront
date
Mon, 15 Nov 2021 09:29:30 GMT
content-length
346
x-xss-protection
1; mode=block
server
nginx/1.16.1
etag
W/"15a-cFtbrMeVI4StUeBaGtVhpnCi4IE"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
kT5LaD8cgA4uGCZADjqFhwyPJHLrdJejMGO5cHf0Sq2P5Qlb8iA--A==
tie-scripts.js
hellonewyork.xyz/wp-content/themes/sahifa/js/ Frame 2BC7 		70 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hellonewyork.xyz/wp-content/themes/sahifa/js/tie-scripts.js
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ce35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f63de180098b5669cddeef897441f372161e25dde239a7f6fc03f5cb5ecec4be

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
687
cf-polished
origSize=74081
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 19 Mar 2021 21:33:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FvGTNDsnuPk5GCggUp1XxYQ4by%2FEajSEwCQjVvhwelP5EQhE6ltoC%2F1T8CwnRHbuO1g4%2F%2FbHntTvcU9EqXNdsYi%2BCoWruXDl4CVDRbzAlipY%2B%2BDc0Ij9F8EIcucqFkhx%2BA994M9w6A2DC1u8i2dq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6ae79de7cf1759a1-MXP
cf-bgj
minify
ilightbox.packed.js
hellonewyork.xyz/wp-content/themes/sahifa/js/ Frame 2BC7 		78 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hellonewyork.xyz/wp-content/themes/sahifa/js/ilightbox.packed.js
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ce35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d172c7a7d560ee869c812c4ac36c85cc951ff822a10f4a1c8a845ae5769b8e7a

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
686
cf-polished
origSize=79789
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 19 Mar 2021 21:33:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ua%2BwrWV2kUSnTSb3VgnqakrSL4l71XHNza%2F6u0EywJYlFF0w1TOb%2BkGngQ%2BBXdwb%2FvVYwoHGJZBCKeaIEIu7ky0dGwIUT%2BBgDJ0lCvCHKcxm2Ox2EDIW7czv8KOiYIDYTQHWSC%2BdiupxTLsB0Kod"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6ae79de7cf1859a1-MXP
cf-bgj
minify
comment-reply.min.js
hellonewyork.xyz/wp-includes/js/ Frame 2BC7 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hellonewyork.xyz/wp-includes/js/comment-reply.min.js
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ce35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 15 Apr 2021 11:00:36 GMT
server
cloudflare
age
686
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iSCseLPqJ%2FAOdLXKCKMM1DZ%2FlpFqbtWSrxG7t0vZMBq2j9%2BfeZtOV5N%2FXcONihtWpyoqDlwGkcicpZrzrYBLlj3X8ihwgmr7E%2FVnRX8p%2FAhLONWdMeIW0CqXCCLJK%2FSyrLpgs%2BnGQDGj2IcLcv8T"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ae79de7cf1959a1-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
wp-embed.min.js
hellonewyork.xyz/wp-includes/js/ Frame 2BC7 		1 KB
1006 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hellonewyork.xyz/wp-includes/js/wp-embed.min.js
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ce35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 16 Mar 2021 11:03:32 GMT
server
cloudflare
age
686
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S3xLIQrgpItjQDawzdqedK83AKKAZ7cb5exsJiSZVwLumsBVxM7y9f6oAvNP0KB31QQ0zDNnpW1TeEt74pJLNgvJF1e8vvRgDyi7lTZurj3%2FDx%2F90q0vE5%2FhyIDLBAVBlpTVcLIcfP58tVeKv714"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ae79de7ef6b59a1-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
wp-emoji-release.min.js
hellonewyork.xyz/wp-includes/js/ Frame 2BC7 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hellonewyork.xyz/wp-includes/js/wp-emoji-release.min.js
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ce35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 20 Aug 2021 16:32:56 GMT
server
cloudflare
age
685
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZAE2DTkqngKFa%2BiGToSgr1cKnevoWhI4%2BgdMQ%2B1lRksD1x9Vr7%2BVlQuMyvl4SQSOmop3V6ojHHWVUHs85i%2BClXmiMLQTGCDSnEYMEMZBIdtnnwpy1kgeKYpN%2FmpuwUmr0DS7Q6CpDWTmBVjGXL9X"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ae79de8c95859a1-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
style.min.css
hellonewyork.xyz/wp-includes/css/dist/block-library/ Frame 2AF5 		79 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hellonewyork.xyz/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/nine-weight-loss-mistakes/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ce35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/nine-weight-loss-mistakes/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 20 Aug 2021 16:32:56 GMT
server
cloudflare
age
689
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bF9pbSs62Byz7MNdOretcoCyJwfC98g%2BSQiF0ezDQjcbrc06EfKiztOCf7D5VimsLOrf336WN%2Fy%2BF%2Bn6E5MLZ51OaY4HyvKFc2AGWsBeUMCDQUjxK3%2BsbyVUhf7fcF1F2jXE4Vv%2F7Uldn6n%2FM8om"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ae79de7ef6d59a1-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
style.css
hellonewyork.xyz/wp-content/themes/sahifa/ Frame 2AF5 		159 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hellonewyork.xyz/wp-content/themes/sahifa/style.css
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/nine-weight-loss-mistakes/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ce35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ca45d4a78b01e0b828d158620ef8bc0034d1d8634ad135bfdaea5bf28a07cb6

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/nine-weight-loss-mistakes/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
689
cf-polished
origSize=200540
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 19 Mar 2021 21:33:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6qdTv%2BCsuQIvWqRQu1eAYTIF%2F5hVN%2BTLOPAtxdNhrniIIuKu56KZaEgn%2BDhQi6tt0axuR7SzNbQ8PVYH62x2ePOTxxgEvqZydIqNjCosGQL6yRiwVqISEWNE4QAS8CxadshHzYKYLzVXtdc2o%2BBV"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
6ae79de7ef6e59a1-MXP
cf-bgj
minify
skin.css
hellonewyork.xyz/wp-content/themes/sahifa/css/ilightbox/dark-skin/ Frame 2AF5 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hellonewyork.xyz/wp-content/themes/sahifa/css/ilightbox/dark-skin/skin.css
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/nine-weight-loss-mistakes/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ce35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e93414f896d6002f025697fd592d2393994fc8b21be6061dd55b8df904aa245

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/nine-weight-loss-mistakes/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
688
cf-polished
origSize=7289
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 19 Mar 2021 21:33:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dQTnRaQwP7I2CWV9CKIU92R6PrlSYWrFOFSODHRS8OIF23u8fIkTahCRnh7NJNf0wa2Ws2DgDb0JHD%2BGN1i37n%2BJroauT0%2F5zQlO7NBxGueZODa5%2BVWRB5ve3nZ96LPhn6mB%2BIAA%2BZtCTK6da6PO"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
6ae79de7ef6f59a1-MXP
cf-bgj
minify
css
fonts.googleapis.com/ Frame 2AF5 		754 B
404 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/nine-weight-loss-mistakes/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0665f5f3dfc038e410e2f0004a1a5ff6d2d91f392dd32208606eb8ff51195172
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
clear
x-xss-protection
0
last-modified
Mon, 15 Nov 2021 09:03:46 GMT
server
ESF
date
Mon, 15 Nov 2021 09:57:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 Nov 2021 09:57:41 GMT
jquery.min.js
hellonewyork.xyz/wp-includes/js/jquery/ Frame 2AF5 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hellonewyork.xyz/wp-includes/js/jquery/jquery.min.js
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/nine-weight-loss-mistakes/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ce35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/nine-weight-loss-mistakes/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 20 Aug 2021 16:32:56 GMT
server
cloudflare
age
688
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=78uGWYqdcO2LPhSRPwoXs4hhe1TIvFWsrtJ6XCx%2B4R%2FMLVzyygcAGcC4MBmvMgaDypLnOCDYBYGFL0zeWY4%2Fecf2cKOMHsgkrc3elleTsAIVE8DOPGEHlfknPuJZqNZFTjgTJIa1%2Fm2wwEr3ZBgd"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ae79de7ef7259a1-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
jquery-migrate.min.js
hellonewyork.xyz/wp-includes/js/jquery/ Frame 2AF5 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hellonewyork.xyz/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/nine-weight-loss-mistakes/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ce35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/nine-weight-loss-mistakes/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 16 Mar 2021 11:03:32 GMT
server
cloudflare
age
688
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PSulTTePurd42rdgMF5ixoIpaCdPurJ1d7lWLVuoNUj8ErfAKPnUyF51%2BHhLemCIuc2jTAo1YNxocOw8JfcNXPvopIEMU6HjN8rhta4uWVUK5%2BFY6EULchZNI2k45hdl9M0%2BwQIBmsR2b%2Bywd3eH"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ae79de7ef7459a1-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
sab_bar_script.js
hellonewyork.xyz/wp-content/plugins/sticky-ad-bar/js/ Frame 2AF5 		613 B
524 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hellonewyork.xyz/wp-content/plugins/sticky-ad-bar/js/sab_bar_script.js
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/nine-weight-loss-mistakes/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ce35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f23e92f2ad9c1b20e84ae45b1e9290d020e47977550fa2fd235ef480378db35d

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/nine-weight-loss-mistakes/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
688
cf-polished
origSize=692
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 07 Apr 2021 12:10:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XyQJAZiBb7%2Bea9J9s%2FcVcD9IKW8Ja19JOREt79mcx07VFwPbgDzoYHEYwnBypYVuOv5GREDwRfWjp2miHcVixJZN2g9ASOAA%2BIXHDi1yHz3Kg8bKQJ2UjHeRfvH3%2BSdwU080Sl87S9i4%2Baye1jnh"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6ae79de7ef7659a1-MXP
cf-bgj
minify
jquery.cookie.js
hellonewyork.xyz/wp-content/plugins/sticky-ad-bar/js/ Frame 2AF5 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hellonewyork.xyz/wp-content/plugins/sticky-ad-bar/js/jquery.cookie.js
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/nine-weight-loss-mistakes/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ce35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0caab7de2b6d190e7fad15e5e81b2e8130ac073fe1960149c597b9ac12509d1c

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/nine-weight-loss-mistakes/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
688
cf-polished
origSize=3121
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 07 Apr 2021 12:10:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tQCz9cpv%2FFNP9gO%2BxoEsluht71krcPoh6NbdZa80m44zDeGHBfP%2BBeau%2FdwHJKHgsx8fbPxeCtXFBI465c8s3r%2BGXjQKy9ohZBRrzSrDNMZL5EWyYdvTW5aaBaAvbplRsW5WLMtEh5sgmzrW2GEe"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6ae79de7ef7859a1-MXP
cf-bgj
minify
js
www.googletagmanager.com/gtag/ Frame 2AF5 		90 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-194990350-1
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/nine-weight-loss-mistakes/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b460a66a365df82bb8823d8c10660683e3e49663c1c9d4d05c2b93836207864e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
36158
x-xss-protection
0
last-modified
Mon, 15 Nov 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 15 Nov 2021 09:57:41 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 2AF5 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/nine-weight-loss-mistakes/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fea811e086749b12803cf6d1d3931b02d4bf466fe58c1c86c8aacc33dbdfe1cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
51358
x-xss-protection
0
server
cafe
etag
16995874688540867510
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 15 Nov 2021 09:57:42 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 2AF5 		77 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/nine-weight-loss-mistakes/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
62f3d3d0c242e891ce6b71214501d2cb97f4b9d1ecfbe03031dbc5c7c76ff64a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1044 / 978 of 1000 / last-modified: 1636969124"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
clear
content-length
26744
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 15 Nov 2021 09:57:41 GMT
invoke.js
prowesshearing.com/764e49652f3b5b90f5aa525afaea43ab/ Frame 2AF5 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://prowesshearing.com/764e49652f3b5b90f5aa525afaea43ab/invoke.js
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/nine-weight-loss-mistakes/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 15 Nov 2021 09:57:41 GMT
server
nginx/1.17.9
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
wp-emoji-release.min.js
hellonewyork.xyz/wp-includes/js/ Frame 2AF5 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hellonewyork.xyz/wp-includes/js/wp-emoji-release.min.js
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/nine-weight-loss-mistakes/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ce35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/nine-weight-loss-mistakes/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 20 Aug 2021 16:32:56 GMT
server
cloudflare
age
685
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VDDCr%2FB8Uz9zE1j%2B5liW998rNTvSvhqORyEl%2FNJ5mvz4m43%2B258vcLFuPImmn129tFo45OgLCOToKZJvyKbndGPd8IWn9OAz92e4awwG4kB4cV%2BkVsKRsa0SOEnpcrttQh44RbjqiNCOTcwaX0Md"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ae79de8d98159a1-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
9517
tags.orquideassp.com/tag/ Frame 2AF5 		346 B
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.orquideassp.com/tag/9517
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/nine-weight-loss-mistakes/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:c600:2:e529:700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
d7b78aa51f2b5b51d96a9a575479435e73dfcfc3a5a9824910a0de00d4268967
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
1691
x-dns-prefetch-control
off
x-cache
Hit from cloudfront
date
Mon, 15 Nov 2021 09:29:30 GMT
content-length
346
x-xss-protection
1; mode=block
server
nginx/1.16.1
etag
W/"15a-cFtbrMeVI4StUeBaGtVhpnCi4IE"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
bLBR56o-2gojk59yxeJ1KNNcVDT6QgU9-ROwfp2jxQ-wTaTJ1aGSeA==
tie-scripts.js
hellonewyork.xyz/wp-content/themes/sahifa/js/ Frame 2AF5 		70 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hellonewyork.xyz/wp-content/themes/sahifa/js/tie-scripts.js
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/nine-weight-loss-mistakes/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ce35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f63de180098b5669cddeef897441f372161e25dde239a7f6fc03f5cb5ecec4be

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/nine-weight-loss-mistakes/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
687
cf-polished
origSize=74081
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 19 Mar 2021 21:33:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n71KhsLPt%2F8Z7nJ4bE23CECMmgfw7UUQcyFjNSPgX6CDxwipzT8HVCtI82etaAyGirzu33DLfl5jC7mkZOVA9cNqj%2BcI5A%2BSFrJDWUk%2BCYqpDql0M1FMZuz0YPq0NKJUsQAnYQTwFmU25KdNpbAQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6ae79de7ef7959a1-MXP
cf-bgj
minify
ilightbox.packed.js
hellonewyork.xyz/wp-content/themes/sahifa/js/ Frame 2AF5 		78 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hellonewyork.xyz/wp-content/themes/sahifa/js/ilightbox.packed.js
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/nine-weight-loss-mistakes/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ce35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d172c7a7d560ee869c812c4ac36c85cc951ff822a10f4a1c8a845ae5769b8e7a

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/nine-weight-loss-mistakes/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
686
cf-polished
origSize=79789
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 19 Mar 2021 21:33:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fhrufJmXv%2FlWdrURBP%2Fn0KKqLz9tiDOp8Vyb5npZZC95aQs5Web8K6WuG0BQgIRVpc5rkaMxQAVrTyOLkejJa3fRdlpO2luEFrb3JLtWWbwM4cP%2FFfvEmqCOhx6loSjF7NjsQkKBSCH0ntGcKiX5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6ae79de7ef7b59a1-MXP
cf-bgj
minify
comment-reply.min.js
hellonewyork.xyz/wp-includes/js/ Frame 2AF5 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hellonewyork.xyz/wp-includes/js/comment-reply.min.js
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/nine-weight-loss-mistakes/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ce35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/nine-weight-loss-mistakes/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 15 Apr 2021 11:00:36 GMT
server
cloudflare
age
686
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WSm%2FT18V9BvT4RY1LW1nJF1Osagc92pX8bVSU6YPgUp4kHwz1IUPyaroo%2FC6bTIo0zIwCT5N312DK7UjoWSwWVMQiYITmDG03led%2F5AMOnmK%2BYyFCI6mpsaOB7NIj5cilRHfznmiR77Dt3pl8wiG"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ae79de7ef7c59a1-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
wp-embed.min.js
hellonewyork.xyz/wp-includes/js/ Frame 2AF5 		1 KB
998 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hellonewyork.xyz/wp-includes/js/wp-embed.min.js
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/nine-weight-loss-mistakes/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ce35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/nine-weight-loss-mistakes/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 16 Mar 2021 11:03:32 GMT
server
cloudflare
age
686
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A95NLz6QHAlBnxahlIp5fPHhoCX%2BLULxZiCoYfqRCMNeMCa8T35Qh6F4ZnyIeKTfDn%2BRmuF1ev9xvazp%2F%2FrtQs2QhkROX8%2FVPWvmfXVdQxDHRXlEruL0moJloCNOaKmWrTzbnq99oyFwsVHKXJql"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ae79de7ef8059a1-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
style.min.css
hellonewyork.xyz/wp-includes/css/dist/block-library/ Frame A97E 		79 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hellonewyork.xyz/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ce35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 20 Aug 2021 16:32:56 GMT
server
cloudflare
age
689
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XK%2BEA8PrS%2BE%2FKgVny7NA2PIPLibwmKPQH1lgxH233Fe5BvTCYCbhniFiUUcGVlaIbBdBShBI2SgkkjyGi5nv2GEDPrciMEX2qrmFyjvvxyOD6EbQZQ%2B%2BvWBFrXHI4CvQLzNsFDwYt4mM7uVjH0LG"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ae79de7ef7d59a1-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
style.css
hellonewyork.xyz/wp-content/themes/sahifa/ Frame A97E 		159 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hellonewyork.xyz/wp-content/themes/sahifa/style.css
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ce35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ca45d4a78b01e0b828d158620ef8bc0034d1d8634ad135bfdaea5bf28a07cb6

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
689
cf-polished
origSize=200540
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 19 Mar 2021 21:33:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=skbn4BY3uYArfhG3fdVUln75hgVH%2BZvnWq1pOnpGG7wPpcePQ0oEuOI4JCGvfQ%2BczcojmbEsftg1iWAfVZ93H7gk3HRo3SkDEi6U2MXgih1ypihuVEL%2FK7So7MIxECaK9Idfh02h6G5lzjbp%2BHXq"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
6ae79de7ef8159a1-MXP
cf-bgj
minify
skin.css
hellonewyork.xyz/wp-content/themes/sahifa/css/ilightbox/dark-skin/ Frame A97E 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hellonewyork.xyz/wp-content/themes/sahifa/css/ilightbox/dark-skin/skin.css
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ce35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e93414f896d6002f025697fd592d2393994fc8b21be6061dd55b8df904aa245

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
688
cf-polished
origSize=7289
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 19 Mar 2021 21:33:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WguYsVwDbUbT1%2FXrud3HKCNoSMJ57MDQ9ipEvO1vqteTfd3ujSFhrCui3vHRbUnwZHbp0XvgRsaRuai1kc1sP9MAgBm460FY43tgxPBa5VcbhFL1WhW2DbDfJsmyBfhEi%2BYekAdIJPqJyjssYy6Y"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
6ae79de7ef8259a1-MXP
cf-bgj
minify
css
fonts.googleapis.com/ Frame A97E 		754 B
404 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0665f5f3dfc038e410e2f0004a1a5ff6d2d91f392dd32208606eb8ff51195172
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
clear
x-xss-protection
0
last-modified
Mon, 15 Nov 2021 09:01:38 GMT
server
ESF
date
Mon, 15 Nov 2021 09:57:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 Nov 2021 09:57:41 GMT
jquery.min.js
hellonewyork.xyz/wp-includes/js/jquery/ Frame A97E 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hellonewyork.xyz/wp-includes/js/jquery/jquery.min.js
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ce35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 20 Aug 2021 16:32:56 GMT
server
cloudflare
age
688
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5zpaDMLsGAPxQi9otT2a2ZYBX9lsL9HK0DNicUQ6gP8Da76nIAyKAm2CdCd%2FEl7siINJ6fKWxztT6LppnMl9ulFw9nAVbfv2j%2FP68rZxfGRXz%2F0efwu4FP3uAUeVy0w6cci4AEztYoZVk%2F95Va2P"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ae79de7ef8359a1-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
jquery-migrate.min.js
hellonewyork.xyz/wp-includes/js/jquery/ Frame A97E 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hellonewyork.xyz/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ce35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 16 Mar 2021 11:03:32 GMT
server
cloudflare
age
688
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=awZhd4Y%2BZT0T6ULcaFwFzrRX5Zq7v3raDmq9zZz87gmhcxfx9lnFr%2BQYhdfk2FaipNO3Vv0QLWdc%2Bq%2FrRrsyCD42KESL1YVf0N%2Fi7Rk%2F0lFJd8Yusxjo5vuEfu38ax6ahJD1m5QUFPvp39dF2fga"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ae79de7ef8659a1-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
sab_bar_script.js
hellonewyork.xyz/wp-content/plugins/sticky-ad-bar/js/ Frame A97E 		613 B
505 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hellonewyork.xyz/wp-content/plugins/sticky-ad-bar/js/sab_bar_script.js
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ce35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f23e92f2ad9c1b20e84ae45b1e9290d020e47977550fa2fd235ef480378db35d

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
688
cf-polished
origSize=692
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 07 Apr 2021 12:10:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b6Pdgk%2BmGTrQ3neUNYWH62pzfFkoaCgiPu7rrUmpW7NvtEOeAEY6tvQs8wSVnbY86pxcg3FcLGzVV07qRfaYiu%2FdWHw46ny%2BrVx%2B5cPIWDx2pxQi96uEynr5GmRc5q8XkaMqDgLezf2XKRT20JhL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6ae79de7ef8859a1-MXP
cf-bgj
minify
jquery.cookie.js
hellonewyork.xyz/wp-content/plugins/sticky-ad-bar/js/ Frame A97E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hellonewyork.xyz/wp-content/plugins/sticky-ad-bar/js/jquery.cookie.js
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ce35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0caab7de2b6d190e7fad15e5e81b2e8130ac073fe1960149c597b9ac12509d1c

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
688
cf-polished
origSize=3121
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 07 Apr 2021 12:10:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VRbd5PqHjP%2F%2Bj97YsFDxkvi%2BCqc5heuMpMvCXyXeDyWvrTCq8ST6xHTyEFSC4mBkisxRmObNbGGxve0IOc%2FQvSzpBmPXoTk7Z2IVoaaRAxzmeDQhVCrWlSBVCJFcQ32na%2F8PiN5%2Bs%2BtwK4y0brK5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6ae79de7ffa759a1-MXP
cf-bgj
minify
js
www.googletagmanager.com/gtag/ Frame A97E 		90 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-194990350-1
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2789bf402dd2de503301c0e8daa01238a264c8dbce1f90b5712bf9977c0eafa6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
36160
x-xss-protection
0
last-modified
Mon, 15 Nov 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 15 Nov 2021 09:57:41 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame A97E 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f29178baacb1699bb64b5a43a18699cbb04ec4a1ea3e6f5f78948be0960d7d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
51359
x-xss-protection
0
server
cafe
etag
12717429226028516379
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 15 Nov 2021 09:57:42 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame A97E 		77 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
1406b7a1d08682ea93c03924e5de6f900bc9f47b222bf0f126b1bf355f1e0226
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1044 / 250 of 1000 / last-modified: 1636969215"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
clear
content-length
26701
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 15 Nov 2021 09:57:41 GMT
invoke.js
prowesshearing.com/764e49652f3b5b90f5aa525afaea43ab/ Frame A97E 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://prowesshearing.com/764e49652f3b5b90f5aa525afaea43ab/invoke.js
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 15 Nov 2021 09:57:41 GMT
server
nginx/1.17.9
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
9517
tags.orquideassp.com/tag/ Frame A97E 		346 B
812 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.orquideassp.com/tag/9517
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:c600:2:e529:700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
d7b78aa51f2b5b51d96a9a575479435e73dfcfc3a5a9824910a0de00d4268967
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
1691
x-dns-prefetch-control
off
x-cache
Hit from cloudfront
date
Mon, 15 Nov 2021 09:29:30 GMT
content-length
346
x-xss-protection
1; mode=block
server
nginx/1.16.1
etag
W/"15a-cFtbrMeVI4StUeBaGtVhpnCi4IE"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
_4PTBlj3IFglppfjaO0t2mm4W8SnaKluUh_Q53fh4LFPMqIromd66g==
tie-scripts.js
hellonewyork.xyz/wp-content/themes/sahifa/js/ Frame A97E 		70 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hellonewyork.xyz/wp-content/themes/sahifa/js/tie-scripts.js
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ce35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f63de180098b5669cddeef897441f372161e25dde239a7f6fc03f5cb5ecec4be

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
687
cf-polished
origSize=74081
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 19 Mar 2021 21:33:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2FqJAaZVPMlY%2BXkYWoS4g8ivvaIBKi7ZVhXUv5ExPLKY9Un%2F%2BYxCx4yPb9LIpb%2BU8eKzbAhrkPgK1DYP%2F00swGSwIlXQb8kpM17xbXCoz3sCx%2BsjflY0mnebw1xywdAI2afyv3SAJKmfdztj0p4x"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6ae79de7ffa859a1-MXP
cf-bgj
minify
ilightbox.packed.js
hellonewyork.xyz/wp-content/themes/sahifa/js/ Frame A97E 		78 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hellonewyork.xyz/wp-content/themes/sahifa/js/ilightbox.packed.js
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ce35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d172c7a7d560ee869c812c4ac36c85cc951ff822a10f4a1c8a845ae5769b8e7a

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
686
cf-polished
origSize=79789
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 19 Mar 2021 21:33:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uTUDc2tWWA23M658MJ765N6XIoM7cnC61SkooAdVicJYB9wYriqudQq0StYIsaQFJ67U9nSL9qjz2qF09uy1mEGuJIuOyoSPAIiQP0AuvBy%2FSL2othynsCOrxdPp325%2BtM0wSKwuGWBCnh7PaVPh"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6ae79de7ffa959a1-MXP
cf-bgj
minify
comment-reply.min.js
hellonewyork.xyz/wp-includes/js/ Frame A97E 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hellonewyork.xyz/wp-includes/js/comment-reply.min.js
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ce35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 15 Apr 2021 11:00:36 GMT
server
cloudflare
age
686
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f6tsca08QEuV6QTsvPiVut%2BEJ5g%2FdR8hcYQs8SpE5L9P%2FQ8qKFGUPAFYnZe9TyaYte4dn9UwFu%2FZdZqAdpri%2FHH28grTkSmWOtQwcmHzidEdg5xS6au1FuUwbMzvQ93PGpoPbRtc%2Fc12el%2F0aC09"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ae79de7ffaa59a1-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
wp-embed.min.js
hellonewyork.xyz/wp-includes/js/ Frame A97E 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hellonewyork.xyz/wp-includes/js/wp-embed.min.js
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ce35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 16 Mar 2021 11:03:32 GMT
server
cloudflare
age
686
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WoZ0j1rIsPf2x5axHa%2BoE%2B5HNH7JRTVBZLC53vpgm885QbPP1iGdrvq9PJYXSh%2Fv6cMww%2B5MVnP4RjVv1K0QsTaWsY7kQAs8xTkl%2B2hqq%2BM1%2F%2FBAox10gOa%2Fh3jhFGTsvbVM8NOU5aAAdKKLKpTv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ae79de7ffab59a1-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
wp-emoji-release.min.js
hellonewyork.xyz/wp-includes/js/ Frame A97E 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hellonewyork.xyz/wp-includes/js/wp-emoji-release.min.js
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ce35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 20 Aug 2021 16:32:56 GMT
server
cloudflare
age
685
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WT%2FpbazxUVRgcYtOAi27K3XsaiP1dC8xg9VmW27W1eSRyxwAFoPhUs%2FaaZlsKM7hy7zzDBg2VMbiaYBR5kllZRJaPUKMIK8HMDPNj5X1tBqWA54iJXiuaAsYEqL0xFzTdauJHI9f1YSF4LzpH9pF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ae79de90a1459a1-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
i.js
cm.adskeeper.com/ 		19 B
179 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.adskeeper.com/i.js?&cbuster=1636970261741655862399
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/n/a/naagin5.co.1208464.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Nov 2021 09:57:41 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 15 Nov 2021 09:57:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6ae79de80ac139b1-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
i-noref.js
cm.adskeeper.com/ Frame C559 		19 B
99 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.adskeeper.com/i-noref.js?cbuster=1636970261758425642261
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/n/a/naagin5.co.1208464.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Nov 2021 09:57:41 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 15 Nov 2021 09:57:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6ae79de80acb39b1-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
loader.js
cdn.taboola.com/libtrc/hellonewyorkpak/ Frame 2BC7 		182 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/hellonewyorkpak/loader.js
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ea7318d20b082c813ae32a5d7fd71977ec6fbfcbde05212f3fdf3b4d00cca67f

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
zCwlc1Z5yJswrUy6nB.eECgjUIh7Kubs
content-encoding
gzip
etag
"02784ec8f66247a7516f97bfe7287abf"
age
0
x-cache
MISS
content-length
23770
x-amz-id-2
/EcUPpwzXQ9xYIV8nn2vQwvX2wbXOCV9vMF7r5sjpNXpnISvBM1ZB6fxBnrWOd6j4CrDbFRAMVg=
x-served-by
cache-cdg20781-CDG
last-modified
Mon, 15 Nov 2021 09:57:30 GMT
server
AmazonS3
x-timer
S1636970262.923258,VS0,VE345
date
Mon, 15 Nov 2021 09:57:42 GMT
vary
Accept-Encoding
x-amz-request-id
ZF7H0SRH1361XPF9
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
58
x-cache-hits
0
loader.js
cdn.taboola.com/libtrc/hellonewyorkpak/ Frame 2AF5 		182 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/hellonewyorkpak/loader.js
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/nine-weight-loss-mistakes/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ea7318d20b082c813ae32a5d7fd71977ec6fbfcbde05212f3fdf3b4d00cca67f

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
zCwlc1Z5yJswrUy6nB.eECgjUIh7Kubs
content-encoding
gzip
etag
"02784ec8f66247a7516f97bfe7287abf"
age
0
x-cache
HIT
content-length
23770
x-amz-id-2
/EcUPpwzXQ9xYIV8nn2vQwvX2wbXOCV9vMF7r5sjpNXpnISvBM1ZB6fxBnrWOd6j4CrDbFRAMVg=
x-served-by
cache-cdg20781-CDG
last-modified
Mon, 15 Nov 2021 09:57:30 GMT
server
AmazonS3
x-timer
S1636970262.923433,VS0,VE345
date
Mon, 15 Nov 2021 09:57:42 GMT
vary
Accept-Encoding
x-amz-request-id
ZF7H0SRH1361XPF9
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
58
x-cache-hits
2
body-bg25.png
hellonewyork.xyz/wp-content/themes/sahifa/images/patterns/ Frame 2AF5 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hellonewyork.xyz/wp-content/themes/sahifa/images/patterns/body-bg25.png
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/nine-weight-loss-mistakes/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ce35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86d2d9b569b96e40e9d8d51322980d729cc34f7e299984639ae15aa9a96d4991

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/nine-weight-loss-mistakes/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
cf-cache-status
HIT
last-modified
Fri, 19 Mar 2021 21:33:58 GMT
server
cloudflare
age
685
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vu1CJepp3DbqaQVNqWvvNOzzx7ybCZ986yhYR6pCg1jQ2MLD5h%2BkAQNUeprd%2BKD0NJg2L9fRlbR0AaUjWySnPp2STdK7JkQz6fmhNQFKcgsPSIJfW5PpIPbZRgoliEflZWUkQdBQapkb08CpKREs"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6ae79de8e9ae59a1-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
10042
fontawesome-webfont.woff2
hellonewyork.xyz/wp-content/themes/sahifa/fonts/fontawesome/ Frame 2AF5 		70 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hellonewyork.xyz/wp-content/themes/sahifa/fonts/fontawesome/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/wp-content/themes/sahifa/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ce35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer
https://hellonewyork.xyz/wp-content/themes/sahifa/style.css
Origin
https://hellonewyork.xyz
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
cf-cache-status
HIT
last-modified
Fri, 19 Mar 2021 21:33:58 GMT
server
cloudflare
age
683
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hJOLZzb5sJKuRhgWLx8TEWQApSujVcnD%2BlEEO9bvHQPd5Gk8mAFBlsBVG58DfXF4Mjxovtx1qTCBwyfSsPjbFf0Vr3DQuaIxDB%2FCZDFq1qQR216e9ZG2Sb5ccG6%2BrT3e0EXGURoLpPH1nd4tqYlg"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6ae79de8e9af59a1-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
71896
SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
fonts.gstatic.com/s/droidsans/v12/ Frame 2AF5 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/droidsans/v12/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a615849237c0ce94e73fc69d86e5f9c58bdaca8d9756a5ff4c88fa86b14e6177
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hellonewyork.xyz
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 01:05:44 GMT
x-content-type-options
nosniff
age
377517
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
21232
x-xss-protection
0
last-modified
Thu, 20 Feb 2020 01:56:42 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 11 Nov 2022 01:05:44 GMT
body-bg25.png
hellonewyork.xyz/wp-content/themes/sahifa/images/patterns/ Frame 2BC7 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hellonewyork.xyz/wp-content/themes/sahifa/images/patterns/body-bg25.png
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ce35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86d2d9b569b96e40e9d8d51322980d729cc34f7e299984639ae15aa9a96d4991

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
cf-cache-status
HIT
last-modified
Fri, 19 Mar 2021 21:33:58 GMT
server
cloudflare
age
685
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PxM8plChd4qOEFAYawQdMQZLlr8ilJUJl8GLg3XiJBSmUUFyhEx%2BPDgXjkslOdz2Y%2F%2B9iuNtTgR4%2B2BPkbhwfAwWIbsHIn3mznbB1FtbkKMaPsNeHvEJdB11tdKUEFj%2BtSGHWVLHFKhur2A2e%2Fhh"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6ae79de8e9bd59a1-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
10042
fontawesome-webfont.woff2
hellonewyork.xyz/wp-content/themes/sahifa/fonts/fontawesome/ Frame 2BC7 		70 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hellonewyork.xyz/wp-content/themes/sahifa/fonts/fontawesome/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/wp-content/themes/sahifa/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ce35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer
https://hellonewyork.xyz/wp-content/themes/sahifa/style.css
Origin
https://hellonewyork.xyz
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
cf-cache-status
HIT
last-modified
Fri, 19 Mar 2021 21:33:58 GMT
server
cloudflare
age
683
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f4kStCdg9IcdXLDRFsgt1eEXyA0tDRKkKbFOZvDslrLWZYJL5mdtVbkTd06FOIocoJUqBtPyMG4zhHk0xcpjv0%2Bup6ww4h5GxkH8BNoFsJlipMSxGXdXd2uW8PiNvjpCvntjxmNFV%2F8wN%2BhlbExG"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6ae79de8e9c459a1-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
71896
SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
fonts.gstatic.com/s/droidsans/v12/ Frame 2BC7 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/droidsans/v12/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a615849237c0ce94e73fc69d86e5f9c58bdaca8d9756a5ff4c88fa86b14e6177
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hellonewyork.xyz
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 01:05:44 GMT
x-content-type-options
nosniff
age
377517
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
21232
x-xss-protection
0
last-modified
Thu, 20 Feb 2020 01:56:42 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 11 Nov 2022 01:05:44 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 2BC7 		77 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
62f3d3d0c242e891ce6b71214501d2cb97f4b9d1ecfbe03031dbc5c7c76ff64a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1044 / 317 of 1000 / last-modified: 1636969124"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
clear
content-length
26744
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 15 Nov 2021 09:57:41 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 2AF5 		77 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/nine-weight-loss-mistakes/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
ab53f031d510e785b7efeb025b423db675e898f169ef085074903f28637258dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1044 / 627 of 1000 / last-modified: 1636969215"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
clear
content-length
26701
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 15 Nov 2021 09:57:41 GMT
loader.js
cdn.taboola.com/libtrc/hellonewyorkpak/ Frame A97E 		182 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/hellonewyorkpak/loader.js
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ea7318d20b082c813ae32a5d7fd71977ec6fbfcbde05212f3fdf3b4d00cca67f

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
zCwlc1Z5yJswrUy6nB.eECgjUIh7Kubs
content-encoding
gzip
etag
"02784ec8f66247a7516f97bfe7287abf"
age
0
x-cache
HIT
content-length
23770
x-amz-id-2
/EcUPpwzXQ9xYIV8nn2vQwvX2wbXOCV9vMF7r5sjpNXpnISvBM1ZB6fxBnrWOd6j4CrDbFRAMVg=
x-served-by
cache-cdg20781-CDG
last-modified
Mon, 15 Nov 2021 09:57:30 GMT
server
AmazonS3
x-timer
S1636970262.923379,VS0,VE345
date
Mon, 15 Nov 2021 09:57:42 GMT
vary
Accept-Encoding
x-amz-request-id
ZF7H0SRH1361XPF9
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
58
x-cache-hits
2
body-bg25.png
hellonewyork.xyz/wp-content/themes/sahifa/images/patterns/ Frame A97E 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hellonewyork.xyz/wp-content/themes/sahifa/images/patterns/body-bg25.png
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ce35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86d2d9b569b96e40e9d8d51322980d729cc34f7e299984639ae15aa9a96d4991

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
cf-cache-status
HIT
last-modified
Fri, 19 Mar 2021 21:33:58 GMT
server
cloudflare
age
685
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CGz6Ymo3mF5z%2FmmcMKaRwJXGtLXJED%2FYWoWD36rcblYcJmzKBLj1Xeh4FOxaG8WQV%2FdeUaMx9rMjS7W7HnvzxZHm1HRuq5DiQHSWITBq%2BBeicL427ssMmR3tsMY4I%2F1EYVvzlkySwa5sLHtL9bkz"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6ae79de91a2f59a1-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
10042
fontawesome-webfont.woff2
hellonewyork.xyz/wp-content/themes/sahifa/fonts/fontawesome/ Frame A97E 		70 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hellonewyork.xyz/wp-content/themes/sahifa/fonts/fontawesome/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/wp-content/themes/sahifa/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ce35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer
https://hellonewyork.xyz/wp-content/themes/sahifa/style.css
Origin
https://hellonewyork.xyz
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
cf-cache-status
HIT
last-modified
Fri, 19 Mar 2021 21:33:58 GMT
server
cloudflare
age
683
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rkq7QsdxohNp29XOPB6ocBuHCoaBEzvy0Ky0t7eHZgbKM7tYKwjCsK9XTZnTYX4QpOP2ov%2BrPp6d%2BGurl0QJ3On4VQ0aYHR2QtVZhofpmetfTmx1v3XJX8wopCe0SYJyNJ7sjPLVoJ4Sv0CpbdtQ"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6ae79de91a3459a1-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
71896
SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
fonts.gstatic.com/s/droidsans/v12/ Frame A97E 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/droidsans/v12/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a615849237c0ce94e73fc69d86e5f9c58bdaca8d9756a5ff4c88fa86b14e6177
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hellonewyork.xyz
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 01:05:44 GMT
x-content-type-options
nosniff
age
377517
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
21232
x-xss-protection
0
last-modified
Thu, 20 Feb 2020 01:56:42 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 11 Nov 2022 01:05:44 GMT
BebasNeue-webfont.woff
hellonewyork.xyz/wp-content/themes/sahifa/fonts/BebasNeue/ Frame 2AF5 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hellonewyork.xyz/wp-content/themes/sahifa/fonts/BebasNeue/BebasNeue-webfont.woff
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/wp-content/themes/sahifa/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ce35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8c2e4d6ab0ad2f055a6cc3c777d31531e665758db5ca815f2613afad72f7088

Request headers

Referer
https://hellonewyork.xyz/wp-content/themes/sahifa/style.css
Origin
https://hellonewyork.xyz
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
cf-cache-status
HIT
last-modified
Fri, 19 Mar 2021 21:33:58 GMT
server
cloudflare
age
674
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bnJ%2FhoLjIX7WHT5tFqDyvjMLBr17oLW3aH7%2FoKyu0sTc0Ah6bnuQyNRzkvjTVBgKq3RTON8FAFIwMupsBwk577RkOGc4SOWwAyUDpsmYBZtIbMiXmX7gBAOWqZQa%2FuLQlMgCDN%2FZLd9u5OIjA8ge"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6ae79de92a5059a1-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19996
SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
fonts.gstatic.com/s/droidsans/v12/ Frame 2AF5 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/droidsans/v12/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06c572e99c878362d40d1f358efdfe400ae1310f35cf22174dcdd5db022dd810
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hellonewyork.xyz
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 13:47:02 GMT
x-content-type-options
nosniff
age
245439
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
22340
x-xss-protection
0
last-modified
Thu, 20 Feb 2020 02:52:18 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 12 Nov 2022 13:47:02 GMT
stripe.png
hellonewyork.xyz/wp-content/themes/sahifa/images/ Frame 2BC7 		93 B
383 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hellonewyork.xyz/wp-content/themes/sahifa/images/stripe.png
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/wp-content/themes/sahifa/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ce35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23c79bb552706be2ca97bdb259921e3269a5263326b147676c2f7909a45b58c9

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/wp-content/themes/sahifa/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
cf-cache-status
HIT
last-modified
Fri, 19 Mar 2021 21:33:58 GMT
server
cloudflare
age
674
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mAZtAnOSv0LEksEw67QrdHN63dkIXopQLsLTGhTcqoVJzYpIgMr54wOWZuOSPuQp5iDGLOzvfKKmiThi9AjuYvQhhdEuOZ8VD1mqphcC%2F%2BFSvoRpvenVcMKAmRyZ%2BTCd9fairFVB33wYXn0dYAjN"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6ae79de92a5459a1-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
93
BebasNeue-webfont.woff
hellonewyork.xyz/wp-content/themes/sahifa/fonts/BebasNeue/ Frame 2BC7 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hellonewyork.xyz/wp-content/themes/sahifa/fonts/BebasNeue/BebasNeue-webfont.woff
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/wp-content/themes/sahifa/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ce35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8c2e4d6ab0ad2f055a6cc3c777d31531e665758db5ca815f2613afad72f7088

Request headers

Referer
https://hellonewyork.xyz/wp-content/themes/sahifa/style.css
Origin
https://hellonewyork.xyz
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
cf-cache-status
HIT
last-modified
Fri, 19 Mar 2021 21:33:58 GMT
server
cloudflare
age
674
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qAw9WzY1O9kWwWymmXyj56m6MqQBbHeulAtx%2FNCIr%2BW9BpLgJ0Lg1xfKW3tmoDGalBAQmviCBNaFBiMY31PO6YWoiHTBixzVFiCxs4o6CuNwqh2R5cOCR%2B0jM2UmAnGhuzRDCQxaNS6QuXgVLTbd"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6ae79de92a5659a1-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19996
SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
fonts.gstatic.com/s/droidsans/v12/ Frame 2BC7 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/droidsans/v12/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06c572e99c878362d40d1f358efdfe400ae1310f35cf22174dcdd5db022dd810
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hellonewyork.xyz
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 13:47:02 GMT
x-content-type-options
nosniff
age
245439
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
22340
x-xss-protection
0
last-modified
Thu, 20 Feb 2020 02:52:18 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 12 Nov 2022 13:47:02 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame A97E 		77 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
62f3d3d0c242e891ce6b71214501d2cb97f4b9d1ecfbe03031dbc5c7c76ff64a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1044 / 344 of 1000 / last-modified: 1636969124"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
clear
content-length
26744
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 15 Nov 2021 09:57:41 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 2BC7 		112 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: tags.orquideassp.com
URL: https://tags.orquideassp.com/tag/9517
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38b460c170cf350d5a802bfe8a14c6b949b7f8d424828dd0e94c2d473984b7e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
40275
x-xss-protection
0
server
cafe
etag
17627587005995225777
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 15 Nov 2021 09:57:41 GMT
BebasNeue-webfont.woff
hellonewyork.xyz/wp-content/themes/sahifa/fonts/BebasNeue/ Frame A97E 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hellonewyork.xyz/wp-content/themes/sahifa/fonts/BebasNeue/BebasNeue-webfont.woff
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/wp-content/themes/sahifa/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ce35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8c2e4d6ab0ad2f055a6cc3c777d31531e665758db5ca815f2613afad72f7088

Request headers

Referer
https://hellonewyork.xyz/wp-content/themes/sahifa/style.css
Origin
https://hellonewyork.xyz
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
cf-cache-status
HIT
last-modified
Fri, 19 Mar 2021 21:33:58 GMT
server
cloudflare
age
674
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XNXmnWA1KD50%2BoMF0%2BhB%2B2CknnHpyFoD39uTlsSHp0R62kwVKU2mSs2yjnKeog6t48Ny%2FDzzx%2BLeJ1YB1a4X96NGLjpGhMkpb4VCivznxK980qCwqnTWL2oxe0cNbvnj%2FkT88kqaluI7qJji88EN"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6ae79de93a8259a1-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19996
stripe.png
hellonewyork.xyz/wp-content/themes/sahifa/images/ Frame 2AF5 		93 B
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hellonewyork.xyz/wp-content/themes/sahifa/images/stripe.png
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/wp-content/themes/sahifa/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ce35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23c79bb552706be2ca97bdb259921e3269a5263326b147676c2f7909a45b58c9

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/wp-content/themes/sahifa/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
cf-cache-status
HIT
last-modified
Fri, 19 Mar 2021 21:33:58 GMT
server
cloudflare
age
674
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fDO52%2FyJ1gxFqmX5yd0DCXeERYLDWlD7YJG6DgfriYAF1sYjjyU5nWgX%2BY5SezW%2FTNhVenBWQfYSTposX0ZU%2FRpHZQzPAJMEdzht3MXsEb%2BUD22%2FIWk9KzbEI4R7GGhoRomN99VogiocNy2nQHG6"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6ae79de93a8459a1-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
93
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 2AF5 		112 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: tags.orquideassp.com
URL: https://tags.orquideassp.com/tag/9517
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ac3e6a7747a782567b04c349aadc1314250e55d92275b1327d6b40dc787b0fc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
40273
x-xss-protection
0
server
cafe
etag
16716388459801311639
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 15 Nov 2021 09:57:41 GMT
stripe.png
hellonewyork.xyz/wp-content/themes/sahifa/images/ Frame A97E 		93 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hellonewyork.xyz/wp-content/themes/sahifa/images/stripe.png
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/wp-content/themes/sahifa/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ce35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23c79bb552706be2ca97bdb259921e3269a5263326b147676c2f7909a45b58c9

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/wp-content/themes/sahifa/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:41 GMT
cf-cache-status
HIT
last-modified
Fri, 19 Mar 2021 21:33:58 GMT
server
cloudflare
age
674
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8c3aCsgOx1R5dagI8Ot8AJaFyRt0OPPaPu8ZEYGdzGEz%2BZ3KP14zJ6gZpgCw8pnQADxvC1dDKq7nVU56IVLi5zUrdmnO%2F0ibmi1wZyS3oBoRXib0eSAoeXyijYU90MazN%2F%2BzKyN%2FHSu4ducnCFAD"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6ae79de97af859a1-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
93
SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
fonts.gstatic.com/s/droidsans/v12/ Frame A97E 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/droidsans/v12/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06c572e99c878362d40d1f358efdfe400ae1310f35cf22174dcdd5db022dd810
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hellonewyork.xyz
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 13:47:02 GMT
x-content-type-options
nosniff
age
245439
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
22340
x-xss-protection
0
last-modified
Thu, 20 Feb 2020 02:52:18 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 12 Nov 2022 13:47:02 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame A97E 		112 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: tags.orquideassp.com
URL: https://tags.orquideassp.com/tag/9517
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966d00f6687aefd26cd28e7a67b28fa100f32b79c48c969524bd26003e2f412e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
40274
x-xss-protection
0
server
cafe
etag
6907456700266700057
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 15 Nov 2021 09:57:42 GMT
analytics.js
www.google-analytics.com/ Frame 2BC7 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-194990350-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
7028
date
Mon, 15 Nov 2021 08:00:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
20006
expires
Mon, 15 Nov 2021 10:00:34 GMT
pubads_impl_2021110901.js
securepubads.g.doubleclick.net/gpt/ Frame 2BC7 		344 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js?31063704
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
290cb5d09439fb608eeeb01483d09a76d15f0056e3ff581a1a3d645f5ce9fb21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
118212
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 09:34:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 15 Nov 2021 09:57:42 GMT
pubads_impl_2021110901.js
securepubads.g.doubleclick.net/gpt/ Frame 2AF5 		344 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
290cb5d09439fb608eeeb01483d09a76d15f0056e3ff581a1a3d645f5ce9fb21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
118212
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 09:34:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 15 Nov 2021 09:57:42 GMT
analytics.js
www.google-analytics.com/ Frame 2AF5 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-194990350-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
7028
date
Mon, 15 Nov 2021 08:00:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
20006
expires
Mon, 15 Nov 2021 10:00:34 GMT
pubads_impl_2021111001.js
securepubads.g.doubleclick.net/gpt/ Frame A97E 		342 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063719
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
10149e81621b3a46836cd42ffe55748208254e3054a3013cbd6dc6b9d593521d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
117754
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 09:34:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 15 Nov 2021 09:57:42 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/ Frame 2BC7 		267 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7913044002918072&plah=hellonewyork.xyz
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9eaa3628344b4e75faac67ebbe378cb52643ff6acbe5fefc9029a203dbdde8af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
98317
x-xss-protection
0
server
cafe
etag
3368660391284805622
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 15 Nov 2021 09:57:42 GMT
analytics.js
www.google-analytics.com/ Frame A97E 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-194990350-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
7028
date
Mon, 15 Nov 2021 08:00:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
20006
expires
Mon, 15 Nov 2021 10:00:34 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/ Frame 2AF5 		267 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7913044002918072&plah=hellonewyork.xyz
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f4bc8cb97a1b41327845db6c8045232c64cbbd0b53ea0a2a98f2a975929a9f5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
98317
x-xss-protection
0
server
cafe
etag
201733826782126030
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 15 Nov 2021 09:57:42 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/ Frame A97E 		267 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7913044002918072&plah=hellonewyork.xyz
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6d295b1589e7bbbe19a389b3e06ff6df85d7f966ca8737e9a6f09f1c17160b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
98316
x-xss-protection
0
server
cafe
etag
16340221097172446124
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 15 Nov 2021 09:57:42 GMT
integrator.js
adservice.google.fr/adsid/ Frame 2BC7 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.fr/adsid/integrator.js?domain=hellonewyork.xyz
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js?31063704
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 15 Nov 2021 09:57:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
clear
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 2BC7 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=hellonewyork.xyz
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js?31063704
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 15 Nov 2021 09:57:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
clear
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 2BC7 		15 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4162867029326899&correlator=3154472319844125&output=ldjh&impl=fif&eid=31063704%2C31063711%2C44752541%2C44754276&vrg=2021110901&ptt=17&sc=1&sfv=1-0-38&ecs=20211115&iu_parts=152344380%2Cca-pub-8804303781641925-tag%2CHellonewyork_DT_300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&cdm=hellonewyork.xyz&bc=31&abxe=1&lmt=1636970262&dt=1636970262308&dlt=1636970261689&idt=599&ea=0&frm=24&biw=-12245933&bih=-12245933&isw=306&ish=432&oid=2&adxs=1&adys=1&adks=115767433&ucis=9xx7kiyx2eii&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fhellonewyork.xyz%2Fthe-health-benefits-of-tea-and-coffee%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ref=https%3A%2F%2Fhellonewyork.xyz%2Fhats.php%3Futm_source%3Dgoogle%26utm_medium%3DOrganic%26utm_campaign%3Dremarketing%26utm_term%3Dstarcush&top=https%3A%2F%2Fbiggbos.live%2F&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=302x0&msz=302x0&ga_vid=1554387818.1636970262&ga_sid=1636970262&ga_hid=1997930561&ga_fc=true&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js?31063704
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
eda3ab970270fee3cfc79294bb1f23cd2e0c1109da0eba25eb30f0a365a60393
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
8855
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://hellonewyork.xyz
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D76B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js?31063704
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 15 Nov 2021 09:57:42 GMT
expires
Tue, 15 Nov 2022 09:57:42 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
clear
integrator.js
adservice.google.fr/adsid/ Frame A97E 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.fr/adsid/integrator.js?domain=hellonewyork.xyz
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063719
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 15 Nov 2021 09:57:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
clear
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame A97E 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=hellonewyork.xyz
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063719
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 15 Nov 2021 09:57:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
clear
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame A97E 		24 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=784279982248323&correlator=1986249447269163&output=ldjh&impl=fif&eid=31063719%2C44752541%2C31060888&vrg=2021111001&ptt=17&sc=1&sfv=1-0-38&ecs=20211115&iu_parts=152344380%2Cca-pub-8804303781641925-tag%2CHellonewyork_DT_300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&cdm=hellonewyork.xyz&bc=31&abxe=1&lmt=1636970262&dt=1636970262362&dlt=1636970261716&idt=624&ea=0&frm=24&biw=-12245933&bih=-12245933&isw=306&ish=432&oid=2&adxs=1&adys=1&adks=115767433&ucis=t6xfnjo454a8&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fhellonewyork.xyz%2Fthe-health-benefits-of-tea-and-coffee%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ref=https%3A%2F%2Fhellonewyork.xyz%2Fhats.php%3Futm_source%3Dgoogle%26utm_medium%3DOrganic%26utm_campaign%3Dremarketing%26utm_term%3Dstarcush&top=https%3A%2F%2Fbiggbos.live%2F&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=302x0&msz=302x0&ga_vid=1843449854.1636970262&ga_sid=1636970262&ga_hid=1155179708&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063719
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
f7eaea0063c3dbd0b4af647c20458573b0d8ec387a28c32be36727db7012e13f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
11160
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://hellonewyork.xyz
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EC45 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063719
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 15 Nov 2021 09:57:42 GMT
expires
Tue, 15 Nov 2022 09:57:42 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
clear
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211109/r20190131/ Frame 6F71 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211109/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 15 Nov 2021 08:20:20 GMT
expires
Mon, 29 Nov 2021 08:20:20 GMT
content-type
text/html; charset=UTF-8
etag
16478831307880631077
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4883
x-xss-protection
0
age
5842
cache-control
public, max-age=1209600
alt-svc
clear
ads
googleads.g.doubleclick.net/pagead/ Frame 355A 		58 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=50&slotname=www.hellonewyork.xyz&adk=3010877171&adf=3552636263&pi=t.ma~as.www.hellonewyork.xyz&w=320&lmt=1636970262&url=https%3A%2F%2Fhellonewyork.xyz%2Fthe-health-benefits-of-tea-and-coffee%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636970262088&bpp=20&bdt=399&idt=324&shv=r20211109&mjsv=m202111080101&ptt=5&saldr=sa&correlator=8707385499887&frm=22&ife=1&pv=2&ga_vid=1554387818.1636970262&ga_sid=1636970262&ga_hid=1997930561&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=306&ish=432&ifk=2354337978&scr_x=-12245933&scr_y=-12245933&eid=21066429&oid=2&pvsid=4162867029326899&pem=594&tmod=1125090641&top=https%3A%2F%2Fbiggbos.live%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C306%2C432&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.fj1c0kcayvs0&fsb=1&xpc=A43YqvkZBJ&p=https%3A//hellonewyork.xyz&dtd=337
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7913044002918072&plah=hellonewyork.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e472c488689b09810ca0f4b68d7137677b2e1d4241ab4c48d341364dcd4d5dbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 15 Nov 2021 09:57:42 GMT
server
cafe
content-length
24765
x-xss-protection
0
alt-svc
clear
expires
Mon, 15 Nov 2021 09:57:42 GMT
cache-control
private
integrator.js
adservice.google.fr/adsid/ Frame 2AF5 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.fr/adsid/integrator.js?domain=hellonewyork.xyz
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7913044002918072&plah=hellonewyork.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 15 Nov 2021 09:57:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
clear
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 2AF5 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=hellonewyork.xyz
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7913044002918072&plah=hellonewyork.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 15 Nov 2021 09:57:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
clear
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3449 		603 B
342 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=50&slotname=www.hellonewyork.xyz&adk=3010877171&adf=3552636260&pi=t.ma~as.www.hellonewyork.xyz&w=320&lmt=1636970262&url=https%3A%2F%2Fhellonewyork.xyz%2Fnine-weight-loss-mistakes%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636970262130&bpp=16&bdt=429&idt=324&shv=r20211109&mjsv=m202111080101&ptt=5&saldr=sa&correlator=3315091412403&frm=22&ife=1&pv=2&ga_vid=995182780.1636970262&ga_sid=1636970262&ga_hid=264937165&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=303&ish=385&ifk=3020273950&scr_x=-12245933&scr_y=-12245933&eid=31063685&oid=2&pvsid=224540066830682&pem=594&tmod=387639656&top=https%3A%2F%2Fbiggbos.live%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C303%2C385&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7dkcuzndbxa2&fsb=1&xpc=KmroDWfNV0&p=https%3A//hellonewyork.xyz&dtd=338
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7913044002918072&plah=hellonewyork.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 15 Nov 2021 09:57:42 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
clear
expires
Mon, 15 Nov 2021 09:57:42 GMT
cache-control
private
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2BC7 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fhellonewyork.xyz%2Fthe-health-benefits-of-tea-and-coffee%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&tn=DIV&id=sab_wrap&ign=false&pw=306&ph=432&x=0&y=400.5
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Nov 2021 09:57:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame FEB9 		0
305 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4160146996525608&output=html&adk=3046330955&adf=1929293502&plat=1%3A16843264%2C2%3A66048%2C3%3A32%2C4%3A32%2C8%3A66048%2C9%3A66048%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fhellonewyork.xyz%2Fhats.php%3Futm_source%3Dgoogle%26utm_medium%3DOrganic%26utm_campaign%3Dremarketing%26utm_term%3Dstarcush&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636970262379&bpp=1&bdt=690&idt=111&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&prev_slotnames=www.hellonewyork.xyz&nras=1&correlator=8707385499887&frm=24&ife=1&pv=2&ga_vid=1554387818.1636970262&ga_sid=1636970262&ga_hid=1997930561&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=306&ish=432&ifk=2354337978&scr_x=-12245933&scr_y=-12245933&eid=21066429&oid=2&pvsid=4162867029326899&pem=594&tmod=1125090641&top=https%3A%2F%2Fbiggbos.live%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C306%2C432&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=3&uci=3.vp9dcudlyu16&fsb=1&dtd=119
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7913044002918072&plah=hellonewyork.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 15 Nov 2021 09:57:42 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
clear
expires
Mon, 15 Nov 2021 09:57:42 GMT
cache-control
private
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2AF5 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fhellonewyork.xyz%2Fnine-weight-loss-mistakes%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&tn=DIV&id=sab_wrap&ign=false&pw=303&ph=385&x=0&y=354
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/nine-weight-loss-mistakes/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Nov 2021 09:57:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 8CA8 		0
273 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4160146996525608&output=html&adk=3046330955&adf=1929293503&plat=1%3A16843264%2C2%3A66048%2C3%3A32%2C4%3A32%2C8%3A66048%2C9%3A66048%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fhellonewyork.xyz%2Fad2.php%3Futm_source%3Dgoogle%26utm_medium%3DOrganic%26utm_campaign%3Dremarketing%26utm_term%3Dstarcush%2Blatest%2Bapps%2Bnews&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636970262445&bpp=2&bdt=744&idt=55&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&prev_slotnames=www.hellonewyork.xyz&nras=1&correlator=3315091412403&frm=24&ife=1&pv=2&ga_vid=995182780.1636970262&ga_sid=1636970262&ga_hid=264937165&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=303&ish=385&ifk=3020273950&scr_x=-12245933&scr_y=-12245933&eid=31063685&oid=2&pvsid=224540066830682&pem=594&tmod=387639656&top=https%3A%2F%2Fbiggbos.live%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C303%2C385&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=2&uci=2.f53hdom5m2j3&fsb=1&dtd=70
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7913044002918072&plah=hellonewyork.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 15 Nov 2021 09:57:42 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
clear
expires
Mon, 15 Nov 2021 09:57:42 GMT
cache-control
private
impl.20211115-6-RELEASE.js
cdn.taboola.com/libtrc/ Frame 2BC7 		601 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20211115-6-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/hellonewyorkpak/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
6854b6747c4bc23cf6bd557255c78ce183473267d0299b08c75b982d1549eca1

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
KfFIH4aVZBCEDKe8EVsVZ5G6l0SlKZaP
content-encoding
br
etag
"e0c612f19a33ae4f0c6997384dd07a20"
age
505
x-cache
HIT
content-length
125487
x-amz-id-2
8Zpy9pbCkPa/KyrV/wDIX6PiE6T9rybFFiwWop49b6t5+vne4VdW1eT3AU0UF32lQddxWXTRem8=
x-served-by
cache-cdg20781-CDG
last-modified
Mon, 15 Nov 2021 09:48:58 GMT
server
AmazonS3-br
x-timer
S1636970263.532322,VS0,VE0
date
Mon, 15 Nov 2021 09:57:42 GMT
vary
Accept-Encoding
x-amz-request-id
W01DQ05E4SD2S3B4
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
85
x-cache-hits
132
beacon.js
sb.scorecardresearch.com/ Frame 2BC7 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/hellonewyorkpak/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-42.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 03:30:19 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
24050
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
Rvwni_CLF5t14_z7boFGclnFgu41uRRczocdoRxZ126j-ZYpE2DxOw==
impl.20211115-6-RELEASE.js
cdn.taboola.com/libtrc/ Frame A97E 		601 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20211115-6-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/hellonewyorkpak/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
6854b6747c4bc23cf6bd557255c78ce183473267d0299b08c75b982d1549eca1

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
KfFIH4aVZBCEDKe8EVsVZ5G6l0SlKZaP
content-encoding
br
etag
"e0c612f19a33ae4f0c6997384dd07a20"
age
505
x-cache
HIT
content-length
125487
x-amz-id-2
8Zpy9pbCkPa/KyrV/wDIX6PiE6T9rybFFiwWop49b6t5+vne4VdW1eT3AU0UF32lQddxWXTRem8=
x-served-by
cache-cdg20781-CDG
last-modified
Mon, 15 Nov 2021 09:48:58 GMT
server
AmazonS3-br
x-timer
S1636970263.536911,VS0,VE0
date
Mon, 15 Nov 2021 09:57:42 GMT
vary
Accept-Encoding
x-amz-request-id
W01DQ05E4SD2S3B4
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
85
x-cache-hits
133
beacon.js
sb.scorecardresearch.com/ Frame A97E 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/hellonewyorkpak/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-42.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 03:30:19 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
24050
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
8RYjBxvB4fZ4TWIdyvSQs2TIDFw688Nb354EstXkMYMORMyvDn9_EQ==
impl.20211115-6-RELEASE.js
cdn.taboola.com/libtrc/ Frame 2AF5 		601 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20211115-6-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/hellonewyorkpak/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
6854b6747c4bc23cf6bd557255c78ce183473267d0299b08c75b982d1549eca1

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
KfFIH4aVZBCEDKe8EVsVZ5G6l0SlKZaP
content-encoding
br
etag
"e0c612f19a33ae4f0c6997384dd07a20"
age
505
x-cache
HIT
content-length
125487
x-amz-id-2
8Zpy9pbCkPa/KyrV/wDIX6PiE6T9rybFFiwWop49b6t5+vne4VdW1eT3AU0UF32lQddxWXTRem8=
x-served-by
cache-cdg20781-CDG
last-modified
Mon, 15 Nov 2021 09:48:58 GMT
server
AmazonS3-br
x-timer
S1636970263.543271,VS0,VE0
date
Mon, 15 Nov 2021 09:57:42 GMT
vary
Accept-Encoding
x-amz-request-id
W01DQ05E4SD2S3B4
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
85
x-cache-hits
134
beacon.js
sb.scorecardresearch.com/ Frame 2AF5 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/hellonewyorkpak/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-42.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 03:30:19 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
24050
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
iQnS3-GOCbF2owIQWKveX4fRvx71RbdKDScev0vNMv5gu8AYeal4rw==
ads
googleads.g.doubleclick.net/pagead/ Frame EAC2 		24 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=50&slotname=www.hellonewyork.xyz&adk=3010877171&adf=3552636261&pi=t.ma~as.www.hellonewyork.xyz&w=320&lmt=1636970262&url=https%3A%2F%2Fhellonewyork.xyz%2Fthe-health-benefits-of-tea-and-coffee%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636970262164&bpp=11&bdt=448&idt=380&shv=r20211109&mjsv=m202111080101&ptt=5&saldr=sa&correlator=3004978434039&frm=22&ife=1&pv=2&ga_vid=1843449854.1636970262&ga_sid=1636970262&ga_hid=1155179708&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=306&ish=432&ifk=2354337978&scr_x=-12245933&scr_y=-12245933&oid=2&pvsid=784279982248323&pem=594&tmod=1961044485&top=https%3A%2F%2Fbiggbos.live%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C306%2C432&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cp1ytyh3ieht&fsb=1&xpc=Uca5JMde6z&p=https%3A//hellonewyork.xyz&dtd=394
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7913044002918072&plah=hellonewyork.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aa2f78652f214c6ad18977b0094febab544e73f7ae52cd7a098972cf388b5006
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 15 Nov 2021 09:57:42 GMT
server
cafe
content-length
11569
x-xss-protection
0
alt-svc
clear
gen_204
pagead2.googlesyndication.com/pagead/ Frame A97E 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fhellonewyork.xyz%2Fthe-health-benefits-of-tea-and-coffee%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&tn=DIV&id=sab_wrap&ign=false&pw=306&ph=432&x=0&y=400.5
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Nov 2021 09:57:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame FB3D 		0
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4160146996525608&output=html&adk=3046330955&adf=1929293632&plat=1%3A16843264%2C2%3A66048%2C3%3A32%2C4%3A32%2C8%3A66048%2C9%3A66048%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fhellonewyork.xyz%2Fhats.php%3Futm_source%3Dgoogle%26utm_medium%3DOrganic%26utm_campaign%3Dremarketing%26utm_term%3Dstarcush&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636970262401&bpp=2&bdt=685&idt=189&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&prev_slotnames=www.hellonewyork.xyz&nras=1&correlator=3004978434039&frm=24&ife=1&pv=2&ga_vid=1843449854.1636970262&ga_sid=1636970262&ga_hid=1155179708&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=306&ish=432&ifk=2354337978&scr_x=-12245933&scr_y=-12245933&oid=2&pvsid=784279982248323&pem=594&tmod=1961044485&top=https%3A%2F%2Fbiggbos.live%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C306%2C432&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=3&uci=3.8b3v4kchsnl7&fsb=1&dtd=200
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7913044002918072&plah=hellonewyork.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 15 Nov 2021 09:57:42 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
clear
json
trc.taboola.com/hellonewyorkpak/trc/3/ Frame 2BC7 		33 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/hellonewyorkpak/trc/3/json?tim=09%3A57%3A42.638&lti=deflated&data=%7B%22id%22%3A278%2C%22ii%22%3A%22%2Fthe-health-benefits-of-tea-and-coffee%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1636970238007%2C%22vi%22%3A1636970262636%2C%22cv%22%3A%2220211115-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fhellonewyork.xyz%2Fthe-health-benefits-of-tea-and-coffee%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fhellonewyork.xyz%2Fthe-health-benefits-of-tea-and-coffee%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A306%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A432%2C%22dw%22%3A306%2C%22dh%22%3A3266%2C%22qs%22%3A%22%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A2%2C%22uim%22%3A%22thumbnails-mid%3Aabp%3D0%22%2C%22uip%22%3A%22Mid%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Mid%20Article%20Thumbnails%22%2C%22cd%22%3A723%2C%22mw%22%3A262.9375%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A60%2C%22uim%22%3A%22thumbnails-b%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%20New1%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%20New1%22%2C%22cd%22%3A1113%2C%22mw%22%3A302.9375%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-rr%3Aabp%3D0%22%2C%22uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22orig_uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22cd%22%3A1113%2C%22mw%22%3A302.9375%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fthe-health-benefits-of-tea-and-coffee%2CBelow%20Article%20Thumbnails%20New1%3Dthumbnails-b%3Aabp%3D0%2C%2CMid%20Article%20Thumbnails%3Dthumbnails-mid%3Aabp%3D0%2C%2CRight%20Rail%20Thumbnails%3Dthumbnails-rr%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211115-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
63d825e1d2acb840cee7f8c6107f7fe98d451b5c36a9e41f212f25f79335c08b

Request headers

Referer
https://hellonewyork.xyz/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
428
date
Mon, 15 Nov 2021 09:57:43 GMT
content-encoding
gzip
server
nginx
x-timer
S1636970263.655653,VS0,VE428
x-served-by
cache-cdg20781-CDG
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://hellonewyork.xyz
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
container.html
79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4D09 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063719
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 15 Nov 2021 09:57:42 GMT
expires
Tue, 15 Nov 2022 09:57:42 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
clear
json
trc.taboola.com/hellonewyorkpak/trc/3/ Frame A97E 		27 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/hellonewyorkpak/trc/3/json?tim=09%3A57%3A42.692&lti=deflated&data=%7B%22id%22%3A770%2C%22ii%22%3A%22%2Fthe-health-benefits-of-tea-and-coffee%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1636970238007%2C%22vi%22%3A1636970262691%2C%22cv%22%3A%2220211115-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fhellonewyork.xyz%2Fthe-health-benefits-of-tea-and-coffee%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fhellonewyork.xyz%2Fthe-health-benefits-of-tea-and-coffee%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing%22%2C%22e%22%3A%22https%3A%2F%2Fhellonewyork.xyz%2Fthe-health-benefits-of-tea-and-coffee%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A306%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A432%2C%22dw%22%3A306%2C%22dh%22%3A3516%2C%22qs%22%3A%22%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A2%2C%22uim%22%3A%22thumbnails-mid%3Aabp%3D0%22%2C%22uip%22%3A%22Mid%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Mid%20Article%20Thumbnails%22%2C%22cd%22%3A973%2C%22mw%22%3A262.9375%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A60%2C%22uim%22%3A%22thumbnails-b%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%20New1%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%20New1%22%2C%22cd%22%3A1363%2C%22mw%22%3A302.9375%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-rr%3Aabp%3D0%22%2C%22uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22orig_uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22cd%22%3A1363%2C%22mw%22%3A302.9375%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fthe-health-benefits-of-tea-and-coffee%2CBelow%20Article%20Thumbnails%20New1%3Dthumbnails-b%3Aabp%3D0%2C%2CMid%20Article%20Thumbnails%3Dthumbnails-mid%3Aabp%3D0%2C%2CRight%20Rail%20Thumbnails%3Dthumbnails-rr%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211115-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d8ea4b836e4ec0a41758f39200b11f49368330fc59db1777944a067a83b64140

Request headers

Referer
https://hellonewyork.xyz/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
420
date
Mon, 15 Nov 2021 09:57:43 GMT
content-encoding
gzip
server
nginx
x-timer
S1636970263.699244,VS0,VE420
x-served-by
cache-cdg20781-CDG
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://hellonewyork.xyz
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
json
trc.taboola.com/hellonewyorkpak/trc/3/ Frame 2AF5 		35 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/hellonewyorkpak/trc/3/json?tim=09%3A57%3A42.701&lti=deflated&data=%7B%22id%22%3A102%2C%22ii%22%3A%22%2Fnine-weight-loss-mistakes%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1636970238007%2C%22vi%22%3A1636970262700%2C%22cv%22%3A%2220211115-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fhellonewyork.xyz%2Fnine-weight-loss-mistakes%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fhellonewyork.xyz%2Fnine-weight-loss-mistakes%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing%22%2C%22e%22%3A%22https%3A%2F%2Fhellonewyork.xyz%2Fthe-health-benefits-of-tea-and-coffee%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A303%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A385%2C%22dw%22%3A303%2C%22dh%22%3A4575%2C%22qs%22%3A%22%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A2%2C%22uim%22%3A%22thumbnails-mid%3Aabp%3D0%22%2C%22uip%22%3A%22Mid%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Mid%20Article%20Thumbnails%22%2C%22cd%22%3A1297%2C%22mw%22%3A259.96875%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A60%2C%22uim%22%3A%22thumbnails-b%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%20New1%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%20New1%22%2C%22cd%22%3A2361%2C%22mw%22%3A299.96875%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-rr%3Aabp%3D0%22%2C%22uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22orig_uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22cd%22%3A2361%2C%22mw%22%3A299.96875%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fnine-weight-loss-mistakes%2CBelow%20Article%20Thumbnails%20New1%3Dthumbnails-b%3Aabp%3D0%2C%2CMid%20Article%20Thumbnails%3Dthumbnails-mid%3Aabp%3D0%2C%2CRight%20Rail%20Thumbnails%3Dthumbnails-rr%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211115-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e12634fc28fdb920977e213574cf6d4b4d99dfa242eae8192e5647e5daafa33b

Request headers

Referer
https://hellonewyork.xyz/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
420
date
Mon, 15 Nov 2021 09:57:43 GMT
content-encoding
gzip
server
nginx
x-timer
S1636970263.708375,VS0,VE420
x-served-by
cache-cdg20781-CDG
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://hellonewyork.xyz
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
container.html
fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FAF4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js?31063704
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 15 Nov 2021 09:57:42 GMT
expires
Tue, 15 Nov 2022 09:57:42 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
clear
b2
sb.scorecardresearch.com/ Frame 2BC7
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1636970262751&ns_c=UTF-8&ns_if=1&cv=3.5&c8=The%20health%20benefits%20of%20tea%20and%20coffee%20-%20HelloNewyork&c7=https%3A%2F%2Fhello...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1636970262751&ns_c=UTF-8&ns_if=1&cv=3.5&c8=The%20health%20benefits%20of%20tea%20and%20coffee%20-%20HelloNewyork&c7=https%3A%2F%2Fhell...
64 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1636970262751&ns_c=UTF-8&ns_if=1&cv=3.5&c8=The%20health%20benefits%20of%20tea%20and%20coffee%20-%20HelloNewyork&c7=https%3A%2F%2Fhellonewyork.xyz%2Fthe-health-benefits-of-tea-and-coffee%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&c9=https%3A%2F%2Fhellonewyork.xyz%2Fhats.php%3Futm_source%3Dgoogle%26utm_medium%3DOrganic%26utm_campaign%3Dremarketing%26utm_term%3Dstarcush
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Server
13.225.78.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-42.fra2.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:42 GMT
via
1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
KWvoERRY8AO2NE5PMRwtVbZs7sL8ufERqa-Qw3cOBtnXz_pdygCZLA==

Redirect headers

date
Mon, 15 Nov 2021 09:57:42 GMT
via
1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1636970262751&ns_c=UTF-8&ns_if=1&cv=3.5&c8=The%20health%20benefits%20of%20tea%20and%20coffee%20-%20HelloNewyork&c7=https%3A%2F%2Fhellonewyork.xyz%2Fthe-health-benefits-of-tea-and-coffee%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&c9=https%3A%2F%2Fhellonewyork.xyz%2Fhats.php%3Futm_source%3Dgoogle%26utm_medium%3DOrganic%26utm_campaign%3Dremarketing%26utm_term%3Dstarcush
content-length
489
x-amz-cf-id
LOiH0efwID24o-EqSUfYalshtw14wu8PIf2degIi9SSG8H7MI8aLEQ==
b2
sb.scorecardresearch.com/ Frame A97E
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1636970262752&ns_c=UTF-8&ns_if=1&cv=3.5&c8=The%20health%20benefits%20of%20tea%20and%20coffee%20-%20HelloNewyork&c7=https%3A%2F%2Fhello...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1636970262752&ns_c=UTF-8&ns_if=1&cv=3.5&c8=The%20health%20benefits%20of%20tea%20and%20coffee%20-%20HelloNewyork&c7=https%3A%2F%2Fhell...
64 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1636970262752&ns_c=UTF-8&ns_if=1&cv=3.5&c8=The%20health%20benefits%20of%20tea%20and%20coffee%20-%20HelloNewyork&c7=https%3A%2F%2Fhellonewyork.xyz%2Fthe-health-benefits-of-tea-and-coffee%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&c9=https%3A%2F%2Fhellonewyork.xyz%2Fhats.php%3Futm_source%3Dgoogle%26utm_medium%3DOrganic%26utm_campaign%3Dremarketing%26utm_term%3Dstarcush
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Server
13.225.78.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-42.fra2.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:42 GMT
via
1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
WJnKvL4p3JXC1I0VpH9fzyf7vVcPJeSPsBavcndWOXcTp8WHNpidxQ==

Redirect headers

date
Mon, 15 Nov 2021 09:57:42 GMT
via
1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1636970262752&ns_c=UTF-8&ns_if=1&cv=3.5&c8=The%20health%20benefits%20of%20tea%20and%20coffee%20-%20HelloNewyork&c7=https%3A%2F%2Fhellonewyork.xyz%2Fthe-health-benefits-of-tea-and-coffee%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&c9=https%3A%2F%2Fhellonewyork.xyz%2Fhats.php%3Futm_source%3Dgoogle%26utm_medium%3DOrganic%26utm_campaign%3Dremarketing%26utm_term%3Dstarcush
content-length
489
x-amz-cf-id
OHp1ms8rMid79-Dv8MjIL-Z2m97YvfmGJknDrFFJ1FRhr_y_GA5idw==
b2
sb.scorecardresearch.com/ Frame 2AF5
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1636970262753&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Nine%20weight%20loss%20mistakes%20-%20HelloNewyork&c7=https%3A%2F%2Fhellonewyork.xyz%2Fnine...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1636970262753&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Nine%20weight%20loss%20mistakes%20-%20HelloNewyork&c7=https%3A%2F%2Fhellonewyork.xyz%2Fnin...
64 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1636970262753&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Nine%20weight%20loss%20mistakes%20-%20HelloNewyork&c7=https%3A%2F%2Fhellonewyork.xyz%2Fnine-weight-loss-mistakes%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&c9=https%3A%2F%2Fhellonewyork.xyz%2Fad2.php%3Futm_source%3Dgoogle%26utm_medium%3DOrganic%26utm_campaign%3Dremarketing%26utm_term%3Dstarcush%2Blatest%2Bapps%2Bnews
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/nine-weight-loss-mistakes/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Server
13.225.78.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-42.fra2.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:42 GMT
via
1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
aDJJh0w9t22taGRsHDwa8OZUVzuOVLQwDawV0iPcGN7SBMNkLQBxRw==

Redirect headers

date
Mon, 15 Nov 2021 09:57:42 GMT
via
1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1636970262753&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Nine%20weight%20loss%20mistakes%20-%20HelloNewyork&c7=https%3A%2F%2Fhellonewyork.xyz%2Fnine-weight-loss-mistakes%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&c9=https%3A%2F%2Fhellonewyork.xyz%2Fad2.php%3Futm_source%3Dgoogle%26utm_medium%3DOrganic%26utm_campaign%3Dremarketing%26utm_term%3Dstarcush%2Blatest%2Bapps%2Bnews
content-length
481
x-amz-cf-id
MAQl50UniZIUqatDZWq_1TYIbeKe3Mj2p4FsY2KNf66TNsCIN7PYSA==
integrator.js
adservice.google.fr/adsid/ Frame 2AF5 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.fr/adsid/integrator.js?domain=hellonewyork.xyz
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 15 Nov 2021 09:57:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
clear
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 2AF5 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=hellonewyork.xyz
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 15 Nov 2021 09:57:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
clear
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 2AF5 		39 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=224540066830682&correlator=2069520040461570&output=ldjh&impl=fif&eid=44754276&vrg=2021110901&ptt=17&sc=1&sfv=1-0-38&ecs=20211115&iu_parts=152344380%2Cca-pub-8804303781641925-tag%2CHellonewyork_DT_300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&cdm=hellonewyork.xyz&bc=31&abxe=1&lmt=1636970262&dt=1636970262781&dlt=1636970261701&idt=1072&ea=0&frm=24&biw=-12245933&bih=-12245933&isw=303&ish=385&oid=2&adxs=2&adys=1&adks=115767433&ucis=88nenbflpnzy&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fhellonewyork.xyz%2Fnine-weight-loss-mistakes%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ref=https%3A%2F%2Fhellonewyork.xyz%2Fad2.php%3Futm_source%3Dgoogle%26utm_medium%3DOrganic%26utm_campaign%3Dremarketing%26utm_term%3Dstarcush%2Blatest%2Bapps%2Bnews&top=https%3A%2F%2Fbiggbos.live%2F&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=299x0&msz=299x0&ga_vid=995182780.1636970262&ga_sid=1636970262&ga_hid=264937165&ga_fc=true&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
b82f83e118060c258cefc3e67be277478da9e24b56784f8177717b3fe2e0fdf8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
10111
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://hellonewyork.xyz
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
69177f9f531aa1006a27a6b1cc644f57.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 84E4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://69177f9f531aa1006a27a6b1cc644f57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 15 Nov 2021 09:57:42 GMT
expires
Tue, 15 Nov 2022 09:57:42 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
clear
adview
securepubads.g.doubleclick.net/pagead/ Frame 4D09 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C034oFi-SYeyBGYX2gAfk6YGYAc-HjptcwIbZgsYCwI23ARABIABg-4GAgIgKggEXY2EtcHViLTg4MDQzMDM3ODE2NDE5MjXIAQngAgCoAwGqBLoCT9Cr3x5ucjVIhEOpYweMo_nj88wPYb1nJVkoSLg-dY2svbDTmeJnYqgigXFqKe9BMK0Fx1ZqyOpUnIIdmr0f2tiAeSVFK-OS48dnoS9hquSsLVZiLV9TfKjDj8M3YXC0_7iOhBZQct21itVXtvcVr5RJJ2ULxgTczps-aKqQ3Z8QTsgAmunUjP_3_bhDiT9hufxEa0r95X8RljOu0Bv_N9Z6Q-NoFsKpz_9gcCJ5SDZo9dLQIeA-961YV5zQnKuH1-kfWw9gQazjWD8gOR_TxZDqDSXoUiyJeRbn0hcRjtn_MM3mkxFgNK-YhGjBFE9JOPEuukCDFtk4AoSMHLBfVzz5bqAghfyjsETZMPmJbSteHBnBSeTpHt3a_HLTCZI9dan347lIFoMjbAK-RBgQaMnAcwHKlmcSuwzgBAGABtLbseKiuIKJVqAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0zMTk5MjE5ODM4MDQ0MDAzgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTg4MDQzMDM3ODE2NDE5MjUYlPEd&sigh=zP15ykEPio8&uach_m=[UACH]&cid=CAQSKQCNIrLM6QUMvIyi-c029vZjsjC70vmelw0xdSl_S0ndXtqOza3SUC-YGAE&tpd=AGWhJmsepoyrfz6IcEeddCtmNVa1kEJ3NYqq7u4iws1Szho0FVwKsxz3pQEIeSxMsbDgbj3mLwsGZobkkOcVQCFdU-1AI99u36WFrV62yUQluBi92CYPDDQAq-BYz401us-BS3K7jCwlJDK5fu_n-_BtSjvHjx5v-sTGHeB4gaaw-bpZE7wzBt-WMAH70Y6kP4dkBMfPM4fV-YckbsKkg_gNd1r4a2NDXA_sktw6d1O5t8gGvI_ueVNG-Oi3krc3RMyIxfZOmJXyU64jcoJNHLaIW77G-eWriRNL2bLkrHo1Qz4x0QpS6CJEPSD7o7rBhVqT9mRc-1nKdV0SGKPSY2R_nTnXeWNKpQHKhatJdvR-5tQa9mBRR4-Ar3ekX6ppPgpzLGSFUhMa5_J0TARNMdBkwzfw824s5oikbpFlehDnu1Txg_b4ECAi28S4B2Fnsvdb2yc86gbak_ta1ozplpsvvhPE3J4Jcv881YOdgJdVtt_MRfm1_d62FdrAzAY-nxe1p9b5_uJNtnTrBaNbRc2ETtbefpxXe5jd20FekKuqQR1EE4zYudls26yJuHMUEYukuELjZXcC6jeBRjTlm2L_sw1S7O1EcqLaUK-jbTWp4vNR4A9CYM-5B1h45QEqRItQn3uCSGm787mAl7dUwiwbk9X_KU3fVzsoVLVmX57bEtOfq6wvDi9_4ox_oi29Y8glPC-AhOpn19CL94Jihk_9ApikKKTlNNJVxS9vzcJjvolqOPcp9kMovYeC7AqY8RJoIaju_S3dO0wUDRi9razKNxGyPZkiqWB4kJoLKYlUkm1TgLG8DX4P8G6eOQcK9Zed8vM-mOXlYPVNq85LYtgKXmlxFGeD5F-jZS8XdyaVl6D9ZXl3ylYno31LWJDIkDGYuC9khRti7d2gidjvYaYlfLL1zca6LMu2H90DBAj1OGzTxF7IbHlXmJ-Bx_aqxW6eS21KbnN5e-fgVvstfyetxthXQerH19E4CtgERAGvLWs3nAdBJEUQNswMeYM4CHFcC4Z7QI9Ic9_YU6Vf3io1xz3hut_W-tDP5KtzvUPtIVW4LnAM942f443m1bE7jfIjolPbPQJcSe_51Xrn
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
js
tags.mathtag.com/notify/ Frame 4D09 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTTJKa1pUVmlZMlV0TURsa1l5MHpaR1l3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzczNzM3ODY4NjU3OTg3ODI1ODUvNjY4NjM5OC80NjM3MjA5LzQvV192cXJBcEFHdlVURzhSN1NybmlneWw0MUg4NnpKdno5cmNDMDhDSFBEdy8xLzQvMC8wLzg5OTA3Mi82Mjg2NzM1MzYvMjE2NTM2LzYxNDY4MC8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzczNzM3ODY4NjU3OTg3ODI1ODUvYW1zLzAvOTgxLzQ1Lzk5OS8yNTgvMzcuMTIwLjIwNC4wLzAuMDAwLzE2MzY5NzAyNjIvMTYzNjk4Mjg2Mi80L3B1Yi04ODA0MzAzNzgxNjQxOTI1Lw/ZSN5VHucHOugGLMUJe6l014aneQ&nodeid=2820&group=cdg&auctionid=7373786865798782585&shardkey=7373786865798782585&sid=4637209&cid=6686398&bp=a_agbbhd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.99&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuWaIFi-SYeyBGYX2gAfk6YGYAc-HjptcwIbZgsYCwI23ARABIABg-4GAgIgKggEXY2EtcHViLTg4MDQzMDM3ODE2NDE5MjXIAQngAgCoAwGqBL0CT9Cr3x5ucjVIhEOpYweMo_nj88wPYb1nJVkoSLg-dY2svbDTmeJnYqgigXFqKe9BMK0Fx1ZqyOpUnIIdmr0f2tiAeSVFK-OS48dnoS9hquSsLVZiLV9TfKjDj8M3YXC0_7iOhBZQct21itVXtvcVr5RJJ2ULxgTczps-aKqQ3Z8QTsgAmunUjP_3_bhDiT9hufxEa0r95X8RljOu0Bv_N9Z6Q-NoFsKpz_9gcCJ5SDZo9dLQIeA-961YV5zQnKuH1-kfWw9gQazjWD8gOR_TxZDqDSXoUiyJeRbn0hcRjtn_MM3mkxFgNK-YhGjBFE9JOPEuukCDFtk4AoSMHLBfVzz5bqAghfyjsETZMPmJbSteHBnBC-bIjHFmWHVerdqWrelYE6RcHD8pQhpf-dhQxzNhbS3SOP6uvIHIoJjgBAGABtLbseKiuIKJVqAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0zMTk5MjE5ODM4MDQ0MDAz-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1eFyIr-w9KVTkIoOapPS6N7AOVNw%26client%3Dca-pub-8804303781641925%26adurl%3D
Requested by
Host: 79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com
URL: https://79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.208.2 /
Resource Hash
9308f974e1dde5cf37c3b882f1cc85da444fa7a04b121206120dc46fe600e943

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 15 Nov 2021 09:57:42 GMT
Content-Encoding
gzip
x-mm-bid-request-time
1636970262
Last-Modified
Mon, 15 Nov 2021 09:57:42 GMT
Server
MMBD/3.208.2
x-mm-latency
13 (0)
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg
Count
Cache-Control
no-cache
x-mm-host
zrh-router-x22, cdg-bidder-x169
Connection
close
Content-Type
application/x-javascript; charset=UTF-8
Expires
Mon, 15 Nov 2021 09:57:41 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 4D09 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js
Requested by
Host: 79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com
URL: https://79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:53:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
256
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 Nov 2021 09:53:26 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4D09 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com
URL: https://79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
clear
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 15 Nov 2021 09:57:42 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 4D09 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com
URL: https://79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:53:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
232
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
6461
x-xss-protection
0
server
cafe
etag
16025856826866802794
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 Nov 2021 09:53:50 GMT
l
www.google.com/ads/measurement/ Frame 4D09 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSkr84zWknURhEyVyZOb5_JFg7nbsY0g3W_w4esf6ufcxRQ3FINJexQn7o2a6rs0xG18jqcxkMACmLjFNrRcZJKoRWiEw
Requested by
Host: 79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com
URL: https://79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 4D09 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com
URL: https://79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 21:52:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43536
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 14 Nov 2022 21:52:06 GMT
16045810131142822689
tpc.googlesyndication.com/daca_images/simgad/ Frame 355A 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/16045810131142822689
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=50&slotname=www.hellonewyork.xyz&adk=3010877171&adf=3552636263&pi=t.ma~as.www.hellonewyork.xyz&w=320&lmt=1636970262&url=https%3A%2F%2Fhellonewyork.xyz%2Fthe-health-benefits-of-tea-and-coffee%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636970262088&bpp=20&bdt=399&idt=324&shv=r20211109&mjsv=m202111080101&ptt=5&saldr=sa&correlator=8707385499887&frm=22&ife=1&pv=2&ga_vid=1554387818.1636970262&ga_sid=1636970262&ga_hid=1997930561&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=306&ish=432&ifk=2354337978&scr_x=-12245933&scr_y=-12245933&eid=21066429&oid=2&pvsid=4162867029326899&pem=594&tmod=1125090641&top=https%3A%2F%2Fbiggbos.live%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C306%2C432&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.fj1c0kcayvs0&fsb=1&xpc=A43YqvkZBJ&p=https%3A//hellonewyork.xyz&dtd=337
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5638b297bad891d75a97d3c0a0465f0f2c7b628f9550616d0036d780affb982d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 06:12:18 GMT
x-content-type-options
nosniff
age
186324
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
18638
x-xss-protection
0
last-modified
Sun, 10 Oct 2021 06:47:57 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 13 Nov 2022 06:12:18 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/ Frame 355A 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=50&slotname=www.hellonewyork.xyz&adk=3010877171&adf=3552636263&pi=t.ma~as.www.hellonewyork.xyz&w=320&lmt=1636970262&url=https%3A%2F%2Fhellonewyork.xyz%2Fthe-health-benefits-of-tea-and-coffee%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636970262088&bpp=20&bdt=399&idt=324&shv=r20211109&mjsv=m202111080101&ptt=5&saldr=sa&correlator=8707385499887&frm=22&ife=1&pv=2&ga_vid=1554387818.1636970262&ga_sid=1636970262&ga_hid=1997930561&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=306&ish=432&ifk=2354337978&scr_x=-12245933&scr_y=-12245933&eid=21066429&oid=2&pvsid=4162867029326899&pem=594&tmod=1125090641&top=https%3A%2F%2Fbiggbos.live%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C306%2C432&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.fj1c0kcayvs0&fsb=1&xpc=A43YqvkZBJ&p=https%3A//hellonewyork.xyz&dtd=337
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
777750fd9d46194a2030dfa9a045e3890cbec3a8f38aa5c761b6e3cedfd8c72b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:55:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
122
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
7882
x-xss-protection
0
server
cafe
etag
2787528384799239804
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 Nov 2021 09:55:40 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 355A 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=50&slotname=www.hellonewyork.xyz&adk=3010877171&adf=3552636263&pi=t.ma~as.www.hellonewyork.xyz&w=320&lmt=1636970262&url=https%3A%2F%2Fhellonewyork.xyz%2Fthe-health-benefits-of-tea-and-coffee%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636970262088&bpp=20&bdt=399&idt=324&shv=r20211109&mjsv=m202111080101&ptt=5&saldr=sa&correlator=8707385499887&frm=22&ife=1&pv=2&ga_vid=1554387818.1636970262&ga_sid=1636970262&ga_hid=1997930561&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=306&ish=432&ifk=2354337978&scr_x=-12245933&scr_y=-12245933&eid=21066429&oid=2&pvsid=4162867029326899&pem=594&tmod=1125090641&top=https%3A%2F%2Fbiggbos.live%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C306%2C432&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.fj1c0kcayvs0&fsb=1&xpc=A43YqvkZBJ&p=https%3A//hellonewyork.xyz&dtd=337
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:53:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
256
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 Nov 2021 09:53:26 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 355A 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=50&slotname=www.hellonewyork.xyz&adk=3010877171&adf=3552636263&pi=t.ma~as.www.hellonewyork.xyz&w=320&lmt=1636970262&url=https%3A%2F%2Fhellonewyork.xyz%2Fthe-health-benefits-of-tea-and-coffee%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636970262088&bpp=20&bdt=399&idt=324&shv=r20211109&mjsv=m202111080101&ptt=5&saldr=sa&correlator=8707385499887&frm=22&ife=1&pv=2&ga_vid=1554387818.1636970262&ga_sid=1636970262&ga_hid=1997930561&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=306&ish=432&ifk=2354337978&scr_x=-12245933&scr_y=-12245933&eid=21066429&oid=2&pvsid=4162867029326899&pem=594&tmod=1125090641&top=https%3A%2F%2Fbiggbos.live%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C306%2C432&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.fj1c0kcayvs0&fsb=1&xpc=A43YqvkZBJ&p=https%3A//hellonewyork.xyz&dtd=337
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
clear
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 15 Nov 2021 09:57:42 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 355A 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=50&slotname=www.hellonewyork.xyz&adk=3010877171&adf=3552636263&pi=t.ma~as.www.hellonewyork.xyz&w=320&lmt=1636970262&url=https%3A%2F%2Fhellonewyork.xyz%2Fthe-health-benefits-of-tea-and-coffee%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636970262088&bpp=20&bdt=399&idt=324&shv=r20211109&mjsv=m202111080101&ptt=5&saldr=sa&correlator=8707385499887&frm=22&ife=1&pv=2&ga_vid=1554387818.1636970262&ga_sid=1636970262&ga_hid=1997930561&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=306&ish=432&ifk=2354337978&scr_x=-12245933&scr_y=-12245933&eid=21066429&oid=2&pvsid=4162867029326899&pem=594&tmod=1125090641&top=https%3A%2F%2Fbiggbos.live%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C306%2C432&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.fj1c0kcayvs0&fsb=1&xpc=A43YqvkZBJ&p=https%3A//hellonewyork.xyz&dtd=337
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:53:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
232
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
6461
x-xss-protection
0
server
cafe
etag
16025856826866802794
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 Nov 2021 09:53:50 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 355A 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=50&slotname=www.hellonewyork.xyz&adk=3010877171&adf=3552636263&pi=t.ma~as.www.hellonewyork.xyz&w=320&lmt=1636970262&url=https%3A%2F%2Fhellonewyork.xyz%2Fthe-health-benefits-of-tea-and-coffee%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636970262088&bpp=20&bdt=399&idt=324&shv=r20211109&mjsv=m202111080101&ptt=5&saldr=sa&correlator=8707385499887&frm=22&ife=1&pv=2&ga_vid=1554387818.1636970262&ga_sid=1636970262&ga_hid=1997930561&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=306&ish=432&ifk=2354337978&scr_x=-12245933&scr_y=-12245933&eid=21066429&oid=2&pvsid=4162867029326899&pem=594&tmod=1125090641&top=https%3A%2F%2Fbiggbos.live%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C306%2C432&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.fj1c0kcayvs0&fsb=1&xpc=A43YqvkZBJ&p=https%3A//hellonewyork.xyz&dtd=337
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a39b209b9b9dda47f5ab83993311092d861d5c3347876521cc6b9847c93411e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 04:08:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20941
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
11380
x-xss-protection
0
server
cafe
etag
3114995264824872082
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 Nov 2021 04:08:41 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame AD14 		624 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNSVcxDwz3UYv-CctAEwAQ&v=APEucNUqFAeG6wbDtxKzQBXjYNnzkUTISAwGbUxqAIB-hX9vulu6RYTxmzR4b2Br4tY72xhAnpqlCbrtPTFT38EHF4nFBpM0cb0b3aJRTgAFd7wNHCEbwlSc7KJHTNetWFmEsy5XllGwINNuvxNaclYiIl_U8yhB4Si0J5tIbrTxy1PryOfWXpY
Requested by
Host: fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com
URL: https://fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 15 Nov 2021 09:57:42 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
clear
ad
googleads.g.doubleclick.net/dbm/ Frame FAF4 		72 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C6lWC-cQSAnZxwsu0fqyrn-gHKvEOMfwVDHs4N_GKxMkAGyULRu4YzpHypgqYI4WOVtJusESxztklgqd_LkL58fv7f_RAWJmdGaVHAdZVyqTqEd-5jbsDM_ukkc3qp3z3JSapUlGnBfGq-tGBb646nBIkbxA&dbm_d=AKAmf-A-UvXXbG8q7mz1beGo6f-84IfgHFJGnqhEyPU660bzdQjZ3gZm6p7PbzgkDoSXyZkq2cFDpwNGGaGOeX0VKL0DxXjWu0_C5ErAOgWjFGpVm3jEK72-aQPpiIIqeiv-zooN-qmXhrDyZ5OC3qVQuiKDjskBF-LNa7T4Kt58PK7d-RfSeDMsAq1n-gY31jGc9X33JsFToW48tcpOWRrhAy-WyxeWxrvrVX16Qs_Wvn0ed2HBbfM0UsPddU8-EE5oQfx9He_wXV2gZJxggWNGMNJaoz_3bZX8bkBjjx9j5frvC_yGJ9hfTC5czs_lDCiL7GiiGxPiWjaauqZ7PHyJCO78cajcR7HPlf6EA7tNYi2uijsOgGV2tiGPvPVYoFjIx09664tMPGKaN_O7MH-HzmxUrirUPNG6seXZUK876bf-nlHfsMlYueRft64o86UqvQnrpAPzCgG4O_u22J0fiBpRNmMCA0C2IraL8HyXlHX9mIdDn3azwN-2B42MjeO_-PuPkSIpGy4CFE4Sla-Ky9v2PWctDlYQD4DuxuQmy4Km68Oom3QaKnKRocq-yfAOj-zky8Junkcyv9p1O58v4zjrxi2p0sDRAuIpzsfKuutvhyzvrq69O8urRSkyqSOkmGpsn0L44038gQOy9Luc0tmj64A0Jepe5KdSrpvtJlPftccxVUELSlXPntHFutyagHo9Cas1Z3mwAYpbgivJvanA_Qizk9sRut3V7BfT-0HPL78RaEHedpa-lbOc9VLYtLLjQXDTbcMwieUZjkYN0bup2B9YnLMObjV4hQCuxN9xyWSvNVHpnlOj7kcVK6jSQTcCBf_lHdZDMZuCnV_5803YFKX1BgefghLizSZ-zKgB_2-LnqHwd5QFRvxtATKck1tV7Nt1UZFl8O5tMrGVoK6EgC9km7aDXPsFGtdfX6bdW2bBj5wqEJmVVvxb8jwZwgEfJbv2ZPCrclWD9MuLGgrgIVNkXH85jY4MaKXaia9S4oC8ctC3iQykd_UiaMjM4PJCabiMDwwnJ1C_hS2A6LfoMGLkSn_-8K_GajHqxTJ7nUAQ1lo3VfFmI8EGm9vua54-JG3D7MK3-xsKtOVK_j43Al-II-CegA6pnRsP3wsKLLC-kXd8eCrNr_PWfQfy2xBimt-q-NOPI1xGD4BFpG0hw4UMfIvTMr8Fq4kqchrBGt3G6NRja2Gaj7XssDt3oSqVMQWYZxQ9Mcs9lpQxETIT9e1XM0731xDwnvzFEJ7uUn_MeW6DXALlOuDtGgjhSVkYUAsfiCrysNvppOlTyFipQGhrEY_m1l22x1uMhEDW0AogS9qYn2ZxRvLnrE-1aWlbRCM0UsBlrFcI7XSXr55MeCsltDv9Sl_KlTKVChRQ30Zsn-2hi0z_UCU_KSPU07a81yceg2srMnLi-SdRDvsU3kXbdwtYmsFQrtuCUxx0fGgIdf6oWXkiikr--De3oHMneRYIH8w69jAbjrVVpqKt34PMr1D2YRnegZXsj0qPNxCLtzVwOnan8ZhNWDPCy0EPGbk_6mRvX3G0HKtDKVaIuLuNi8tRtdV_iZCvWKvofU4GNWaR9ZwAhdagqoJoxgb_21pFcffEji09_hKgQYVS3dujuxIHfUfahxPXDy90h0gb2F6BoVdk-JxHBkfbibU8dXJPcCldvwm0q_sUAJZZdKuChKr-iDaFK69KA6KRbVBCFY6vxeVRAhkGSPUeGsAeKGWTJAeQt-Jh67X3K6lqhlOnzh9drXApQQorhvFfNsHILJ4yiDyL5e-qqfc32RFvKy0x5dXSuQjIhnUjaDJr87Y-qRkeQP_IY_fXvnx6os0h5WB6bkITlWaf8hAsCbRcVqKUKfCG6-FlhCN7vBgrJLxIZ3APxQ_whc3z5CehwrOVzIgpnbVs9Ck6ISmhnepMGyDibh4LUUxtnHJcfCMquf1yAeq_jhFQZLFlsgG0LetMYuOYIRErRbzzOKS-kj1RNFvEZvQq2wwu-ehDcPhN6_W_RBjSJEMYJzF0pXCTnCvu85dOTcSyxbE3oBu2md1w_dP8C8JaCSbc10M6bGwYIyopANwEeRrXwTzCXoF61e7DjP92g7OxRBJGsx9nAiV4fBvLElOx9tvEscOCZtsMo61A-T_qQhPCQXfIWWps9xbkGX2DzmD1prV8MEM58i-9j756kBOw6Tm6-Zpx4hHxBJUbItp8F6sDIpepC8ciFEW_TqxabockbUw_N_fGiksTij-bbHLkt0Hpg035jrcRFeZvUMIWRY5v9DEJaWH9vRTuehc0YghpCHoaAIvmfzqC-DsJ2-kfCuFiGVGN_Hs0VHKtb29l8SGfzWDoUBiFt1wDtBkjHqAiy19lHrGITnBFVsY4VdELWfr84JlQOwcRjm9W1t5P2DwWugpJ9-NtCDIVz2t8nvPpIEt5laa-cREdC4Ie9R80pCWtCEUguerNWg-_1RdkbWGKGuevVKOYrSVqcZht_1591GdD3xkZ8hMHViWLu6m0JvQOtJNxG14uvPGKUcPqn4poVWNa8sUj4oBWO1ryBi9S1bG5-PdTXfQJOTiYVUjGnhZVZexlFT-T5mPN8gabYuS9kd_n8aazYiirT5M7BvFJ0QnAlSaafQb3XOgGZnEg2cYB3MY09EeJn34oo4Ychn7yQMig5ZlIRXH_LZL-2sH0d3Qgkpwuto3LnQoVddrQlnMOVjYcwDZCk-Xa9qdVW0W0xuWwbcegbGz8wnojA07gJSIemkVzNjPtw_TDdTz480fzE-32jzp4Z0KDTzjlgzSaNXlJMIo7ztKSNAf7-syeLKm6kj6wPrDoDh05EQinjsOA27cwloP-Q2TKNMVBiIl1vur7064e0MRs9dsOHROAbRgwiM-1pqUG46SXBr0uDUIBHcdu00zQOaI6WZuJp0KHZx-jWatxyRefIep8VInQ98vigZ_XJ9iW3CcS2KS2d5JxWmHOT1xTKG8nyMTHGXdTGB4lpGSduuglfBHEhj6wVguW1m2APAjr369aIHnFS7N1Rf-VLPqslSis9D6PT12TV12zig6DZckNeZaFo2_Q0V9K2xXCADCmMF1MPt5Tcw-H57OVA6XEETYFHXpwogbbfdpgW3eSvHbAgOhDH9McrGlvU2Iy3MCqODxVer8fr1DE4cIuwzvoS0DKMT1lF8iabVPHfoVkz5SfUJtFTnxoFF7dr1MGpanin6r1Ao1GFZadTQ6mMLmnHujGNschzLNdHWc0pRE2EUu-k9dM_QxFZmp60rPe4HENIzBb92mSoBTRyuN33NJR2PCGLIrerBYBRviTbhucAkq7lnZwOAftHpK_KZZK6amc82oS&cid=CAASEuRoCGWXL9KInozHH-PncEuMvw&rfl=3%2Chttps%253A%252F%252Fbiggbos.live%242%2C%2Chttps%253A%252F%252Fhellonewyork.xyz%252F%240
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
17b686a9db1b6e7b9f35717bf2142cb0b9a0208699fdae7c927be2e2f4c44aaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Nov 2021 09:57:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
clear
content-length
30968
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FAF4 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CYdrSu25F8vxEPBgO4ZodAvPd2jeUzGOWA36VpExm1nsNTaN-anqHMSDMQW5IhLO9P_-bPhRI9RHfHPi3daKzT2Lrsa80J4uTm65I5kQ_64vM12Jk
Requested by
Host: fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com
URL: https://fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Nov 2021 09:57:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame FAF4 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js
Requested by
Host: fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com
URL: https://fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:53:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
256
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 Nov 2021 09:53:26 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FAF4 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com
URL: https://fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
clear
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 15 Nov 2021 09:57:42 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame FAF4 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com
URL: https://fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:53:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
232
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
6461
x-xss-protection
0
server
cafe
etag
16025856826866802794
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 Nov 2021 09:53:50 GMT
js
tags.mathtag.com/notify/ Frame EAC2 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTVRRelltVmpOalV0WlRabU1DMHlZekE0TFRBd01EQXRNREF3TURBd01EQXdNREF3LzI3NjIxMDA4NDg0NDUxNDk5MjIvNjY4NjQwNi80NjM3MjA5LzQvV192cXJBcEFHdlVURzhSN1NybmlnNXZ2NElVM3FrWEFUVkZSZHUweGQtOC8xLzQvMC8wLzg5OTA3Mi8wLzIxNjUzNi82MTQ2ODAvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yNzYyMTAwODQ4NDQ1MTQ5OTIyL2Ftcy8wLzk4MS80NS85OTkvMjU4LzIwMDE6YWM4OjI1OjovMC4wMDAvMTYzNjk3MDI2Mi8xNjM2OTgyODYyLzQvcHViLTc5MTMwNDQwMDI5MTgwNzIv/-51SeFRA2DuqeYKEU1dvPibkkHg&nodeid=2822&group=cdg&auctionid=2762100848445149922&shardkey=2762100848445149922&sid=4637209&cid=6686406&bp=a_agbbhd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.134.180&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuHLaFi-SYevrI8_I7gPVm6GoDM-HjptcwIbZgsYCwI23ARABIABg-4GAgIgKggEXY2EtcHViLTc5MTMwNDQwMDI5MTgwNzLIAQmoAwGqBPABT9ASTs1FUqy-uAX0e-_YLW3NsEzvb5YA1nhsgFc0yW52DMsqv4QhJI6Zk3gkD4IpdzZnxb4r7ewQbMbIrgSYiIKPIroX64B21cysfK2T4orOpXZ5Y11pZgWfHWZV5Cq3zebxNysPMyzokIPGCmxG4iufm8yNK8Fr41TUf2MmWad33Bf9xKlsEaSVJoQ8ie8ksy8KueTn3GhrQWufK0cg2qqpeu0zj3yniWJwAEZC9DvmQ0oUmiYBPzH5-18Pxa4SAZgM7ZNB0EWkTkFLWGzR9S6iLxXrqZMvzSYHW5geVg5xmOGcOSCYcxsXnV5skYfZgAbv57T24_fuxfEBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTc1ODQ3MTA4MDI4ODE2NTT6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0B5KFrJzvUKxPQu45sxCtE8O0Wmw%26client%3Dca-pub-7913044002918072%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=50&slotname=www.hellonewyork.xyz&adk=3010877171&adf=3552636261&pi=t.ma~as.www.hellonewyork.xyz&w=320&lmt=1636970262&url=https%3A%2F%2Fhellonewyork.xyz%2Fthe-health-benefits-of-tea-and-coffee%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636970262164&bpp=11&bdt=448&idt=380&shv=r20211109&mjsv=m202111080101&ptt=5&saldr=sa&correlator=3004978434039&frm=22&ife=1&pv=2&ga_vid=1843449854.1636970262&ga_sid=1636970262&ga_hid=1155179708&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=306&ish=432&ifk=2354337978&scr_x=-12245933&scr_y=-12245933&oid=2&pvsid=784279982248323&pem=594&tmod=1961044485&top=https%3A%2F%2Fbiggbos.live%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C306%2C432&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cp1ytyh3ieht&fsb=1&xpc=Uca5JMde6z&p=https%3A//hellonewyork.xyz&dtd=394
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.208.2 /
Resource Hash
ad85a7fb08636994c220c3bae8eaba57a2900b0ae32750549121e0f8fc7367d8

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 15 Nov 2021 09:57:42 GMT
Content-Encoding
gzip
x-mm-bid-request-time
1636970262
Last-Modified
Mon, 15 Nov 2021 09:57:42 GMT
Server
MMBD/3.208.2
x-mm-latency
22 (1)
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg
Count
Cache-Control
no-cache
x-mm-host
zrh-router-x71, cdg-bidder-x171
Connection
close
Content-Type
application/x-javascript; charset=UTF-8
Expires
Mon, 15 Nov 2021 09:57:41 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame EAC2 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=50&slotname=www.hellonewyork.xyz&adk=3010877171&adf=3552636261&pi=t.ma~as.www.hellonewyork.xyz&w=320&lmt=1636970262&url=https%3A%2F%2Fhellonewyork.xyz%2Fthe-health-benefits-of-tea-and-coffee%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636970262164&bpp=11&bdt=448&idt=380&shv=r20211109&mjsv=m202111080101&ptt=5&saldr=sa&correlator=3004978434039&frm=22&ife=1&pv=2&ga_vid=1843449854.1636970262&ga_sid=1636970262&ga_hid=1155179708&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=306&ish=432&ifk=2354337978&scr_x=-12245933&scr_y=-12245933&oid=2&pvsid=784279982248323&pem=594&tmod=1961044485&top=https%3A%2F%2Fbiggbos.live%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C306%2C432&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cp1ytyh3ieht&fsb=1&xpc=Uca5JMde6z&p=https%3A//hellonewyork.xyz&dtd=394
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:53:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
256
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 Nov 2021 09:53:26 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EAC2 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=50&slotname=www.hellonewyork.xyz&adk=3010877171&adf=3552636261&pi=t.ma~as.www.hellonewyork.xyz&w=320&lmt=1636970262&url=https%3A%2F%2Fhellonewyork.xyz%2Fthe-health-benefits-of-tea-and-coffee%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636970262164&bpp=11&bdt=448&idt=380&shv=r20211109&mjsv=m202111080101&ptt=5&saldr=sa&correlator=3004978434039&frm=22&ife=1&pv=2&ga_vid=1843449854.1636970262&ga_sid=1636970262&ga_hid=1155179708&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=306&ish=432&ifk=2354337978&scr_x=-12245933&scr_y=-12245933&oid=2&pvsid=784279982248323&pem=594&tmod=1961044485&top=https%3A%2F%2Fbiggbos.live%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C306%2C432&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cp1ytyh3ieht&fsb=1&xpc=Uca5JMde6z&p=https%3A//hellonewyork.xyz&dtd=394
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
clear
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 15 Nov 2021 09:57:42 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame EAC2 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=50&slotname=www.hellonewyork.xyz&adk=3010877171&adf=3552636261&pi=t.ma~as.www.hellonewyork.xyz&w=320&lmt=1636970262&url=https%3A%2F%2Fhellonewyork.xyz%2Fthe-health-benefits-of-tea-and-coffee%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636970262164&bpp=11&bdt=448&idt=380&shv=r20211109&mjsv=m202111080101&ptt=5&saldr=sa&correlator=3004978434039&frm=22&ife=1&pv=2&ga_vid=1843449854.1636970262&ga_sid=1636970262&ga_hid=1155179708&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=306&ish=432&ifk=2354337978&scr_x=-12245933&scr_y=-12245933&oid=2&pvsid=784279982248323&pem=594&tmod=1961044485&top=https%3A%2F%2Fbiggbos.live%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C306%2C432&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cp1ytyh3ieht&fsb=1&xpc=Uca5JMde6z&p=https%3A//hellonewyork.xyz&dtd=394
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:53:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
232
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
6461
x-xss-protection
0
server
cafe
etag
16025856826866802794
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 Nov 2021 09:53:50 GMT
l
www.google.com/ads/measurement/ Frame EAC2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQkVC-vQrvKqB2PPNCnNvNW6ixc0uM1Xs96dfkbSp6y6TJET6h-cHI4t1wkJd3Lr6hUxQw_cWOrDl89ich9p8t6mXy96g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=50&slotname=www.hellonewyork.xyz&adk=3010877171&adf=3552636261&pi=t.ma~as.www.hellonewyork.xyz&w=320&lmt=1636970262&url=https%3A%2F%2Fhellonewyork.xyz%2Fthe-health-benefits-of-tea-and-coffee%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636970262164&bpp=11&bdt=448&idt=380&shv=r20211109&mjsv=m202111080101&ptt=5&saldr=sa&correlator=3004978434039&frm=22&ife=1&pv=2&ga_vid=1843449854.1636970262&ga_sid=1636970262&ga_hid=1155179708&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=306&ish=432&ifk=2354337978&scr_x=-12245933&scr_y=-12245933&oid=2&pvsid=784279982248323&pem=594&tmod=1961044485&top=https%3A%2F%2Fbiggbos.live%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C306%2C432&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cp1ytyh3ieht&fsb=1&xpc=Uca5JMde6z&p=https%3A//hellonewyork.xyz&dtd=394
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
adview
googleads.g.doubleclick.net/pagead/ Frame EAC2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CunuvFi-SYevrI8_I7gPVm6GoDM-HjptcwIbZgsYCwI23ARABIABg-4GAgIgKggEXY2EtcHViLTc5MTMwNDQwMDI5MTgwNzLIAQmoAwGqBO0BT9ASTs1FUqy-uAX0e-_YLW3NsEzvb5YA1nhsgFc0yW52DMsqv4QhJI6Zk3gkD4IpdzZnxb4r7ewQbMbIrgSYiIKPIroX64B21cysfK2T4orOpXZ5Y11pZgWfHWZV5Cq3zebxNysPMyzokIPGCmxG4iufm8yNK8Fr41TUf2MmWad33Bf9xKlsEaSVJoQ8ie8ksy8KueTn3GhrQWufK0cg2qqpeu0zj3yniWJwAEZC9DvmQ0oUmiYBPzH5-18Pxa4SAZgM7ZNB0Aemb9Pn5MjWeIrqhM2rBmMy2Sy7UbYGt7Ox2E5mmD60a7WOIVnhgAbv57T24_fuxfEBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTc1ODQ3MTA4MDI4ODE2NTSACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNzkxMzA0NDAwMjkxODA3MhjcgXU&sigh=lVRmJhXnKVw&uach_m=[UACH]&cid=CAQSKQCNIrLMLUHi_bUxjv3GmUngD1DeZLQnFUCIJ_6eC5esJTBo6aWszysvGAE&tpd=AGWhJmuvPpmUJxWM9-7YajFE3sUUN0BYSfVvtwW_ou-lCBnMHsX3lzzTyoq7GKJ7-JaCZkMZGbCoslrbx81I2DgTukYXTZkvQr7Gjh3zAznAbQMOafQQOp4cuDZ6JXArAYmJZ_GBNvCS7O82hs0r36xfdeUbUQf94-M1kvLMIzMV1FzcAjrJK07y-atSi1KPymoVDnl2InsuC9wu06BhJndgNMOSUyot45bmRganJLix3helWevBhYPSTKQZ2esWYCMm5VbYfaaB0aKs26rcHQB1Jzpfdf4AYWn6FY3Dxr-A9tzV_YQSV7RPUEL8iyg7LisTme3TrGDAFOeffFOqnR7orR7NQSkNlLLIuvI2d6VxTSUvSmMiH5dT7tIdszkpDXWAU4c5U2tJ8uAqR4_jlUdActjseqkkCwlebFLJ-hG8IuF-MGHklVT_geraV6Vu3BxMMKycKVirub_nYCO2uoGpE3ByUQLimFD-Ddve8L0UMXFDzaoSRV5V_ngbRHvT0kWmFiQPQmBnQ4-4EbdsQK25Rm8h9pTIZG--RhpZFBockKDck8F47hzKo9xG8t7bEeG-XDNF0lqzKR-tFP_tX9nvS9IkWIxWhkxTyFnKSXHr9FAH6O3EFWiWiWel9S5sIKoOYTzXszHW8XkNk9diKoj0SGHAfoLOHbipc12TOffSM7jdVDjEG-WCboQf4cAwh9LvZ61yhSaXSFk01kWrN5p1sLgOKmjhiVGUNaMPzBzY_LsmmeUXBhehddc45Y1P7LGdRQjm_eLpKmAt1ksdEk4ZSULL5dU4oHKDiemd5swRvUF8hl1fqj3j9GqyM_ixNjefF2IuYdF0fAMSIKZ9BHRt6jVUxLVzN8Iic-rhO4p9qCexPsh0zvNr-CIOPA1HZfz5fUHhZSeC9PElEN7NIKG0HpJYaDrl-REQefyP9R3sS0LEi3iLB3sxBU875SU6cJKqCuxDZDV2YtedFMhERveB1W5rXkfXJWjIbG3PTsJD2EIzEFvlHLzeGXN1Xg8T1pxUVN30ckwrJCEfv5OBXsC7uC0bkGUVtc3EDh3MsVo6nlmfFMuL_vlP4IuWIGD-Mrndvg-z
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=50&slotname=www.hellonewyork.xyz&adk=3010877171&adf=3552636261&pi=t.ma~as.www.hellonewyork.xyz&w=320&lmt=1636970262&url=https%3A%2F%2Fhellonewyork.xyz%2Fthe-health-benefits-of-tea-and-coffee%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636970262164&bpp=11&bdt=448&idt=380&shv=r20211109&mjsv=m202111080101&ptt=5&saldr=sa&correlator=3004978434039&frm=22&ife=1&pv=2&ga_vid=1843449854.1636970262&ga_sid=1636970262&ga_hid=1155179708&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=306&ish=432&ifk=2354337978&scr_x=-12245933&scr_y=-12245933&oid=2&pvsid=784279982248323&pem=594&tmod=1961044485&top=https%3A%2F%2Fbiggbos.live%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C306%2C432&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cp1ytyh3ieht&fsb=1&xpc=Uca5JMde6z&p=https%3A//hellonewyork.xyz&dtd=394
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=50&slotname=www.hellonewyork.xyz&adk=3010877171&adf=3552636261&pi=t.ma~as.www.hellonewyork.xyz&w=320&lmt=1636970262&url=https%3A%2F%2Fhellonewyork.xyz%2Fthe-health-benefits-of-tea-and-coffee%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636970262164&bpp=11&bdt=448&idt=380&shv=r20211109&mjsv=m202111080101&ptt=5&saldr=sa&correlator=3004978434039&frm=22&ife=1&pv=2&ga_vid=1843449854.1636970262&ga_sid=1636970262&ga_hid=1155179708&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=306&ish=432&ifk=2354337978&scr_x=-12245933&scr_y=-12245933&oid=2&pvsid=784279982248323&pem=594&tmod=1961044485&top=https%3A%2F%2Fbiggbos.live%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C306%2C432&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cp1ytyh3ieht&fsb=1&xpc=Uca5JMde6z&p=https%3A//hellonewyork.xyz&dtd=394
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 15 Nov 2021 09:57:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
clear
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 4D0E 		143 B
222 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=50&slotname=www.hellonewyork.xyz&adk=3010877171&adf=3552636263&pi=t.ma~as.www.hellonewyork.xyz&w=320&lmt=1636970262&url=https%3A%2F%2Fhellonewyork.xyz%2Fthe-health-benefits-of-tea-and-coffee%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636970262088&bpp=20&bdt=399&idt=324&shv=r20211109&mjsv=m202111080101&ptt=5&saldr=sa&correlator=8707385499887&frm=22&ife=1&pv=2&ga_vid=1554387818.1636970262&ga_sid=1636970262&ga_hid=1997930561&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=306&ish=432&ifk=2354337978&scr_x=-12245933&scr_y=-12245933&eid=21066429&oid=2&pvsid=4162867029326899&pem=594&tmod=1125090641&top=https%3A%2F%2Fbiggbos.live%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C306%2C432&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.fj1c0kcayvs0&fsb=1&xpc=A43YqvkZBJ&p=https%3A//hellonewyork.xyz&dtd=337
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=50&slotname=www.hellonewyork.xyz&adk=3010877171&adf=3552636263&pi=t.ma~as.www.hellonewyork.xyz&w=320&lmt=1636970262&url=https%3A%2F%2Fhellonewyork.xyz%2Fthe-health-benefits-of-tea-and-coffee%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636970262088&bpp=20&bdt=399&idt=324&shv=r20211109&mjsv=m202111080101&ptt=5&saldr=sa&correlator=8707385499887&frm=22&ife=1&pv=2&ga_vid=1554387818.1636970262&ga_sid=1636970262&ga_hid=1997930561&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=306&ish=432&ifk=2354337978&scr_x=-12245933&scr_y=-12245933&eid=21066429&oid=2&pvsid=4162867029326899&pem=594&tmod=1125090641&top=https%3A%2F%2Fbiggbos.live%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C306%2C432&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.fj1c0kcayvs0&fsb=1&xpc=A43YqvkZBJ&p=https%3A//hellonewyork.xyz&dtd=337

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 15 Nov 2021 09:37:41 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1201
alt-svc
clear
redir.html
p4-atfgjzduejpb2-chhulcweoy55jjcb-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 74EB 		247 B
836 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p4-atfgjzduejpb2-chhulcweoy55jjcb-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=50&slotname=www.hellonewyork.xyz&adk=3010877171&adf=3552636263&pi=t.ma~as.www.hellonewyork.xyz&w=320&lmt=1636970262&url=https%3A%2F%2Fhellonewyork.xyz%2Fthe-health-benefits-of-tea-and-coffee%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636970262088&bpp=20&bdt=399&idt=324&shv=r20211109&mjsv=m202111080101&ptt=5&saldr=sa&correlator=8707385499887&frm=22&ife=1&pv=2&ga_vid=1554387818.1636970262&ga_sid=1636970262&ga_hid=1997930561&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=306&ish=432&ifk=2354337978&scr_x=-12245933&scr_y=-12245933&eid=21066429&oid=2&pvsid=4162867029326899&pem=594&tmod=1125090641&top=https%3A%2F%2Fbiggbos.live%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C306%2C432&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.fj1c0kcayvs0&fsb=1&xpc=A43YqvkZBJ&p=https%3A//hellonewyork.xyz&dtd=337
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
e3d98fb5b9e84b642124588b369ed6ade1fa7b38e4e6300d81ece5d9b1f2aefd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
content-security-policy-report-only
script-src 'nonce-ZXraONFsATSKbvJeiZEvxw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length
202
date
Mon, 15 Nov 2021 09:57:42 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
last-modified
Mon, 02 Dec 2019 20:15:00 GMT
x-content-type-options
nosniff
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
clear
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame FCB9 		1 KB
864 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=50&slotname=www.hellonewyork.xyz&adk=3010877171&adf=3552636263&pi=t.ma~as.www.hellonewyork.xyz&w=320&lmt=1636970262&url=https%3A%2F%2Fhellonewyork.xyz%2Fthe-health-benefits-of-tea-and-coffee%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636970262088&bpp=20&bdt=399&idt=324&shv=r20211109&mjsv=m202111080101&ptt=5&saldr=sa&correlator=8707385499887&frm=22&ife=1&pv=2&ga_vid=1554387818.1636970262&ga_sid=1636970262&ga_hid=1997930561&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=306&ish=432&ifk=2354337978&scr_x=-12245933&scr_y=-12245933&eid=21066429&oid=2&pvsid=4162867029326899&pem=594&tmod=1125090641&top=https%3A%2F%2Fbiggbos.live%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C306%2C432&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.fj1c0kcayvs0&fsb=1&xpc=A43YqvkZBJ&p=https%3A//hellonewyork.xyz&dtd=337
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 14 Nov 2021 18:26:41 GMT
expires
Mon, 15 Nov 2021 18:26:41 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
55861
cache-control
public, max-age=86400
alt-svc
clear
rum
dsum-sec.casalemedia.com/ Frame AD14
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO7JFBhqd-lsgJTEwNT35vk&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO7JFBhqd-lsgJTEwNT35vk&google_cver=1&C=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO7JFBhqd-lsgJTEwNT35vk&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNSVcxDwz3UYv-CctAEwAQ&v=APEucNUqFAeG6wbDtxKzQBXjYNnzkUTISAwGbUxqAIB-hX9vulu6RYTxmzR4b2Br4tY72xhAnpqlCbrtPTFT38EHF4nFBpM0cb0b3aJRTgAFd7wNHCEbwlSc7KJHTNetWFmEsy5XllGwINNuvxNaclYiIl_U8yhB4Si0J5tIbrTxy1PryOfWXpY
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 Nov 2021 09:57:43 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 15 Nov 2021 09:57:43 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 15 Nov 2021 09:57:43 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO7JFBhqd-lsgJTEwNT35vk&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Mon, 15 Nov 2021 09:57:43 GMT
rum
dsum-sec.casalemedia.com/ Frame AD14
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZIvFvPOIpWQV7zE66BtSAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPK6vcv2XfwKgw_-g9nfScg&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPK6vcv2XfwKgw_-g9nfScg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNSVcxDwz3UYv-CctAEwAQ&v=APEucNUqFAeG6wbDtxKzQBXjYNnzkUTISAwGbUxqAIB-hX9vulu6RYTxmzR4b2Br4tY72xhAnpqlCbrtPTFT38EHF4nFBpM0cb0b3aJRTgAFd7wNHCEbwlSc7KJHTNetWFmEsy5XllGwINNuvxNaclYiIl_U8yhB4Si0J5tIbrTxy1PryOfWXpY
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 Nov 2021 09:57:43 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 15 Nov 2021 09:57:43 GMT

Redirect headers

pragma
no-cache
date
Mon, 15 Nov 2021 09:57:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPK6vcv2XfwKgw_-g9nfScg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
clear
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame AD14
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEC3GGL2M6rfo4TFtr7ui5r8&google_cver=1
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEC3GGL2M6rfo4TFtr7ui5r8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNSVcxDwz3UYv-CctAEwAQ&v=APEucNUqFAeG6wbDtxKzQBXjYNnzkUTISAwGbUxqAIB-hX9vulu6RYTxmzR4b2Br4tY72xhAnpqlCbrtPTFT38EHF4nFBpM0cb0b3aJRTgAFd7wNHCEbwlSc7KJHTNetWFmEsy5XllGwINNuvxNaclYiIl_U8yhB4Si0J5tIbrTxy1PryOfWXpY
Protocol
HTTP/1.1
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 Nov 2021 09:57:43 GMT
X-Proxy-Origin
37.120.204.194; 37.120.204.194; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
36638513-4906-45f6-9226-8d9efc9aa9e6
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 15 Nov 2021 09:57:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEC3GGL2M6rfo4TFtr7ui5r8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
clear
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AD14
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkwNjc3NDE5MDQzOTQ2MzYwOQ%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkwNjc3NDE5MDQzOTQ2MzYwOQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNSVcxDwz3UYv-CctAEwAQ&v=APEucNUqFAeG6wbDtxKzQBXjYNnzkUTISAwGbUxqAIB-hX9vulu6RYTxmzR4b2Br4tY72xhAnpqlCbrtPTFT38EHF4nFBpM0cb0b3aJRTgAFd7wNHCEbwlSc7KJHTNetWFmEsy5XllGwINNuvxNaclYiIl_U8yhB4Si0J5tIbrTxy1PryOfWXpY
Protocol
H2
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Nov 2021 09:57:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 15 Nov 2021 09:57:42 GMT
X-Proxy-Origin
37.120.204.194; 37.120.204.194; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
ea87989b-a54a-491a-9a2e-f6d358322a02
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkwNjc3NDE5MDQzOTQ2MzYwOQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame 355A 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9e9351987ab4c2c9927470f508620e5333d3631837cf5fead2f045281aa636fe

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame FAF4 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com/
Origin
https://fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 16:55:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61312
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Nov 2021 16:55:51 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/ Frame FAF4 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C6lWC-cQSAnZxwsu0fqyrn-gHKvEOMfwVDHs4N_GKxMkAGyULRu4YzpHypgqYI4WOVtJusESxztklgqd_LkL58fv7f_RAWJmdGaVHAdZVyqTqEd-5jbsDM_ukkc3qp3z3JSapUlGnBfGq-tGBb646nBIkbxA&dbm_d=AKAmf-A-UvXXbG8q7mz1beGo6f-84IfgHFJGnqhEyPU660bzdQjZ3gZm6p7PbzgkDoSXyZkq2cFDpwNGGaGOeX0VKL0DxXjWu0_C5ErAOgWjFGpVm3jEK72-aQPpiIIqeiv-zooN-qmXhrDyZ5OC3qVQuiKDjskBF-LNa7T4Kt58PK7d-RfSeDMsAq1n-gY31jGc9X33JsFToW48tcpOWRrhAy-WyxeWxrvrVX16Qs_Wvn0ed2HBbfM0UsPddU8-EE5oQfx9He_wXV2gZJxggWNGMNJaoz_3bZX8bkBjjx9j5frvC_yGJ9hfTC5czs_lDCiL7GiiGxPiWjaauqZ7PHyJCO78cajcR7HPlf6EA7tNYi2uijsOgGV2tiGPvPVYoFjIx09664tMPGKaN_O7MH-HzmxUrirUPNG6seXZUK876bf-nlHfsMlYueRft64o86UqvQnrpAPzCgG4O_u22J0fiBpRNmMCA0C2IraL8HyXlHX9mIdDn3azwN-2B42MjeO_-PuPkSIpGy4CFE4Sla-Ky9v2PWctDlYQD4DuxuQmy4Km68Oom3QaKnKRocq-yfAOj-zky8Junkcyv9p1O58v4zjrxi2p0sDRAuIpzsfKuutvhyzvrq69O8urRSkyqSOkmGpsn0L44038gQOy9Luc0tmj64A0Jepe5KdSrpvtJlPftccxVUELSlXPntHFutyagHo9Cas1Z3mwAYpbgivJvanA_Qizk9sRut3V7BfT-0HPL78RaEHedpa-lbOc9VLYtLLjQXDTbcMwieUZjkYN0bup2B9YnLMObjV4hQCuxN9xyWSvNVHpnlOj7kcVK6jSQTcCBf_lHdZDMZuCnV_5803YFKX1BgefghLizSZ-zKgB_2-LnqHwd5QFRvxtATKck1tV7Nt1UZFl8O5tMrGVoK6EgC9km7aDXPsFGtdfX6bdW2bBj5wqEJmVVvxb8jwZwgEfJbv2ZPCrclWD9MuLGgrgIVNkXH85jY4MaKXaia9S4oC8ctC3iQykd_UiaMjM4PJCabiMDwwnJ1C_hS2A6LfoMGLkSn_-8K_GajHqxTJ7nUAQ1lo3VfFmI8EGm9vua54-JG3D7MK3-xsKtOVK_j43Al-II-CegA6pnRsP3wsKLLC-kXd8eCrNr_PWfQfy2xBimt-q-NOPI1xGD4BFpG0hw4UMfIvTMr8Fq4kqchrBGt3G6NRja2Gaj7XssDt3oSqVMQWYZxQ9Mcs9lpQxETIT9e1XM0731xDwnvzFEJ7uUn_MeW6DXALlOuDtGgjhSVkYUAsfiCrysNvppOlTyFipQGhrEY_m1l22x1uMhEDW0AogS9qYn2ZxRvLnrE-1aWlbRCM0UsBlrFcI7XSXr55MeCsltDv9Sl_KlTKVChRQ30Zsn-2hi0z_UCU_KSPU07a81yceg2srMnLi-SdRDvsU3kXbdwtYmsFQrtuCUxx0fGgIdf6oWXkiikr--De3oHMneRYIH8w69jAbjrVVpqKt34PMr1D2YRnegZXsj0qPNxCLtzVwOnan8ZhNWDPCy0EPGbk_6mRvX3G0HKtDKVaIuLuNi8tRtdV_iZCvWKvofU4GNWaR9ZwAhdagqoJoxgb_21pFcffEji09_hKgQYVS3dujuxIHfUfahxPXDy90h0gb2F6BoVdk-JxHBkfbibU8dXJPcCldvwm0q_sUAJZZdKuChKr-iDaFK69KA6KRbVBCFY6vxeVRAhkGSPUeGsAeKGWTJAeQt-Jh67X3K6lqhlOnzh9drXApQQorhvFfNsHILJ4yiDyL5e-qqfc32RFvKy0x5dXSuQjIhnUjaDJr87Y-qRkeQP_IY_fXvnx6os0h5WB6bkITlWaf8hAsCbRcVqKUKfCG6-FlhCN7vBgrJLxIZ3APxQ_whc3z5CehwrOVzIgpnbVs9Ck6ISmhnepMGyDibh4LUUxtnHJcfCMquf1yAeq_jhFQZLFlsgG0LetMYuOYIRErRbzzOKS-kj1RNFvEZvQq2wwu-ehDcPhN6_W_RBjSJEMYJzF0pXCTnCvu85dOTcSyxbE3oBu2md1w_dP8C8JaCSbc10M6bGwYIyopANwEeRrXwTzCXoF61e7DjP92g7OxRBJGsx9nAiV4fBvLElOx9tvEscOCZtsMo61A-T_qQhPCQXfIWWps9xbkGX2DzmD1prV8MEM58i-9j756kBOw6Tm6-Zpx4hHxBJUbItp8F6sDIpepC8ciFEW_TqxabockbUw_N_fGiksTij-bbHLkt0Hpg035jrcRFeZvUMIWRY5v9DEJaWH9vRTuehc0YghpCHoaAIvmfzqC-DsJ2-kfCuFiGVGN_Hs0VHKtb29l8SGfzWDoUBiFt1wDtBkjHqAiy19lHrGITnBFVsY4VdELWfr84JlQOwcRjm9W1t5P2DwWugpJ9-NtCDIVz2t8nvPpIEt5laa-cREdC4Ie9R80pCWtCEUguerNWg-_1RdkbWGKGuevVKOYrSVqcZht_1591GdD3xkZ8hMHViWLu6m0JvQOtJNxG14uvPGKUcPqn4poVWNa8sUj4oBWO1ryBi9S1bG5-PdTXfQJOTiYVUjGnhZVZexlFT-T5mPN8gabYuS9kd_n8aazYiirT5M7BvFJ0QnAlSaafQb3XOgGZnEg2cYB3MY09EeJn34oo4Ychn7yQMig5ZlIRXH_LZL-2sH0d3Qgkpwuto3LnQoVddrQlnMOVjYcwDZCk-Xa9qdVW0W0xuWwbcegbGz8wnojA07gJSIemkVzNjPtw_TDdTz480fzE-32jzp4Z0KDTzjlgzSaNXlJMIo7ztKSNAf7-syeLKm6kj6wPrDoDh05EQinjsOA27cwloP-Q2TKNMVBiIl1vur7064e0MRs9dsOHROAbRgwiM-1pqUG46SXBr0uDUIBHcdu00zQOaI6WZuJp0KHZx-jWatxyRefIep8VInQ98vigZ_XJ9iW3CcS2KS2d5JxWmHOT1xTKG8nyMTHGXdTGB4lpGSduuglfBHEhj6wVguW1m2APAjr369aIHnFS7N1Rf-VLPqslSis9D6PT12TV12zig6DZckNeZaFo2_Q0V9K2xXCADCmMF1MPt5Tcw-H57OVA6XEETYFHXpwogbbfdpgW3eSvHbAgOhDH9McrGlvU2Iy3MCqODxVer8fr1DE4cIuwzvoS0DKMT1lF8iabVPHfoVkz5SfUJtFTnxoFF7dr1MGpanin6r1Ao1GFZadTQ6mMLmnHujGNschzLNdHWc0pRE2EUu-k9dM_QxFZmp60rPe4HENIzBb92mSoBTRyuN33NJR2PCGLIrerBYBRviTbhucAkq7lnZwOAftHpK_KZZK6amc82oS&cid=CAASEuRoCGWXL9KInozHH-PncEuMvw&rfl=3%2Chttps%253A%252F%252Fbiggbos.live%242%2C%2Chttps%253A%252F%252Fhellonewyork.xyz%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
3140
x-xss-protection
0
server
cafe
etag
17163059639670574047
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 Nov 2021 09:57:06 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/ Frame FAF4 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C6lWC-cQSAnZxwsu0fqyrn-gHKvEOMfwVDHs4N_GKxMkAGyULRu4YzpHypgqYI4WOVtJusESxztklgqd_LkL58fv7f_RAWJmdGaVHAdZVyqTqEd-5jbsDM_ukkc3qp3z3JSapUlGnBfGq-tGBb646nBIkbxA&dbm_d=AKAmf-A-UvXXbG8q7mz1beGo6f-84IfgHFJGnqhEyPU660bzdQjZ3gZm6p7PbzgkDoSXyZkq2cFDpwNGGaGOeX0VKL0DxXjWu0_C5ErAOgWjFGpVm3jEK72-aQPpiIIqeiv-zooN-qmXhrDyZ5OC3qVQuiKDjskBF-LNa7T4Kt58PK7d-RfSeDMsAq1n-gY31jGc9X33JsFToW48tcpOWRrhAy-WyxeWxrvrVX16Qs_Wvn0ed2HBbfM0UsPddU8-EE5oQfx9He_wXV2gZJxggWNGMNJaoz_3bZX8bkBjjx9j5frvC_yGJ9hfTC5czs_lDCiL7GiiGxPiWjaauqZ7PHyJCO78cajcR7HPlf6EA7tNYi2uijsOgGV2tiGPvPVYoFjIx09664tMPGKaN_O7MH-HzmxUrirUPNG6seXZUK876bf-nlHfsMlYueRft64o86UqvQnrpAPzCgG4O_u22J0fiBpRNmMCA0C2IraL8HyXlHX9mIdDn3azwN-2B42MjeO_-PuPkSIpGy4CFE4Sla-Ky9v2PWctDlYQD4DuxuQmy4Km68Oom3QaKnKRocq-yfAOj-zky8Junkcyv9p1O58v4zjrxi2p0sDRAuIpzsfKuutvhyzvrq69O8urRSkyqSOkmGpsn0L44038gQOy9Luc0tmj64A0Jepe5KdSrpvtJlPftccxVUELSlXPntHFutyagHo9Cas1Z3mwAYpbgivJvanA_Qizk9sRut3V7BfT-0HPL78RaEHedpa-lbOc9VLYtLLjQXDTbcMwieUZjkYN0bup2B9YnLMObjV4hQCuxN9xyWSvNVHpnlOj7kcVK6jSQTcCBf_lHdZDMZuCnV_5803YFKX1BgefghLizSZ-zKgB_2-LnqHwd5QFRvxtATKck1tV7Nt1UZFl8O5tMrGVoK6EgC9km7aDXPsFGtdfX6bdW2bBj5wqEJmVVvxb8jwZwgEfJbv2ZPCrclWD9MuLGgrgIVNkXH85jY4MaKXaia9S4oC8ctC3iQykd_UiaMjM4PJCabiMDwwnJ1C_hS2A6LfoMGLkSn_-8K_GajHqxTJ7nUAQ1lo3VfFmI8EGm9vua54-JG3D7MK3-xsKtOVK_j43Al-II-CegA6pnRsP3wsKLLC-kXd8eCrNr_PWfQfy2xBimt-q-NOPI1xGD4BFpG0hw4UMfIvTMr8Fq4kqchrBGt3G6NRja2Gaj7XssDt3oSqVMQWYZxQ9Mcs9lpQxETIT9e1XM0731xDwnvzFEJ7uUn_MeW6DXALlOuDtGgjhSVkYUAsfiCrysNvppOlTyFipQGhrEY_m1l22x1uMhEDW0AogS9qYn2ZxRvLnrE-1aWlbRCM0UsBlrFcI7XSXr55MeCsltDv9Sl_KlTKVChRQ30Zsn-2hi0z_UCU_KSPU07a81yceg2srMnLi-SdRDvsU3kXbdwtYmsFQrtuCUxx0fGgIdf6oWXkiikr--De3oHMneRYIH8w69jAbjrVVpqKt34PMr1D2YRnegZXsj0qPNxCLtzVwOnan8ZhNWDPCy0EPGbk_6mRvX3G0HKtDKVaIuLuNi8tRtdV_iZCvWKvofU4GNWaR9ZwAhdagqoJoxgb_21pFcffEji09_hKgQYVS3dujuxIHfUfahxPXDy90h0gb2F6BoVdk-JxHBkfbibU8dXJPcCldvwm0q_sUAJZZdKuChKr-iDaFK69KA6KRbVBCFY6vxeVRAhkGSPUeGsAeKGWTJAeQt-Jh67X3K6lqhlOnzh9drXApQQorhvFfNsHILJ4yiDyL5e-qqfc32RFvKy0x5dXSuQjIhnUjaDJr87Y-qRkeQP_IY_fXvnx6os0h5WB6bkITlWaf8hAsCbRcVqKUKfCG6-FlhCN7vBgrJLxIZ3APxQ_whc3z5CehwrOVzIgpnbVs9Ck6ISmhnepMGyDibh4LUUxtnHJcfCMquf1yAeq_jhFQZLFlsgG0LetMYuOYIRErRbzzOKS-kj1RNFvEZvQq2wwu-ehDcPhN6_W_RBjSJEMYJzF0pXCTnCvu85dOTcSyxbE3oBu2md1w_dP8C8JaCSbc10M6bGwYIyopANwEeRrXwTzCXoF61e7DjP92g7OxRBJGsx9nAiV4fBvLElOx9tvEscOCZtsMo61A-T_qQhPCQXfIWWps9xbkGX2DzmD1prV8MEM58i-9j756kBOw6Tm6-Zpx4hHxBJUbItp8F6sDIpepC8ciFEW_TqxabockbUw_N_fGiksTij-bbHLkt0Hpg035jrcRFeZvUMIWRY5v9DEJaWH9vRTuehc0YghpCHoaAIvmfzqC-DsJ2-kfCuFiGVGN_Hs0VHKtb29l8SGfzWDoUBiFt1wDtBkjHqAiy19lHrGITnBFVsY4VdELWfr84JlQOwcRjm9W1t5P2DwWugpJ9-NtCDIVz2t8nvPpIEt5laa-cREdC4Ie9R80pCWtCEUguerNWg-_1RdkbWGKGuevVKOYrSVqcZht_1591GdD3xkZ8hMHViWLu6m0JvQOtJNxG14uvPGKUcPqn4poVWNa8sUj4oBWO1ryBi9S1bG5-PdTXfQJOTiYVUjGnhZVZexlFT-T5mPN8gabYuS9kd_n8aazYiirT5M7BvFJ0QnAlSaafQb3XOgGZnEg2cYB3MY09EeJn34oo4Ychn7yQMig5ZlIRXH_LZL-2sH0d3Qgkpwuto3LnQoVddrQlnMOVjYcwDZCk-Xa9qdVW0W0xuWwbcegbGz8wnojA07gJSIemkVzNjPtw_TDdTz480fzE-32jzp4Z0KDTzjlgzSaNXlJMIo7ztKSNAf7-syeLKm6kj6wPrDoDh05EQinjsOA27cwloP-Q2TKNMVBiIl1vur7064e0MRs9dsOHROAbRgwiM-1pqUG46SXBr0uDUIBHcdu00zQOaI6WZuJp0KHZx-jWatxyRefIep8VInQ98vigZ_XJ9iW3CcS2KS2d5JxWmHOT1xTKG8nyMTHGXdTGB4lpGSduuglfBHEhj6wVguW1m2APAjr369aIHnFS7N1Rf-VLPqslSis9D6PT12TV12zig6DZckNeZaFo2_Q0V9K2xXCADCmMF1MPt5Tcw-H57OVA6XEETYFHXpwogbbfdpgW3eSvHbAgOhDH9McrGlvU2Iy3MCqODxVer8fr1DE4cIuwzvoS0DKMT1lF8iabVPHfoVkz5SfUJtFTnxoFF7dr1MGpanin6r1Ao1GFZadTQ6mMLmnHujGNschzLNdHWc0pRE2EUu-k9dM_QxFZmp60rPe4HENIzBb92mSoBTRyuN33NJR2PCGLIrerBYBRviTbhucAkq7lnZwOAftHpK_KZZK6amc82oS&cid=CAASEuRoCGWXL9KInozHH-PncEuMvw&rfl=3%2Chttps%253A%252F%252Fbiggbos.live%242%2C%2Chttps%253A%252F%252Fhellonewyork.xyz%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
376b71acfc81e9af8b707d78e0734ea7b92836f7b95603e7ee755ca480dfd49e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:56:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
9508
x-xss-protection
0
server
cafe
etag
4184452204472697813
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 Nov 2021 09:56:10 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame FCB9
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEN0MsgxIO6KgwC2rsQJf4BE&google_cver=1&google_push=AYg5qPJbkx7MJlXEKFuCHzTTV9RzngyEHDvFbERjUs0cLRtkvB4xz3cvx1dBrgwtFsT2T3lTqQg_DNg7MZBKOGdThbTAfC9AfPAq
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODgxODc3NjE4NTQxMzEyNzcyNw==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFbTTm1ILqqkiwn1T8S_I1g&google_cver=1
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFbTTm1ILqqkiwn1T8S_I1g&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=50&slotname=www.hellonewyork.xyz&adk=3010877171&adf=3552636263&pi=t.ma~as.www.hellonewyork.xyz&w=320&lmt=1636970262&url=https%3A%2F%2Fhellonewyork.xyz%2Fthe-health-benefits-of-tea-and-coffee%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636970262088&bpp=20&bdt=399&idt=324&shv=r20211109&mjsv=m202111080101&ptt=5&saldr=sa&correlator=8707385499887&frm=22&ife=1&pv=2&ga_vid=1554387818.1636970262&ga_sid=1636970262&ga_hid=1997930561&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=306&ish=432&ifk=2354337978&scr_x=-12245933&scr_y=-12245933&eid=21066429&oid=2&pvsid=4162867029326899&pem=594&tmod=1125090641&top=https%3A%2F%2Fbiggbos.live%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C306%2C432&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.fj1c0kcayvs0&fsb=1&xpc=A43YqvkZBJ&p=https%3A//hellonewyork.xyz&dtd=337
Protocol
H2
Server
2620:112:f002:bbbb::21 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Nov 2021 09:57:42 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Mon, 15 Nov 2021 09:57:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFbTTm1ILqqkiwn1T8S_I1g&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
clear
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FCB9
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDuYrYxBOepxLgjYmcZba3w&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDuYrYxBOepxLgjYmcZba3w&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MlNzT2txdXMxTU15S2I1&google_gid=CAESEDuYrYxBOepxLgjYmcZba3w&google_cver=1&google_push=AYg5qPILJ7Ey-ozezR10VjVuWK6nxmrrzG_YlmSMaS7FnAU...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MlNzT2txdXMxTU15S2I1&google_gid=CAESEDuYrYxBOepxLgjYmcZba3w&google_cver=1&google_push=AYg5qPILJ7Ey-ozezR10VjVuWK6nxmrrzG_YlmSMaS7FnAU0qwOlG04dOBWi7Osf5ql37RTvj8UDE-ynYSfsBpPgSlXKhftwhdUC
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=50&slotname=www.hellonewyork.xyz&adk=3010877171&adf=3552636263&pi=t.ma~as.www.hellonewyork.xyz&w=320&lmt=1636970262&url=https%3A%2F%2Fhellonewyork.xyz%2Fthe-health-benefits-of-tea-and-coffee%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636970262088&bpp=20&bdt=399&idt=324&shv=r20211109&mjsv=m202111080101&ptt=5&saldr=sa&correlator=8707385499887&frm=22&ife=1&pv=2&ga_vid=1554387818.1636970262&ga_sid=1636970262&ga_hid=1997930561&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=306&ish=432&ifk=2354337978&scr_x=-12245933&scr_y=-12245933&eid=21066429&oid=2&pvsid=4162867029326899&pem=594&tmod=1125090641&top=https%3A%2F%2Fbiggbos.live%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C306%2C432&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.fj1c0kcayvs0&fsb=1&xpc=A43YqvkZBJ&p=https%3A//hellonewyork.xyz&dtd=337
Protocol
H2
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Nov 2021 09:57:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 15 Nov 2021 09:57:42 GMT
Server
PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-02cbf440f9d738c39@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MlNzT2txdXMxTU15S2I1&google_gid=CAESEDuYrYxBOepxLgjYmcZba3w&google_cver=1&google_push=AYg5qPILJ7Ey-ozezR10VjVuWK6nxmrrzG_YlmSMaS7FnAU0qwOlG04dOBWi7Osf5ql37RTvj8UDE-ynYSfsBpPgSlXKhftwhdUC
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FCB9
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESED1kpOUECYFCcg_rou-GD4s&google_cver=1&google_push=AYg5qPJcpCawb4oI5waPr8e9Ve0uw9BPCFCcDrb-zefWpfjk-3s6KCaaWQfMgD-CCcAoJWMDo3CUQvE2WFBbp7_rz7xrm26a0DU
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F8E22F2882BA4B809AC6435785194E97&google_push=AYg5qPJcpCawb4oI5waPr8e9Ve0uw9BPCFCcDrb-zefWpfjk-3s6KCaaWQfMgD-CCcAoJWMDo3CUQvE2WFBbp7_...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F8E22F2882BA4B809AC6435785194E97&google_push=AYg5qPJcpCawb4oI5waPr8e9Ve0uw9BPCFCcDrb-zefWpfjk-3s6KCaaWQfMgD-CCcAoJWMDo3CUQvE2WFBbp7_rz7xrm26a0DU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=50&slotname=www.hellonewyork.xyz&adk=3010877171&adf=3552636263&pi=t.ma~as.www.hellonewyork.xyz&w=320&lmt=1636970262&url=https%3A%2F%2Fhellonewyork.xyz%2Fthe-health-benefits-of-tea-and-coffee%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636970262088&bpp=20&bdt=399&idt=324&shv=r20211109&mjsv=m202111080101&ptt=5&saldr=sa&correlator=8707385499887&frm=22&ife=1&pv=2&ga_vid=1554387818.1636970262&ga_sid=1636970262&ga_hid=1997930561&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=306&ish=432&ifk=2354337978&scr_x=-12245933&scr_y=-12245933&eid=21066429&oid=2&pvsid=4162867029326899&pem=594&tmod=1125090641&top=https%3A%2F%2Fbiggbos.live%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C306%2C432&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.fj1c0kcayvs0&fsb=1&xpc=A43YqvkZBJ&p=https%3A//hellonewyork.xyz&dtd=337
Protocol
H2
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Nov 2021 09:57:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 15 Nov 2021 09:57:43 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F8E22F2882BA4B809AC6435785194E97&google_push=AYg5qPJcpCawb4oI5waPr8e9Ve0uw9BPCFCcDrb-zefWpfjk-3s6KCaaWQfMgD-CCcAoJWMDo3CUQvE2WFBbp7_rz7xrm26a0DU
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Sun, 14 Nov 2021 09:57:43 GMT
google
d5p.de17a.com/cookies/ Frame FCB9 		35 B
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d5p.de17a.com/cookies/google?google_gid=CAESEK-o9LGwdNNMz4BJew9AKVI&google_cver=1&google_push=AYg5qPIUdYAp9U98y9uzD0WkjOf3__gzRq2_YnQnGvlhE3klRRVJrAZRfwv5Wvol76YcJYDhubx7U9JZbfBojwQXOcsL48EQZglJ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=50&slotname=www.hellonewyork.xyz&adk=3010877171&adf=3552636263&pi=t.ma~as.www.hellonewyork.xyz&w=320&lmt=1636970262&url=https%3A%2F%2Fhellonewyork.xyz%2Fthe-health-benefits-of-tea-and-coffee%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636970262088&bpp=20&bdt=399&idt=324&shv=r20211109&mjsv=m202111080101&ptt=5&saldr=sa&correlator=8707385499887&frm=22&ife=1&pv=2&ga_vid=1554387818.1636970262&ga_sid=1636970262&ga_hid=1997930561&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=306&ish=432&ifk=2354337978&scr_x=-12245933&scr_y=-12245933&eid=21066429&oid=2&pvsid=4162867029326899&pem=594&tmod=1125090641&top=https%3A%2F%2Fbiggbos.live%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C306%2C432&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.fj1c0kcayvs0&fsb=1&xpc=A43YqvkZBJ&p=https%3A//hellonewyork.xyz&dtd=337
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.155.156.165 Uppsala, Sweden, ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE),
Reverse DNS
213-155-156-165.teliacarrier-cust.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-type
image/gif
content-length
35
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame FCB9
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEH4VfR_dcEzG5kQYvc6P3co&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEH4VfR_dcEzG5kQYvc6P3co&google_push=AY...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZIvF62JHoSTdaj29yaqRgAABH4AAAAB&google_gid=CAESEH4VfR_dcEzG5kQYvc6P3co&google_push=AYg5qPLexGEQ_hZ1eL_QkcYK728ziTUTu6eUA5geeuDuBb4kcsL...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZIvF62JHoSTdaj29yaqRgAABH4AAAAB&google_gid=CAESEH4VfR_dcEzG5kQYvc6P3co&google_push=AYg5qPLexGEQ_hZ1eL_QkcYK728ziTUTu6eUA5geeuDuBb4kcsL...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZIvF62JHoSTdaj29yaqRgAABH4AAAAB&google_gid=CAESEH4VfR_dcEzG5kQYvc6P3co&google_push=AYg5qPLexGEQ_hZ1eL_QkcYK728ziTUTu6eUA5geeuDuBb4kcsL...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZIvF62JHoSTdaj29yaqRgAABH4AAAAB&google_gid=CAESEH4VfR_dcEzG5kQYvc6P3co&google_push=AYg5qPLexGEQ_hZ1eL_QkcYK728ziTUTu6eUA5geeuDuBb4kcsL...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZIvF62JHoSTdaj29yaqRgAABH4AAAAB&google_gid=CAESEH4VfR_dcEzG5kQYvc6P3co&google_push=AYg5qPLexGEQ_hZ1eL_QkcYK728ziTUTu6eUA5geeuDuBb4kcsL...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZIvF62JHoSTdaj29yaqRgAABH4AAAAB&google_gid=CAESEH4VfR_dcEzG5kQYvc6P3co&google_push=AYg5qPLexGEQ_hZ1eL_QkcYK728ziTUTu6eUA5geeuDuBb4kcsL...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZIvF62JHoSTdaj29yaqRgAABH4AAAAB&google_gid=CAESEH4VfR_dcEzG5kQYvc6P3co&google_push=AYg5qPLexGEQ_hZ1eL_QkcYK728ziTUTu6eUA5geeuDuBb4kcsL...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZIvF62JHoSTdaj29yaqRgAABH4AAAAB&google_gid=CAESEH4VfR_dcEzG5kQYvc6P3co&google_push=AYg5qPLexGEQ_hZ1eL_QkcYK728ziTUTu6eUA5geeuDuBb4kcsL...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZIvF62JHoSTdaj29yaqRgAABH4AAAAB&google_gid=CAESEH4VfR_dcEzG5kQYvc6P3co&google_push=AYg5qPLexGEQ_hZ1eL_QkcYK728ziTUTu6eUA5geeuDuBb4kcsL...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZIvF62JHoSTdaj29yaqRgAABH4AAAAB&google_gid=CAESEH4VfR_dcEzG5kQYvc6P3co&google_push=AYg5qPLexGEQ_hZ1eL_QkcYK728ziTUTu6eUA5geeuDuBb4kcsL...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZIvF62JHoSTdaj29yaqRgAABH4AAAAB&google_gid=CAESEH4VfR_dcEzG5kQYvc6P3co&google_push=AYg5qPLexGEQ_hZ1eL_QkcYK728ziTUTu6eUA5geeuDuBb4kcsL...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZIvF62JHoSTdaj29yaqRgAABH4AAAAB&google_gid=CAESEH4VfR_dcEzG5kQYvc6P3co&google_push=AYg5qPLexGEQ_hZ1eL_QkcYK728ziTUTu6eUA5geeuDuBb4kcsL...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZIvF62JHoSTdaj29yaqRgAABH4AAAAB&google_gid=CAESEH4VfR_dcEzG5kQYvc6P3co&google_push=AYg5qPLexGEQ_hZ1eL_QkcYK728ziTUTu6eUA5geeuDuBb4kcsL...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZIvF62JHoSTdaj29yaqRgAABH4AAAAB&google_gid=CAESEH4VfR_dcEzG5kQYvc6P3co&google_push=AYg5qPLexGEQ_hZ1eL_QkcYK728ziTUTu6eUA5geeuDuBb4kcsL...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZIvF62JHoSTdaj29yaqRgAABH4AAAAB&google_gid=CAESEH4VfR_dcEzG5kQYvc6P3co&google_push=AYg5qPLexGEQ_hZ1eL_QkcYK728ziTUTu6eUA5geeuDuBb4kcsL...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZIvF62JHoSTdaj29yaqRgAABH4AAAAB&google_gid=CAESEH4VfR_dcEzG5kQYvc6P3co&google_push=AYg5qPLexGEQ_hZ1eL_QkcYK728ziTUTu6eUA5geeuDuBb4kcsL...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZIvF62JHoSTdaj29yaqRgAABH4AAAAB&google_gid=CAESEH4VfR_dcEzG5kQYvc6P3co&google_push=AYg5qPLexGEQ_hZ1eL_QkcYK728ziTUTu6eUA5geeuDuBb4kcsL...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZIvF62JHoSTdaj29yaqRgAABH4AAAAB&google_gid=CAESEH4VfR_dcEzG5kQYvc6P3co&google_push=AYg5qPLexGEQ_hZ1eL_QkcYK728ziTUTu6eUA5geeuDuBb4kcsL...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZIvF62JHoSTdaj29yaqRgAABH4AAAAB&google_gid=CAESEH4VfR_dcEzG5kQYvc6P3co&google_push=AYg5qPLexGEQ_hZ1eL_QkcYK728ziTUTu6eUA5geeuDuBb4kcsL...
0
0
pixel
cm.g.doubleclick.net/ Frame FCB9
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEM6Nq2pyWy5PkopXElLz0h0&google_cver=1&google_push=AYg5qPKlJj0N5T4gvy25XrBsA8vRPQiRhM6-87BzIP46wcOCvyfoWmCs1Go3EofWTdnwx95ijonO2lEtKVhvPKURQ...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEM6Nq2pyWy5PkopXElLz0h0&google_cver=1&google_push=AYg5qPKlJj0N5T4gvy25XrBsA8vRPQiRhM6-87BzIP46wcOCvyfoWmCs1Go3EofWTdnwx95ijonO2lEtKVhvPKURQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKlJj0N5T4gvy25XrBsA8vRPQiRhM6-87BzIP46wcOCvyfoWmCs1Go3EofWTdnwx95ijonO2lEtKVhvPKURQp3xyi63SA0&google_hm=a3a62a171d0dd4f542089e8f
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKlJj0N5T4gvy25XrBsA8vRPQiRhM6-87BzIP46wcOCvyfoWmCs1Go3EofWTdnwx95ijonO2lEtKVhvPKURQp3xyi63SA0&google_hm=a3a62a171d0dd4f542089e8f
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=50&slotname=www.hellonewyork.xyz&adk=3010877171&adf=3552636263&pi=t.ma~as.www.hellonewyork.xyz&w=320&lmt=1636970262&url=https%3A%2F%2Fhellonewyork.xyz%2Fthe-health-benefits-of-tea-and-coffee%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636970262088&bpp=20&bdt=399&idt=324&shv=r20211109&mjsv=m202111080101&ptt=5&saldr=sa&correlator=8707385499887&frm=22&ife=1&pv=2&ga_vid=1554387818.1636970262&ga_sid=1636970262&ga_hid=1997930561&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=306&ish=432&ifk=2354337978&scr_x=-12245933&scr_y=-12245933&eid=21066429&oid=2&pvsid=4162867029326899&pem=594&tmod=1125090641&top=https%3A%2F%2Fbiggbos.live%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C306%2C432&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.fj1c0kcayvs0&fsb=1&xpc=A43YqvkZBJ&p=https%3A//hellonewyork.xyz&dtd=337
Protocol
H2
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Nov 2021 09:57:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 15 Nov 2021 09:57:43 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKlJj0N5T4gvy25XrBsA8vRPQiRhM6-87BzIP46wcOCvyfoWmCs1Go3EofWTdnwx95ijonO2lEtKVhvPKURQp3xyi63SA0&google_hm=a3a62a171d0dd4f542089e8f
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
pixel
cm.g.doubleclick.net/ Frame FCB9
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEEY568-apsfxUYMEcOH2TOw&google_cver=1&google_push=AYg5qPK1-U6tCEMUoG8-6fJykXIYDZO9SWdsBUAkU0AAkRTtbReHxyn2DWNUNLYrZdDIfYE85FHA9V4gfEnCDyDiscDvJe...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEEY568-apsfxUYMEcOH2TOw&google_cver=1&google_push=AYg5qPK1-U6tCEMUoG8-6fJykXIYDZO9SWdsBUAkU0AAkRTtbReHxyn2DWNUNLYrZdDIfYE85FHA9V4gfEnCDyDi...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=lD81222pSZeECg1a4i7tGg&google_push=AYg5qPK1-U6tCEMUoG8-6fJykXIYDZO9SWdsBUAkU0AAkRTtbReHxyn2DWNUNLYrZdDIfYE85FHA9V4gfEnCDyD...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=lD81222pSZeECg1a4i7tGg&google_push=AYg5qPK1-U6tCEMUoG8-6fJykXIYDZO9SWdsBUAkU0AAkRTtbReHxyn2DWNUNLYrZdDIfYE85FHA9V4gfEnCDyD...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=lD81222pSZeECg1a4i7tGg&google_push=AYg5qPK1-U6tCEMUoG8-6fJykXIYDZO9SWdsBUAkU0AAkRTtbReHxyn2DWNUNLYrZdDIfYE85FHA9V4gfEnCDyD...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=lD81222pSZeECg1a4i7tGg&google_push=AYg5qPK1-U6tCEMUoG8-6fJykXIYDZO9SWdsBUAkU0AAkRTtbReHxyn2DWNUNLYrZdDIfYE85FHA9V4gfEnCDyD...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=lD81222pSZeECg1a4i7tGg&google_push=AYg5qPK1-U6tCEMUoG8-6fJykXIYDZO9SWdsBUAkU0AAkRTtbReHxyn2DWNUNLYrZdDIfYE85FHA9V4gfEnCDyD...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=lD81222pSZeECg1a4i7tGg&google_push=AYg5qPK1-U6tCEMUoG8-6fJykXIYDZO9SWdsBUAkU0AAkRTtbReHxyn2DWNUNLYrZdDIfYE85FHA9V4gfEnCDyD...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=lD81222pSZeECg1a4i7tGg&google_push=AYg5qPK1-U6tCEMUoG8-6fJykXIYDZO9SWdsBUAkU0AAkRTtbReHxyn2DWNUNLYrZdDIfYE85FHA9V4gfEnCDyD...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=lD81222pSZeECg1a4i7tGg&google_push=AYg5qPK1-U6tCEMUoG8-6fJykXIYDZO9SWdsBUAkU0AAkRTtbReHxyn2DWNUNLYrZdDIfYE85FHA9V4gfEnCDyD...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=lD81222pSZeECg1a4i7tGg&google_push=AYg5qPK1-U6tCEMUoG8-6fJykXIYDZO9SWdsBUAkU0AAkRTtbReHxyn2DWNUNLYrZdDIfYE85FHA9V4gfEnCDyD...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=lD81222pSZeECg1a4i7tGg&google_push=AYg5qPK1-U6tCEMUoG8-6fJykXIYDZO9SWdsBUAkU0AAkRTtbReHxyn2DWNUNLYrZdDIfYE85FHA9V4gfEnCDyD...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=lD81222pSZeECg1a4i7tGg&google_push=AYg5qPK1-U6tCEMUoG8-6fJykXIYDZO9SWdsBUAkU0AAkRTtbReHxyn2DWNUNLYrZdDIfYE85FHA9V4gfEnCDyD...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=lD81222pSZeECg1a4i7tGg&google_push=AYg5qPK1-U6tCEMUoG8-6fJykXIYDZO9SWdsBUAkU0AAkRTtbReHxyn2DWNUNLYrZdDIfYE85FHA9V4gfEnCDyD...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=lD81222pSZeECg1a4i7tGg&google_push=AYg5qPK1-U6tCEMUoG8-6fJykXIYDZO9SWdsBUAkU0AAkRTtbReHxyn2DWNUNLYrZdDIfYE85FHA9V4gfEnCDyD...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=lD81222pSZeECg1a4i7tGg&google_push=AYg5qPK1-U6tCEMUoG8-6fJykXIYDZO9SWdsBUAkU0AAkRTtbReHxyn2DWNUNLYrZdDIfYE85FHA9V4gfEnCDyD...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=lD81222pSZeECg1a4i7tGg&google_push=AYg5qPK1-U6tCEMUoG8-6fJykXIYDZO9SWdsBUAkU0AAkRTtbReHxyn2DWNUNLYrZdDIfYE85FHA9V4gfEnCDyD...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=lD81222pSZeECg1a4i7tGg&google_push=AYg5qPK1-U6tCEMUoG8-6fJykXIYDZO9SWdsBUAkU0AAkRTtbReHxyn2DWNUNLYrZdDIfYE85FHA9V4gfEnCDyD...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=lD81222pSZeECg1a4i7tGg&google_push=AYg5qPK1-U6tCEMUoG8-6fJykXIYDZO9SWdsBUAkU0AAkRTtbReHxyn2DWNUNLYrZdDIfYE85FHA9V4gfEnCDyD...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=lD81222pSZeECg1a4i7tGg&google_push=AYg5qPK1-U6tCEMUoG8-6fJykXIYDZO9SWdsBUAkU0AAkRTtbReHxyn2DWNUNLYrZdDIfYE85FHA9V4gfEnCDyD...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=lD81222pSZeECg1a4i7tGg&google_push=AYg5qPK1-U6tCEMUoG8-6fJykXIYDZO9SWdsBUAkU0AAkRTtbReHxyn2DWNUNLYrZdDIfYE85FHA9V4gfEnCDyD...
0
0
attr
cm.g.doubleclick.net/pixel/ Frame FCB9 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LrcTj7_8cmrPSDXFdhKBJ6-KFIZcFCpDoN-BKwitUiPxQ2wpV7LWKa6gwnotKOZ2soDnYV
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=50&slotname=www.hellonewyork.xyz&adk=3010877171&adf=3552636263&pi=t.ma~as.www.hellonewyork.xyz&w=320&lmt=1636970262&url=https%3A%2F%2Fhellonewyork.xyz%2Fthe-health-benefits-of-tea-and-coffee%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636970262088&bpp=20&bdt=399&idt=324&shv=r20211109&mjsv=m202111080101&ptt=5&saldr=sa&correlator=8707385499887&frm=22&ife=1&pv=2&ga_vid=1554387818.1636970262&ga_sid=1636970262&ga_hid=1997930561&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=306&ish=432&ifk=2354337978&scr_x=-12245933&scr_y=-12245933&eid=21066429&oid=2&pvsid=4162867029326899&pem=594&tmod=1125090641&top=https%3A%2F%2Fbiggbos.live%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C306%2C432&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.fj1c0kcayvs0&fsb=1&xpc=A43YqvkZBJ&p=https%3A//hellonewyork.xyz&dtd=337
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:42 GMT
server
HTTP server (unknown)
alt-svc
clear
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame 4D0E
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
167 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=50&slotname=www.hellonewyork.xyz&adk=3010877171&adf=3552636263&pi=t.ma~as.www.hellonewyork.xyz&w=320&lmt=1636970262&url=https%3A%2F%2Fhellonewyork.xyz%2Fthe-health-benefits-of-tea-and-coffee%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636970262088&bpp=20&bdt=399&idt=324&shv=r20211109&mjsv=m202111080101&ptt=5&saldr=sa&correlator=8707385499887&frm=22&ife=1&pv=2&ga_vid=1554387818.1636970262&ga_sid=1636970262&ga_hid=1997930561&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=306&ish=432&ifk=2354337978&scr_x=-12245933&scr_y=-12245933&eid=21066429&oid=2&pvsid=4162867029326899&pem=594&tmod=1125090641&top=https%3A%2F%2Fbiggbos.live%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C306%2C432&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.fj1c0kcayvs0&fsb=1&xpc=A43YqvkZBJ&p=https%3A//hellonewyork.xyz&dtd=337
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 15 Nov 2021 09:57:43 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
clear
expires
Mon, 15 Nov 2021 09:57:43 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 15 Nov 2021 09:57:42 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
clear
sodar
pagead2.googlesyndication.com/getconfig/ Frame 2AF5 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211109&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7913044002918072&plah=hellonewyork.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb52f41a24f412fdc1a40f44fd05d26642046cdadc01036a745e6c406b08b9c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 15 Nov 2021 09:57:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
clear
content-length
9350
x-xss-protection
0
dexpma8tj0av
hal9000.redintelligence.net/zone/ Frame 4D09 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/dexpma8tj0av?subid=&rnd=7373786865798782585&extVar[]=DOUBLEBORDER:1&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7373786865798782585%26mt_id%3D6686398%26mt_adid%3D216536%26mt_sid%3D4637209%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D9d236192-2f16-4801-9979-7c58e18d5ae1%26mt_cid%3D9d236192-2f16-4801-9979-7c58e18d5ae1%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCuWaIFi-SYeyBGYX2gAfk6YGYAc-HjptcwIbZgsYCwI23ARABIABg-4GAgIgKggEXY2EtcHViLTg4MDQzMDM3ODE2NDE5MjXIAQngAgCoAwGqBL0CT9Cr3x5ucjVIhEOpYweMo_nj88wPYb1nJVkoSLg-dY2svbDTmeJnYqgigXFqKe9BMK0Fx1ZqyOpUnIIdmr0f2tiAeSVFK-OS48dnoS9hquSsLVZiLV9TfKjDj8M3YXC0_7iOhBZQct21itVXtvcVr5RJJ2ULxgTczps-aKqQ3Z8QTsgAmunUjP_3_bhDiT9hufxEa0r95X8RljOu0Bv_N9Z6Q-NoFsKpz_9gcCJ5SDZo9dLQIeA-961YV5zQnKuH1-kfWw9gQazjWD8gOR_TxZDqDSXoUiyJeRbn0hcRjtn_MM3mkxFgNK-YhGjBFE9JOPEuukCDFtk4AoSMHLBfVzz5bqAghfyjsETZMPmJbSteHBnBC-bIjHFmWHVerdqWrelYE6RcHD8pQhpf-dhQxzNhbS3SOP6uvIHIoJjgBAGABtLbseKiuIKJVqAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0zMTk5MjE5ODM4MDQ0MDAz-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1eFyIr-w9KVTkIoOapPS6N7AOVNw%2526client%253Dca-pub-8804303781641925%2526adurl%253D%26redirect%3D
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
6da3027767ec81b8662192186ade6520dc8e89d566e142a5b7d25a47728154a4

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 15 Nov 2021 09:57:43 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3569
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
ck-confirm
tags.mathtag.com/ Frame 4D09 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/ck-confirm?bid_id=7373786865798782585&node_id=2820&exch_id=4
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTTJKa1pUVmlZMlV0TURsa1l5MHpaR1l3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzczNzM3ODY4NjU3OTg3ODI1ODUvNjY4NjM5OC80NjM3MjA5LzQvV192cXJBcEFHdlVURzhSN1NybmlneWw0MUg4NnpKdno5cmNDMDhDSFBEdy8xLzQvMC8wLzg5OTA3Mi82Mjg2NzM1MzYvMjE2NTM2LzYxNDY4MC8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzczNzM3ODY4NjU3OTg3ODI1ODUvYW1zLzAvOTgxLzQ1Lzk5OS8yNTgvMzcuMTIwLjIwNC4wLzAuMDAwLzE2MzY5NzAyNjIvMTYzNjk4Mjg2Mi80L3B1Yi04ODA0MzAzNzgxNjQxOTI1Lw/ZSN5VHucHOugGLMUJe6l014aneQ&nodeid=2820&group=cdg&auctionid=7373786865798782585&shardkey=7373786865798782585&sid=4637209&cid=6686398&bp=a_agbbhd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.99&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuWaIFi-SYeyBGYX2gAfk6YGYAc-HjptcwIbZgsYCwI23ARABIABg-4GAgIgKggEXY2EtcHViLTg4MDQzMDM3ODE2NDE5MjXIAQngAgCoAwGqBL0CT9Cr3x5ucjVIhEOpYweMo_nj88wPYb1nJVkoSLg-dY2svbDTmeJnYqgigXFqKe9BMK0Fx1ZqyOpUnIIdmr0f2tiAeSVFK-OS48dnoS9hquSsLVZiLV9TfKjDj8M3YXC0_7iOhBZQct21itVXtvcVr5RJJ2ULxgTczps-aKqQ3Z8QTsgAmunUjP_3_bhDiT9hufxEa0r95X8RljOu0Bv_N9Z6Q-NoFsKpz_9gcCJ5SDZo9dLQIeA-961YV5zQnKuH1-kfWw9gQazjWD8gOR_TxZDqDSXoUiyJeRbn0hcRjtn_MM3mkxFgNK-YhGjBFE9JOPEuukCDFtk4AoSMHLBfVzz5bqAghfyjsETZMPmJbSteHBnBC-bIjHFmWHVerdqWrelYE6RcHD8pQhpf-dhQxzNhbS3SOP6uvIHIoJjgBAGABtLbseKiuIKJVqAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0zMTk5MjE5ODM4MDQ0MDAz-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1eFyIr-w9KVTkIoOapPS6N7AOVNw%26client%3Dca-pub-8804303781641925%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.208.2 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 15 Nov 2021 09:57:43 GMT
Server
MMBD/3.208.2
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
zrh-router-x33, cdg-bidder-x169
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Mon, 15 Nov 2021 09:57:42 GMT
img
pixel.mathtag.com/event/ Frame 4D09 		43 B
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=7373786865798782585&v3=614680&v4=4637209&v5=6686398&mt_nsync=1&no_attr=1
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTTJKa1pUVmlZMlV0TURsa1l5MHpaR1l3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzczNzM3ODY4NjU3OTg3ODI1ODUvNjY4NjM5OC80NjM3MjA5LzQvV192cXJBcEFHdlVURzhSN1NybmlneWw0MUg4NnpKdno5cmNDMDhDSFBEdy8xLzQvMC8wLzg5OTA3Mi82Mjg2NzM1MzYvMjE2NTM2LzYxNDY4MC8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzczNzM3ODY4NjU3OTg3ODI1ODUvYW1zLzAvOTgxLzQ1Lzk5OS8yNTgvMzcuMTIwLjIwNC4wLzAuMDAwLzE2MzY5NzAyNjIvMTYzNjk4Mjg2Mi80L3B1Yi04ODA0MzAzNzgxNjQxOTI1Lw/ZSN5VHucHOugGLMUJe6l014aneQ&nodeid=2820&group=cdg&auctionid=7373786865798782585&shardkey=7373786865798782585&sid=4637209&cid=6686398&bp=a_agbbhd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.99&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuWaIFi-SYeyBGYX2gAfk6YGYAc-HjptcwIbZgsYCwI23ARABIABg-4GAgIgKggEXY2EtcHViLTg4MDQzMDM3ODE2NDE5MjXIAQngAgCoAwGqBL0CT9Cr3x5ucjVIhEOpYweMo_nj88wPYb1nJVkoSLg-dY2svbDTmeJnYqgigXFqKe9BMK0Fx1ZqyOpUnIIdmr0f2tiAeSVFK-OS48dnoS9hquSsLVZiLV9TfKjDj8M3YXC0_7iOhBZQct21itVXtvcVr5RJJ2ULxgTczps-aKqQ3Z8QTsgAmunUjP_3_bhDiT9hufxEa0r95X8RljOu0Bv_N9Z6Q-NoFsKpz_9gcCJ5SDZo9dLQIeA-961YV5zQnKuH1-kfWw9gQazjWD8gOR_TxZDqDSXoUiyJeRbn0hcRjtn_MM3mkxFgNK-YhGjBFE9JOPEuukCDFtk4AoSMHLBfVzz5bqAghfyjsETZMPmJbSteHBnBC-bIjHFmWHVerdqWrelYE6RcHD8pQhpf-dhQxzNhbS3SOP6uvIHIoJjgBAGABtLbseKiuIKJVqAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0zMTk5MjE5ODM4MDQ0MDAz-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1eFyIr-w9KVTkIoOapPS6N7AOVNw%26client%3Dca-pub-8804303781641925%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 4067 88cc6bf master cdg-pixel-x15 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 15 Nov 2021 09:57:43 GMT
Server
MT3 4067 88cc6bf master cdg-pixel-x15 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 15 Nov 2021 09:57:42 GMT
img
tags.mathtag.com/event/ Frame 4D09 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=7373786865798782585&st=4637209&time=1636970262&nodeid=2820
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTTJKa1pUVmlZMlV0TURsa1l5MHpaR1l3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzczNzM3ODY4NjU3OTg3ODI1ODUvNjY4NjM5OC80NjM3MjA5LzQvV192cXJBcEFHdlVURzhSN1NybmlneWw0MUg4NnpKdno5cmNDMDhDSFBEdy8xLzQvMC8wLzg5OTA3Mi82Mjg2NzM1MzYvMjE2NTM2LzYxNDY4MC8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzczNzM3ODY4NjU3OTg3ODI1ODUvYW1zLzAvOTgxLzQ1Lzk5OS8yNTgvMzcuMTIwLjIwNC4wLzAuMDAwLzE2MzY5NzAyNjIvMTYzNjk4Mjg2Mi80L3B1Yi04ODA0MzAzNzgxNjQxOTI1Lw/ZSN5VHucHOugGLMUJe6l014aneQ&nodeid=2820&group=cdg&auctionid=7373786865798782585&shardkey=7373786865798782585&sid=4637209&cid=6686398&bp=a_agbbhd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.99&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuWaIFi-SYeyBGYX2gAfk6YGYAc-HjptcwIbZgsYCwI23ARABIABg-4GAgIgKggEXY2EtcHViLTg4MDQzMDM3ODE2NDE5MjXIAQngAgCoAwGqBL0CT9Cr3x5ucjVIhEOpYweMo_nj88wPYb1nJVkoSLg-dY2svbDTmeJnYqgigXFqKe9BMK0Fx1ZqyOpUnIIdmr0f2tiAeSVFK-OS48dnoS9hquSsLVZiLV9TfKjDj8M3YXC0_7iOhBZQct21itVXtvcVr5RJJ2ULxgTczps-aKqQ3Z8QTsgAmunUjP_3_bhDiT9hufxEa0r95X8RljOu0Bv_N9Z6Q-NoFsKpz_9gcCJ5SDZo9dLQIeA-961YV5zQnKuH1-kfWw9gQazjWD8gOR_TxZDqDSXoUiyJeRbn0hcRjtn_MM3mkxFgNK-YhGjBFE9JOPEuukCDFtk4AoSMHLBfVzz5bqAghfyjsETZMPmJbSteHBnBC-bIjHFmWHVerdqWrelYE6RcHD8pQhpf-dhQxzNhbS3SOP6uvIHIoJjgBAGABtLbseKiuIKJVqAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0zMTk5MjE5ODM4MDQ0MDAz-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1eFyIr-w9KVTkIoOapPS6N7AOVNw%26client%3Dca-pub-8804303781641925%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.208.2 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 15 Nov 2021 09:57:43 GMT
Server
MMBD/3.208.2
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
zrh-router-x64, cdg-bidder-x169
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Mon, 15 Nov 2021 09:57:42 GMT
le2lgnpkuh55
hal9000.redintelligence.net/zone/ Frame EAC2 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/le2lgnpkuh55?subid=&rnd=2762100848445149922&extVar[]=DOUBLEBORDER:1&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2762100848445149922%26mt_id%3D6686406%26mt_adid%3D216536%26mt_sid%3D4637209%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D38c46192-2f16-4401-be54-1395eade9f3f%26mt_cid%3D38c46192-2f16-4401-be54-1395eade9f3f%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCuHLaFi-SYevrI8_I7gPVm6GoDM-HjptcwIbZgsYCwI23ARABIABg-4GAgIgKggEXY2EtcHViLTc5MTMwNDQwMDI5MTgwNzLIAQmoAwGqBPABT9ASTs1FUqy-uAX0e-_YLW3NsEzvb5YA1nhsgFc0yW52DMsqv4QhJI6Zk3gkD4IpdzZnxb4r7ewQbMbIrgSYiIKPIroX64B21cysfK2T4orOpXZ5Y11pZgWfHWZV5Cq3zebxNysPMyzokIPGCmxG4iufm8yNK8Fr41TUf2MmWad33Bf9xKlsEaSVJoQ8ie8ksy8KueTn3GhrQWufK0cg2qqpeu0zj3yniWJwAEZC9DvmQ0oUmiYBPzH5-18Pxa4SAZgM7ZNB0EWkTkFLWGzR9S6iLxXrqZMvzSYHW5geVg5xmOGcOSCYcxsXnV5skYfZgAbv57T24_fuxfEBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTc1ODQ3MTA4MDI4ODE2NTT6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0B5KFrJzvUKxPQu45sxCtE8O0Wmw%2526client%253Dca-pub-7913044002918072%2526adurl%253D%26redirect%3D
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
1c5ea4549940e859e87fe8c66444a5b4dfa5c4e997da647444887492d0067298

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 15 Nov 2021 09:57:43 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3468
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
ck-confirm
tags.mathtag.com/ Frame EAC2 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/ck-confirm?bid_id=2762100848445149922&node_id=2822&exch_id=4
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTVRRelltVmpOalV0WlRabU1DMHlZekE0TFRBd01EQXRNREF3TURBd01EQXdNREF3LzI3NjIxMDA4NDg0NDUxNDk5MjIvNjY4NjQwNi80NjM3MjA5LzQvV192cXJBcEFHdlVURzhSN1NybmlnNXZ2NElVM3FrWEFUVkZSZHUweGQtOC8xLzQvMC8wLzg5OTA3Mi8wLzIxNjUzNi82MTQ2ODAvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yNzYyMTAwODQ4NDQ1MTQ5OTIyL2Ftcy8wLzk4MS80NS85OTkvMjU4LzIwMDE6YWM4OjI1OjovMC4wMDAvMTYzNjk3MDI2Mi8xNjM2OTgyODYyLzQvcHViLTc5MTMwNDQwMDI5MTgwNzIv/-51SeFRA2DuqeYKEU1dvPibkkHg&nodeid=2822&group=cdg&auctionid=2762100848445149922&shardkey=2762100848445149922&sid=4637209&cid=6686406&bp=a_agbbhd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.134.180&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuHLaFi-SYevrI8_I7gPVm6GoDM-HjptcwIbZgsYCwI23ARABIABg-4GAgIgKggEXY2EtcHViLTc5MTMwNDQwMDI5MTgwNzLIAQmoAwGqBPABT9ASTs1FUqy-uAX0e-_YLW3NsEzvb5YA1nhsgFc0yW52DMsqv4QhJI6Zk3gkD4IpdzZnxb4r7ewQbMbIrgSYiIKPIroX64B21cysfK2T4orOpXZ5Y11pZgWfHWZV5Cq3zebxNysPMyzokIPGCmxG4iufm8yNK8Fr41TUf2MmWad33Bf9xKlsEaSVJoQ8ie8ksy8KueTn3GhrQWufK0cg2qqpeu0zj3yniWJwAEZC9DvmQ0oUmiYBPzH5-18Pxa4SAZgM7ZNB0EWkTkFLWGzR9S6iLxXrqZMvzSYHW5geVg5xmOGcOSCYcxsXnV5skYfZgAbv57T24_fuxfEBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTc1ODQ3MTA4MDI4ODE2NTT6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0B5KFrJzvUKxPQu45sxCtE8O0Wmw%26client%3Dca-pub-7913044002918072%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.208.2 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 15 Nov 2021 09:57:43 GMT
Server
MMBD/3.208.2
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
zrh-router-x70, cdg-bidder-x171
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Mon, 15 Nov 2021 09:57:42 GMT
img
pixel.mathtag.com/event/ Frame EAC2 		43 B
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=2762100848445149922&v3=614680&v4=4637209&v5=6686406&mt_nsync=1&no_attr=1
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTVRRelltVmpOalV0WlRabU1DMHlZekE0TFRBd01EQXRNREF3TURBd01EQXdNREF3LzI3NjIxMDA4NDg0NDUxNDk5MjIvNjY4NjQwNi80NjM3MjA5LzQvV192cXJBcEFHdlVURzhSN1NybmlnNXZ2NElVM3FrWEFUVkZSZHUweGQtOC8xLzQvMC8wLzg5OTA3Mi8wLzIxNjUzNi82MTQ2ODAvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yNzYyMTAwODQ4NDQ1MTQ5OTIyL2Ftcy8wLzk4MS80NS85OTkvMjU4LzIwMDE6YWM4OjI1OjovMC4wMDAvMTYzNjk3MDI2Mi8xNjM2OTgyODYyLzQvcHViLTc5MTMwNDQwMDI5MTgwNzIv/-51SeFRA2DuqeYKEU1dvPibkkHg&nodeid=2822&group=cdg&auctionid=2762100848445149922&shardkey=2762100848445149922&sid=4637209&cid=6686406&bp=a_agbbhd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.134.180&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuHLaFi-SYevrI8_I7gPVm6GoDM-HjptcwIbZgsYCwI23ARABIABg-4GAgIgKggEXY2EtcHViLTc5MTMwNDQwMDI5MTgwNzLIAQmoAwGqBPABT9ASTs1FUqy-uAX0e-_YLW3NsEzvb5YA1nhsgFc0yW52DMsqv4QhJI6Zk3gkD4IpdzZnxb4r7ewQbMbIrgSYiIKPIroX64B21cysfK2T4orOpXZ5Y11pZgWfHWZV5Cq3zebxNysPMyzokIPGCmxG4iufm8yNK8Fr41TUf2MmWad33Bf9xKlsEaSVJoQ8ie8ksy8KueTn3GhrQWufK0cg2qqpeu0zj3yniWJwAEZC9DvmQ0oUmiYBPzH5-18Pxa4SAZgM7ZNB0EWkTkFLWGzR9S6iLxXrqZMvzSYHW5geVg5xmOGcOSCYcxsXnV5skYfZgAbv57T24_fuxfEBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTc1ODQ3MTA4MDI4ODE2NTT6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0B5KFrJzvUKxPQu45sxCtE8O0Wmw%26client%3Dca-pub-7913044002918072%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 4067 88cc6bf master cdg-pixel-x30 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 15 Nov 2021 09:57:43 GMT
Server
MT3 4067 88cc6bf master cdg-pixel-x30 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 15 Nov 2021 09:57:42 GMT
img
tags.mathtag.com/event/ Frame EAC2 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=2762100848445149922&st=4637209&time=1636970262&nodeid=2822
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTVRRelltVmpOalV0WlRabU1DMHlZekE0TFRBd01EQXRNREF3TURBd01EQXdNREF3LzI3NjIxMDA4NDg0NDUxNDk5MjIvNjY4NjQwNi80NjM3MjA5LzQvV192cXJBcEFHdlVURzhSN1NybmlnNXZ2NElVM3FrWEFUVkZSZHUweGQtOC8xLzQvMC8wLzg5OTA3Mi8wLzIxNjUzNi82MTQ2ODAvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yNzYyMTAwODQ4NDQ1MTQ5OTIyL2Ftcy8wLzk4MS80NS85OTkvMjU4LzIwMDE6YWM4OjI1OjovMC4wMDAvMTYzNjk3MDI2Mi8xNjM2OTgyODYyLzQvcHViLTc5MTMwNDQwMDI5MTgwNzIv/-51SeFRA2DuqeYKEU1dvPibkkHg&nodeid=2822&group=cdg&auctionid=2762100848445149922&shardkey=2762100848445149922&sid=4637209&cid=6686406&bp=a_agbbhd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.134.180&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuHLaFi-SYevrI8_I7gPVm6GoDM-HjptcwIbZgsYCwI23ARABIABg-4GAgIgKggEXY2EtcHViLTc5MTMwNDQwMDI5MTgwNzLIAQmoAwGqBPABT9ASTs1FUqy-uAX0e-_YLW3NsEzvb5YA1nhsgFc0yW52DMsqv4QhJI6Zk3gkD4IpdzZnxb4r7ewQbMbIrgSYiIKPIroX64B21cysfK2T4orOpXZ5Y11pZgWfHWZV5Cq3zebxNysPMyzokIPGCmxG4iufm8yNK8Fr41TUf2MmWad33Bf9xKlsEaSVJoQ8ie8ksy8KueTn3GhrQWufK0cg2qqpeu0zj3yniWJwAEZC9DvmQ0oUmiYBPzH5-18Pxa4SAZgM7ZNB0EWkTkFLWGzR9S6iLxXrqZMvzSYHW5geVg5xmOGcOSCYcxsXnV5skYfZgAbv57T24_fuxfEBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTc1ODQ3MTA4MDI4ODE2NTT6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0B5KFrJzvUKxPQu45sxCtE8O0Wmw%26client%3Dca-pub-7913044002918072%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.208.2 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 15 Nov 2021 09:57:43 GMT
Server
MMBD/3.208.2
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
zrh-router-x22, cdg-bidder-x171
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Mon, 15 Nov 2021 09:57:42 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame FAF4 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com
URL: https://fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 17:49:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
317281
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Fri, 11 Nov 2022 17:49:41 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6761 		1 KB
783 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com
URL: https://fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 14 Nov 2021 18:26:41 GMT
expires
Mon, 15 Nov 2021 18:26:41 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
55861
cache-control
public, max-age=86400
alt-svc
clear
truncated
/ Frame FAF4 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
54e04366be056a039de5258e2e40fca9eb4491a2931b3874b7a5959271c620b9

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
iframe.html
p4-atfgjzduejpb2-chhulcweoy55jjcb-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 74EB 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://p4-atfgjzduejpb2-chhulcweoy55jjcb-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Requested by
Host: p4-atfgjzduejpb2-chhulcweoy55jjcb-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-atfgjzduejpb2-chhulcweoy55jjcb-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
fa477fbff88a2687f7d0681a3397364f1aa77a7e6227d57e455996586b358095
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://p4-atfgjzduejpb2-chhulcweoy55jjcb-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
content-security-policy-report-only
script-src 'nonce-FgXbmzRMR6lUmmgyj64y4A' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length
1862
date
Mon, 15 Nov 2021 09:57:43 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
last-modified
Thu, 29 Apr 2021 21:38:00 GMT
x-content-type-options
nosniff
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
clear
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 538D 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Fri, 12 Nov 2021 11:26:52 GMT
expires
Sat, 12 Nov 2022 11:26:52 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
253851
alt-svc
clear
pixel
cm.g.doubleclick.net/ Frame 6761
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEO_OREPGoF8psTCfPaeDzM8&google_push=AYg5qPKcVssiMRtzvveJ3CmQY4AG11mNaoUsUHe69ivaLpE0h_IRGRwbzh...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEO_OREPGoF8psTCfPaeDzM8&google_push=AYg5qPKcVssiMRtzvveJ3CmQY4AG11mNaoUsUHe69ivaLpE0h_IRGRwbzhpLR2i7D0uvi_ejZ4403B0If3KCQW-5GQF0EtAooXgu
Requested by
Host: fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com
URL: https://fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Nov 2021 09:57:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1636970263.087216,VS0,VE95
x-served-by
cache-cdg20748-CDG
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEO_OREPGoF8psTCfPaeDzM8&google_push=AYg5qPKcVssiMRtzvveJ3CmQY4AG11mNaoUsUHe69ivaLpE0h_IRGRwbzhpLR2i7D0uvi_ejZ4403B0If3KCQW-5GQF0EtAooXgu
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 6761
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEL_3KY2FQ1VcOJwP1KLTq8M&google_cver=1&google_push=AYg5qPLLblAGWn81TRJRz8N9gNiL6tau88Xs5Y9w4WpTYIqWXMXOvIvHCYFgPUkwIaAJss50DTadjl8WuQDnuh2HKUPz51l3Ssh6
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E2DB430CE61346E690F549582784D71A&google_push=AYg5qPLLblAGWn81TRJRz8N9gNiL6tau88Xs5Y9w4WpTYIqWXMXOvIvHCYFgPUkwIaAJss50DTadjl8WuQDnuh2...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E2DB430CE61346E690F549582784D71A&google_push=AYg5qPLLblAGWn81TRJRz8N9gNiL6tau88Xs5Y9w4WpTYIqWXMXOvIvHCYFgPUkwIaAJss50DTadjl8WuQDnuh2HKUPz51l3Ssh6
Requested by
Host: fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com
URL: https://fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Nov 2021 09:57:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 15 Nov 2021 09:57:43 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E2DB430CE61346E690F549582784D71A&google_push=AYg5qPLLblAGWn81TRJRz8N9gNiL6tau88Xs5Y9w4WpTYIqWXMXOvIvHCYFgPUkwIaAJss50DTadjl8WuQDnuh2HKUPz51l3Ssh6
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Sun, 14 Nov 2021 09:57:43 GMT
google
match.adsrvr.org/track/cmf/ Frame 6761 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEN241fWhqWL_KAHZFJHWMUM&google_cver=1&google_push=AYg5qPIxM3dduRbkamP2lSncutsSjmpiJAW15uW2iTbkLBGGoaDZwSQVp2f4hlhPFrGaL5iKmNzViSFDo76jr6Tt2XSa3m10N7M
Requested by
Host: fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com
URL: https://fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Nov 2021 09:57:43 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 6761
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEB3X2jAxjx0gp3TTROmaEVA&google_cver=1&google_push=AYg5qPKNLxMrP3mmDMgcw4fuhrdos7C4gsK7HKNVz4ljKLn2q8F1Ut-FStj8AOg30KdquvU6Txynk0ba36wxNc...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAzMDczMzc0NDExMjkyNDgyNw%3D%3D&google_push=AYg5qPKNLxMrP3mmDMgcw4fuhrdos7C4gsK7HKNVz4ljKLn2q8F1Ut-FStj8AOg30KdquvU6Txynk0ba36wxNcy8Qy...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAzMDczMzc0NDExMjkyNDgyNw%3D%3D&google_push=AYg5qPKNLxMrP3mmDMgcw4fuhrdos7C4gsK7HKNVz4ljKLn2q8F1Ut-FStj8AOg30KdquvU6Txynk0ba36wxNcy8QyVwM42peIU
Requested by
Host: fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com
URL: https://fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Nov 2021 09:57:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAzMDczMzc0NDExMjkyNDgyNw%3D%3D&google_push=AYg5qPKNLxMrP3mmDMgcw4fuhrdos7C4gsK7HKNVz4ljKLn2q8F1Ut-FStj8AOg30KdquvU6Txynk0ba36wxNcy8QyVwM42peIU
Date
Mon, 15 Nov 2021 09:57:43 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
us
sync.go.sonobi.com/ Frame 6761 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAYg5qPJYODm8bvcLS-5liRucQ3PQ6YAYeUxrnW8hq9NcREtK6pED_jcNmR4FM0IJ3Pq8932FWRy7OFHwRaEKfd_uSBL1kjRRA1OA%26google_hm%3D%5BUID%5D&google_gid=CAESED3P3MF9BZpCRSvam_r3ZpE&google_cver=1
Requested by
Host: fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com
URL: https://fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 Nov 2021 09:57:43 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6761
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIWsT42MlnTlQ4lrGW2BIOs&google_cver=1&google_push=AYg5qPIEkoF-cEB7AIh9eRqE5qmnYKpFmHbmTIp9WoRTs0vl5_LPLgdVBrawXa9Fim7D8FYWrQO8F70bhqrhNjjgf...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIWsT42MlnTlQ4lrGW2BIOs&google_cver=1&google_push=AYg5qPIEkoF-cEB7AIh9eRqE5qmnYKpFmHbmTIp9WoRTs0vl5_LPLgdVBrawXa9Fim7D8FYWrQO8F70bhqrhNjjgf...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIEkoF-cEB7AIh9eRqE5qmnYKpFmHbmTIp9WoRTs0vl5_LPLgdVBrawXa9Fim7D8FYWrQO8F70bhqrhNjjgffy47iT6MsiR&google_hm=a3a62a171d0dd4f542089e8f
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIEkoF-cEB7AIh9eRqE5qmnYKpFmHbmTIp9WoRTs0vl5_LPLgdVBrawXa9Fim7D8FYWrQO8F70bhqrhNjjgffy47iT6MsiR&google_hm=a3a62a171d0dd4f542089e8f
Requested by
Host: fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com
URL: https://fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Nov 2021 09:57:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 15 Nov 2021 09:57:43 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIEkoF-cEB7AIh9eRqE5qmnYKpFmHbmTIp9WoRTs0vl5_LPLgdVBrawXa9Fim7D8FYWrQO8F70bhqrhNjjgffy47iT6MsiR&google_hm=a3a62a171d0dd4f542089e8f
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
pixel
cm.g.doubleclick.net/ Frame 6761
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEANQYyV7immIZPnVUJ_s8ro&google_cver=1&google_push=AYg5qPJTuXtPwRjcohIZ2SX-gZ4nhNHK5b0eoW9OW-0sp5b0edLhgG0dM5Fg1q14E03axcCsx9...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEANQYyV7immIZPnVUJ_s8ro&google_cver=1&google_push=AYg5qPJTuXtPwRjcohIZ2SX-gZ4nhNHK5b0eoW9OW-0sp5b0edLhgG0dM5Fg1q14E03axcCsx9...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1VNHIxb0lKRTJ1RUtoTWJkRVdGVHgzbEFNMGRRYUhzNn5B&google_push=AYg5qPJTuXtPwRjcohIZ2SX-gZ4nhNHK5b0eoW9OW-0sp5b0edLhgG0dM...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1VNHIxb0lKRTJ1RUtoTWJkRVdGVHgzbEFNMGRRYUhzNn5B&google_push=AYg5qPJTuXtPwRjcohIZ2SX-gZ4nhNHK5b0eoW9OW-0sp5b0edLhgG0dM5Fg1q14E03axcCsx9z4EPFGSObdsQ_S-2ljttALretbtA
Requested by
Host: fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com
URL: https://fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Nov 2021 09:57:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1VNHIxb0lKRTJ1RUtoTWJkRVdGVHgzbEFNMGRRYUhzNn5B&google_push=AYg5qPJTuXtPwRjcohIZ2SX-gZ4nhNHK5b0eoW9OW-0sp5b0edLhgG0dM5Fg1q14E03axcCsx9z4EPFGSObdsQ_S-2ljttALretbtA
date
Mon, 15 Nov 2021 09:57:43 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 6761 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KpjyzUqTf89YAbxnIAr_aPrCTSmJhDIgMX9nUO_SVJu0bxPVTHbXakYo4Npvdgcczgx8U9Ow
Requested by
Host: fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com
URL: https://fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:43 GMT
server
HTTP server (unknown)
alt-svc
clear
content-length
0
x-xss-protection
0
content-type
text/html
index.html
s0.2mdn.net/sadbundle/8998710015823275372/ Frame 0621 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8998710015823275372/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f348fc3f728a30658922a61bb8d0e5c8fa709315b35b9875f2f053843d299cd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
content-length
2327
date
Sun, 14 Nov 2021 23:13:32 GMT
expires
Mon, 14 Nov 2022 23:13:32 GMT
last-modified
Mon, 13 Sep 2021 14:06:18 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
age
38651
cache-control
public, max-age=31536000
alt-svc
clear
view
googleads4.g.doubleclick.net/pcs/ Frame FAF4 		0
446 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuw5pU-Oc9wlp2VcYs2D-GU1nBfoZ4Fj9YoTtTjXJIHkElwHZvJzXLE1Xv7iwbVfM3Pmma8VWkwtX3yh_DQGMQm3Kl3eMSeHjPtChbwsjszmflhCSg1avhzAKuWYqHjhuGM6aWUogYCGZ9OsYLbsZjVp_RmzYUOGPdUZH11x-hTf7wCjGVSHyHf-DqNEpHaVKwH3ZwA7t2gYgDN2ORH14nvehpHOLwOT29RL2a6R5Xk1dxMXdE-qxvrXp27vzLKu0eRLVJevHpKHatxFEGqk7mUf0vjMJR6RR9Av_77iYDUiAFWPlPfptbJKmRrlY0Utp--Cmy6hVK078eRIG3F9iXxGUg6Vavh9t4DEWScje5F8W94Kuygauhd9fUKbV4HXEo02FfhkrHXEQ410O2W8sMvk35b8InDiBekhlXuS_kter4Ix9fSSEvQBw4r4PyernWxmZpb3nqtPyBnS7ArTmnXefGKIpEnYCxjM8-d-E8KFFu__xweyxD24eNfh3qeT65grxGztqwP2hbHyEblZ6O3N1IWrv5fp-1bsJnxp-I69pn0-q43ju8JJBz4a-U7iDbz4j_oTvoMnZdXR03x7lvyCOCsr0gXnmSIPLCOKm3hiFYmjV_A9da8ESG9-0IgxfgPlJ2kpM66U5xoO2-uVYnlomkWyIu-NzuJrnYd5ij5meRsq4eOy1IKEAqQLRDeTwI5W6wKt9bqgWEgrrGF1y2lL5FtVhpjuliYqXPXF7IZlyNq9B0q_0J7pEkQPODrkBl9VVApsL0t0dMu-8PadT5JpIdy_q8WsDxqPX3ugc7vUOux3AGtdrMdnMNOKJlZnVyZLUDzYho7u3Hw0B1i1bskySpYWUWPMR0HzqhwZbjElO2b-sy27wi0rvK0zRZOLNyc53HG1na0HHnTHa6bgupscuBxKe-3J8jftwL90Fm-hm3KQxKymrbLhvDnuv3wAcU6yY1fyN9FJQy_MIHCracksNOLU-NcsA3ApHqyDVqFimDHf6NBhJ5rM1xGTE6hsnuF55g1qhkGOPja3VdNw8wRYFbhAxGKyUBBvSdu9r05j-VKOkZNHujvCsMqAl2S6yYd-5PMxm56tDCJqhR8nGcRdtgh-jxVT8TYKebN0Tv0xrh9NLPCxTjuBZSN0EElMpZqVmqOni5MTEYbyd8rqcj8Bl4wSFjuXshI3cYMSQFqCWrActnezixPoAzbfHpX_lWtveM0u6XtrQlQS8bHypa-UX_T38A2jg&sai=AMfl-YTqahSbmxyOgoLkAs2FyLcXa0Ym6noKB_gvWHTutMYP3l0I7bYmohGfBxWa2NFr4BfR2H4GZzifL777ID_jGGezu5G6bf7Xvep8ZzK8gvEP3gCauDyJmjLRvuZStXrxibYodrs3VVnhB9TQoGPc_lzeCWGVnA&sig=Cg0ArKJSzDp9QUXdAlFyEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=135&cbvp=1&cstd=132&cisv=r20211109.14001&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Mon, 15 Nov 2021 09:57:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
0
x-xss-protection
0
server
cafe
firstevent
amplifon.demdex.net/ Frame FAF4
Redirect Chain
  • https://amplifon.demdex.net/event?d_event=imp&d_src=147961&d_site=4222085&d_creative=157529570&&d_placement=313787404&d_campaign=157529570&d_bust=2767105234
  • https://amplifon.demdex.net/firstevent?d_event=imp&d_src=147961&d_site=4222085&d_creative=157529570&&d_placement=313787404&d_campaign=157529570&d_bust=2767105234
42 B
955 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amplifon.demdex.net/firstevent?d_event=imp&d_src=147961&d_site=4222085&d_creative=157529570&&d_placement=313787404&d_campaign=157529570&d_bust=2767105234
Requested by
Host: fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com
URL: https://fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
HTTP/1.1
Server
52.51.58.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-58-216.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v019-050944740.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
qZ+pTcwsQHU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v019-092dc6a27.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
bmtkgGrmSh4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://amplifon.demdex.net/firstevent?d_event=imp&d_src=147961&d_site=4222085&d_creative=157529570&&d_placement=313787404&d_campaign=157529570&d_bust=2767105234
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 2AF5 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7913044002918072&plah=hellonewyork.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
clear
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Mon, 15 Nov 2021 09:57:43 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012110042008000/ Frame 1574 		190 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be32eb2045a4d0a5eeb1fbe7a87ec822ba313b1f8c5f3faf2f31ee8235dd3486
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
582619
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
55667
x-xss-protection
0
server
sffe
date
Mon, 08 Nov 2021 16:07:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"11904075b70ba1a0"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Nov 2022 16:07:24 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 1574 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
582619
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
4996
x-xss-protection
0
server
sffe
date
Mon, 08 Nov 2021 16:07:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"01e91d40c144b6bf"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Nov 2022 16:07:24 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 1574 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012110042008000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
582619
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
28494
x-xss-protection
0
server
sffe
date
Mon, 08 Nov 2021 16:07:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"a5e24beaf7c9a504"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Nov 2022 16:07:24 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 1574 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012110042008000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
582619
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
1635
x-xss-protection
0
server
sffe
date
Mon, 08 Nov 2021 16:07:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"dff2522b082c9ee5"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Nov 2022 16:07:24 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 1574 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012110042008000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
582619
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
12816
x-xss-protection
0
server
sffe
date
Mon, 08 Nov 2021 16:07:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6a05f1a8ea5ea134"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Nov 2022 16:07:24 GMT
truncated
/ Frame 1574 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
daa6194e7a0f374ee8add4947650d348ea36583e66decc6b7accfd2cae056531

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
3033862908324558112
tpc.googlesyndication.com/daca_images/simgad/ Frame 1574 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/3033862908324558112
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/nine-weight-loss-mistakes/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3af9efc177ee8e91539f31021f5f35577914c117b56d324a5d9bfb501e421fe5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:24:19 GMT
x-content-type-options
nosniff
age
498804
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
29486
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 10:23:57 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 09 Nov 2022 15:24:19 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1574 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/nine-weight-loss-mistakes/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 15 Nov 2021 05:32:00 GMT
x-content-type-options
nosniff
server
cafe
age
15943
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
clear
content-length
2502
x-xss-protection
0
expires
Tue, 16 Nov 2021 05:32:00 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1574 		295 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/nine-weight-loss-mistakes/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 14 Nov 2021 23:42:59 GMT
x-content-type-options
nosniff
server
cafe
age
36884
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
clear
content-length
295
x-xss-protection
0
expires
Mon, 15 Nov 2021 23:42:59 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 1574 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CzW2xFi-SYfa8MuqIx_APkdCmwAe0_OCWZs2i6fLTDu-58_0IEAEg_LXKJmD7gYCAiAqgAcGjvpkoyAECqQILlPdm_jKzPuACAKgDAcgDCKoEgwJP0GBxMnvMU1ZW668380zGxXKhIi6Bcim_Ix-yWU5Y1HT4g-6SD6bJsIDJ5PxRM4Nmd5x_rUR9SspI56DfRzA3YLkshhzPDqbYk5hY6g1J6ReUkXijCGZm0MOfydj0cztJ1Dtd0X7kJfTbG-D0OfoM3LCHsNckgww_HGdtVvwR7cpQ0PoZ1EjgWkHCCAxHumHq81I0f3wBHFo9ww-AVwAGJN5izxQaQDPxfiuqYghgIsMzqPC5EIgYH5pdZd3M2LMgWXbZbEvOx0LRdHeDwtl0DOqR4_ABG0E7rY5QZQCnvsIGkMapjCjVbk7S04cmT7I8yP0nhOIHzD_ZRYk3322CXZJbwASGm8Dl3APgBAGSBQQIBBgBkgUECAUYBKAGAoAHwduO-QKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBC1ggHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTMxOTkyMTk4MzgwNDQwMDOACgPICwHYEw3QFQGAFwGyFx4KHAgAEhRwdWItODgwNDMwMzc4MTY0MTkyNRiU8R0&sigh=VlDyITgbj9Q&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/nine-weight-loss-mistakes/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
request.php
hal90005.redintelligence.net/ Frame 4D09
Redirect Chain
  • https://hal90005.redintelligence.net/request.php?zone=dexpma8tj0av&nw=20&renderingType=javascript&namespace=1e90be5548&subid=&uid=939caf056f0a7004&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
  • https://hal90005.redintelligence.net/request.php?zone=dexpma8tj0av&nw=20&renderingType=javascript&namespace=1e90be5548&subid=&uid=939caf056f0a7004&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
612 B
935 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90005.redintelligence.net/request.php?zone=dexpma8tj0av&nw=20&renderingType=javascript&namespace=1e90be5548&subid=&uid=939caf056f0a7004&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7373786865798782585%26mt_id%3D6686398%26mt_adid%3D216536%26mt_sid%3D4637209%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D9d236192-2f16-4801-9979-7c58e18d5ae1%26mt_cid%3D9d236192-2f16-4801-9979-7c58e18d5ae1%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCuWaIFi-SYeyBGYX2gAfk6YGYAc-HjptcwIbZgsYCwI23ARABIABg-4GAgIgKggEXY2EtcHViLTg4MDQzMDM3ODE2NDE5MjXIAQngAgCoAwGqBL0CT9Cr3x5ucjVIhEOpYweMo_nj88wPYb1nJVkoSLg-dY2svbDTmeJnYqgigXFqKe9BMK0Fx1ZqyOpUnIIdmr0f2tiAeSVFK-OS48dnoS9hquSsLVZiLV9TfKjDj8M3YXC0_7iOhBZQct21itVXtvcVr5RJJ2ULxgTczps-aKqQ3Z8QTsgAmunUjP_3_bhDiT9hufxEa0r95X8RljOu0Bv_N9Z6Q-NoFsKpz_9gcCJ5SDZo9dLQIeA-961YV5zQnKuH1-kfWw9gQazjWD8gOR_TxZDqDSXoUiyJeRbn0hcRjtn_MM3mkxFgNK-YhGjBFE9JOPEuukCDFtk4AoSMHLBfVzz5bqAghfyjsETZMPmJbSteHBnBC-bIjHFmWHVerdqWrelYE6RcHD8pQhpf-dhQxzNhbS3SOP6uvIHIoJjgBAGABtLbseKiuIKJVqAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0zMTk5MjE5ODM4MDQ0MDAz-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1eFyIr-w9KVTkIoOapPS6N7AOVNw%2526client%253Dca-pub-8804303781641925%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fhellonewyork.xyz%2F&ancestorOrigins=https%3A%2F%2Fhellonewyork.xyz%2Chttps%3A%2F%2Fhellonewyork.xyz%2Chttps%3A%2F%2Fbiggbos.live&random=617968170106&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com
URL: https://79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
HTTP/1.1
Server
138.201.63.165 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
d3d10cdcd1a9b5f59ec6a6d1edbdae3f808566e59ca335c7acca54d74edf09c3

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 Nov 2021 09:57:43 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
36608600067570300973098011779005
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
329
Expires
Mon, 15 Nov 2021 09:57:43 +0100

Redirect headers

Pragma
no-cache
Date
Mon, 15 Nov 2021 09:57:43 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=dexpma8tj0av&nw=20&renderingType=javascript&namespace=1e90be5548&subid=&uid=939caf056f0a7004&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7373786865798782585%26mt_id%3D6686398%26mt_adid%3D216536%26mt_sid%3D4637209%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D9d236192-2f16-4801-9979-7c58e18d5ae1%26mt_cid%3D9d236192-2f16-4801-9979-7c58e18d5ae1%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCuWaIFi-SYeyBGYX2gAfk6YGYAc-HjptcwIbZgsYCwI23ARABIABg-4GAgIgKggEXY2EtcHViLTg4MDQzMDM3ODE2NDE5MjXIAQngAgCoAwGqBL0CT9Cr3x5ucjVIhEOpYweMo_nj88wPYb1nJVkoSLg-dY2svbDTmeJnYqgigXFqKe9BMK0Fx1ZqyOpUnIIdmr0f2tiAeSVFK-OS48dnoS9hquSsLVZiLV9TfKjDj8M3YXC0_7iOhBZQct21itVXtvcVr5RJJ2ULxgTczps-aKqQ3Z8QTsgAmunUjP_3_bhDiT9hufxEa0r95X8RljOu0Bv_N9Z6Q-NoFsKpz_9gcCJ5SDZo9dLQIeA-961YV5zQnKuH1-kfWw9gQazjWD8gOR_TxZDqDSXoUiyJeRbn0hcRjtn_MM3mkxFgNK-YhGjBFE9JOPEuukCDFtk4AoSMHLBfVzz5bqAghfyjsETZMPmJbSteHBnBC-bIjHFmWHVerdqWrelYE6RcHD8pQhpf-dhQxzNhbS3SOP6uvIHIoJjgBAGABtLbseKiuIKJVqAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0zMTk5MjE5ODM4MDQ0MDAz-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1eFyIr-w9KVTkIoOapPS6N7AOVNw%2526client%253Dca-pub-8804303781641925%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fhellonewyork.xyz%2F&ancestorOrigins=https%3A%2F%2Fhellonewyork.xyz%2Chttps%3A%2F%2Fhellonewyork.xyz%2Chttps%3A%2F%2Fbiggbos.live&random=617968170106&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Mon, 15 Nov 2021 09:57:43 +0100
request.php
hal900025.redintelligence.net/ Frame EAC2
Redirect Chain
  • https://hal900025.redintelligence.net/request.php?zone=le2lgnpkuh55&nw=20&renderingType=javascript&namespace=f161743635&subid=&uid=83f2007a7c1f47f1&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900025.redintelligence.net/request.php?zone=le2lgnpkuh55&nw=20&renderingType=javascript&namespace=f161743635&subid=&uid=83f2007a7c1f47f1&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
611 B
935 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900025.redintelligence.net/request.php?zone=le2lgnpkuh55&nw=20&renderingType=javascript&namespace=f161743635&subid=&uid=83f2007a7c1f47f1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x50&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2762100848445149922%26mt_id%3D6686406%26mt_adid%3D216536%26mt_sid%3D4637209%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D38c46192-2f16-4401-be54-1395eade9f3f%26mt_cid%3D38c46192-2f16-4401-be54-1395eade9f3f%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCuHLaFi-SYevrI8_I7gPVm6GoDM-HjptcwIbZgsYCwI23ARABIABg-4GAgIgKggEXY2EtcHViLTc5MTMwNDQwMDI5MTgwNzLIAQmoAwGqBPABT9ASTs1FUqy-uAX0e-_YLW3NsEzvb5YA1nhsgFc0yW52DMsqv4QhJI6Zk3gkD4IpdzZnxb4r7ewQbMbIrgSYiIKPIroX64B21cysfK2T4orOpXZ5Y11pZgWfHWZV5Cq3zebxNysPMyzokIPGCmxG4iufm8yNK8Fr41TUf2MmWad33Bf9xKlsEaSVJoQ8ie8ksy8KueTn3GhrQWufK0cg2qqpeu0zj3yniWJwAEZC9DvmQ0oUmiYBPzH5-18Pxa4SAZgM7ZNB0EWkTkFLWGzR9S6iLxXrqZMvzSYHW5geVg5xmOGcOSCYcxsXnV5skYfZgAbv57T24_fuxfEBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTc1ODQ3MTA4MDI4ODE2NTT6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0B5KFrJzvUKxPQu45sxCtE8O0Wmw%2526client%253Dca-pub-7913044002918072%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fhellonewyork.xyz%2F&ancestorOrigins=https%3A%2F%2Fhellonewyork.xyz%2Chttps%3A%2F%2Fhellonewyork.xyz%2Chttps%3A%2F%2Fbiggbos.live&random=789195292845&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=50&slotname=www.hellonewyork.xyz&adk=3010877171&adf=3552636261&pi=t.ma~as.www.hellonewyork.xyz&w=320&lmt=1636970262&url=https%3A%2F%2Fhellonewyork.xyz%2Fthe-health-benefits-of-tea-and-coffee%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636970262164&bpp=11&bdt=448&idt=380&shv=r20211109&mjsv=m202111080101&ptt=5&saldr=sa&correlator=3004978434039&frm=22&ife=1&pv=2&ga_vid=1843449854.1636970262&ga_sid=1636970262&ga_hid=1155179708&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=306&ish=432&ifk=2354337978&scr_x=-12245933&scr_y=-12245933&oid=2&pvsid=784279982248323&pem=594&tmod=1961044485&top=https%3A%2F%2Fbiggbos.live%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C306%2C432&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cp1ytyh3ieht&fsb=1&xpc=Uca5JMde6z&p=https%3A//hellonewyork.xyz&dtd=394
Protocol
HTTP/1.1
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
13bd77c7ef012e9b89fe969298ed98cf990dd8075d9b549c978944088994d97c

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 Nov 2021 09:57:43 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
56767000062595500973112011779025
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
329
Expires
Mon, 15 Nov 2021 09:57:43 +0100

Redirect headers

Pragma
no-cache
Date
Mon, 15 Nov 2021 09:57:43 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=le2lgnpkuh55&nw=20&renderingType=javascript&namespace=f161743635&subid=&uid=83f2007a7c1f47f1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x50&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2762100848445149922%26mt_id%3D6686406%26mt_adid%3D216536%26mt_sid%3D4637209%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D38c46192-2f16-4401-be54-1395eade9f3f%26mt_cid%3D38c46192-2f16-4401-be54-1395eade9f3f%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCuHLaFi-SYevrI8_I7gPVm6GoDM-HjptcwIbZgsYCwI23ARABIABg-4GAgIgKggEXY2EtcHViLTc5MTMwNDQwMDI5MTgwNzLIAQmoAwGqBPABT9ASTs1FUqy-uAX0e-_YLW3NsEzvb5YA1nhsgFc0yW52DMsqv4QhJI6Zk3gkD4IpdzZnxb4r7ewQbMbIrgSYiIKPIroX64B21cysfK2T4orOpXZ5Y11pZgWfHWZV5Cq3zebxNysPMyzokIPGCmxG4iufm8yNK8Fr41TUf2MmWad33Bf9xKlsEaSVJoQ8ie8ksy8KueTn3GhrQWufK0cg2qqpeu0zj3yniWJwAEZC9DvmQ0oUmiYBPzH5-18Pxa4SAZgM7ZNB0EWkTkFLWGzR9S6iLxXrqZMvzSYHW5geVg5xmOGcOSCYcxsXnV5skYfZgAbv57T24_fuxfEBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTc1ODQ3MTA4MDI4ODE2NTT6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0B5KFrJzvUKxPQu45sxCtE8O0Wmw%2526client%253Dca-pub-7913044002918072%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fhellonewyork.xyz%2F&ancestorOrigins=https%3A%2F%2Fhellonewyork.xyz%2Chttps%3A%2F%2Fhellonewyork.xyz%2Chttps%3A%2F%2Fbiggbos.live&random=789195292845&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Mon, 15 Nov 2021 09:57:43 +0100
c
c.adskeeper.com/ 		43 B
477 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://c.adskeeper.com/c?f=1&pv=3&v=287|228|8|C7SsGGMeBpyFVA4md27_QwQ9fZIFg9REfvObwWDHT1xUaaQqkl1H4XTMshwNQ52s&fw=1&extjs=66044&cid=1208464&h2=SJKIAqtrYWuoBRa52KQ2AdUnDgNTm-SYXBMq1ZItkxg*&rid=790578da-45fa-11ec-a3d8-d0946675f626&tt=Direct&iv=11&pageImp=1&pvid=17d2307ebf9b8406011&cbuster=1636970263096480846220&tpl=0
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/n/a/naagin5.co.1208464.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://biggbos.live/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 15 Nov 2021 09:57:43 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
5a094054-38b1-4c25-8dad-dd34016ec234
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6ae79df06c4f0847-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
tfa-eid.20211115-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 2BC7 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/tfa-eid.20211115-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/hellonewyorkpak/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
23827d51606e4c1cc95fac86ca3db4fc4123790c13bb1b0ffb0cce7a824635b7

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
6x6_sI9E.HAtvKASgJVoIwC0PQmls5Xi
content-encoding
gzip
etag
"65d6fd97b00e04544fb2306e4192b88f"
age
0
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5061
x-amz-id-2
uomvfW5clVJD5s3DQJoZJwUX3yNNhAc9dSCeJbw2gmRZtwQeJTi3Hz/TzXRPn4dSVumbnx1H8UQ=
x-served-by
cache-cdg20781-CDG
last-modified
Mon, 15 Nov 2021 09:57:43 GMT
server
AmazonS3
x-timer
S1636970263.111075,VS0,VE397
date
Mon, 15 Nov 2021 09:57:43 GMT
vary
Accept-Encoding
x-amz-request-id
RW12C8XV8SDCKB08
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
85
x-cache-hits
1
sha256.20211115-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 2BC7 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/sha256.20211115-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/hellonewyorkpak/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3ae61aa180dac316ef4032d32f2ee10a3ba776b9f216bbc4f1ca0472c72848cd

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
waYXql7pEUvOaF9cvt6mxz4VgdJUGu6z
content-encoding
gzip
etag
"cb12e7c807fb3812518525847f135f8a"
age
0
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2589
x-amz-id-2
meCCv/MXEDnR7t/J3oiX39mMXWIqcPWgJOtwyXrql26hCPgR/LFH5COPTYlBjxZEd4DcA/qfvdw=
x-served-by
cache-cdg20781-CDG
last-modified
Mon, 15 Nov 2021 09:57:44 GMT
server
AmazonS3
x-timer
S1636970263.111190,VS0,VE222
date
Mon, 15 Nov 2021 09:57:43 GMT
vary
Accept-Encoding
x-amz-request-id
RW12BC90YYW2HPSA
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
85
x-cache-hits
1
userx.20211115-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 2BC7 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20211115-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/hellonewyorkpak/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a341dcada814ea82785cdb2840103760a26160a5df2f424c6cf382c7d8b484e5

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
JktrBXA4p4LduGGVKm.zZHrhNxkazzrM
content-encoding
gzip
etag
"6ec3992aabe29018c7104ec739f0ca3e"
age
0
x-cache
MISS
x-amz-replication-status
PENDING
content-length
5339
x-amz-id-2
lGFMkDIhs9jNVW/OhrFCr7SvEdgrIqZpDMBQubPUH4QSFlbncmZRTpbGlm7F72fNxSJemAItAN0=
x-served-by
cache-cdg20781-CDG
last-modified
Mon, 15 Nov 2021 09:57:43 GMT
server
AmazonS3
x-timer
S1636970263.126058,VS0,VE92
date
Mon, 15 Nov 2021 09:57:43 GMT
vary
Accept-Encoding
x-amz-request-id
RW128B73VHR4KJP3
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
85
x-cache-hits
0
debug
am-trc-events.taboola.com/hellonewyorkpak/log/2/ Frame 2BC7 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/hellonewyorkpak/log/2/debug?tim=09%3A57%3A43.139&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbnails-rr&llvl=2&id=7109&cv=20211115-6-RELEASE&lt=deflated&pct=1
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:43 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12526
Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js
pagead2.googlesyndication.com/bg/ Frame 538D 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61dc309ec8b3d11aef7e9365f3dad0aa805188583a795c4d21d6e0b268efc183
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 20:35:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
220919
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
13476
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 12 Nov 2022 20:35:44 GMT
tfa-eid.20211115-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame A97E 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/tfa-eid.20211115-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/hellonewyorkpak/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
23827d51606e4c1cc95fac86ca3db4fc4123790c13bb1b0ffb0cce7a824635b7

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
6x6_sI9E.HAtvKASgJVoIwC0PQmls5Xi
content-encoding
gzip
etag
"65d6fd97b00e04544fb2306e4192b88f"
age
0
x-cache
MISS
x-amz-replication-status
PENDING
content-length
5061
x-amz-id-2
mPC9DjFAr7nF8+ZSYUXjFq9y3DuXOukwgAqLjCj0wNwUaJyeOAsRkjp7nwTQ7KbunGF0mYffZNE=
x-served-by
cache-cdg20781-CDG
last-modified
Mon, 15 Nov 2021 09:57:43 GMT
server
AmazonS3
x-timer
S1636970263.168522,VS0,VE179
date
Mon, 15 Nov 2021 09:57:43 GMT
vary
Accept-Encoding
x-amz-request-id
RW1FT9A023DZFXYD
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
85
x-cache-hits
0
sha256.20211115-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame A97E 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/sha256.20211115-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/hellonewyorkpak/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3ae61aa180dac316ef4032d32f2ee10a3ba776b9f216bbc4f1ca0472c72848cd

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
waYXql7pEUvOaF9cvt6mxz4VgdJUGu6z
content-encoding
gzip
etag
"cb12e7c807fb3812518525847f135f8a"
age
0
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2589
x-amz-id-2
meCCv/MXEDnR7t/J3oiX39mMXWIqcPWgJOtwyXrql26hCPgR/LFH5COPTYlBjxZEd4DcA/qfvdw=
x-served-by
cache-cdg20781-CDG
last-modified
Mon, 15 Nov 2021 09:57:44 GMT
server
AmazonS3
x-timer
S1636970263.168629,VS0,VE164
date
Mon, 15 Nov 2021 09:57:43 GMT
vary
Accept-Encoding
x-amz-request-id
RW12BC90YYW2HPSA
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
85
x-cache-hits
1
userx.20211115-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame A97E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20211115-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/hellonewyorkpak/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a341dcada814ea82785cdb2840103760a26160a5df2f424c6cf382c7d8b484e5

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
JktrBXA4p4LduGGVKm.zZHrhNxkazzrM
content-encoding
gzip
etag
"6ec3992aabe29018c7104ec739f0ca3e"
age
0
x-cache
MISS
x-amz-replication-status
PENDING
content-length
5339
x-amz-id-2
jipl4jjOxjZgPuzSoYCj4trZyX90ueeJh5T/PWel5d+uCpZjyOLVspvWI+X5yUxgZv4EW+uNcxw=
x-served-by
cache-cdg20781-CDG
last-modified
Mon, 15 Nov 2021 09:57:43 GMT
server
AmazonS3
x-timer
S1636970263.176069,VS0,VE134
date
Mon, 15 Nov 2021 09:57:43 GMT
vary
Accept-Encoding
x-amz-request-id
RW1656FJNP9BK6CC
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
85
x-cache-hits
0
fix-user-id
trc.taboola.com/hellonewyorkpak/log/3/ Frame A97E 		0
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/hellonewyorkpak/log/3/fix-user-id?lti=deflated&ri=50752a8578d8dffedfde31cb949b0266&sd=v2_0fe5f5b94e2022d5acda7b0a265c9714_4ddb11d2-5a48-47e2-8d33-bfadd962c0fa-tuct88bb496_1636970262_1636970262_CIi3jgYQtIZVGKPhn5jSLyABKAEwSjjE1whA6IsQSP2G3wNQ1KEPWABgAGjtxY_Nk8uW5EJwAA&ui=4ddb11d2-5a48-47e2-8d33-bfadd962c0fa-tuct88bb496&pi=/the-health-benefits-of-tea-and-coffee&wi=-5858869391597323817&pt=text&vi=1636970262691&time=1636970263160&fromUser=ac372b30-c760-447f-a289-3e10d559db8b-tuct88bb496&toUser=4ddb11d2-5a48-47e2-8d33-bfadd962c0fa-tuct88bb496&fromSD=v2_4d3414311680d4ab14fac1f1ee26166c_ac372b30-c760-447f-a289-3e10d559db8b-tuct88bb496_1636970262_1636970262_CNawjgYQtIZVGOzgn5jSLyABKAEwSjjE1whA6IsQSP2G3wNQ1KEPWABgAGjtxY_Nk8uW5EJwAA&toSD=v2_0fe5f5b94e2022d5acda7b0a265c9714_4ddb11d2-5a48-47e2-8d33-bfadd962c0fa-tuct88bb496_1636970262_1636970262_CIi3jgYQtIZVGKPhn5jSLyABKAEwSjjE1whA6IsQSP2G3wNQ1KEPWABgAGjtxY_Nk8uW5EJwAA&tim=09%3A57%3A43.161&id=4528&llvl=2&cv=20211115-6-RELEASE&
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
11
pragma
no-cache
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish
server
nginx
x-timer
S1636970263.190063,VS0,VE11
x-served-by
cache-cdg20781-CDG
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
debug
am-trc-events.taboola.com/hellonewyorkpak/log/2/ Frame A97E 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/hellonewyorkpak/log/2/debug?tim=09%3A57%3A43.183&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbnails-rr&llvl=2&id=3232&cv=20211115-6-RELEASE&lt=deflated&pct=1
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:43 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12526
tfa-eid.20211115-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 2AF5 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/tfa-eid.20211115-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/hellonewyorkpak/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
23827d51606e4c1cc95fac86ca3db4fc4123790c13bb1b0ffb0cce7a824635b7

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
6x6_sI9E.HAtvKASgJVoIwC0PQmls5Xi
content-encoding
gzip
etag
"65d6fd97b00e04544fb2306e4192b88f"
age
0
x-cache
MISS
x-amz-replication-status
PENDING
content-length
5061
x-amz-id-2
wGhb3JRli8OKQ7/Dsl+JrjiC1sXsl7u5TL6QlIAhcNqoxENonQjEs6OoVXaSIm5vG2HHQMnnjNE=
x-served-by
cache-cdg20781-CDG
last-modified
Mon, 15 Nov 2021 09:57:43 GMT
server
AmazonS3
x-timer
S1636970263.194505,VS0,VE242
date
Mon, 15 Nov 2021 09:57:43 GMT
vary
Accept-Encoding
x-amz-request-id
RW171YJ8SSXBMB4E
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
85
x-cache-hits
0
sha256.20211115-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 2AF5 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/sha256.20211115-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/hellonewyorkpak/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3ae61aa180dac316ef4032d32f2ee10a3ba776b9f216bbc4f1ca0472c72848cd

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
waYXql7pEUvOaF9cvt6mxz4VgdJUGu6z
content-encoding
gzip
etag
"cb12e7c807fb3812518525847f135f8a"
age
0
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2589
x-amz-id-2
meCCv/MXEDnR7t/J3oiX39mMXWIqcPWgJOtwyXrql26hCPgR/LFH5COPTYlBjxZEd4DcA/qfvdw=
x-served-by
cache-cdg20781-CDG
last-modified
Mon, 15 Nov 2021 09:57:44 GMT
server
AmazonS3
x-timer
S1636970263.194623,VS0,VE139
date
Mon, 15 Nov 2021 09:57:43 GMT
vary
Accept-Encoding
x-amz-request-id
RW12BC90YYW2HPSA
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
85
x-cache-hits
1
userx.20211115-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 2AF5 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20211115-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/hellonewyorkpak/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a341dcada814ea82785cdb2840103760a26160a5df2f424c6cf382c7d8b484e5

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
gBtTug7v1S75vwjCuaxMOzC3M5ZB5wyS
content-encoding
gzip
etag
"6ec3992aabe29018c7104ec739f0ca3e"
age
0
x-cache
MISS
x-amz-replication-status
PENDING
content-length
5339
x-amz-id-2
6YxFCV/QQDfjfsbNsxauP/3zsgoeJqW88gsqnPInITzvcXU2F9hJkK4yPr0ozKhePu8J78xTKoE=
x-served-by
cache-cdg20781-CDG
last-modified
Mon, 15 Nov 2021 09:57:43 GMT
server
AmazonS3
x-timer
S1636970263.199803,VS0,VE213
date
Mon, 15 Nov 2021 09:57:43 GMT
vary
Accept-Encoding
x-amz-request-id
RW11HCCJ71N3YGRG
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
85
x-cache-hits
0
fix-user-id
trc.taboola.com/hellonewyorkpak/log/3/ Frame 2AF5 		0
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/hellonewyorkpak/log/3/fix-user-id?lti=deflated&ri=68231f6116977187744d7472819a23cb&sd=v2_63d1f90ad2c0f84e3939fc6e50aeed3f_0af38538-93ae-47e6-b86a-f2cbd9e977ad-tuct88bb496_1636970262_1636970262_CIi3jgYQtIZVGKzhn5jSLyABKAEwSjjE1whA6IsQSP2G3wNQ1KEPWABgAGjtxY_Nk8uW5EJwAA&ui=0af38538-93ae-47e6-b86a-f2cbd9e977ad-tuct88bb496&pi=/nine-weight-loss-mistakes&wi=-8729865367037780945&pt=text&vi=1636970262700&time=1636970263187&fromUser=4ddb11d2-5a48-47e2-8d33-bfadd962c0fa-tuct88bb496&toUser=0af38538-93ae-47e6-b86a-f2cbd9e977ad-tuct88bb496&fromSD=v2_0fe5f5b94e2022d5acda7b0a265c9714_4ddb11d2-5a48-47e2-8d33-bfadd962c0fa-tuct88bb496_1636970262_1636970262_CIi3jgYQtIZVGKPhn5jSLyABKAEwSjjE1whA6IsQSP2G3wNQ1KEPWABgAGjtxY_Nk8uW5EJwAA&toSD=v2_63d1f90ad2c0f84e3939fc6e50aeed3f_0af38538-93ae-47e6-b86a-f2cbd9e977ad-tuct88bb496_1636970262_1636970262_CIi3jgYQtIZVGKzhn5jSLyABKAEwSjjE1whA6IsQSP2G3wNQ1KEPWABgAGjtxY_Nk8uW5EJwAA&tim=09%3A57%3A43.187&id=7791&llvl=2&cv=20211115-6-RELEASE&
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
14
pragma
no-cache
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish
server
nginx
x-timer
S1636970263.212704,VS0,VE14
x-served-by
cache-cdg20781-CDG
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
debug
am-trc-events.taboola.com/hellonewyorkpak/log/2/ Frame 2AF5 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/hellonewyorkpak/log/2/debug?tim=09%3A57%3A43.206&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbnails-rr&llvl=2&id=6210&cv=20211115-6-RELEASE&lt=deflated&pct=1
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:43 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12526
52384958771cdd184bb03515ed738ba0.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_178%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 2BC7 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_178%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/52384958771cdd184bb03515ed738ba0.jpeg
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
516ddc06af82ca6146ff2da77573321df08692e47feee78d7a033a900dbb502d

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
1562254
edge-cache-tag
601499061470973166302090196104723749776,485680984931613452384152733347025610716,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
541
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_178%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/52384958771cdd184bb03515ed738ba0.jpeg
content-length
2352
x-request-id
d7f19e1d7c06cb144f8ee250210b98e7
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Wed, 27 Oct 2021 15:12:09 GMT
server
nginx
x-timer
S1636970263.241982,VS0,VE0
etag
"bafcbea918eb4ef39957770341b3ea9b"
x-served-by
cache-wdc5559-WDC, cache-dca17772-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
e5a313a22c75f9cf00599e4867714361.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_178%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 2BC7 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_178%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e5a313a22c75f9cf00599e4867714361.jpg
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b9de8bda0543643462819c179beab2db03cf645e9eb857a9cc056ae668c4cca0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
1447236
edge-cache-tag
434457992939826686430140232380743455079,485680984931613452384152733347025610716,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
104
expiration
expiry-date="Wed, 10 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_178%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e5a313a22c75f9cf00599e4867714361.jpg
content-length
5554
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Sun, 10 Oct 2021 13:13:30 GMT
server
nginx
x-timer
S1636970263.242135,VS0,VE1
etag
"77a022a211fea8510d73678908d820d1"
x-served-by
cache-wdc5554-WDC, cache-dca17758-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
uc%3Fid%3D1RQRbtK6i9HWVLF68fiCrn8D-9Yeu7jFd
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//drive.google.com/ Frame 2BC7 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//drive.google.com/uc%3Fid%3D1RQRbtK6i9HWVLF68fiCrn8D-9Yeu7jFd
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0c6cae0c25f8b1f1ef110d5d4d6fd633abaff274a012d05f7946c665f69d623c

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
1196397
edge-cache-tag
384607691987601971935315882782990141144,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
323
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//drive.google.com/uc%3Fid%3D1RQRbtK6i9HWVLF68fiCrn8D-9Yeu7jFd
content-length
24546
x-request-id
58aeb89093f510f94df7abfc56acbfa8
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Mon, 01 Nov 2021 11:55:46 GMT
server
nginx
x-timer
S1636970263.241904,VS0,VE1
etag
"a5c93c37ce43f9f929ac1e297d4dcd4f"
x-served-by
cache-wdc5557-WDC, cache-dca12923-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
260ed55d953135b50a3e1a8384033785.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 2BC7 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/260ed55d953135b50a3e1a8384033785.jpg
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0ef22a5ddd0a587097aa66e1b8fb0c87546b2cbd0e130a0c05c2e5c2c390c15a

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
1546379
edge-cache-tag
508955381672571660057868926371041021599,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
2302
x-cache
MISS, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/260ed55d953135b50a3e1a8384033785.jpg
content-length
10072
x-request-id
cfda92c5f64ffbb15890a5973cc61215
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified
Tue, 26 Oct 2021 09:41:58 GMT
server
nginx
x-timer
S1636970263.241683,VS0,VE1
etag
"923ec5868ef9866f9469b28aa4b51e14"
x-served-by
cache-wdc5553-WDC, cache-dca17764-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1
887dcec8e29453a02c3863d7282e869b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 2BC7 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/887dcec8e29453a02c3863d7282e869b.jpg
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1a2f0b3910e41d2d2ea45a7f8620014803ad73dd3a1cabf35c619a0521812a16

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
1818592
edge-cache-tag
569119135004109816163635906781956140696,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
140
expiration
expiry-date="Mon, 25 Oct 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/887dcec8e29453a02c3863d7282e869b.jpg
content-length
7082
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Fri, 24 Sep 2021 03:18:39 GMT
server
nginx
x-timer
S1636970263.241795,VS0,VE1
etag
"6db2ccfbb847ec78308f87dd89d4ce68"
x-served-by
cache-wdc5569-WDC, cache-dca17731-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
0e112d67bc18bde0791fc93d384fb38b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 2BC7 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0e112d67bc18bde0791fc93d384fb38b.jpg
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
86a65b0893d3dedeb9bf02e3f3e3599f6ac8f02053c7760dec43ad483815be2a

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2432840
edge-cache-tag
295063846992228983807454349096470305525,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
60
expiration
expiry-date="Wed, 10 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0e112d67bc18bde0791fc93d384fb38b.jpg
content-length
12426
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Sun, 10 Oct 2021 18:48:13 GMT
server
nginx
x-timer
S1636970263.242048,VS0,VE1
etag
"3d12fc06407039d665c7dd741a6984bb"
x-served-by
cache-wdc5572-WDC, cache-dca12922-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
28e8cbba8d6a44e4aa4b4e8578811975.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.workandmoney.com/28/e8/ Frame 2BC7 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.workandmoney.com/28/e8/28e8cbba8d6a44e4aa4b4e8578811975.jpeg
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
683c9f69bcb4e3624efe2776623acef25f58bd7d39eb0c9d34cf845f2f2bab3b

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
750504
edge-cache-tag
599302246812288786411011045236148130924,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
90
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.workandmoney.com/28/e8/28e8cbba8d6a44e4aa4b4e8578811975.jpeg
content-length
24550
x-request-id
776888d7f64b58689d898226abcbbde0
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified
Wed, 27 Oct 2021 21:09:30 GMT
server
nginx
x-timer
S1636970263.270965,VS0,VE1
etag
"42d7a17a60fadb0505914cbb3b319fb9"
x-served-by
cache-wdc5538-WDC, cache-dca17754-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
7a519601367a9ff3e22f334a0a1bda5c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 2BC7 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7a519601367a9ff3e22f334a0a1bda5c.jpg
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
96b1bc36a8bcb0feeacaae0edf7213ab03e574a932349ce371270dc28d08766e

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
3383858
edge-cache-tag
409577855625409531679687886233367615011,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
40
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7a519601367a9ff3e22f334a0a1bda5c.jpg
content-length
19084
x-request-id
cdea29cc2ab8ccf58afab4c2eaa4d8a4
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Mon, 20 Sep 2021 19:45:57 GMT
server
nginx
x-timer
S1636970263.271082,VS0,VE0
etag
"b6ab86f0f4212914f648b0a3990b5bcf"
x-served-by
cache-wdc5559-WDC, cache-dca12924-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 26
9d223b4d-3cc9-4bb4-a7b8-45a1e510e9db.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//eapcj.com/content/ Frame 2BC7 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//eapcj.com/content/9d223b4d-3cc9-4bb4-a7b8-45a1e510e9db.jpeg
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
92cc8362bc2a2666dcd75055196c7759f89592018706aa3a83160f23e6443d61

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
1862279
edge-cache-tag
301153713417272984464739342976127912782,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
209
x-cache
HIT, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//eapcj.com/content/9d223b4d-3cc9-4bb4-a7b8-45a1e510e9db.jpeg
content-length
21638
x-request-id
7df8ea41e83dff9ae77902801f59bbae
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Wed, 22 Sep 2021 13:28:12 GMT
server
nginx
x-timer
S1636970263.286471,VS0,VE1
etag
"6d9d2c0d98a2bcfc640e60eab4360178"
x-served-by
cache-wdc5546-WDC, cache-dca17732-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1
caaed8106162cd48de2776e979eb4b97.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 2BC7 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/caaed8106162cd48de2776e979eb4b97.jpg
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7f35beb753d6e2c1f3b0a0707b5b4af971f63f6c87f92af6904d28752d5f4854

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
1539459
edge-cache-tag
407527341644976687031024964468042082167,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
106
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/caaed8106162cd48de2776e979eb4b97.jpg
content-length
23830
x-request-id
2d1af89f74a048e92b201b17abede17f
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified
Sat, 23 Oct 2021 08:56:22 GMT
server
nginx
x-timer
S1636970263.286580,VS0,VE1
etag
"bea3e710543644751869d286ea10f491"
x-served-by
cache-wdc5559-WDC, cache-dca17765-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
2f8dd7564c8cb3910445e5acdf.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//wl-brightside.cf.tsp.li/resize/728x/jpg/d6e/d40/ Frame 2BC7 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//wl-brightside.cf.tsp.li/resize/728x/jpg/d6e/d40/2f8dd7564c8cb3910445e5acdf.jpg
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
10eae251d1f63da3e07a6aa466caaae39c7a88c2a0252035e8485bcd07175786

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
182240
edge-cache-tag
614606555891686417689223305775474177727,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
353
x-cache
MISS, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//wl-brightside.cf.tsp.li/resize/728x/jpg/d6e/d40/2f8dd7564c8cb3910445e5acdf.jpg
content-length
10708
x-request-id
49364b94a9b87a66fd46662b93c1d3db
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified
Sat, 06 Nov 2021 21:39:27 GMT
server
nginx
x-timer
S1636970263.286695,VS0,VE1
etag
"4bb194e81736f50a540f9f97009ac410"
x-served-by
cache-wdc5529-WDC, cache-dca12927-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1
Nine-weight-loss-mistakes.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/ Frame 2BC7 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Nine-weight-loss-mistakes.jpg
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f5628d5224da01ac70d40a4714a660ac25d9c449bbcfb09764a84cd063c9cb62

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
1439734
edge-cache-tag
336323676149500363777251735904624945114,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
342
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Nine-weight-loss-mistakes.jpg
content-length
12596
x-request-id
514e07ab40182f898b082a154f35b1ad
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Fri, 01 Oct 2021 10:09:09 GMT
server
nginx
x-timer
S1636970263.286764,VS0,VE1
etag
"c4c8153dd98f1731d552332bec506565"
x-served-by
cache-wdc5537-WDC, cache-dca17744-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
Turn-Mens-Heads-Beauty-Tips-for-Your-Face.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/ Frame 2BC7 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/Turn-Mens-Heads-Beauty-Tips-for-Your-Face.jpg
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dfc9ff95d2763076ea0619f310c5b15b62500769df77acb49cecfa4eb4577903

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2489359
edge-cache-tag
416520295331442748702138777723341653228,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
94
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/Turn-Mens-Heads-Beauty-Tips-for-Your-Face.jpg
content-length
16752
x-request-id
6a49080f82f0911c82c74ad089dc22b3
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified
Tue, 28 Sep 2021 02:16:23 GMT
server
nginx
x-timer
S1636970263.298037,VS0,VE1
etag
"4b3013adde1e0a5d2fefa10eab957bd6"
x-served-by
cache-wdc5527-WDC, cache-dca12926-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 2, 1
StylPro-Makeup-Brush-Cleaner-and-Drier.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/ Frame 2BC7 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/StylPro-Makeup-Brush-Cleaner-and-Drier.jpg
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
457a20cd2d790a90025ac843a0b1752efd5bf5a34f2ee30e9f1bdbbe2fde16e0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2489359
edge-cache-tag
369165723572846407595236879761625142526,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
95
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/StylPro-Makeup-Brush-Cleaner-and-Drier.jpg
content-length
14740
x-request-id
74b7ac10d3cbb5f6cdebce2fc3921d65
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Fri, 08 Oct 2021 09:39:21 GMT
server
nginx
x-timer
S1636970263.298122,VS0,VE1
etag
"16866e95460394647f90ede41f1ccaf5"
x-served-by
cache-wdc5522-WDC, cache-dca17770-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
Beauty-Tips-for-Unwanted-Facial-Hair.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/ Frame 2BC7 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/Beauty-Tips-for-Unwanted-Facial-Hair.jpg
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1914ae70e7b5ba43f3fffc59aeee5dbd360ab1027e1ea6b204723e62ae099095

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2489359
edge-cache-tag
596846993393003876624608437472935194929,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
339
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/Beauty-Tips-for-Unwanted-Facial-Hair.jpg
content-length
18146
x-request-id
7ed2b3e4a2f789884b0b2afa6c926025
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Sun, 26 Sep 2021 04:56:11 GMT
server
nginx
x-timer
S1636970263.312231,VS0,VE1
etag
"ace49aac845ba3e3d132b28506c9566b"
x-served-by
cache-wdc5533-WDC, cache-dca17743-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
Gap-introduces-the-most-sustainable-collection-to-date.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/ Frame 2BC7 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Gap-introduces-the-most-sustainable-collection-to-date.jpg
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f6293aeab6a9d99410be9777b8ad5a00f2beff14a31aea05a57e8cc086da0af2

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
1484081
edge-cache-tag
434284108669243915238950730005097521352,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
147
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Gap-introduces-the-most-sustainable-collection-to-date.jpg
content-length
22518
x-request-id
a6ddc41b61d58306508655ae7a306faa
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Tue, 28 Sep 2021 09:43:37 GMT
server
nginx
x-timer
S1636970263.312468,VS0,VE1
etag
"58e6e0a5951e02f3c63bacaae065c45b"
x-served-by
cache-wdc5572-WDC, cache-dca17725-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
Authentic-Mexican-cuisine-spices.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/ Frame 2BC7 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Authentic-Mexican-cuisine-spices.jpg
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6963c149acbd8cb37d7e210d0b1abc1b81e9667458c09b842cb9b31abc99a7b5

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2489360
edge-cache-tag
410767180370546641811850346019623695425,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
106
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Authentic-Mexican-cuisine-spices.jpg
content-length
33964
x-request-id
de8963d5123a8ba5d583926391322a54
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified
Mon, 27 Sep 2021 13:36:22 GMT
server
nginx
x-timer
S1636970263.312570,VS0,VE1
etag
"23af58c7d5edbce70ec3d2f157327f53"
x-served-by
cache-wdc5549-WDC, cache-dca17782-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
Polaroid-Camera-Hema.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/ Frame 2BC7 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Polaroid-Camera-Hema.jpg
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4f4053bbe3f92c152d8e2e50d204b23c0f8d70e535fea875aad08ebabb2088fe

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
1487731
edge-cache-tag
355526876325294740738427456534810939519,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
89
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Polaroid-Camera-Hema.jpg
content-length
11284
x-request-id
726061b2c648a396ec62c9167109a7a2
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified
Sat, 02 Oct 2021 06:26:20 GMT
server
nginx
x-timer
S1636970263.312645,VS0,VE1
etag
"1ddd7cfd01920fb6d712754816a8abdd"
x-served-by
cache-wdc5578-WDC, cache-dca17732-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
Times-Square-New-York.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/ Frame 2BC7 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Times-Square-New-York.jpg
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ce3c59bd94e2d9cf0e0f4a107f504b07cf52da82ac230734b32f8d779950d303

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2489359
edge-cache-tag
554383354853648926368206371178227098577,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
57
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Times-Square-New-York.jpg
content-length
37548
x-request-id
28f0d2b120897d5e2c039c8bee6b2fd0
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Wed, 13 Oct 2021 11:51:57 GMT
server
nginx
x-timer
S1636970263.321930,VS0,VE0
etag
"39a66b87fd7ae63a6bee041dd0dc28bd"
x-served-by
cache-wdc5583-WDC, cache-dca17774-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
Broadway-Plakate.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/ Frame 2BC7 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Broadway-Plakate.jpg
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
080fa2d28695b11e72e6d26b3c5db5d9fe383267d8f09022ec42a3fb996fc8f1

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2489358
edge-cache-tag
296428190339110368798463232824756766083,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
292
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Broadway-Plakate.jpg
content-length
31946
x-request-id
16045acdfc011a0022f19f81b53a87f1
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Sat, 09 Oct 2021 09:25:26 GMT
server
nginx
x-timer
S1636970263.322022,VS0,VE1
etag
"8c83672bb118988aaad4b17e079e4d6b"
x-served-by
cache-wdc5556-WDC, cache-dca17763-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
Valentine-ode-to-friends.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/ Frame 2BC7 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Valentine-ode-to-friends.jpg
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8d90662adb117db7d7aaf1fe95098f23757d913059217fdeee97ecb9ea74c1f0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
451411
edge-cache-tag
448655349641571379734370104704486624796,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
165
expiration
expiry-date="Wed, 17 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Valentine-ode-to-friends.jpg
content-length
11746
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Sun, 17 Oct 2021 14:28:25 GMT
server
nginx
x-timer
S1636970263.335350,VS0,VE1
etag
"a2b2ab99c0bc3385009ca542a56c7e5e"
x-served-by
cache-bwi5071-BWI, cache-dca17769-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
Jewelry-from-Beautiful-Bijoux.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/ Frame 2BC7 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Jewelry-from-Beautiful-Bijoux.jpg
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2001ff119fa3c97bce2db74436f7870d9eee1fb8b2c1ac0627fb6b3bf0c94891

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2122697
edge-cache-tag
438480729498542458610313714760487818332,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
80
expiration
expiry-date="Wed, 17 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Jewelry-from-Beautiful-Bijoux.jpg
content-length
4454
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Sun, 17 Oct 2021 14:28:26 GMT
server
nginx
x-timer
S1636970263.335503,VS0,VE1
etag
"4a30e6f83ae97674ca957e1f93788342"
x-served-by
cache-wdc5530-WDC, cache-dca17731-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
How-to-make-Easy-Chocloate-Recipe-at-Home.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/ Frame 2BC7 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/How-to-make-Easy-Chocloate-Recipe-at-Home.jpg
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e1d4082b0bf5ff4a99b76ac0ff2acf5ce5f95cc7c62362d537672d0941fc70d4

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2489359
edge-cache-tag
449072856988195537460499973417970766978,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
39
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/How-to-make-Easy-Chocloate-Recipe-at-Home.jpg
content-length
12296
x-request-id
034e74a2223634affcb216e7d0f0dc3a
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Sat, 09 Oct 2021 13:15:16 GMT
server
nginx
x-timer
S1636970263.340361,VS0,VE1
etag
"3603dc80f6aa6a2c8e0641839cf6c201"
x-served-by
cache-wdc5535-WDC, cache-dca17766-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
Online-Shopping-Beware-of-the-digital-carbon-footprint.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/ Frame 2BC7 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Online-Shopping-Beware-of-the-digital-carbon-footprint.jpg
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4a8750a8640722a68b2c2ba1ac046162759ceb0da6a23d5870c099ff9fca5488

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
1477972
edge-cache-tag
455574778097323617596836666847631332288,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
123
expiration
expiry-date="Wed, 17 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Online-Shopping-Beware-of-the-digital-carbon-footprint.jpg
content-length
19354
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Sun, 17 Oct 2021 14:28:24 GMT
server
nginx
x-timer
S1636970263.340657,VS0,VE1
etag
"c18189f4cb3df5c51d2edf9b3540fa92"
x-served-by
cache-wdc5542-WDC, cache-dca17731-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 123, 1
Buy-An-Authentic-Fendi-Bag.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/ Frame 2BC7 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/Buy-An-Authentic-Fendi-Bag.jpg
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
428b41475ec929a13f4d7a6e655beb0abc11e97721b6cbd9f290d1d4308f2edd

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2489359
edge-cache-tag
564545401055494689696246036615609214168,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
335
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/Buy-An-Authentic-Fendi-Bag.jpg
content-length
15502
x-request-id
5d31a256c57638c3c1b36762dc1797c4
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Wed, 06 Oct 2021 13:46:07 GMT
server
nginx
x-timer
S1636970263.346851,VS0,VE1
etag
"368ca17a796dfb64060e3266a2755fa0"
x-served-by
cache-wdc5575-WDC, cache-dca17769-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
Wholesale-Gucci-Handbags.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/ Frame 2BC7 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/Wholesale-Gucci-Handbags.jpg
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
907e7babdb7b73195d76bdc0ebf419c5f3e557067ce3b76ab6cf86b615b31289

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2489358
edge-cache-tag
422677452339694683132116185605097261208,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
328
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/Wholesale-Gucci-Handbags.jpg
content-length
2788
x-request-id
f303d7a4feb51d7ae39bd02f735653d2
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Sun, 26 Sep 2021 09:01:48 GMT
server
nginx
x-timer
S1636970263.348745,VS0,VE0
etag
"45a7a304c516397ab9d4b9f57c19daa3"
x-served-by
cache-wdc5539-WDC, cache-dca17730-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
Fats-how-food-affects-health.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/ Frame 2BC7 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Fats-how-food-affects-health.jpg
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
95783c1ae0fafb95a57fe483c80d16dc0172df96e263fec0468741f51704d061

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
1487732
edge-cache-tag
296348685551915191704591657079613820762,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
124
expiration
expiry-date="Wed, 17 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Fats-how-food-affects-health.jpg
content-length
10138
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Sun, 17 Oct 2021 14:28:25 GMT
server
nginx
x-timer
S1636970263.356601,VS0,VE0
etag
"87c47e3e16a8bcc5939da663768e94c2"
x-served-by
cache-wdc5524-WDC, cache-dca17733-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
Shoes-that-are-Always-In-Styles.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/ Frame 2BC7 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/Shoes-that-are-Always-In-Styles.jpg
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b5686069f5bf126c4e57f6d3c15f48a41840693ce741c049f85ad3c9f81b685a

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2489359
edge-cache-tag
448844868478201468301223775104188832904,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
43
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/Shoes-that-are-Always-In-Styles.jpg
content-length
3106
x-request-id
7012a0168b1d74800c77bc3c1ad6f730
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Wed, 29 Sep 2021 08:16:35 GMT
server
nginx
x-timer
S1636970263.356704,VS0,VE0
etag
"89b693b3de15f5111af9bda12a3751ba"
x-served-by
cache-wdc5572-WDC, cache-dca17775-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
Beauty-Tips-%E2%80%93-How-to-Wear-Eye-Make-up.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/ Frame 2BC7 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/Beauty-Tips-%E2%80%93-How-to-Wear-Eye-Make-up.jpg
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1fdc67fe1803288afb5eb0f5b56a69a41f308e5a78727652ffd72258c8316095

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2489358
edge-cache-tag
460747748059409949358711808145004080923,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
91
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/Beauty-Tips-%E2%80%93-How-to-Wear-Eye-Make-up.jpg
content-length
17782
x-request-id
d774236347265784ab15bfb1ead94c52
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Fri, 01 Oct 2021 14:55:23 GMT
server
nginx
x-timer
S1636970263.368978,VS0,VE0
etag
"8ba4fce7417cf573607a30166b728ef6"
x-served-by
cache-wdc5556-WDC, cache-dca17737-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
Coalco-New-York.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/ Frame 2BC7 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Coalco-New-York.jpg
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e6ed1ec14635bec612551d6c977cec8a3cb4c7f5f6ea37b90fb7a1b9c6951781

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2489359
edge-cache-tag
343003332450164410658145978676040604802,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
355
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Coalco-New-York.jpg
content-length
8212
x-request-id
4aa71a42d30d3554936923d8cd100f3d
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified
Wed, 13 Oct 2021 11:51:56 GMT
server
nginx
x-timer
S1636970263.370540,VS0,VE0
etag
"c638a834f88a0439f1e943f43f6d3288"
x-served-by
cache-wdc5582-WDC, cache-dca17757-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 152, 2
Cosmeceuticals.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/ Frame 2BC7 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Cosmeceuticals.jpg
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9f5874fb2c3632a34548feb383bdac63a9fb3294d454469cbe16375cee645f5e

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2489359
edge-cache-tag
614874634588055474367794225559726837334,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
81
expiration
expiry-date="Thu, 21 Oct 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Cosmeceuticals.jpg
content-length
9314
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified
Mon, 20 Sep 2021 14:34:28 GMT
server
nginx
x-timer
S1636970263.372596,VS0,VE0
etag
"064529aa200d63ae65f8942659cd34d7"
x-served-by
cache-wdc5578-WDC, cache-dca17748-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 2, 2
New-York-City.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/ Frame 2BC7 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/New-York-City.jpg
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
761580f2029c648210e4dd74c1c10dcf81426c863feed9e7e7b13f61a0d42249

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2489358
edge-cache-tag
364665386812518436413182253631782722459,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
93
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/New-York-City.jpg
content-length
20010
x-request-id
1eb0f77c52ecc3d007bc593a221c0284
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified
Wed, 13 Oct 2021 11:51:54 GMT
server
nginx
x-timer
S1636970263.378083,VS0,VE1
etag
"ee1659532901cb55c0e49f957c79b492"
x-served-by
cache-wdc5538-WDC, cache-dca17736-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
f407201c-2e1d-4e3f-8232-d1d8168b9491.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_178%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//ztafz.com/content/ Frame A97E 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_178%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//ztafz.com/content/f407201c-2e1d-4e3f-8232-d1d8168b9491.jpeg
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6002a0f5187b8ff576479ddcd6cdf0f6cf7d9ef33fdb00dcf990724d47aa59a8

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
3379239
edge-cache-tag
576078206213730269011294818011841734099,485680984931613452384152733347025610716,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
119
expiration
expiry-date="Fri, 15 Oct 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_178%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//ztafz.com/content/f407201c-2e1d-4e3f-8232-d1d8168b9491.jpeg
content-length
12452
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified
Tue, 14 Sep 2021 14:14:12 GMT
server
nginx
x-timer
S1636970263.273228,VS0,VE1
etag
"0295f9c56270ac0fea0dc6b49369a9ce"
x-served-by
cache-wdc5573-WDC, cache-dca17783-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
3c07fd4684b2881f5221de5871f41b10.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_178%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame A97E 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_178%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3c07fd4684b2881f5221de5871f41b10.jpg
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d7ed0741d5d8b1f4c1e5d326052429a0e041baf1544d3dcddb140a0d12bf590c

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
236578
edge-cache-tag
337266573422598645189398621486667940130,485680984931613452384152733347025610716,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
141
expiration
expiry-date="Mon, 15 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_178%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3c07fd4684b2881f5221de5871f41b10.jpg
content-length
9460
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Fri, 15 Oct 2021 18:35:59 GMT
server
nginx
x-timer
S1636970263.273353,VS0,VE1
etag
"de2fa1c429832b3a05dc7a9a32819d85"
x-served-by
cache-dca17733-DCA, cache-dca17769-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
img_60dd977d9c2f83.88076454_oNu8DFqRfgT5Snt66dFC9ncd0hY94jN4QSc20Mqj5m8URgP7cN_tb08.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.eam.pubocean.com/ Frame A97E 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.eam.pubocean.com/img_60dd977d9c2f83.88076454_oNu8DFqRfgT5Snt66dFC9ncd0hY94jN4QSc20Mqj5m8URgP7cN_tb08.jpg
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
77aecfb1f8472b4174b78cd6de1db59c8a1287f7050ed3e45c317296a398f226

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
1556289
edge-cache-tag
358100031330968324114665149559953222630,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
406
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.eam.pubocean.com/img_60dd977d9c2f83.88076454_oNu8DFqRfgT5Snt66dFC9ncd0hY94jN4QSc20Mqj5m8URgP7cN_tb08.jpg
content-length
12622
x-request-id
74a2d217a953e4d6cc73d74fb1fa1bea
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified
Mon, 11 Oct 2021 20:25:26 GMT
server
nginx
x-timer
S1636970263.273461,VS0,VE1
etag
"cf0547eb6ae91a933535109740dbb915"
x-served-by
cache-wdc5555-WDC, cache-dca17763-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
1ccf6d88ec319c5b536e82765efc8f29.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame A97E 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1ccf6d88ec319c5b536e82765efc8f29.jpg
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
eaaeaf5def876cc36115a889853c0c562fb3d6fcdc032b13cfb1b16124d1a3da

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
430159
edge-cache-tag
435188756788120158558176724420372581358,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
211
expiration
expiry-date="Thu, 18 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1ccf6d88ec319c5b536e82765efc8f29.jpg
content-length
9098
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Mon, 18 Oct 2021 06:04:31 GMT
server
nginx
x-timer
S1636970263.273552,VS0,VE1
etag
"f13eb2ea8c0a4372431c6e240b419114"
x-served-by
cache-bwi5047-BWI, cache-dca12924-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
2467ce2315e007503f4ebcca8778fe44.png
images.taboola.com/taboola/image/fetch/h_254,w_380,c_fill,g_xy_center,x_394,y_288/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame A97E 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_254,w_380,c_fill,g_xy_center,x_394,y_288/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2467ce2315e007503f4ebcca8778fe44.png
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
36b265c7e9ff91d94a6730798ecde0e85093af4bf7a37938b9f17f20531aa3bf

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2168747
edge-cache-tag
439122361959919836495728179646720858859,305898206664746664966099801015502170748,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
61
expiration
expiry-date="Sun, 31 Oct 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/h_254,w_380,c_fill,g_xy_center,x_394,y_288/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2467ce2315e007503f4ebcca8778fe44.png
content-length
16982
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Thu, 30 Sep 2021 13:28:23 GMT
server
nginx
x-timer
S1636970263.273648,VS0,VE1
etag
"d7b22c08aaaf64dd25b3445e498f1688"
x-served-by
cache-wdc5558-WDC, cache-dca17748-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
5aa43cdc73d60291fab7afc9798cd680.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame A97E 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5aa43cdc73d60291fab7afc9798cd680.jpg
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fd8578bf97d570169c7d14e51e6e7bc673e67052a7d21f21ef7260e8ab812da3

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
1768655
edge-cache-tag
333441406397141828404444702304763177750,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
40
x-cache
HIT, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5aa43cdc73d60291fab7afc9798cd680.jpg
content-length
12972
x-request-id
2be5c12fa9315e2297bf39af7fc553bc
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Sat, 02 Oct 2021 04:20:23 GMT
server
nginx
x-timer
S1636970263.275469,VS0,VE1
etag
"a3c1cbf6bb4dbe188d59c1f7d2f808ff"
x-served-by
cache-wdc5536-WDC, cache-dca17759-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1
5cad6640db6706efa9886017717af25f.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame A97E 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5cad6640db6706efa9886017717af25f.png
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
27dc1887f3d50ce1b7de779c747dab964569a524183f34c733ea1ca530db5851

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
1452694
edge-cache-tag
472586887892666366095870492922317021896,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
84
x-cache
HIT, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5cad6640db6706efa9886017717af25f.png
content-length
11666
x-request-id
c6ac0d40aca23e058d07ead700a93521
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified
Wed, 27 Oct 2021 19:34:15 GMT
server
nginx
x-timer
S1636970263.299169,VS0,VE1
etag
"b6b1cfbfd3749600dd5acd77a8022fad"
x-served-by
cache-wdc5555-WDC, cache-dca17737-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1
Coalco-New-York.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/ Frame A97E 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Coalco-New-York.jpg
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211115-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e6ed1ec14635bec612551d6c977cec8a3cb4c7f5f6ea37b90fb7a1b9c6951781

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2489359
edge-cache-tag
343003332450164410658145978676040604802,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
355
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Coalco-New-York.jpg
content-length
8212
x-request-id
4aa71a42d30d3554936923d8cd100f3d
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified
Wed, 13 Oct 2021 11:51:56 GMT
server
nginx
x-timer
S1636970263.299248,VS0,VE1
etag
"c638a834f88a0439f1e943f43f6d3288"
x-served-by
cache-wdc5582-WDC, cache-dca17757-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 152, 1
Nine-weight-loss-mistakes.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/ Frame A97E 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Nine-weight-loss-mistakes.jpg
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211115-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f5628d5224da01ac70d40a4714a660ac25d9c449bbcfb09764a84cd063c9cb62

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
1439734
edge-cache-tag
336323676149500363777251735904624945114,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
342
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Nine-weight-loss-mistakes.jpg
content-length
12596
x-request-id
514e07ab40182f898b082a154f35b1ad
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Fri, 01 Oct 2021 10:09:09 GMT
server
nginx
x-timer
S1636970263.299329,VS0,VE0
etag
"c4c8153dd98f1731d552332bec506565"
x-served-by
cache-wdc5537-WDC, cache-dca17744-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
Beauty-Tips-%E2%80%93-How-to-Wear-Eye-Make-up.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/ Frame A97E 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/Beauty-Tips-%E2%80%93-How-to-Wear-Eye-Make-up.jpg
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211115-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1fdc67fe1803288afb5eb0f5b56a69a41f308e5a78727652ffd72258c8316095

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2489358
edge-cache-tag
460747748059409949358711808145004080923,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
91
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/Beauty-Tips-%E2%80%93-How-to-Wear-Eye-Make-up.jpg
content-length
17782
x-request-id
d774236347265784ab15bfb1ead94c52
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Fri, 01 Oct 2021 14:55:23 GMT
server
nginx
x-timer
S1636970263.299541,VS0,VE1
etag
"8ba4fce7417cf573607a30166b728ef6"
x-served-by
cache-wdc5556-WDC, cache-dca17737-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
Fats-how-food-affects-health.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/ Frame A97E 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Fats-how-food-affects-health.jpg
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211115-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
95783c1ae0fafb95a57fe483c80d16dc0172df96e263fec0468741f51704d061

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
1487732
edge-cache-tag
296348685551915191704591657079613820762,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
124
expiration
expiry-date="Wed, 17 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Fats-how-food-affects-health.jpg
content-length
10138
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Sun, 17 Oct 2021 14:28:25 GMT
server
nginx
x-timer
S1636970263.304183,VS0,VE1
etag
"87c47e3e16a8bcc5939da663768e94c2"
x-served-by
cache-wdc5524-WDC, cache-dca17733-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
Times-Square-New-York.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/ Frame A97E 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Times-Square-New-York.jpg
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211115-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ce3c59bd94e2d9cf0e0f4a107f504b07cf52da82ac230734b32f8d779950d303

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2489359
edge-cache-tag
554383354853648926368206371178227098577,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
57
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Times-Square-New-York.jpg
content-length
37548
x-request-id
28f0d2b120897d5e2c039c8bee6b2fd0
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Wed, 13 Oct 2021 11:51:57 GMT
server
nginx
x-timer
S1636970263.304299,VS0,VE1
etag
"39a66b87fd7ae63a6bee041dd0dc28bd"
x-served-by
cache-wdc5583-WDC, cache-dca17774-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
Polaroid-Camera-Hema.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/ Frame A97E 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Polaroid-Camera-Hema.jpg
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211115-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4f4053bbe3f92c152d8e2e50d204b23c0f8d70e535fea875aad08ebabb2088fe

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
1487731
edge-cache-tag
355526876325294740738427456534810939519,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
89
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Polaroid-Camera-Hema.jpg
content-length
11284
x-request-id
726061b2c648a396ec62c9167109a7a2
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified
Sat, 02 Oct 2021 06:26:20 GMT
server
nginx
x-timer
S1636970263.322096,VS0,VE0
etag
"1ddd7cfd01920fb6d712754816a8abdd"
x-served-by
cache-wdc5578-WDC, cache-dca17732-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
StylPro-Makeup-Brush-Cleaner-and-Drier.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/ Frame A97E 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/StylPro-Makeup-Brush-Cleaner-and-Drier.jpg
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211115-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
457a20cd2d790a90025ac843a0b1752efd5bf5a34f2ee30e9f1bdbbe2fde16e0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2489359
edge-cache-tag
369165723572846407595236879761625142526,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
95
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/StylPro-Makeup-Brush-Cleaner-and-Drier.jpg
content-length
14740
x-request-id
74b7ac10d3cbb5f6cdebce2fc3921d65
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Fri, 08 Oct 2021 09:39:21 GMT
server
nginx
x-timer
S1636970263.322196,VS0,VE0
etag
"16866e95460394647f90ede41f1ccaf5"
x-served-by
cache-wdc5522-WDC, cache-dca17770-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
Wholesale-Gucci-Handbags.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/ Frame A97E 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/Wholesale-Gucci-Handbags.jpg
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211115-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
907e7babdb7b73195d76bdc0ebf419c5f3e557067ce3b76ab6cf86b615b31289

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2489358
edge-cache-tag
422677452339694683132116185605097261208,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
328
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/Wholesale-Gucci-Handbags.jpg
content-length
2788
x-request-id
f303d7a4feb51d7ae39bd02f735653d2
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Sun, 26 Sep 2021 09:01:48 GMT
server
nginx
x-timer
S1636970263.322258,VS0,VE1
etag
"45a7a304c516397ab9d4b9f57c19daa3"
x-served-by
cache-wdc5539-WDC, cache-dca17730-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
Authentic-Mexican-cuisine-spices.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/ Frame A97E 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Authentic-Mexican-cuisine-spices.jpg
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211115-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6963c149acbd8cb37d7e210d0b1abc1b81e9667458c09b842cb9b31abc99a7b5

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2489360
edge-cache-tag
410767180370546641811850346019623695425,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
106
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Authentic-Mexican-cuisine-spices.jpg
content-length
33964
x-request-id
de8963d5123a8ba5d583926391322a54
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified
Mon, 27 Sep 2021 13:36:22 GMT
server
nginx
x-timer
S1636970263.322332,VS0,VE0
etag
"23af58c7d5edbce70ec3d2f157327f53"
x-served-by
cache-wdc5549-WDC, cache-dca17782-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
Shoes-that-are-Always-In-Styles.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/ Frame A97E 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/Shoes-that-are-Always-In-Styles.jpg
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211115-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b5686069f5bf126c4e57f6d3c15f48a41840693ce741c049f85ad3c9f81b685a

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2489359
edge-cache-tag
448844868478201468301223775104188832904,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
43
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/Shoes-that-are-Always-In-Styles.jpg
content-length
3106
x-request-id
7012a0168b1d74800c77bc3c1ad6f730
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Wed, 29 Sep 2021 08:16:35 GMT
server
nginx
x-timer
S1636970263.325864,VS0,VE1
etag
"89b693b3de15f5111af9bda12a3751ba"
x-served-by
cache-wdc5572-WDC, cache-dca17775-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
Beauty-Tips-for-Unwanted-Facial-Hair.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/ Frame A97E 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/Beauty-Tips-for-Unwanted-Facial-Hair.jpg
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211115-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1914ae70e7b5ba43f3fffc59aeee5dbd360ab1027e1ea6b204723e62ae099095

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2489359
edge-cache-tag
596846993393003876624608437472935194929,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
339
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/Beauty-Tips-for-Unwanted-Facial-Hair.jpg
content-length
18146
x-request-id
7ed2b3e4a2f789884b0b2afa6c926025
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Sun, 26 Sep 2021 04:56:11 GMT
server
nginx
x-timer
S1636970263.325983,VS0,VE0
etag
"ace49aac845ba3e3d132b28506c9566b"
x-served-by
cache-wdc5533-WDC, cache-dca17743-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
How-to-make-Easy-Chocloate-Recipe-at-Home.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/ Frame A97E 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/How-to-make-Easy-Chocloate-Recipe-at-Home.jpg
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211115-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e1d4082b0bf5ff4a99b76ac0ff2acf5ce5f95cc7c62362d537672d0941fc70d4

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2489359
edge-cache-tag
449072856988195537460499973417970766978,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
39
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/How-to-make-Easy-Chocloate-Recipe-at-Home.jpg
content-length
12296
x-request-id
034e74a2223634affcb216e7d0f0dc3a
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Sat, 09 Oct 2021 13:15:16 GMT
server
nginx
x-timer
S1636970263.347934,VS0,VE0
etag
"3603dc80f6aa6a2c8e0641839cf6c201"
x-served-by
cache-wdc5535-WDC, cache-dca17766-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
Cosmeceuticals.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/ Frame A97E 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Cosmeceuticals.jpg
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211115-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9f5874fb2c3632a34548feb383bdac63a9fb3294d454469cbe16375cee645f5e

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2489359
edge-cache-tag
614874634588055474367794225559726837334,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
81
expiration
expiry-date="Thu, 21 Oct 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Cosmeceuticals.jpg
content-length
9314
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified
Mon, 20 Sep 2021 14:34:28 GMT
server
nginx
x-timer
S1636970263.348176,VS0,VE1
etag
"064529aa200d63ae65f8942659cd34d7"
x-served-by
cache-wdc5578-WDC, cache-dca17748-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 2, 1
Jewelry-from-Beautiful-Bijoux.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/ Frame A97E 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Jewelry-from-Beautiful-Bijoux.jpg
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211115-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2001ff119fa3c97bce2db74436f7870d9eee1fb8b2c1ac0627fb6b3bf0c94891

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2122697
edge-cache-tag
438480729498542458610313714760487818332,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
80
expiration
expiry-date="Wed, 17 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Jewelry-from-Beautiful-Bijoux.jpg
content-length
4454
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Sun, 17 Oct 2021 14:28:26 GMT
server
nginx
x-timer
S1636970263.348369,VS0,VE0
etag
"4a30e6f83ae97674ca957e1f93788342"
x-served-by
cache-wdc5530-WDC, cache-dca17731-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
Valentine-ode-to-friends.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/ Frame A97E 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Valentine-ode-to-friends.jpg
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211115-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8d90662adb117db7d7aaf1fe95098f23757d913059217fdeee97ecb9ea74c1f0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
451411
edge-cache-tag
448655349641571379734370104704486624796,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
165
expiration
expiry-date="Wed, 17 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Valentine-ode-to-friends.jpg
content-length
11746
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Sun, 17 Oct 2021 14:28:25 GMT
server
nginx
x-timer
S1636970263.348846,VS0,VE0
etag
"a2b2ab99c0bc3385009ca542a56c7e5e"
x-served-by
cache-bwi5071-BWI, cache-dca17769-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
Buy-An-Authentic-Fendi-Bag.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/ Frame A97E 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/Buy-An-Authentic-Fendi-Bag.jpg
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211115-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
428b41475ec929a13f4d7a6e655beb0abc11e97721b6cbd9f290d1d4308f2edd

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2489359
edge-cache-tag
564545401055494689696246036615609214168,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
335
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/Buy-An-Authentic-Fendi-Bag.jpg
content-length
15502
x-request-id
5d31a256c57638c3c1b36762dc1797c4
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Wed, 06 Oct 2021 13:46:07 GMT
server
nginx
x-timer
S1636970263.348946,VS0,VE0
etag
"368ca17a796dfb64060e3266a2755fa0"
x-served-by
cache-wdc5575-WDC, cache-dca17769-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
Gap-introduces-the-most-sustainable-collection-to-date.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/ Frame A97E 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Gap-introduces-the-most-sustainable-collection-to-date.jpg
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211115-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f6293aeab6a9d99410be9777b8ad5a00f2beff14a31aea05a57e8cc086da0af2

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
1484081
edge-cache-tag
434284108669243915238950730005097521352,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
147
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Gap-introduces-the-most-sustainable-collection-to-date.jpg
content-length
22518
x-request-id
a6ddc41b61d58306508655ae7a306faa
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Tue, 28 Sep 2021 09:43:37 GMT
server
nginx
x-timer
S1636970263.349154,VS0,VE0
etag
"58e6e0a5951e02f3c63bacaae065c45b"
x-served-by
cache-wdc5572-WDC, cache-dca17725-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
Turn-Mens-Heads-Beauty-Tips-for-Your-Face.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/ Frame A97E 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/Turn-Mens-Heads-Beauty-Tips-for-Your-Face.jpg
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211115-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dfc9ff95d2763076ea0619f310c5b15b62500769df77acb49cecfa4eb4577903

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2489359
edge-cache-tag
416520295331442748702138777723341653228,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
94
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/Turn-Mens-Heads-Beauty-Tips-for-Your-Face.jpg
content-length
16752
x-request-id
6a49080f82f0911c82c74ad089dc22b3
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified
Tue, 28 Sep 2021 02:16:23 GMT
server
nginx
x-timer
S1636970263.372765,VS0,VE0
etag
"4b3013adde1e0a5d2fefa10eab957bd6"
x-served-by
cache-wdc5527-WDC, cache-dca12926-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 2, 2
New-York-City.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/ Frame A97E 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/New-York-City.jpg
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211115-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
761580f2029c648210e4dd74c1c10dcf81426c863feed9e7e7b13f61a0d42249

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2489358
edge-cache-tag
364665386812518436413182253631782722459,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
93
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/New-York-City.jpg
content-length
20010
x-request-id
1eb0f77c52ecc3d007bc593a221c0284
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified
Wed, 13 Oct 2021 11:51:54 GMT
server
nginx
x-timer
S1636970263.377904,VS0,VE1
etag
"ee1659532901cb55c0e49f957c79b492"
x-served-by
cache-wdc5538-WDC, cache-dca17736-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
Online-Shopping-Beware-of-the-digital-carbon-footprint.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/ Frame A97E 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Online-Shopping-Beware-of-the-digital-carbon-footprint.jpg
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211115-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4a8750a8640722a68b2c2ba1ac046162759ceb0da6a23d5870c099ff9fca5488

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
1477972
edge-cache-tag
455574778097323617596836666847631332288,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
123
expiration
expiry-date="Wed, 17 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Online-Shopping-Beware-of-the-digital-carbon-footprint.jpg
content-length
19354
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Sun, 17 Oct 2021 14:28:24 GMT
server
nginx
x-timer
S1636970263.378007,VS0,VE0
etag
"c18189f4cb3df5c51d2edf9b3540fa92"
x-served-by
cache-wdc5542-WDC, cache-dca17731-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 123, 2
Broadway-Plakate.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/ Frame A97E 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Broadway-Plakate.jpg
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211115-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
080fa2d28695b11e72e6d26b3c5db5d9fe383267d8f09022ec42a3fb996fc8f1

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2489358
edge-cache-tag
296428190339110368798463232824756766083,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
292
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Broadway-Plakate.jpg
content-length
31946
x-request-id
16045acdfc011a0022f19f81b53a87f1
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Sat, 09 Oct 2021 09:25:26 GMT
server
nginx
x-timer
S1636970263.378163,VS0,VE0
etag
"8c83672bb118988aaad4b17e079e4d6b"
x-served-by
cache-wdc5556-WDC, cache-dca17763-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
710cb367-001e-4590-9e17-3b16973cd030_1000x600_0200fc26e06dc6738074f13beee3c19a.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_178%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/ Frame 2AF5 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_178%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/710cb367-001e-4590-9e17-3b16973cd030_1000x600_0200fc26e06dc6738074f13beee3c19a.png
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
55bd3c50a5450a4afdb605f8bcc8456877cba233f8fafaf5dbe053c79316e77f

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
931596
edge-cache-tag
385689223712311801692898085455498506240,485680984931613452384152733347025610716,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
104
expiration
expiry-date="Sun, 07 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_178%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/710cb367-001e-4590-9e17-3b16973cd030_1000x600_0200fc26e06dc6738074f13beee3c19a.png
content-length
9672
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Thu, 07 Oct 2021 22:54:08 GMT
server
nginx
x-timer
S1636970263.288127,VS0,VE1
etag
"44878f5d8e2fec0573c6ce2cac66eb56"
x-served-by
cache-wdc5581-WDC, cache-dca17722-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1
c82494e16aa031c1a468f8bc470c92a2.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_178%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 2AF5 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_178%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c82494e16aa031c1a468f8bc470c92a2.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ac201bd77ecd1366f66409f322916b5478719c1e45706b09c695fd7304ec5504

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
411798
edge-cache-tag
449909392179563666279407901409937551868,485680984931613452384152733347025610716,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
978
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_178%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c82494e16aa031c1a468f8bc470c92a2.jpg
content-length
10806
x-request-id
5014e55a682e5fb48967038f9066945f
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Sat, 30 Oct 2021 09:09:34 GMT
server
nginx
x-timer
S1636970263.288917,VS0,VE1
etag
"403654d8c99b3dabf5ddad189983eae0"
x-served-by
cache-dca17753-DCA, cache-dca17744-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
bdd4ef6f-6c27-4d0d-81bc-ee2f3249e138.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cvision.media.net/new/1200x800/3/171/65/212/ Frame 2AF5 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cvision.media.net/new/1200x800/3/171/65/212/bdd4ef6f-6c27-4d0d-81bc-ee2f3249e138.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d06705eaf29b4f5efc8375b0a1cd105057cf92feaa02cc98de160708775995d5

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
3451457
edge-cache-tag
451712784834958293572562211360054701117,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
40
expiration
expiry-date="Sun, 24 Oct 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cvision.media.net/new/1200x800/3/171/65/212/bdd4ef6f-6c27-4d0d-81bc-ee2f3249e138.jpg
content-length
14586
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Thu, 23 Sep 2021 13:17:48 GMT
server
nginx
x-timer
S1636970263.289261,VS0,VE1
etag
"d61afc41ab1d5037a153ea31b8460d73"
x-served-by
cache-wdc5564-WDC, cache-dca17745-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
1dc96fe8adc7e940d4a970c4eac2750c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 2AF5 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1dc96fe8adc7e940d4a970c4eac2750c.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
efb7454a61dfc771a2eba06467390149c3ae514dd222aec4e295dc9d8ff9913b

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
155980
edge-cache-tag
334366464278404659573065623045811072410,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
454
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1dc96fe8adc7e940d4a970c4eac2750c.jpg
content-length
8350
x-request-id
409b1760dd20cb0fc43a3123fb0e3394
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Sat, 06 Nov 2021 20:35:12 GMT
server
nginx
x-timer
S1636970263.289472,VS0,VE1
etag
"82635b3b07e8bfae779d6a3926bf84c8"
x-served-by
cache-bwi5056-BWI, cache-dca17737-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
1265922644__YfFn4P0j.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/ Frame 2AF5 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1265922644__YfFn4P0j.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cd141e96e9e14938f45015c60120bf850203de6b765f779b0838a6bd6d7cf964

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
1539601
edge-cache-tag
437603933602353006770764433001972603226,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
45
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1265922644__YfFn4P0j.jpg
content-length
20344
x-request-id
b7ff468f510be441a844bf32a67ea37f
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Thu, 28 Oct 2021 12:35:39 GMT
server
nginx
x-timer
S1636970263.294846,VS0,VE2
etag
"9f6779ef14bd1dcc7ca18cc96061efe9"
x-served-by
cache-wdc5564-WDC, cache-dca17776-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
1602580879_9b0f8a3a531b76410aa92246d3d967ff9bf9ad0f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//shark.blogicmedia.com/afbeeldingen/1200x630/ Frame 2AF5 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//shark.blogicmedia.com/afbeeldingen/1200x630/1602580879_9b0f8a3a531b76410aa92246d3d967ff9bf9ad0f.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f73ebc52ed026d16c6624a149574ff907daa9ddbe40c20f61eaf56c67a3f98da

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2133724
edge-cache-tag
353137493266022083768999752391152365035,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
85
expiration
expiry-date="Sat, 13 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//shark.blogicmedia.com/afbeeldingen/1200x630/1602580879_9b0f8a3a531b76410aa92246d3d967ff9bf9ad0f.jpg
content-length
8578
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Wed, 13 Oct 2021 17:32:37 GMT
server
nginx
x-timer
S1636970263.297911,VS0,VE0
etag
"94266a5caffd47656329a201a18b36d2"
x-served-by
cache-wdc5537-WDC, cache-dca17772-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1840
620405870__sZIPxQsC.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/ Frame 2AF5 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/620405870__sZIPxQsC.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c00a2fde8840a3fccf407fd455bc1c9699fdcae0cc26540cf05441b67a949fa6

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
168759
edge-cache-tag
428966412620797152735410541534410824427,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
183
expiration
expiry-date="Tue, 30 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/620405870__sZIPxQsC.jpg
content-length
4386
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Sat, 30 Oct 2021 09:43:21 GMT
server
nginx
x-timer
S1636970263.312775,VS0,VE1
etag
"37310c0a907d0d151ba42c95eb215fb6"
x-served-by
cache-wdc5549-WDC, cache-dca17724-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1
541332baf37a7875a73f00ee9a5e0d10.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 2AF5 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/541332baf37a7875a73f00ee9a5e0d10.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5826ae7aa8edbae07609191ba85f027d90d9a3a3c86424973805674bb0197acd

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2167611
edge-cache-tag
394155356025082946334561738631869071474,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
84
expiration
expiry-date="Mon, 25 Oct 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/541332baf37a7875a73f00ee9a5e0d10.jpg
content-length
17028
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified
Fri, 24 Sep 2021 17:50:30 GMT
server
nginx
x-timer
S1636970263.312862,VS0,VE1
etag
"b35a87e418ec79d3e4cab70130e0fdb8"
x-served-by
cache-wdc5522-WDC, cache-dca17733-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
0987711cf4b4a7e985ae58f776952858.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 2AF5 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0987711cf4b4a7e985ae58f776952858.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
17ed3bff031009b4e753fefbd5a3be3988a142633235c7f9e14d76179b5cff2b

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2490405
edge-cache-tag
391675569299096873997860726787314520346,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
85
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0987711cf4b4a7e985ae58f776952858.jpg
content-length
12552
x-request-id
f55df50c715603e5445ef4cf3629785b
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Tue, 05 Oct 2021 05:21:32 GMT
server
nginx
x-timer
S1636970263.312931,VS0,VE1
etag
"35a80e929019e7e550c84b91deff80a3"
x-served-by
cache-wdc5520-WDC, cache-dca17753-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
0390386ec103e1872d3025a58ea2327a_1000x600_d5b56c133e020b7df603a30ecf3a34ba.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/ Frame 2AF5 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/0390386ec103e1872d3025a58ea2327a_1000x600_d5b56c133e020b7df603a30ecf3a34ba.png
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b030bbcf492ecd42be534d0d1074fc575b47b694fbd4dfb0745bec9c431af8b9

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
1567627
edge-cache-tag
420076212130779546092322426743694019594,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
89
expiration
expiry-date="Sun, 31 Oct 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/0390386ec103e1872d3025a58ea2327a_1000x600_d5b56c133e020b7df603a30ecf3a34ba.png
content-length
14762
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Thu, 30 Sep 2021 07:14:34 GMT
server
nginx
x-timer
S1636970263.313052,VS0,VE1
etag
"5e7905e32217af5baf9752440fc584f2"
x-served-by
cache-wdc5539-WDC, cache-dca17749-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
095bdf3dc4b979c13c23c1c4b30ed0c3.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 2AF5 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/095bdf3dc4b979c13c23c1c4b30ed0c3.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e160dea7a4f9848561447c92915ba26aa4900a2ea018f85c9bb0f02a4516220d

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
355717
edge-cache-tag
577093708196982019650120635911816165796,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
177
expiration
expiry-date="Tue, 16 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/095bdf3dc4b979c13c23c1c4b30ed0c3.jpg
content-length
19736
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Sat, 16 Oct 2021 07:41:35 GMT
server
nginx
x-timer
S1636970263.317677,VS0,VE1
etag
"6077b82c0382d3ef08b64e3e2c01c2bb"
x-served-by
cache-dca17739-DCA, cache-dca17777-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1
be927641a5d99aa6dcb8ee7be9fecdd7.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 2AF5 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/be927641a5d99aa6dcb8ee7be9fecdd7.png
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9b6e6113a006d0515914ee02775c363f28e885b79876578f059fe536ad726e2c

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
956653
edge-cache-tag
322482350843127755964036973497971538229,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
117
expiration
expiry-date="Mon, 15 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/be927641a5d99aa6dcb8ee7be9fecdd7.png
content-length
12210
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Fri, 15 Oct 2021 21:17:30 GMT
server
nginx
x-timer
S1636970263.321827,VS0,VE1
etag
"b9b6c1ed7158aa9482589cba10403d6b"
x-served-by
cache-wdc5568-WDC, cache-dca12920-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1
Online-Shopping-Beware-of-the-digital-carbon-footprint.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/ Frame 2AF5 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Online-Shopping-Beware-of-the-digital-carbon-footprint.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8d0a68664fe5acec3375516a00b1b626c5f007ae503429fbfa896b17ecccfb5b

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2490808
edge-cache-tag
455574778097323617596836666847631332288,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
524
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Online-Shopping-Beware-of-the-digital-carbon-footprint.jpg
content-length
17278
x-request-id
e4644ceda28cc23cd4708da7f66da171
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Sun, 26 Sep 2021 04:56:11 GMT
server
nginx
x-timer
S1636970263.340552,VS0,VE1
etag
"8f45f0804edb4aa9489b8377619141d2"
x-served-by
cache-wdc5559-WDC, cache-dca17764-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
Times-Square-New-York.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/ Frame 2AF5 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Times-Square-New-York.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0ef86a9c84acf9b67f78b397f644979af4b19eeca753b5b1e9d824de2a0fd6ab

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2490808
edge-cache-tag
554383354853648926368206371178227098577,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
508
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Times-Square-New-York.jpg
content-length
34326
x-request-id
99714cb3ea6f5c13e2bc587c8a31fb62
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Wed, 13 Oct 2021 11:51:57 GMT
server
nginx
x-timer
S1636970263.340786,VS0,VE2
etag
"1b83a564ae6f818744d64c34d924c5c2"
x-served-by
cache-wdc5577-WDC, cache-dca17738-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
How-to-make-Easy-Chocloate-Recipe-at-Home.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/ Frame 2AF5 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/How-to-make-Easy-Chocloate-Recipe-at-Home.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1ef0512e6b632cc38bd173268075e545db0d7b5e7b00cd87f885871f5823a052

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2490809
edge-cache-tag
449072856988195537460499973417970766978,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
86
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/How-to-make-Easy-Chocloate-Recipe-at-Home.jpg
content-length
11604
x-request-id
2eb45a93a829de0a46f2ff1a673a51ec
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified
Sat, 09 Oct 2021 13:15:16 GMT
server
nginx
x-timer
S1636970263.340849,VS0,VE1
etag
"31cc7653c6315571687d58e24c7dba47"
x-served-by
cache-wdc5572-WDC, cache-dca17734-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
Coalco-New-York.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/ Frame 2AF5 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Coalco-New-York.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5a02ac6efcd55ee0c50db4068873d371113c5ad284aa28e19114c37d7d65538d

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2490808
edge-cache-tag
343003332450164410658145978676040604802,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
389
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Coalco-New-York.jpg
content-length
7864
x-request-id
44095815759c7a515c50c39d32700800
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Wed, 13 Oct 2021 11:51:56 GMT
server
nginx
x-timer
S1636970263.340934,VS0,VE1
etag
"6c197b582b376dd3734c1ad293a613ce"
x-served-by
cache-wdc5540-WDC, cache-dca17760-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
Buy-An-Authentic-Fendi-Bag.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/ Frame 2AF5 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/Buy-An-Authentic-Fendi-Bag.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
24399bffe8443c72af67894609715b1936202dc5bf781be315662700a5cfd900

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2162333
edge-cache-tag
564545401055494689696246036615609214168,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
89
expiration
expiry-date="Wed, 17 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/Buy-An-Authentic-Fendi-Bag.jpg
content-length
14244
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Sun, 17 Oct 2021 14:04:06 GMT
server
nginx
x-timer
S1636970263.341002,VS0,VE1
etag
"0e0a19ae4e70fe5578c969146240b8e2"
x-served-by
cache-wdc5531-WDC, cache-dca12929-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
StylPro-Makeup-Brush-Cleaner-and-Drier.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/ Frame 2AF5 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/StylPro-Makeup-Brush-Cleaner-and-Drier.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b44101ade49001b3bb88a1cf054c1c20a6764278564464b43f888e14716e4e4e

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
1562010
edge-cache-tag
369165723572846407595236879761625142526,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
168
expiration
expiry-date="Wed, 17 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/StylPro-Makeup-Brush-Cleaner-and-Drier.jpg
content-length
13992
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified
Sun, 17 Oct 2021 14:04:15 GMT
server
nginx
x-timer
S1636970263.348472,VS0,VE1
etag
"211603a5b825e93ec069cd2ba45c05c4"
x-served-by
cache-wdc5568-WDC, cache-dca17764-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
Gap-introduces-the-most-sustainable-collection-to-date.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/ Frame 2AF5 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Gap-introduces-the-most-sustainable-collection-to-date.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ee1918315692c238935e51d9b37dd45f6c6844ec2d36bda94749ce1433ec0d6b

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
3442296
edge-cache-tag
434284108669243915238950730005097521352,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
79
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Gap-introduces-the-most-sustainable-collection-to-date.jpg
content-length
20348
x-request-id
05afe5e4326ea6753c95a6d78c8e938a
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Tue, 28 Sep 2021 09:43:37 GMT
server
nginx
x-timer
S1636970263.368924,VS0,VE1
etag
"85526e59b01a4914f287909e7787912d"
x-served-by
cache-wdc5560-WDC, cache-dca17774-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
Broadway-Plakate.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/ Frame 2AF5 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Broadway-Plakate.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
51272c944e66af600a15dc54c6c9201585f224e893672e85e1e7710d53d63db5

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
1785489
edge-cache-tag
296428190339110368798463232824756766083,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
42
expiration
expiry-date="Wed, 17 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Broadway-Plakate.jpg
content-length
29012
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Sun, 17 Oct 2021 14:43:53 GMT
server
nginx
x-timer
S1636970263.370427,VS0,VE1
etag
"b5887a25ef37639b97c085df1ff964f6"
x-served-by
cache-wdc5576-WDC, cache-dca17779-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
Fats-how-food-affects-health.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/ Frame 2AF5 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Fats-how-food-affects-health.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
287f11235e488057b3078cc67767126f9b6384d211ddae14bcd901f75885fd4c

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2490808
edge-cache-tag
296348685551915191704591657079613820762,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
55
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Fats-how-food-affects-health.jpg
content-length
9632
x-request-id
67c94042c67a3bdd7bd7d21c010dece6
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Wed, 06 Oct 2021 13:46:08 GMT
server
nginx
x-timer
S1636970263.370605,VS0,VE1
etag
"4b47c014b572b126d0a8f82c73f8e1b7"
x-served-by
cache-wdc5559-WDC, cache-dca17721-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
Polaroid-Camera-Hema.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/ Frame 2AF5 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Polaroid-Camera-Hema.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c41948cd82e94bd1533aae692b0b4adf26de18b0021e51c1cfcd0685a027fb16

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2490808
edge-cache-tag
355526876325294740738427456534810939519,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
98
x-envoy-upstream-service-time
60
x-cache
HIT, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Polaroid-Camera-Hema.jpg
content-length
11730
x-request-id
71e0511bac9ceb2a65ce3212fdf74636
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Sat, 02 Oct 2021 06:26:20 GMT
server
nginx
x-timer
S1636970263.372193,VS0,VE1
etag
"b5be1623a1d1997af39a24357e2ffa21"
x-served-by
cache-wdc5563-WDC, cache-dca17725-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1
Wholesale-Gucci-Handbags.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/ Frame 2AF5 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/Wholesale-Gucci-Handbags.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a23b7874236efe4d71174b857560a86f0e8b2900a6d715075db33d18e1ea834a

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2490812
edge-cache-tag
422677452339694683132116185605097261208,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
72
expiration
expiry-date="Sat, 06 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/Wholesale-Gucci-Handbags.jpg
content-length
2640
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified
Wed, 06 Oct 2021 13:46:08 GMT
server
nginx
x-timer
S1636970263.372304,VS0,VE2
etag
"a9ae50145d838677b36c1283b311de04"
x-served-by
cache-wdc5522-WDC, cache-dca17737-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
Jewelry-from-Beautiful-Bijoux.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/ Frame 2AF5 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Jewelry-from-Beautiful-Bijoux.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0b09c68bca4ab5f14adfca62d7e22ae037bc7b684744d441a9b646103dc9e20b

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
428668
edge-cache-tag
438480729498542458610313714760487818332,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
154
expiration
expiry-date="Thu, 09 Dec 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Jewelry-from-Beautiful-Bijoux.jpg
content-length
4090
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified
Mon, 08 Nov 2021 11:33:06 GMT
server
nginx
x-timer
S1636970263.378308,VS0,VE2
etag
"7ae2b77067a8d739d6107abee823fc7e"
x-served-by
cache-bwi5027-BWI, cache-dca17731-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
The-health-benefits-of-tea-and-coffee.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/ Frame 2AF5 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/The-health-benefits-of-tea-and-coffee.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dc1b5c792659571c47423106489b4315351d39d9033b23a17bb0df00cde46858

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2490808
edge-cache-tag
464428227714459721801750983373535457209,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
258
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/The-health-benefits-of-tea-and-coffee.jpg
content-length
5368
x-request-id
8a64bc56f28a01e3fb50fa159279c49c
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Fri, 01 Oct 2021 14:55:23 GMT
server
nginx
x-timer
S1636970263.390541,VS0,VE1
etag
"e3273ce38671a0e7a341c8199e0ec600"
x-served-by
cache-wdc5521-WDC, cache-dca17733-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
Turn-Mens-Heads-Beauty-Tips-for-Your-Face.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/ Frame 2AF5 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/Turn-Mens-Heads-Beauty-Tips-for-Your-Face.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2116d7a6a9d76ad6d4e6a6932cc3cc93d1804085afc911ff479df2f3ae835409

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2490818
edge-cache-tag
416520295331442748702138777723341653228,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
318
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/Turn-Mens-Heads-Beauty-Tips-for-Your-Face.jpg
content-length
15070
x-request-id
2e47c398e91f52b86de29f3323b7abd5
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Tue, 28 Sep 2021 02:16:23 GMT
server
nginx
x-timer
S1636970263.393397,VS0,VE1
etag
"f0828e7688317616ad7f919ef93378c5"
x-served-by
cache-wdc5569-WDC, cache-dca12920-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
Authentic-Mexican-cuisine-spices.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/ Frame 2AF5 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Authentic-Mexican-cuisine-spices.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2f7ca69eecdfbe98c8a4245bb941781e2c2ba30552263167d60a5771abd9d9b5

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2490817
edge-cache-tag
410767180370546641811850346019623695425,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
700
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Authentic-Mexican-cuisine-spices.jpg
content-length
30654
x-request-id
76b13a5ef3d86b26e035e826f56c12fd
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Mon, 27 Sep 2021 13:36:22 GMT
server
nginx
x-timer
S1636970263.393477,VS0,VE1
etag
"fd0ae42c62f61d6199e96a30e65bf671"
x-served-by
cache-wdc5550-WDC, cache-dca17723-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
Cosmeceuticals.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/ Frame 2AF5 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Cosmeceuticals.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d46a9894c93bdd741b1dd5bfb8055285382dfce624d08ee399ad7dd6c7223a4

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2490808
edge-cache-tag
614874634588055474367794225559726837334,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
356
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Cosmeceuticals.jpg
content-length
8732
x-request-id
e0172d554ecf8dddf8a290c588345bd1
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Wed, 13 Oct 2021 11:51:56 GMT
server
nginx
x-timer
S1636970263.401665,VS0,VE1
etag
"456f61404c7cc80221d4dc61cc86d4a1"
x-served-by
cache-wdc5526-WDC, cache-dca17726-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
Shoes-that-are-Always-In-Styles.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/ Frame 2AF5 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/Shoes-that-are-Always-In-Styles.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
33f843ec1e06bb276f3542010f87e7ea75f05722355a9222d07fc78e0f363d17

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
1315727
edge-cache-tag
448844868478201468301223775104188832904,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
79
expiration
expiry-date="Wed, 17 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/Shoes-that-are-Always-In-Styles.jpg
content-length
3080
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Sun, 17 Oct 2021 17:34:18 GMT
server
nginx
x-timer
S1636970263.401856,VS0,VE1
etag
"2cc56dcd091a5a16dd2f624f4b7f0a99"
x-served-by
cache-wdc5521-WDC, cache-dca17766-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
Valentine-ode-to-friends.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/ Frame 2AF5 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Valentine-ode-to-friends.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9d9f75c4b7c2c966e09b5a4b63d507fe8df41751ea8ee5f2cd18d521fd04dfd6

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2490812
edge-cache-tag
448655349641571379734370104704486624796,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
477
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Valentine-ode-to-friends.jpg
content-length
10948
x-request-id
44a9d79c59b7f61b3a019de60528e4d5
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Fri, 24 Sep 2021 18:52:22 GMT
server
nginx
x-timer
S1636970263.408355,VS0,VE1
etag
"a31df53263c1328844f67063dd61bcf5"
x-served-by
cache-wdc5562-WDC, cache-dca17768-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
Beauty-Tips-for-Unwanted-Facial-Hair.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/ Frame 2AF5 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/Beauty-Tips-for-Unwanted-Facial-Hair.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c82834ea6f27fd9f7c76733563aa76687987b19f619ff39d9cc8f4410e167bc7

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2490809
edge-cache-tag
596846993393003876624608437472935194929,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
295
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/Beauty-Tips-for-Unwanted-Facial-Hair.jpg
content-length
16940
x-request-id
d7a0e3dccef6fd70275feb0f024a9464
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Sun, 26 Sep 2021 04:56:11 GMT
server
nginx
x-timer
S1636970263.410751,VS0,VE1
etag
"d9ee2cbb53be025283566d9d88ca61bf"
x-served-by
cache-wdc5569-WDC, cache-dca17735-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
Beauty-Tips-%E2%80%93-How-to-Wear-Eye-Make-up.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/ Frame 2AF5 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/Beauty-Tips-%E2%80%93-How-to-Wear-Eye-Make-up.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e50450640116671739456fbee244980723524e9bf9920eec6091f65670f990f7

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
3426134
edge-cache-tag
460747748059409949358711808145004080923,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
38
expiration
expiry-date="Sat, 16 Oct 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/Beauty-Tips-%E2%80%93-How-to-Wear-Eye-Make-up.jpg
content-length
14976
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Wed, 15 Sep 2021 16:03:58 GMT
server
nginx
x-timer
S1636970263.419149,VS0,VE1
etag
"e18486b421376c895945a96b219b2981"
x-served-by
cache-wdc5553-WDC, cache-dca17736-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
New-York-City.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/ Frame 2AF5 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/New-York-City.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5ddc9fc4d84b651bc99152bcc96ab60d6a835037cb3ee0a83c1d6c342637419c

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2490818
edge-cache-tag
364665386812518436413182253631782722459,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
263
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/New-York-City.jpg
content-length
18578
x-request-id
e5bcadba0ae64792f115fda071d2b7cc
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Wed, 13 Oct 2021 11:51:54 GMT
server
nginx
x-timer
S1636970263.419381,VS0,VE1
etag
"e526340ccba12ebc020f2c44877cb747"
x-served-by
cache-wdc5572-WDC, cache-dca17777-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 19DA 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Mon, 15 Nov 2021 09:55:12 GMT
expires
Tue, 15 Nov 2022 09:55:12 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
151
alt-svc
clear
aframe
www.google.com/recaptcha/api2/ Frame 7CF1 		783 B
999 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1255a027e3ca223797200f631b41fc5195e03ce07b70d8cc5e85ce4b9412a072
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-EdvZjRfB3QcEee83pnk+Gg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 15 Nov 2021 09:57:43 GMT
date
Mon, 15 Nov 2021 09:57:43 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-EdvZjRfB3QcEee83pnk+Gg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
clear
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 0621 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8998710015823275372/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8998710015823275372/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Nov 2021 09:57:43 GMT
banner_300x250.js
s0.2mdn.net/sadbundle/8998710015823275372/ Frame 0621 		65 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8998710015823275372/banner_300x250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8998710015823275372/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b77aecf5fb4fd661ae033755581271644ca43fd07b17f8f107f37cff0f08884
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8998710015823275372/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:32:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
483924
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
13000
x-xss-protection
0
last-modified
Mon, 13 Sep 2021 14:06:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Nov 2022 19:32:19 GMT
c
c.adskeeper.com/ 		43 B
441 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://c.adskeeper.com/c?pv=3&v=287|228|8|C7SsGGMeBpyFVA4md27_Qw2bv5wmpbInAiCLxuYODh7Uf2Xl3DqwY3ctiqDh2k62&extjs=66044&cid=1208464&h2=SJKIAqtrYWuoBRa52KQ2AdUnDgNTm-SYXBMq1ZItkxg*&rid=790578da-45fa-11ec-a3d8-d0946675f626&tt=Direct&iv=11&pageImp=0&pvid=17d2307ebf9b8406011&cbuster=1636970263346394148407&tpl=0
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/n/a/naagin5.co.1208464.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://biggbos.live/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 15 Nov 2021 09:57:43 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
66cea98f-cb87-4c06-a665-0e6f3af3eb86
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6ae79df1ff430847-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js
pagead2.googlesyndication.com/bg/ Frame BBF3 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=50&slotname=www.hellonewyork.xyz&adk=3010877171&adf=3552636263&pi=t.ma~as.www.hellonewyork.xyz&w=320&lmt=1636970262&url=https%3A%2F%2Fhellonewyork.xyz%2Fthe-health-benefits-of-tea-and-coffee%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636970262088&bpp=20&bdt=399&idt=324&shv=r20211109&mjsv=m202111080101&ptt=5&saldr=sa&correlator=8707385499887&frm=22&ife=1&pv=2&ga_vid=1554387818.1636970262&ga_sid=1636970262&ga_hid=1997930561&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=306&ish=432&ifk=2354337978&scr_x=-12245933&scr_y=-12245933&eid=21066429&oid=2&pvsid=4162867029326899&pem=594&tmod=1125090641&top=https%3A%2F%2Fbiggbos.live%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C306%2C432&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.fj1c0kcayvs0&fsb=1&xpc=A43YqvkZBJ&p=https%3A//hellonewyork.xyz&dtd=337
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61dc309ec8b3d11aef7e9365f3dad0aa805188583a795c4d21d6e0b268efc183
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 20:35:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
220919
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
13476
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 12 Nov 2022 20:35:44 GMT
710cb367-001e-4590-9e17-3b16973cd030_1000x600_0200fc26e06dc6738074f13beee3c19a.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_178%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/ Frame 2AF5 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_178%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/710cb367-001e-4590-9e17-3b16973cd030_1000x600_0200fc26e06dc6738074f13beee3c19a.png
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
55bd3c50a5450a4afdb605f8bcc8456877cba233f8fafaf5dbe053c79316e77f

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
931596
edge-cache-tag
385689223712311801692898085455498506240,485680984931613452384152733347025610716,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
104
expiration
expiry-date="Sun, 07 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_178%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/710cb367-001e-4590-9e17-3b16973cd030_1000x600_0200fc26e06dc6738074f13beee3c19a.png
content-length
9672
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Thu, 07 Oct 2021 22:54:08 GMT
server
nginx
x-timer
S1636970263.423055,VS0,VE0
etag
"44878f5d8e2fec0573c6ce2cac66eb56"
x-served-by
cache-wdc5581-WDC, cache-dca17722-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 2
bdd4ef6f-6c27-4d0d-81bc-ee2f3249e138.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cvision.media.net/new/1200x800/3/171/65/212/ Frame 2AF5 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cvision.media.net/new/1200x800/3/171/65/212/bdd4ef6f-6c27-4d0d-81bc-ee2f3249e138.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d06705eaf29b4f5efc8375b0a1cd105057cf92feaa02cc98de160708775995d5

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
3451457
edge-cache-tag
451712784834958293572562211360054701117,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
40
expiration
expiry-date="Sun, 24 Oct 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cvision.media.net/new/1200x800/3/171/65/212/bdd4ef6f-6c27-4d0d-81bc-ee2f3249e138.jpg
content-length
14586
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Thu, 23 Sep 2021 13:17:48 GMT
server
nginx
x-timer
S1636970263.423163,VS0,VE0
etag
"d61afc41ab1d5037a153ea31b8460d73"
x-served-by
cache-wdc5564-WDC, cache-dca17745-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
1dc96fe8adc7e940d4a970c4eac2750c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 2AF5 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1dc96fe8adc7e940d4a970c4eac2750c.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
efb7454a61dfc771a2eba06467390149c3ae514dd222aec4e295dc9d8ff9913b

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
155980
edge-cache-tag
334366464278404659573065623045811072410,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
454
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1dc96fe8adc7e940d4a970c4eac2750c.jpg
content-length
8350
x-request-id
409b1760dd20cb0fc43a3123fb0e3394
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Sat, 06 Nov 2021 20:35:12 GMT
server
nginx
x-timer
S1636970263.429173,VS0,VE0
etag
"82635b3b07e8bfae779d6a3926bf84c8"
x-served-by
cache-bwi5056-BWI, cache-dca17737-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
1265922644__YfFn4P0j.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/ Frame 2AF5 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1265922644__YfFn4P0j.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cd141e96e9e14938f45015c60120bf850203de6b765f779b0838a6bd6d7cf964

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
1539601
edge-cache-tag
437603933602353006770764433001972603226,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
45
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1265922644__YfFn4P0j.jpg
content-length
20344
x-request-id
b7ff468f510be441a844bf32a67ea37f
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Thu, 28 Oct 2021 12:35:39 GMT
server
nginx
x-timer
S1636970263.432228,VS0,VE0
etag
"9f6779ef14bd1dcc7ca18cc96061efe9"
x-served-by
cache-wdc5564-WDC, cache-dca17776-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
si
googleads.g.doubleclick.net/pagead/drt/ Frame 1574
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

date
Mon, 15 Nov 2021 09:57:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
clear
content-length
0
x-xss-protection
0
3033862908324558112
tpc.googlesyndication.com/daca_images/simgad/ Frame 1574 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/3033862908324558112
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3af9efc177ee8e91539f31021f5f35577914c117b56d324a5d9bfb501e421fe5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:24:19 GMT
x-content-type-options
nosniff
age
498804
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
29486
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 10:23:57 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 09 Nov 2022 15:24:19 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1574 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 15 Nov 2021 05:32:00 GMT
x-content-type-options
nosniff
server
cafe
age
15943
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
clear
content-length
2502
x-xss-protection
0
expires
Tue, 16 Nov 2021 05:32:00 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1574 		295 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 14 Nov 2021 23:42:59 GMT
x-content-type-options
nosniff
server
cafe
age
36884
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
clear
content-length
295
x-xss-protection
0
expires
Mon, 15 Nov 2021 23:42:59 GMT
1602580879_9b0f8a3a531b76410aa92246d3d967ff9bf9ad0f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//shark.blogicmedia.com/afbeeldingen/1200x630/ Frame 2AF5 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//shark.blogicmedia.com/afbeeldingen/1200x630/1602580879_9b0f8a3a531b76410aa92246d3d967ff9bf9ad0f.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f73ebc52ed026d16c6624a149574ff907daa9ddbe40c20f61eaf56c67a3f98da

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2133724
edge-cache-tag
353137493266022083768999752391152365035,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
85
expiration
expiry-date="Sat, 13 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//shark.blogicmedia.com/afbeeldingen/1200x630/1602580879_9b0f8a3a531b76410aa92246d3d967ff9bf9ad0f.jpg
content-length
8578
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Wed, 13 Oct 2021 17:32:37 GMT
server
nginx
x-timer
S1636970263.443674,VS0,VE0
etag
"94266a5caffd47656329a201a18b36d2"
x-served-by
cache-wdc5537-WDC, cache-dca17772-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1841
Turn-Mens-Heads-Beauty-Tips-for-Your-Face.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/ Frame 2BC7 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/Turn-Mens-Heads-Beauty-Tips-for-Your-Face.jpg
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dfc9ff95d2763076ea0619f310c5b15b62500769df77acb49cecfa4eb4577903

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2489359
edge-cache-tag
416520295331442748702138777723341653228,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
94
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/Turn-Mens-Heads-Beauty-Tips-for-Your-Face.jpg
content-length
16752
x-request-id
6a49080f82f0911c82c74ad089dc22b3
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified
Tue, 28 Sep 2021 02:16:23 GMT
server
nginx
x-timer
S1636970263.447479,VS0,VE0
etag
"4b3013adde1e0a5d2fefa10eab957bd6"
x-served-by
cache-wdc5527-WDC, cache-dca12926-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 2, 3
box_glow.png
s0.2mdn.net/sadbundle/8998710015823275372/images/ Frame 0621 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8998710015823275372/images/box_glow.png?1630488523636
Requested by
Host: fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com
URL: https://fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c6b993a5662070ffc0fd5cb9be9abb814bfa439872b37ab1bfba8b3e60f46ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8998710015823275372/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 23:05:26 GMT
x-content-type-options
nosniff
age
298337
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
1300
x-xss-protection
0
last-modified
Mon, 13 Sep 2021 14:06:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 11 Nov 2022 23:05:26 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame FAF4 		0
60 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuw5pU-Oc9wlp2VcYs2D-GU1nBfoZ4Fj9YoTtTjXJIHkElwHZvJzXLE1Xv7iwbVfM3Pmma8VWkwtX3yh_DQGMQm3Kl3eMSeHjPtChbwsjszmflhCSg1avhzAKuWYqHjhuGM6aWUogYCGZ9OsYLbsZjVp_RmzYUOGPdUZH11x-hTf7wCjGVSHyHf-DqNEpHaVKwH3ZwA7t2gYgDN2ORH14nvehpHOLwOT29RL2a6R5Xk1dxMXdE-qxvrXp27vzLKu0eRLVJevHpKHatxFEGqk7mUf0vjMJR6RR9Av_77iYDUiAFWPlPfptbJKmRrlY0Utp--Cmy6hVK078eRIG3F9iXxGUg6Vavh9t4DEWScje5F8W94Kuygauhd9fUKbV4HXEo02FfhkrHXEQ410O2W8sMvk35b8InDiBekhlXuS_kter4Ix9fSSEvQBw4r4PyernWxmZpb3nqtPyBnS7ArTmnXefGKIpEnYCxjM8-d-E8KFFu__xweyxD24eNfh3qeT65grxGztqwP2hbHyEblZ6O3N1IWrv5fp-1bsJnxp-I69pn0-q43ju8JJBz4a-U7iDbz4j_oTvoMnZdXR03x7lvyCOCsr0gXnmSIPLCOKm3hiFYmjV_A9da8ESG9-0IgxfgPlJ2kpM66U5xoO2-uVYnlomkWyIu-NzuJrnYd5ij5meRsq4eOy1IKEAqQLRDeTwI5W6wKt9bqgWEgrrGF1y2lL5FtVhpjuliYqXPXF7IZlyNq9B0q_0J7pEkQPODrkBl9VVApsL0t0dMu-8PadT5JpIdy_q8WsDxqPX3ugc7vUOux3AGtdrMdnMNOKJlZnVyZLUDzYho7u3Hw0B1i1bskySpYWUWPMR0HzqhwZbjElO2b-sy27wi0rvK0zRZOLNyc53HG1na0HHnTHa6bgupscuBxKe-3J8jftwL90Fm-hm3KQxKymrbLhvDnuv3wAcU6yY1fyN9FJQy_MIHCracksNOLU-NcsA3ApHqyDVqFimDHf6NBhJ5rM1xGTE6hsnuF55g1qhkGOPja3VdNw8wRYFbhAxGKyUBBvSdu9r05j-VKOkZNHujvCsMqAl2S6yYd-5PMxm56tDCJqhR8nGcRdtgh-jxVT8TYKebN0Tv0xrh9NLPCxTjuBZSN0EElMpZqVmqOni5MTEYbyd8rqcj8Bl4wSFjuXshI3cYMSQFqCWrActnezixPoAzbfHpX_lWtveM0u6XtrQlQS8bHypa-UX_T38A2jg&sai=AMfl-YTqahSbmxyOgoLkAs2FyLcXa0Ym6noKB_gvWHTutMYP3l0I7bYmohGfBxWa2NFr4BfR2H4GZzifL777ID_jGGezu5G6bf7Xvep8ZzK8gvEP3gCauDyJmjLRvuZStXrxibYodrs3VVnhB9TQoGPc_lzeCWGVnA&sig=Cg0ArKJSzDp9QUXdAlFyEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=555&vt=11&dtpt=420&dett=3&cstd=132&cisv=r20211109.14001&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Mon, 15 Nov 2021 09:57:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
0
x-xss-protection
0
server
cafe
620405870__sZIPxQsC.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/ Frame 2AF5 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/620405870__sZIPxQsC.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c00a2fde8840a3fccf407fd455bc1c9699fdcae0cc26540cf05441b67a949fa6

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
168759
edge-cache-tag
428966412620797152735410541534410824427,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
183
expiration
expiry-date="Tue, 30 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/620405870__sZIPxQsC.jpg
content-length
4386
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Sat, 30 Oct 2021 09:43:21 GMT
server
nginx
x-timer
S1636970263.498111,VS0,VE0
etag
"37310c0a907d0d151ba42c95eb215fb6"
x-served-by
cache-wdc5549-WDC, cache-dca17724-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 2
541332baf37a7875a73f00ee9a5e0d10.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 2AF5 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/541332baf37a7875a73f00ee9a5e0d10.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5826ae7aa8edbae07609191ba85f027d90d9a3a3c86424973805674bb0197acd

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2167611
edge-cache-tag
394155356025082946334561738631869071474,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
84
expiration
expiry-date="Mon, 25 Oct 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/541332baf37a7875a73f00ee9a5e0d10.jpg
content-length
17028
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified
Fri, 24 Sep 2021 17:50:30 GMT
server
nginx
x-timer
S1636970263.498314,VS0,VE0
etag
"b35a87e418ec79d3e4cab70130e0fdb8"
x-served-by
cache-wdc5522-WDC, cache-dca17733-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
0987711cf4b4a7e985ae58f776952858.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 2AF5 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0987711cf4b4a7e985ae58f776952858.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
17ed3bff031009b4e753fefbd5a3be3988a142633235c7f9e14d76179b5cff2b

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2490405
edge-cache-tag
391675569299096873997860726787314520346,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
85
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0987711cf4b4a7e985ae58f776952858.jpg
content-length
12552
x-request-id
f55df50c715603e5445ef4cf3629785b
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Tue, 05 Oct 2021 05:21:32 GMT
server
nginx
x-timer
S1636970263.498368,VS0,VE0
etag
"35a80e929019e7e550c84b91deff80a3"
x-served-by
cache-wdc5520-WDC, cache-dca17753-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
0390386ec103e1872d3025a58ea2327a_1000x600_d5b56c133e020b7df603a30ecf3a34ba.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/ Frame 2AF5 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/0390386ec103e1872d3025a58ea2327a_1000x600_d5b56c133e020b7df603a30ecf3a34ba.png
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b030bbcf492ecd42be534d0d1074fc575b47b694fbd4dfb0745bec9c431af8b9

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
1567627
edge-cache-tag
420076212130779546092322426743694019594,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
89
expiration
expiry-date="Sun, 31 Oct 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/0390386ec103e1872d3025a58ea2327a_1000x600_d5b56c133e020b7df603a30ecf3a34ba.png
content-length
14762
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Thu, 30 Sep 2021 07:14:34 GMT
server
nginx
x-timer
S1636970263.498983,VS0,VE0
etag
"5e7905e32217af5baf9752440fc584f2"
x-served-by
cache-wdc5539-WDC, cache-dca17749-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
095bdf3dc4b979c13c23c1c4b30ed0c3.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 2AF5 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/095bdf3dc4b979c13c23c1c4b30ed0c3.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e160dea7a4f9848561447c92915ba26aa4900a2ea018f85c9bb0f02a4516220d

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
355717
edge-cache-tag
577093708196982019650120635911816165796,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
177
expiration
expiry-date="Tue, 16 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/095bdf3dc4b979c13c23c1c4b30ed0c3.jpg
content-length
19736
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Sat, 16 Oct 2021 07:41:35 GMT
server
nginx
x-timer
S1636970263.499095,VS0,VE0
etag
"6077b82c0382d3ef08b64e3e2c01c2bb"
x-served-by
cache-dca17739-DCA, cache-dca17777-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 2
be927641a5d99aa6dcb8ee7be9fecdd7.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 2AF5 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/be927641a5d99aa6dcb8ee7be9fecdd7.png
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9b6e6113a006d0515914ee02775c363f28e885b79876578f059fe536ad726e2c

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
956653
edge-cache-tag
322482350843127755964036973497971538229,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
117
expiration
expiry-date="Mon, 15 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/be927641a5d99aa6dcb8ee7be9fecdd7.png
content-length
12210
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Fri, 15 Oct 2021 21:17:30 GMT
server
nginx
x-timer
S1636970263.499173,VS0,VE0
etag
"b9b6c1ed7158aa9482589cba10403d6b"
x-served-by
cache-wdc5568-WDC, cache-dca12920-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 2
Online-Shopping-Beware-of-the-digital-carbon-footprint.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/ Frame 2AF5 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Online-Shopping-Beware-of-the-digital-carbon-footprint.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8d0a68664fe5acec3375516a00b1b626c5f007ae503429fbfa896b17ecccfb5b

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2490808
edge-cache-tag
455574778097323617596836666847631332288,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
524
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Online-Shopping-Beware-of-the-digital-carbon-footprint.jpg
content-length
17278
x-request-id
e4644ceda28cc23cd4708da7f66da171
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Sun, 26 Sep 2021 04:56:11 GMT
server
nginx
x-timer
S1636970264.518503,VS0,VE0
etag
"8f45f0804edb4aa9489b8377619141d2"
x-served-by
cache-wdc5559-WDC, cache-dca17764-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
Times-Square-New-York.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/ Frame 2AF5 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Times-Square-New-York.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0ef86a9c84acf9b67f78b397f644979af4b19eeca753b5b1e9d824de2a0fd6ab

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2490808
edge-cache-tag
554383354853648926368206371178227098577,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
508
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Times-Square-New-York.jpg
content-length
34326
x-request-id
99714cb3ea6f5c13e2bc587c8a31fb62
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Wed, 13 Oct 2021 11:51:57 GMT
server
nginx
x-timer
S1636970264.520956,VS0,VE0
etag
"1b83a564ae6f818744d64c34d924c5c2"
x-served-by
cache-wdc5577-WDC, cache-dca17738-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
How-to-make-Easy-Chocloate-Recipe-at-Home.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/ Frame 2AF5 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/How-to-make-Easy-Chocloate-Recipe-at-Home.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1ef0512e6b632cc38bd173268075e545db0d7b5e7b00cd87f885871f5823a052

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2490809
edge-cache-tag
449072856988195537460499973417970766978,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
86
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/How-to-make-Easy-Chocloate-Recipe-at-Home.jpg
content-length
11604
x-request-id
2eb45a93a829de0a46f2ff1a673a51ec
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified
Sat, 09 Oct 2021 13:15:16 GMT
server
nginx
x-timer
S1636970264.521121,VS0,VE0
etag
"31cc7653c6315571687d58e24c7dba47"
x-served-by
cache-wdc5572-WDC, cache-dca17734-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
Coalco-New-York.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/ Frame 2AF5 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Coalco-New-York.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5a02ac6efcd55ee0c50db4068873d371113c5ad284aa28e19114c37d7d65538d

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2490808
edge-cache-tag
343003332450164410658145978676040604802,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
389
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/03/Coalco-New-York.jpg
content-length
7864
x-request-id
44095815759c7a515c50c39d32700800
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Wed, 13 Oct 2021 11:51:56 GMT
server
nginx
x-timer
S1636970264.521115,VS0,VE0
etag
"6c197b582b376dd3734c1ad293a613ce"
x-served-by
cache-wdc5540-WDC, cache-dca17760-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
Buy-An-Authentic-Fendi-Bag.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/ Frame 2AF5 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/Buy-An-Authentic-Fendi-Bag.jpg
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
24399bffe8443c72af67894609715b1936202dc5bf781be315662700a5cfd900

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 varnish, 1.1 varnish
age
2162333
edge-cache-tag
564545401055494689696246036615609214168,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
89
expiration
expiry-date="Wed, 17 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hellonewyork.xyz/wp-content/uploads/2021/05/Buy-An-Authentic-Fendi-Bag.jpg
content-length
14244
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Sun, 17 Oct 2021 14:04:06 GMT
server
nginx
x-timer
S1636970264.536865,VS0,VE0
etag
"0e0a19ae4e70fe5578c969146240b8e2"
x-served-by
cache-wdc5531-WDC, cache-dca12929-DCA, cache-cdg20781-CDG
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
request_content.php
hal900025.redintelligence.net/ Frame A647 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900025.redintelligence.net/request_content.php?s=56767000062595500973112011779025&a=ff7a2b3f
Requested by
Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request.php?zone=le2lgnpkuh55&nw=20&renderingType=javascript&namespace=f161743635&subid=&uid=83f2007a7c1f47f1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x50&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2762100848445149922%26mt_id%3D6686406%26mt_adid%3D216536%26mt_sid%3D4637209%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D38c46192-2f16-4401-be54-1395eade9f3f%26mt_cid%3D38c46192-2f16-4401-be54-1395eade9f3f%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCuHLaFi-SYevrI8_I7gPVm6GoDM-HjptcwIbZgsYCwI23ARABIABg-4GAgIgKggEXY2EtcHViLTc5MTMwNDQwMDI5MTgwNzLIAQmoAwGqBPABT9ASTs1FUqy-uAX0e-_YLW3NsEzvb5YA1nhsgFc0yW52DMsqv4QhJI6Zk3gkD4IpdzZnxb4r7ewQbMbIrgSYiIKPIroX64B21cysfK2T4orOpXZ5Y11pZgWfHWZV5Cq3zebxNysPMyzokIPGCmxG4iufm8yNK8Fr41TUf2MmWad33Bf9xKlsEaSVJoQ8ie8ksy8KueTn3GhrQWufK0cg2qqpeu0zj3yniWJwAEZC9DvmQ0oUmiYBPzH5-18Pxa4SAZgM7ZNB0EWkTkFLWGzR9S6iLxXrqZMvzSYHW5geVg5xmOGcOSCYcxsXnV5skYfZgAbv57T24_fuxfEBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTc1ODQ3MTA4MDI4ODE2NTT6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0B5KFrJzvUKxPQu45sxCtE8O0Wmw%2526client%253Dca-pub-7913044002918072%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fhellonewyork.xyz%2F&ancestorOrigins=https%3A%2F%2Fhellonewyork.xyz%2Chttps%3A%2F%2Fhellonewyork.xyz%2Chttps%3A%2F%2Fbiggbos.live&random=789195292845&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
cee9777920422a147bbdc2980bb270ce05f96472f628ce235022c0a2a125ffcc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

Date
Mon, 15 Nov 2021 09:57:43 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Mon, 15 Nov 2021 09:57:43 +0100
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1416
Connection
close
Content-Type
text/html; charset=utf-8
request_content.php
hal90005.redintelligence.net/ Frame 67A9 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90005.redintelligence.net/request_content.php?s=36608600067570300973098011779005&a=4d4ae97d
Requested by
Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request.php?zone=dexpma8tj0av&nw=20&renderingType=javascript&namespace=1e90be5548&subid=&uid=939caf056f0a7004&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7373786865798782585%26mt_id%3D6686398%26mt_adid%3D216536%26mt_sid%3D4637209%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D9d236192-2f16-4801-9979-7c58e18d5ae1%26mt_cid%3D9d236192-2f16-4801-9979-7c58e18d5ae1%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCuWaIFi-SYeyBGYX2gAfk6YGYAc-HjptcwIbZgsYCwI23ARABIABg-4GAgIgKggEXY2EtcHViLTg4MDQzMDM3ODE2NDE5MjXIAQngAgCoAwGqBL0CT9Cr3x5ucjVIhEOpYweMo_nj88wPYb1nJVkoSLg-dY2svbDTmeJnYqgigXFqKe9BMK0Fx1ZqyOpUnIIdmr0f2tiAeSVFK-OS48dnoS9hquSsLVZiLV9TfKjDj8M3YXC0_7iOhBZQct21itVXtvcVr5RJJ2ULxgTczps-aKqQ3Z8QTsgAmunUjP_3_bhDiT9hufxEa0r95X8RljOu0Bv_N9Z6Q-NoFsKpz_9gcCJ5SDZo9dLQIeA-961YV5zQnKuH1-kfWw9gQazjWD8gOR_TxZDqDSXoUiyJeRbn0hcRjtn_MM3mkxFgNK-YhGjBFE9JOPEuukCDFtk4AoSMHLBfVzz5bqAghfyjsETZMPmJbSteHBnBC-bIjHFmWHVerdqWrelYE6RcHD8pQhpf-dhQxzNhbS3SOP6uvIHIoJjgBAGABtLbseKiuIKJVqAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0zMTk5MjE5ODM4MDQ0MDAz-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1eFyIr-w9KVTkIoOapPS6N7AOVNw%2526client%253Dca-pub-8804303781641925%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fhellonewyork.xyz%2F&ancestorOrigins=https%3A%2F%2Fhellonewyork.xyz%2Chttps%3A%2F%2Fhellonewyork.xyz%2Chttps%3A%2F%2Fbiggbos.live&random=617968170106&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.165 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
66d128a8663fa617cb6ae772e1f2fbcf5a5f45b4a31777ca735a158763ee984c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com/

Response headers

Date
Mon, 15 Nov 2021 09:57:43 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Mon, 15 Nov 2021 09:57:43 +0100
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1504
Connection
close
Content-Type
text/html; charset=utf-8
img1.jpg
s0.2mdn.net/sadbundle/8998710015823275372/images/ Frame 0621 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8998710015823275372/images/img1.jpg?1630488523636
Requested by
Host: hellonewyork.xyz
URL: https://hellonewyork.xyz/the-health-benefits-of-tea-and-coffee/?utm_source=Organic&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fcbfd2faca88740ed0f27ded819df341057d991264ca383a485e1126859adbeb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8998710015823275372/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 23:13:32 GMT
x-content-type-options
nosniff
age
38651
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
77561
x-xss-protection
0
last-modified
Mon, 13 Sep 2021 14:06:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 14 Nov 2022 23:13:32 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9EB8 		1 KB
788 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=50&slotname=www.hellonewyork.xyz&adk=3010877171&adf=3552636261&pi=t.ma~as.www.hellonewyork.xyz&w=320&lmt=1636970262&url=https%3A%2F%2Fhellonewyork.xyz%2Fthe-health-benefits-of-tea-and-coffee%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636970262164&bpp=11&bdt=448&idt=380&shv=r20211109&mjsv=m202111080101&ptt=5&saldr=sa&correlator=3004978434039&frm=22&ife=1&pv=2&ga_vid=1843449854.1636970262&ga_sid=1636970262&ga_hid=1155179708&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=306&ish=432&ifk=2354337978&scr_x=-12245933&scr_y=-12245933&oid=2&pvsid=784279982248323&pem=594&tmod=1961044485&top=https%3A%2F%2Fbiggbos.live%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C306%2C432&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cp1ytyh3ieht&fsb=1&xpc=Uca5JMde6z&p=https%3A//hellonewyork.xyz&dtd=394
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 14 Nov 2021 18:26:41 GMT
expires
Mon, 15 Nov 2021 18:26:41 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
55862
cache-control
public, max-age=86400
alt-svc
clear
truncated
/ Frame EAC2 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
934be92cd06d10a40421472c4115b48b13dbd4c85561f25909c82b8b7d086ecb

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame AD8E 		1 KB
784 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com
URL: https://79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 14 Nov 2021 18:26:41 GMT
expires
Mon, 15 Nov 2021 18:26:41 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
55862
cache-control
public, max-age=86400
alt-svc
clear
truncated
/ Frame 4D09 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c50fdd100702a167a08d0a190335eee173e8283856bb71646f352a31043bf5e9

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/pagead/ Frame 7CF1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211109&jk=224540066830682&rc=
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/getconfig/ Frame 2BC7 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021110901&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js?31063704
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bde265880567a08d13f2ef1296d9b0f39ccece22a958b03bfe9d19e5ea781568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 15 Nov 2021 09:57:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
clear
content-length
9227
x-xss-protection
0
Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js
pagead2.googlesyndication.com/bg/ Frame 19DA 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61dc309ec8b3d11aef7e9365f3dad0aa805188583a795c4d21d6e0b268efc183
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 20:35:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
220919
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
13476
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 12 Nov 2022 20:35:44 GMT
pa.png
s0.2mdn.net/sadbundle/8998710015823275372/images/ Frame 0621 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8998710015823275372/images/pa.png?1630488523636
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f27af596e03576e4acbe76fe49c5535be8d98ca4c4e1f647bf3b39bf4bf581f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8998710015823275372/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 04:27:14 GMT
x-content-type-options
nosniff
age
279029
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
5907
x-xss-protection
0
last-modified
Mon, 13 Sep 2021 14:06:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 12 Nov 2022 04:27:14 GMT
pixel
cm.g.doubleclick.net/ Frame 9EB8
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPK2LIvbOZp-3DY_h58bwL2aImTWPDdd_K5Oofp...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVpJdkZ3QUVzNlVBSGdBeg&google_push=AYg5qPK2LIvbOZp-3DY_h58bwL2aImTWPDdd_K5Oofp-ZYpFl9vXfeXs4ZMB6yXUAYLbhIWJWdRsdx2tQyAbJz-EqqxuT75oEA8a
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVpJdkZ3QUVzNlVBSGdBeg&google_push=AYg5qPK2LIvbOZp-3DY_h58bwL2aImTWPDdd_K5Oofp-ZYpFl9vXfeXs4ZMB6yXUAYLbhIWJWdRsdx2tQyAbJz-EqqxuT75oEA8a
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=50&slotname=www.hellonewyork.xyz&adk=3010877171&adf=3552636261&pi=t.ma~as.www.hellonewyork.xyz&w=320&lmt=1636970262&url=https%3A%2F%2Fhellonewyork.xyz%2Fthe-health-benefits-of-tea-and-coffee%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636970262164&bpp=11&bdt=448&idt=380&shv=r20211109&mjsv=m202111080101&ptt=5&saldr=sa&correlator=3004978434039&frm=22&ife=1&pv=2&ga_vid=1843449854.1636970262&ga_sid=1636970262&ga_hid=1155179708&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=306&ish=432&ifk=2354337978&scr_x=-12245933&scr_y=-12245933&oid=2&pvsid=784279982248323&pem=594&tmod=1961044485&top=https%3A%2F%2Fbiggbos.live%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C306%2C432&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cp1ytyh3ieht&fsb=1&xpc=Uca5JMde6z&p=https%3A//hellonewyork.xyz&dtd=394
Protocol
H2
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Nov 2021 09:57:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVpJdkZ3QUVzNlVBSGdBeg&google_push=AYg5qPK2LIvbOZp-3DY_h58bwL2aImTWPDdd_K5Oofp-ZYpFl9vXfeXs4ZMB6yXUAYLbhIWJWdRsdx2tQyAbJz-EqqxuT75oEA8a
Date
Mon, 15 Nov 2021 09:57:43 GMT
Server
Apache
Connection
keep-alive
Content-Length
391
Content-Type
text/html; charset=iso-8859-1
pixel
cm.g.doubleclick.net/ Frame 9EB8
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEBDudzxPXNIRlEZnXP1lbXA&google_cver=1&google_push=AYg5qPKqEQpA8ojvx3oGtK--d_rVqTwOzDQM2Y7awwig-L7hjVlZuKm_mV8Lc5WG8YeTZLeD2l0R88rStuiQfML2...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=OMRhki8WRAG-VBOV6t6fPw&google_push=AYg5qPKqEQpA8ojvx3oGtK--d_rVqTwOzDQM2Y7awwig-L7hjVlZuKm_mV8Lc5WG8YeTZLeD2l0R88rStuiQfML2HP2rb0S_...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=OMRhki8WRAG-VBOV6t6fPw&google_push=AYg5qPKqEQpA8ojvx3oGtK--d_rVqTwOzDQM2Y7awwig-L7hjVlZuKm_mV8Lc5WG8YeTZLeD2l0R88rStuiQfML2HP2rb0S_7KKj
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=50&slotname=www.hellonewyork.xyz&adk=3010877171&adf=3552636261&pi=t.ma~as.www.hellonewyork.xyz&w=320&lmt=1636970262&url=https%3A%2F%2Fhellonewyork.xyz%2Fthe-health-benefits-of-tea-and-coffee%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636970262164&bpp=11&bdt=448&idt=380&shv=r20211109&mjsv=m202111080101&ptt=5&saldr=sa&correlator=3004978434039&frm=22&ife=1&pv=2&ga_vid=1843449854.1636970262&ga_sid=1636970262&ga_hid=1155179708&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=306&ish=432&ifk=2354337978&scr_x=-12245933&scr_y=-12245933&oid=2&pvsid=784279982248323&pem=594&tmod=1961044485&top=https%3A%2F%2Fbiggbos.live%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C306%2C432&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cp1ytyh3ieht&fsb=1&xpc=Uca5JMde6z&p=https%3A//hellonewyork.xyz&dtd=394
Protocol
H2
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Nov 2021 09:57:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 15 Nov 2021 09:57:43 GMT
Server
MT3 4103 f8fad19 master zrh-pixel-x26 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=OMRhki8WRAG-VBOV6t6fPw&google_push=AYg5qPKqEQpA8ojvx3oGtK--d_rVqTwOzDQM2Y7awwig-L7hjVlZuKm_mV8Lc5WG8YeTZLeD2l0R88rStuiQfML2HP2rb0S_7KKj
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 15 Nov 2021 09:57:42 GMT
pixel
cm.g.doubleclick.net/ Frame 9EB8
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEEjIEuf787a0o7ZDRqDEmwI&google_cver=1&google_push=AYg5qPLgt8YjGCShDtCHKWfBYgjmnbt-8iIxg1D5hdnSfYYhWRRG-wR1PjNqO_jEJyYsW3ndvmbWbDqzijUoSXTj1InR...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEEjIEuf787a0o7ZDRqDEmwI&google_cver=1&google_push=AYg5qPLgt8YjGCShDtCHKWfBYgjmnbt-8iIxg1D5hdnSfYYhWRRG-wR1PjNqO_jEJyYsW3ndvmbWbDqzijUoSX...
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=ab6abc1f-ba73-4332-9c35-4fb6b511407d
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=ab6abc1f-ba73-4332-9c35-4fb6b511407d
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=d7d95a89-e0ce-4898-b5d7-0e1d20fdad60&user_group=1&ssp=google&bsw_param=ab6abc1f-ba73-4332-9c35-4fb6b511407d
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPLgt8YjGCShDtCHKWfBYgjmnbt-8iIxg1D5hdnSfYYhWRRG-wR1PjNqO_jEJyYsW3ndvmbWbDqzijUoSXTj1InRLQasfxT9&google_hm=q2q8H7pzQzKcNU-2tRFAfQ==
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPLgt8YjGCShDtCHKWfBYgjmnbt-8iIxg1D5hdnSfYYhWRRG-wR1PjNqO_jEJyYsW3ndvmbWbDqzijUoSXTj1InRLQasfxT9&google_hm=q2q8H7pzQzKcNU-2tRFAfQ==
Protocol
H2
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Nov 2021 09:57:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPLgt8YjGCShDtCHKWfBYgjmnbt-8iIxg1D5hdnSfYYhWRRG-wR1PjNqO_jEJyYsW3ndvmbWbDqzijUoSXTj1InRLQasfxT9&google_hm=q2q8H7pzQzKcNU-2tRFAfQ==
Date
Mon, 15 Nov 2021 09:57:44 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 9EB8
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPVALoQ8P_Ge4mLkZsYzHaQ&google_cver=1&google_push=AYg5qPL1i-_oqPe_Jzb7rUubNTtYPh6duNkEfoFoX6Jivwr58e0X0Kq0FDJhTLw6oR81XtV222Htrelv...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPVALoQ8P_Ge4mLkZsYzHaQ&google_cver=1&google_push=AYg5qPL1i-_oqPe_Jzb7rUubNTtYPh6duNkEfoFoX6Jivwr58e0X0Kq0FDJhTLw6oR81XtV222H...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDQ3NTE1MTIwNTE1Mzg3NDU4Mw&google_push=AYg5qPL1i-_oqPe_Jzb7rUubNTtYPh6duNkEfoFoX6Jivwr58e0X0Kq0FDJhTLw6oR81XtV222Htre...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDQ3NTE1MTIwNTE1Mzg3NDU4Mw&google_push=AYg5qPL1i-_oqPe_Jzb7rUubNTtYPh6duNkEfoFoX6Jivwr58e0X0Kq0FDJhTLw6oR81XtV222Htrelv9k7Ix27qqBPZ-Kv3en0P
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=50&slotname=www.hellonewyork.xyz&adk=3010877171&adf=3552636261&pi=t.ma~as.www.hellonewyork.xyz&w=320&lmt=1636970262&url=https%3A%2F%2Fhellonewyork.xyz%2Fthe-health-benefits-of-tea-and-coffee%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636970262164&bpp=11&bdt=448&idt=380&shv=r20211109&mjsv=m202111080101&ptt=5&saldr=sa&correlator=3004978434039&frm=22&ife=1&pv=2&ga_vid=1843449854.1636970262&ga_sid=1636970262&ga_hid=1155179708&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=306&ish=432&ifk=2354337978&scr_x=-12245933&scr_y=-12245933&oid=2&pvsid=784279982248323&pem=594&tmod=1961044485&top=https%3A%2F%2Fbiggbos.live%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C306%2C432&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cp1ytyh3ieht&fsb=1&xpc=Uca5JMde6z&p=https%3A//hellonewyork.xyz&dtd=394
Protocol
H2
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Nov 2021 09:57:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 15 Nov 2021 09:57:43 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDQ3NTE1MTIwNTE1Mzg3NDU4Mw&google_push=AYg5qPL1i-_oqPe_Jzb7rUubNTtYPh6duNkEfoFoX6Jivwr58e0X0Kq0FDJhTLw6oR81XtV222Htrelv9k7Ix27qqBPZ-Kv3en0P
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 9EB8
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFa8n_8kTwdSvHSfuX6kcYM&google_cver=1&google_push=AYg5qPJoqxGJtdk1JSaq9tUE0313BCTz0XKdfrxgMhloB13XGr5FXM6ka8MxkANXGMKW8MBk2OU...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1cwSFRWQ1ItRy03N1JJ&google_push=AYg5qPJoqxGJtdk1JSaq9tUE0313BCTz0XKdfrxgMhloB13XGr5FXM6ka8MxkANXGMKW8MBk2OU2mUdquyRK6tfEWjl8TjDmIKc
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1cwSFRWQ1ItRy03N1JJ&google_push=AYg5qPJoqxGJtdk1JSaq9tUE0313BCTz0XKdfrxgMhloB13XGr5FXM6ka8MxkANXGMKW8MBk2OU2mUdquyRK6tfEWjl8TjDmIKc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=50&slotname=www.hellonewyork.xyz&adk=3010877171&adf=3552636261&pi=t.ma~as.www.hellonewyork.xyz&w=320&lmt=1636970262&url=https%3A%2F%2Fhellonewyork.xyz%2Fthe-health-benefits-of-tea-and-coffee%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636970262164&bpp=11&bdt=448&idt=380&shv=r20211109&mjsv=m202111080101&ptt=5&saldr=sa&correlator=3004978434039&frm=22&ife=1&pv=2&ga_vid=1843449854.1636970262&ga_sid=1636970262&ga_hid=1155179708&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=306&ish=432&ifk=2354337978&scr_x=-12245933&scr_y=-12245933&oid=2&pvsid=784279982248323&pem=594&tmod=1961044485&top=https%3A%2F%2Fbiggbos.live%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C306%2C432&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cp1ytyh3ieht&fsb=1&xpc=Uca5JMde6z&p=https%3A//hellonewyork.xyz&dtd=394
Protocol
H2
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Nov 2021 09:57:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1cwSFRWQ1ItRy03N1JJ&google_push=AYg5qPJoqxGJtdk1JSaq9tUE0313BCTz0XKdfrxgMhloB13XGr5FXM6ka8MxkANXGMKW8MBk2OU2mUdquyRK6tfEWjl8TjDmIKc
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
pixel
cm.g.doubleclick.net/ Frame 9EB8
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEFqC61bQNXaAjy1K9NmYaIk&google_cver=1&google_push=AYg5qPJV3ewNwbqe7f43PQKXjXOqrppjVCkiVrryLjZOuL91E3Mu1hiUWFvc5jwUKgH1Y0yZGCcuAb4g922U9hNu...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJV3ewNwbqe7f43PQKXjXOqrppjVCkiVrryLjZOuL91E3Mu1hiUWFvc5jwUKgH1Y0yZGCcuAb4g922U9hNuAAMGnWV--iOm
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJV3ewNwbqe7f43PQKXjXOqrppjVCkiVrryLjZOuL91E3Mu1hiUWFvc5jwUKgH1Y0yZGCcuAb4g922U9hNuAAMGnWV--iOm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=50&slotname=www.hellonewyork.xyz&adk=3010877171&adf=3552636261&pi=t.ma~as.www.hellonewyork.xyz&w=320&lmt=1636970262&url=https%3A%2F%2Fhellonewyork.xyz%2Fthe-health-benefits-of-tea-and-coffee%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636970262164&bpp=11&bdt=448&idt=380&shv=r20211109&mjsv=m202111080101&ptt=5&saldr=sa&correlator=3004978434039&frm=22&ife=1&pv=2&ga_vid=1843449854.1636970262&ga_sid=1636970262&ga_hid=1155179708&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=306&ish=432&ifk=2354337978&scr_x=-12245933&scr_y=-12245933&oid=2&pvsid=784279982248323&pem=594&tmod=1961044485&top=https%3A%2F%2Fbiggbos.live%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C306%2C432&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cp1ytyh3ieht&fsb=1&xpc=Uca5JMde6z&p=https%3A//hellonewyork.xyz&dtd=394
Protocol
H2
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Nov 2021 09:57:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 15 Nov 2021 09:57:43 GMT
via
1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA2-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJV3ewNwbqe7f43PQKXjXOqrppjVCkiVrryLjZOuL91E3Mu1hiUWFvc5jwUKgH1Y0yZGCcuAb4g922U9hNuAAMGnWV--iOm
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
L_3EBsFWXY6MyDWCBihR19LI4lBIKtxwFJy6vq1krvhRbKHvt4pkbg==
pixel
cm.g.doubleclick.net/ Frame 9EB8
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEM...
  • https://sync.targeting.unrulymedia.com/csync/RX-383dadb4-9039-44a7-aea8-3792efad620b-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPJo20B5ibgkKVyImGcby...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPJo20B5ibgkKVyImGcbyvm9FGJsV9TfxsFNvp0mymERs-QHQeEfNVy6QuPGIkv32FDpGhB4QK72M0bg4L3zmAXH58Ip_cS4&google_hm=Azg9rbSQOUSnrqg3ku-tYgs
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPJo20B5ibgkKVyImGcbyvm9FGJsV9TfxsFNvp0mymERs-QHQeEfNVy6QuPGIkv32FDpGhB4QK72M0bg4L3zmAXH58Ip_cS4&google_hm=Azg9rbSQOUSnrqg3ku-tYgs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=50&slotname=www.hellonewyork.xyz&adk=3010877171&adf=3552636261&pi=t.ma~as.www.hellonewyork.xyz&w=320&lmt=1636970262&url=https%3A%2F%2Fhellonewyork.xyz%2Fthe-health-benefits-of-tea-and-coffee%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636970262164&bpp=11&bdt=448&idt=380&shv=r20211109&mjsv=m202111080101&ptt=5&saldr=sa&correlator=3004978434039&frm=22&ife=1&pv=2&ga_vid=1843449854.1636970262&ga_sid=1636970262&ga_hid=1155179708&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=306&ish=432&ifk=2354337978&scr_x=-12245933&scr_y=-12245933&oid=2&pvsid=784279982248323&pem=594&tmod=1961044485&top=https%3A%2F%2Fbiggbos.live%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C306%2C432&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cp1ytyh3ieht&fsb=1&xpc=Uca5JMde6z&p=https%3A//hellonewyork.xyz&dtd=394
Protocol
H2
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Nov 2021 09:57:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPJo20B5ibgkKVyImGcbyvm9FGJsV9TfxsFNvp0mymERs-QHQeEfNVy6QuPGIkv32FDpGhB4QK72M0bg4L3zmAXH58Ip_cS4&google_hm=Azg9rbSQOUSnrqg3ku-tYgs
date
Mon, 15 Nov 2021 09:57:43 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX383dadb4903944a7aea83792efad620b003
content-type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame 9EB8 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I3oj_dUVTfDWeMZAn7BJHhXWEQIspLDr6zeC5hcJ-7XuNu6e-IVRzuIWEqg0oyPQoZY_Sn
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=50&slotname=www.hellonewyork.xyz&adk=3010877171&adf=3552636261&pi=t.ma~as.www.hellonewyork.xyz&w=320&lmt=1636970262&url=https%3A%2F%2Fhellonewyork.xyz%2Fthe-health-benefits-of-tea-and-coffee%2F%3Futm_source%3DOrganic%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636970262164&bpp=11&bdt=448&idt=380&shv=r20211109&mjsv=m202111080101&ptt=5&saldr=sa&correlator=3004978434039&frm=22&ife=1&pv=2&ga_vid=1843449854.1636970262&ga_sid=1636970262&ga_hid=1155179708&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=306&ish=432&ifk=2354337978&scr_x=-12245933&scr_y=-12245933&oid=2&pvsid=784279982248323&pem=594&tmod=1961044485&top=https%3A%2F%2Fbiggbos.live%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C306%2C432&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cp1ytyh3ieht&fsb=1&xpc=Uca5JMde6z&p=https%3A//hellonewyork.xyz&dtd=394
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:43 GMT
server
HTTP server (unknown)
alt-svc
clear
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame AD8E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEH4r7QpifDf464nm74E2bKk&google_cver=1&google_push=AYg5qPJl4OdNZXnGfpI_A7pVcsvigwg_F7dSlJMnq1fpNdUvTgT8KhGuRxVtNlaYvNnf30yU27BH6tm6jMqFXvSo...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=OMRhki8WRAG-VBOV6t6fPw&google_push=AYg5qPJl4OdNZXnGfpI_A7pVcsvigwg_F7dSlJMnq1fpNdUvTgT8KhGuRxVtNlaYvNnf30yU27BH6tm6jMqFXvSozsM5EkUg...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=OMRhki8WRAG-VBOV6t6fPw&google_push=AYg5qPJl4OdNZXnGfpI_A7pVcsvigwg_F7dSlJMnq1fpNdUvTgT8KhGuRxVtNlaYvNnf30yU27BH6tm6jMqFXvSozsM5EkUgQFVUBA
Requested by
Host: 79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com
URL: https://79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Nov 2021 09:57:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 15 Nov 2021 09:57:43 GMT
Server
MT3 4103 f8fad19 master zrh-pixel-x29 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=OMRhki8WRAG-VBOV6t6fPw&google_push=AYg5qPJl4OdNZXnGfpI_A7pVcsvigwg_F7dSlJMnq1fpNdUvTgT8KhGuRxVtNlaYvNnf30yU27BH6tm6jMqFXvSozsM5EkUgQFVUBA
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 15 Nov 2021 09:57:42 GMT
pixel
cm.g.doubleclick.net/ Frame AD8E
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEGPoZVUbXC23w17aW5V4W1E&google_cver=1&google_push=AYg5qPLUcd0ZPBQ-iV1W_Sa095otu8GZcF17bLxWZY03Czf7tKqHb9chyeY4Gy_-2Csr5jUWHq1Zn27hAtDfR-...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAzMDczMzc0NDExMjkyNDgyNw%3D%3D&google_push=AYg5qPLUcd0ZPBQ-iV1W_Sa095otu8GZcF17bLxWZY03Czf7tKqHb9chyeY4Gy_-2Csr5jUWHq1Zn27hAtDfR-upk7...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAzMDczMzc0NDExMjkyNDgyNw%3D%3D&google_push=AYg5qPLUcd0ZPBQ-iV1W_Sa095otu8GZcF17bLxWZY03Czf7tKqHb9chyeY4Gy_-2Csr5jUWHq1Zn27hAtDfR-upk7DCQIsTPKkQ8Q
Requested by
Host: 79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com
URL: https://79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Nov 2021 09:57:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAzMDczMzc0NDExMjkyNDgyNw%3D%3D&google_push=AYg5qPLUcd0ZPBQ-iV1W_Sa095otu8GZcF17bLxWZY03Czf7tKqHb9chyeY4Gy_-2Csr5jUWHq1Zn27hAtDfR-upk7DCQIsTPKkQ8Q
Date
Mon, 15 Nov 2021 09:57:43 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame AD8E
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEKCV9cDhVlncCrogYQ7Ahxo&google_cver=1&google_push=AYg5qPL2RxNma2AGkYf__Pvz-NTKYsDBEf5rZt0bXpUN2Rbg686N45fPLMV-JVl6MgYQjihQtLI...
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEKCV9cDhVlncCrogYQ7Ahxo&google_cver=1&google_push=AYg5qPL2RxNma2AGkYf__Pvz-NTKYsDBEf5rZt0bXpUN2Rbg686N45fPLMV-JVl6MgYQjihQtLI...
  • https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=WZr0HFuFTq--3vzZWocNDw&gdpr=1&gdpr_consent=
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=WZr0HFuFTq--3vzZWocNDw&gdpr=1&gdpr_consent=
Requested by
Host: 79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com
URL: https://79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Nov 2021 09:57:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 15 Nov 2021 09:57:43 GMT
server
Apache-Coyote/1.1
location
https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=WZr0HFuFTq--3vzZWocNDw&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
google_pixel
ads.travelaudience.com/ Frame AD8E 		0
0
pixel
cm.g.doubleclick.net/ Frame AD8E
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKqtp3hCf3aUCuIzyQOA-qg&google_cver=1&google_push=AYg5qPKZFgUD2e43l7QnJ8ciYo-VqLc9T_k8TCMnvWALZ6eVJo-zAevCK9gNqVyfbuajZ2WxGc2EfpSrxnqqxB5EcVlE9Lj...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKZFgUD2e43l7QnJ8ciYo-VqLc9T_k8TCMnvWALZ6eVJo-zAevCK9gNqVyfbuajZ2WxGc2EfpSrxnqqxB5EcVlE9LjOLLGwdg&google_hm=MTM1MTI1MTMwMjAxNjQ3...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKZFgUD2e43l7QnJ8ciYo-VqLc9T_k8TCMnvWALZ6eVJo-zAevCK9gNqVyfbuajZ2WxGc2EfpSrxnqqxB5EcVlE9LjOLLGwdg&google_hm=MTM1MTI1MTMwMjAxNjQ3MDMy
Requested by
Host: 79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com
URL: https://79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Nov 2021 09:57:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 15 Nov 2021 09:57:43 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKZFgUD2e43l7QnJ8ciYo-VqLc9T_k8TCMnvWALZ6eVJo-zAevCK9gNqVyfbuajZ2WxGc2EfpSrxnqqxB5EcVlE9LjOLLGwdg&google_hm=MTM1MTI1MTMwMjAxNjQ3MDMy
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AD8E
Redirect Chain
  • https://ads.avads.net/sync/ggl?google_gid=CAESEDAYAV1vGQNQQ4TfROLuxeM&google_cver=1&google_push=AYg5qPJ349H6Atpt2gjfBl51nBcP776_kgBTJ9TtRb-vukHSSKtiF2a9NfBcdzid1E5EGhRILY02QcuV6DavTEVHJZSGj_AQm91qFBw
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NDI3YjljYjAtMWNiOC00Y2IyLWJmNTktYzE5ZGQzMTY0NTkx&google_push=AYg5qPJ349H6Atpt2gjfBl51nBcP776_kgBTJ9TtRb-vukHSSKtiF2a9NfBcdzid1E5EGhR...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NDI3YjljYjAtMWNiOC00Y2IyLWJmNTktYzE5ZGQzMTY0NTkx&google_push=AYg5qPJ349H6Atpt2gjfBl51nBcP776_kgBTJ9TtRb-vukHSSKtiF2a9NfBcdzid1E5EGhRILY02QcuV6DavTEVHJZSGj_AQm91qFBw
Requested by
Host: 79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com
URL: https://79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Nov 2021 09:57:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NDI3YjljYjAtMWNiOC00Y2IyLWJmNTktYzE5ZGQzMTY0NTkx&google_push=AYg5qPJ349H6Atpt2gjfBl51nBcP776_kgBTJ9TtRb-vukHSSKtiF2a9NfBcdzid1E5EGhRILY02QcuV6DavTEVHJZSGj_AQm91qFBw
date
Mon, 15 Nov 2021 09:57:43 GMT
x-envoy-upstream-service-time
7
server
istio-envoy
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame AD8E 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JiP9Ydcd3MKCMOLTgMk0KYHMB4JD1FfOoNANR0ysCfCgnCyyBjkbO4hFGDHre8bQo
Requested by
Host: 79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com
URL: https://79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:43 GMT
server
HTTP server (unknown)
alt-svc
clear
content-length
0
x-xss-protection
0
content-type
text/html
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 2BC7 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js?31063704
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
clear
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Mon, 15 Nov 2021 09:57:43 GMT
S-320x50.gif
cdn.contentspread.net/24i/content/soberfb/EN/ Frame A647 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.contentspread.net/24i/content/soberfb/EN/S-320x50.gif
Requested by
Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=56767000062595500973112011779025&a=ff7a2b3f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.69.161 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.161.69.99.88.clients.your-server.de
Software
nginx /
Resource Hash
7d6421bbd9103141776f4b07892b5cf25dfb312b1d15efa81b0d3f98cafefd09

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hal900025.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 15 Nov 2021 09:57:43 GMT
Last-Modified
Mon, 23 Jul 2018 15:19:51 GMT
Server
nginx
ETag
"5b55f217-2394"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
9108
S-300x250.gif
cdn.contentspread.net/24i/content/soberfb/EN/ Frame 67A9 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.contentspread.net/24i/content/soberfb/EN/S-300x250.gif
Requested by
Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=36608600067570300973098011779005&a=4d4ae97d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.69.161 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.161.69.99.88.clients.your-server.de
Software
nginx /
Resource Hash
fb805ea8e0e2123c713b4613ec92e55d7c11db579417ab8bdbd070d5c18e5104

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hal90005.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 15 Nov 2021 09:57:43 GMT
Last-Modified
Mon, 23 Jul 2018 15:20:14 GMT
Server
nginx
ETag
"5b55f22e-115c6"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
71110
viewability
hal900025.redintelligence.net/ Frame A647 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900025.redintelligence.net/viewability?s=56767000062595500973112011779025&a=324d8462&vb=m
Requested by
Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=56767000062595500973112011779025&a=ff7a2b3f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hal900025.redintelligence.net/request_content.php?s=56767000062595500973112011779025&a=ff7a2b3f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 15 Nov 2021 09:57:43 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
truncated
/ Frame A647 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/gif
viewability
hal90005.redintelligence.net/ Frame 67A9 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90005.redintelligence.net/viewability?s=36608600067570300973098011779005&a=1596e464&vb=m
Requested by
Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=36608600067570300973098011779005&a=4d4ae97d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.165 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hal90005.redintelligence.net/request_content.php?s=36608600067570300973098011779005&a=4d4ae97d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 15 Nov 2021 09:57:43 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
truncated
/ Frame 67A9 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/gif
addDoubleBorder.js
cdn.contentspread.net/24i/tools/js/ Frame 67A9 		851 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.contentspread.net/24i/tools/js/addDoubleBorder.js
Requested by
Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=36608600067570300973098011779005&a=4d4ae97d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.69.161 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.161.69.99.88.clients.your-server.de
Software
nginx /
Resource Hash
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hal90005.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 15 Nov 2021 09:57:43 GMT
Last-Modified
Tue, 03 May 2016 20:54:50 GMT
Server
nginx
ETag
"5729101a-353"
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
851
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame F53B 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Mon, 15 Nov 2021 09:55:12 GMT
expires
Tue, 15 Nov 2022 09:55:12 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
151
alt-svc
clear
aframe
www.google.com/recaptcha/api2/ Frame 7A20 		783 B
736 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
947fab102b49e4bcb3f105fefef64cadee4e7d48f7c9f5536ba125f0b5932ec8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8tHcE3JWIA2WbtFeV8ACHg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 15 Nov 2021 09:57:43 GMT
date
Mon, 15 Nov 2021 09:57:43 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-8tHcE3JWIA2WbtFeV8ACHg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
clear
gen_204
pagead2.googlesyndication.com/pagead/ Frame 538D 		0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BOQACFi-SYb74Msai-gb9hJboDAAAAAA4AeAEAg&bg=!0tGl0ZXNAAZQLpa_UC47ACkAdvg8WlbvOdwev29LRwSm66Zo4JkTYiteBHIAhbBdnSSJnFletWsERwIAAAGAUgAAADxoAQeZAzDWRsXyBIMKdsC6yldnAI9EFupW0e-h2R5_KDpQ27J_JW3aLVY_4tYugvOg1qa_1rFmqfHOJM1bAkGyh_PxXOcKG4ywo-c_mK7tvR5Fulx6Jfs2q-lgooRHNaBTsnABUXt1Qr5B9aUQzeTeNqnh1a2o2-UasA-E9mOrAoECtddj-g58HA32FpXq0WcasioLvznFHTIm1U0yqcWLG-8vHsoIC4wTEvr_D7ofYv0kuFG6OOvJqeleAG8GA0bc75s4Jy9mEc84Ig8GRFv1NrVPQZCBbf-ng1SrC0-jWqR5KqRypAsC9SHIg5735mqOsCeaXrWihDqKAncY8Ab-p6j3OqJlweb0shMFJdsdZyA8L7_iuo_hFFvyMUVv_Ydlacg6ZDSGvUktYH-uqCJetgr1fFQL72_9FnVgosqx6CpxfB2Jke4rZwvA7BtCLgJvU51MiU0bnX3A_cA9Cvl5bvh6FJ1RtamQqLhAv3lJBu5dmoNsU9dXVqv0btVNRoQ_nBq5PLAZ2raXsJ788KtSwabFB8V_a4DloRAtinW4VU7fgXza_XP8wGc84CSCADDX2MP8nT4xXIM4Hxm3DCef3MMmSrjtnW1Za8-IIWyYRgaM3kj95k90VLOwwsFuLh7vbovhU_Ql7_waMVBXmNMwftFDylQX0Uw3-MSZh_q4kkOsrwoQ_DyMinvvQnJBtilbSih9muc-3gHNBqmsc8i4ekACavmUt_QQJ29lsmDzBe9KEqHRSGbaCt3-m99nCARjbHCmaNMIxJktGlyrYP7TAXjlKGmQKIlSxhaspPwvVvYKctMTS9GJCC1GcTxQExG28j-CMLQibqWw4QLfw5U6IvUDiOtNEVNU3EqgVzv7ghePHkJLxuJ_IWgjp9tERPaR-YkclvF9FGIqhxFG1tky9XcGjh4xoL0wOiLhqd5FKZhmDPi9cx5guxKx-g8nWZ0i0QnS-yl7_CO3SpNgfxlD0HsnmD-2K1uMnOVOETC-tV_if3r7Cc8XJAV4waV-iIAXDaJYj1ucbTnACpfwBdqyVZewol9k9ej-dvpObrdpYoW6H1iifBcErgx0rEfq9lh_mIzTzIs
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Nov 2021 09:57:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 7A20 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021110901&jk=4162867029326899&rc=
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js
pagead2.googlesyndication.com/bg/ Frame F53B 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61dc309ec8b3d11aef7e9365f3dad0aa805188583a795c4d21d6e0b268efc183
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 20:35:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
220919
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
13476
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 12 Nov 2022 20:35:44 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2AF5 		0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211109&jk=224540066830682&bg=!3d6l3prNAAZQLpa_UC47ACkAdvg8Wrq16qxwk1BRCp_4GrMfDQQTqlYMKsosMbpv-xSUALYR1Lq3qgIAAAB6UgAAAAtoAQcKAGVX82zFsCXiB8rhvL_WHtAnLsrEig1GGebkZ3KcMMjOCsD1mZL21YLDN_T0yAzOhcmRzJMUYLUSxXWOx0FTe3X6khx0ulaxfOV2WMVu8aVMajl_XNxKABheni0r0s7yBSeOb4wYn5kC_b-2qzx-oaI8_tMXqe_1iucB5epVWwVkMC2gDnxWNZf1-xBVFLVR2A3mtqJfpAg5JDPCZyQRO9k6ZTNKHe_nZ9yZVSNmekpGDeGIZPWax5q3evjcAuveKt8LhZxwgyDS6BkuohWMNwiczkdJyXT5pNkZ3JcbUToM5TojuMeQQylF55HRJoZWrCf3O21ea1bpFO61dAdx1uTG9RcGA_Axtp8jQmGYFnBt1Xoy4AUC479wqFqqpKEFB3nkEgZuFzM3Wv4fSQUJNC22XodXbDGFop5aEdEniFNP6Ct4VObtIVlYomRaLg31eIYKy1ULBZviwGI59-4ROm2MhZQ3-gHq1qt8HA4-IbFmTsv8b4E-UamVb5dK73-CUuv2Cb3guKDJcuGV6igYJ-en3Klr8L7M1gG6toYqKjaWVP_5yzIwoUYnKohJEmMATFVucOX-qZmqi46pXRAL_JFPPhF2oFqtohx-njQjJ7kEIext8lhmXpZ1lYjC24Rc1mix8TUN_BGB2ULUPec928Dh_ldooR6cvMcTeLBm59aO30U1Q_rkUwNMTV7SBit6zsR7e251AHUUvq1p0jQjOL_k9jAPuA9t7vK2J9j-3fTDGG2BYhG_FYQlblz1i6vJAW1qMNqBxB3Iz2idcK921cvm-nP3NQk0Vx_vrdr9RpTP9nJOBk0kfM9Vw6HpV27es1uzCYkwMO6f6iFgOArRTcUNjJygxEW8TFfndrShzp-SUFLhIX6FVSrj4wCFvd4Noa4bVffv_TLW40vMkUdgoenhyGW3O2myBYgREO6IzVlazc5I2Hs7rP2p8YTgbl53YuIBouxRO4-Eo1dyX8Ts0PLLeY5c7ArqpxSzlNdAIVbCjFz8BaP9l1pZaWCK18oNFbAxWyMi12zfepkszVCAZp0J318_d2wOIzf9U4-HyqO9YurY0BwGpvn_ngKCLjegmbuEeUh7liZItTu7LIJQL_cUI0NcQNp4M7n3YKDmyI613tA-iILG6OY4o1TELco7MkElFnKaew
Requested by
Host: biggbos.live
URL: https://biggbos.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Nov 2021 09:57:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame A97E 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063719
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f9a14d4b5c33c076b2d0e778eb5f7e99cd93ee2bd19be64b08fc154cadaae32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 15 Nov 2021 09:57:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
clear
content-length
9260
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021110901&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba6f6a7a9bb3b2a285f694a06e4d7c9fe57f16deff77f690e83f5b60f8a403a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 15 Nov 2021 09:57:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
clear
content-length
9320
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A97E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063719
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
clear
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Mon, 15 Nov 2021 09:57:44 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
clear
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Mon, 15 Nov 2021 09:57:44 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2BC7 		0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021110901&jk=4162867029326899&bg=!6Oul66_NAAZQLpa_UC47ACkAdvg8WsXnuZ9jFoIMqNKyenvP-fKRYAcE-EhIjRTyNBy1Xr6F_yQw1QIAAABiUgAAAApoAQeZAvD7ERZnDQj07BE58NMlpqDvBPKYOK-9yMbXWw5BmXfihYqd3pp5SM_eslN9qnwrAs3_uEJwdd4IfgpYikyZXcMHFxyecyPxJFA0zogpfWw1tELTc1gtt1dGN26V0-1-0sZ89kW-1xxCjgkjK6Uh633iVSywkpea9AXWyk7OAkAfRRl2QpStU_TyIGYqc5E0MIloJJXjyM_WGrrSyPoakZVLoeVUbQxKbvx0gsi_hokBDsCiyxe80CgeVClQx9KyimjbbLxJ-fX_Vm7BpwTOuQssoKz5CQ8QcW6YCHjmXPtj3Cqcor7iJTMKKIpFXka4JdXmVAFNQo2Qnx1OJb3HPcVQi2pf0etmu5NDBUyaqrx-9_tZQFqmzKnqbmvqBn1yeAMsMxbo_Loc42W9vQawTcECtujEg99y4AXpDVS9ow-gWlsWwvJ57u-3XXBO7aTF6gBj2oHGij0f_Ff3wsMNL6iP6qGBL45WDoPcjB0eY7TVgsB9MdiZeVpb4-T7z-Vj2ZLmBe2cMIjtU_ixlhGTD_jT7IVpyE-WRLAgds_x__MGOz6CxAykDxcLCSYSvC0pmyI6COlYc6-WOWMr2uZgZarqYXskXdqMGope1PElh3OABlYt1BZ3dXE1yBJwvSfJs98oJ7z_nZpB9ZPGVb9Ao9C2bOY_BQp--09hMJUdWvrNKSyV2e-6Lo51whMEqMQcji4WwNZd55CNCxtNPiZHXK3V5kmTv4w2gk8KTr4KEcegNSblRToTt_yHJTA_asUnILzv6LMPCel-skqNmPpo-R3E42wgvZXsAzsIiN-g8ANWqPegDND-9rSBVAJacA_QVbv5hnGbburqtk8-fEqWk3RD-IeUdf_I0AOZhi5ybLkNJRe0omlIPZ0F0k-jNrre2-truDrOcXlR2PWC-jZP0l6xksklkaAojuFMOvVB5Bi1kkMDuKLgxDw-MnqS7iQsv4KFRO7l6263VHKRxwjdJE_2CvQOKVduFb_NpKYWkhoohA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Nov 2021 09:57:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 42A2 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Mon, 15 Nov 2021 09:55:12 GMT
expires
Tue, 15 Nov 2022 09:55:12 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
152
alt-svc
clear
aframe
www.google.com/recaptcha/api2/ Frame 6784 		783 B
762 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
831db67d4c2b8bba3eeb99f047b16bb2f466faaa8379a0debe570539d9064ea6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-g+H5qEsbYcmMrIfbGc8a9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 15 Nov 2021 09:57:44 GMT
date
Mon, 15 Nov 2021 09:57:44 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-g+H5qEsbYcmMrIfbGc8a9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
clear
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame CFEF 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Mon, 15 Nov 2021 09:55:12 GMT
expires
Tue, 15 Nov 2022 09:55:12 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
152
alt-svc
clear
aframe
www.google.com/recaptcha/api2/ Frame 6AE7 		783 B
742 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
06bf7879c0b2309a917a869584405472fdfb19266f856dc88ee9a4538d0dba0c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-iqX4cehJI5X/YRCyNE405A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 15 Nov 2021 09:57:44 GMT
date
Mon, 15 Nov 2021 09:57:44 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-iqX4cehJI5X/YRCyNE405A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
clear
sodar
pagead2.googlesyndication.com/pagead/ Frame 6784 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111001&jk=784279982248323&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 6AE7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021110901&jk=3236105699743304&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js
pagead2.googlesyndication.com/bg/ Frame 42A2 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61dc309ec8b3d11aef7e9365f3dad0aa805188583a795c4d21d6e0b268efc183
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 20:35:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
220920
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
13476
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 12 Nov 2022 20:35:44 GMT
Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js
pagead2.googlesyndication.com/bg/ Frame CFEF 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61dc309ec8b3d11aef7e9365f3dad0aa805188583a795c4d21d6e0b268efc183
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 20:35:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
220920
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
13476
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 12 Nov 2022 20:35:44 GMT
bulk
trc.taboola.com/hellonewyorkpak/log/3/ Frame 2BC7 		0
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/hellonewyorkpak/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=3
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211115-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hellonewyork.xyz/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
15
pragma
no-cache
date
Mon, 15 Nov 2021 09:57:44 GMT
via
1.1 varnish
server
nginx
x-timer
S1636970264.256236,VS0,VE15
x-served-by
cache-cdg20781-CDG
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://hellonewyork.xyz
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
bulk
trc.taboola.com/hellonewyorkpak/log/3/ Frame A97E 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/hellonewyorkpak/log/3/bulk?tvi2=-2&route=AM%3AAM%3AV&lti=deflated&bulkSize=3
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211115-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hellonewyork.xyz/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
15
pragma
no-cache
date
Mon, 15 Nov 2021 09:57:44 GMT
via
1.1 varnish
server
nginx
x-timer
S1636970264.278945,VS0,VE15
x-served-by
cache-cdg20781-CDG
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://hellonewyork.xyz
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
bulk
trc.taboola.com/hellonewyorkpak/log/3/ Frame 2AF5 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/hellonewyorkpak/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=3
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211115-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hellonewyork.xyz/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
16
pragma
no-cache
date
Mon, 15 Nov 2021 09:57:44 GMT
via
1.1 varnish
server
nginx
x-timer
S1636970264.295377,VS0,VE16
x-served-by
cache-cdg20781-CDG
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://hellonewyork.xyz
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame A97E 		0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111001&jk=784279982248323&bg=!1tWl1ZHNAAZQLpa_UC47ACkAdvg8WmzIh7tBCUamAJP99PfXT5mani58S_dI1W2jni5Fn2PXFoJokQIAAACSUgAAAA5oAQcKABQYUnG_FG6rXdeqdJgvqTlR0DnT6pkC9kAwLcS5wqtnR8yfBRf7L5MSnNoSyDN6MtMbjGoRhPd_Q-Ps8lJVn9UmTfjlpMP5LRrjbw-5oDtCJspjvLZ_F6SIoQqhwp2BI5dFllQ7u1WtujX_AuTjXHIElxOaqb1XMqV_vmVsGsF45KzcJbc7bWD7D1h3BEL9eadceFYYbxJ-qtuscnAC94rBbv-7goT0Cm2d80n5FMFr6LORsTdq-1YURYyc4DYvZRHO0lCaJ7tZ5yQbbkmFF9Z-Cx0OAkrezDegBttR-HPgePoYum66BM2ylUspK-sqXXySMIAZQrb3OzO65BZgqhY0sk02UOW9-eAPszSzcwFqsbPUIM2ym9b0zR8cjg0ItL6BLy5vlflVODZSQLzSocZGhli1zjnW2uvymZIl3jS-NzEOikNnyTS9jHSHyYn1xuSsaCNEGbRTYSA1hPe96X2imJFVKQVfgHr2HrcNJFGCgAJDKuYvCuF9bRjifgWq7wBJn8hAuxdT0yn9vg1UjuabqbnYaVNvEfIoRo3QQFufxOIqgpcO7souI_gTOX27t10oJt9G8WT0ROY2mNNuYzD8QG_RrHmt3eHI6tpLNE_oj2Bvb5lxa8yqVuuxUS-TX4mzp1DTIS8b7Uyg1ZEXhLf4enpi0HynWzhbQoHyI6CHl57lv-tGw0BEnxEgxi4GcpyzkN1VuUIZfDa_9LEiWiAyGkKcT3HyPQPFhxdT_n4KC8xLAFa0WGUmDKxXvMMa-0UKk-mshYODOtqkPqOzu_u5_seEQ3IXdL4oyxj7r5lmdtEtJZ3BZSBvJwpy6FVNbCyJ944yY8bUESRkrrpysJDVAckO8QnQ0Y9cwYz7duYMRBqtIP0erOMdyvxP734QqER3Q93TeZ3UJtYvNNipp1y21vsyBqpM5WNafX23zpJ4zpho-IgXBSlsWGAor28zsrXqRk9_SJP35ZLQXaP49kz5zkLddUEgYUGwPladpc-tuw7Ku8q3X8dN6aaI0gbQBs54HCaF2_MapiFr7VUP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Nov 2021 09:57:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021110901&jk=3236105699743304&bg=!IyClIGTNAAZQLpa_UC47ACkAdvg8Wi9jOf4sRSBm-9GFDq49I_mQRHBB0QKN7jjwj6iYIDDr5Q489QIAAACPUgAAAAxoAQeZAqr5A9KUFh2g8n6IW_0m7cCe1IIpgVwuiVK_98TCRQhsXMyQgUhOJmPy6NEFRhP9wEIE-tE7uQ0y8B-EPWPik66C1pJfWDOpLrEnVf0QDOx5xqRuTOe6O3R-1wa3YbUD5sEMPlctM1dwSE8ozjotTj_mfuDf5_vvEwHdcJge0U2bhRnvFC19Aa9gTGssTsU6WOt9W-k7xXs0N5MFIBLwgkuSu6-C3dF8DAjBS1IUziITetXWZbmg69_HBztWF5qeyYFZ3JdcOp1FZc5pSesLr1PDlvZN7TBaXf7a3Y32hnHWZ9OKf6kXtF3amx7ByRwuKLM6_BeOVR5l22CUwOA0w8I68QVB1sF5ZWt_5l5zGdC-xhpRUmgFfPmtKAWRrO3iyAxDb_nug0DUMCEUkKo1_qiRD8FESfeHXDSg5VMTDmrpIupq-JnaoQad8_qlMe5MDW1_o9seY7r_4D0og2VxzXFUTiVFXRwweyvja_6w09dw1l2sRTurFlIYMGqGu3Io_YLfWoHFrRmjgmxN-CKqar1yc_cyM9rYkbfaNBtBMankNWsJG7Oz2acukiObAYVrMeuhPBBrMh1kaMTnyrsWjGlbsBbELonVo3aHRloZ3dcPaXayIaXENoM-a_pNokEYI1GKFuMtR3F1UbdP82tdzkc1fvQD0jPGOH0AJCsM4cmnDuq5TsMAUMogKXcLoKcCYk1gJB3W8AbjUOtrRdMUOnEBfIWaO07o3CPqFlr4XWpys6KkHXJ4oMm51G5r7O8wGBRNMn_2DYQwFkcb0BAK2v7U08x-vgIS17o6x_bG_F734VhGzvMpKu8iLL6l_ElnmM6afkKYctYv978_c-KgHgNSiZKOsTYVbzWDg8g9GsTFeEJ89SIOehCUQQHTUHgqLiosY0toGdicMNwo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Nov 2021 09:57:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 2BC7 		254 B
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
3642
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
QLFvS515diXsiA8RD1gqqGGi2SM8HRYlgcoebQur+XPlR1Nuh1Sqn+1eJPkZiUj5saoa5S4Lslk=
x-served-by
cache-cdg20781-CDG
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1636970264.390928,VS0,VE0
date
Mon, 15 Nov 2021 09:57:44 GMT
x-amz-request-id
X4R946VY6SZ3HFD7
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
85
x-cache-hits
7806
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame A97E 		254 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
3643
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
QLFvS515diXsiA8RD1gqqGGi2SM8HRYlgcoebQur+XPlR1Nuh1Sqn+1eJPkZiUj5saoa5S4Lslk=
x-served-by
cache-cdg20781-CDG
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1636970264.490169,VS0,VE0
date
Mon, 15 Nov 2021 09:57:44 GMT
x-amz-request-id
X4R946VY6SZ3HFD7
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
85
x-cache-hits
7808
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 2AF5 		254 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
3643
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
QLFvS515diXsiA8RD1gqqGGi2SM8HRYlgcoebQur+XPlR1Nuh1Sqn+1eJPkZiUj5saoa5S4Lslk=
x-served-by
cache-cdg20781-CDG
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1636970265.599579,VS0,VE0
date
Mon, 15 Nov 2021 09:57:44 GMT
x-amz-request-id
X4R946VY6SZ3HFD7
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
85
x-cache-hits
7809
activeview
pagead2.googlesyndication.com/pcs/ Frame 1574 		42 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstsjLzqoY3xVUn8bucdZPOIA_NFQbqoViiS-yaERVAmSN0tj3LzrvcaUotgKTubLZe0Cy78GJVjWVpmp8A05YtlnfkGr4JEgUlG56gjDqU3EwBC6KCVZQ&sai=AMfl-YR3ggKwVNSJyFbojzvm7WsrXLcrfQM_MbiFKmjfRMDRdAX1brXHnWHEtSjsPLcnGLwMwxMfpwgZgbOWhFeZ14d07BSj3KHefNM&sig=Cg0ArKJSzFgoFlFaB8dTEAE&cid=CAASF-RoNgf2NBbx5JOm3-aqi1fNVzEGfTvw&id=ampim&o=0,251&d=300,250&ss=1600,1200&bs=300,250&mcvt=1003&mtos=0,0,1003,1003,1003&tos=0,0,1003,0,0&tfs=253&tls=1256&g=95.61600089073181&h=95.61600089073181&tt=1256&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=115767433
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Nov 2021 09:57:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cds-pips.js
cdn.taboola.com/scripts/ Frame 2BC7 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211115-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding
gzip
etag
"3aa74dbf5cd656dbb65deda2d238ddbd"
age
764
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
911
x-amz-id-2
ui0WREJRAWACEGSu4OBQmpqLlko1BqKr/zJ9btetq21fE+nr6P7nnJxf0Bv6jH1EdZfVkxdyHro=
x-served-by
cache-cdg20781-CDG
last-modified
Wed, 14 Jul 2021 05:06:01 GMT
server
AmazonS3
x-timer
S1636970265.109234,VS0,VE0
date
Mon, 15 Nov 2021 09:57:45 GMT
vary
Accept-Encoding
x-amz-request-id
KDNETRH1JW53KHMD
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
85
x-cache-hits
6226
/
pips.taboola.com/ Frame 2BC7 		64 B
241 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
5115de3e48e4fc8fdd9ffcf01cbd6b5e4e3a718e20b242ae5a6b6cf061930cd6

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:45 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-mxp6961-MXP
access-control-allow-methods
GET
access-control-allow-origin
https://hellonewyork.xyz
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
cds-pips.js
cdn.taboola.com/scripts/ Frame A97E 		2 KB
1010 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211115-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding
gzip
etag
"3aa74dbf5cd656dbb65deda2d238ddbd"
age
764
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
911
x-amz-id-2
ui0WREJRAWACEGSu4OBQmpqLlko1BqKr/zJ9btetq21fE+nr6P7nnJxf0Bv6jH1EdZfVkxdyHro=
x-served-by
cache-cdg20781-CDG
last-modified
Wed, 14 Jul 2021 05:06:01 GMT
server
AmazonS3
x-timer
S1636970265.167914,VS0,VE0
date
Mon, 15 Nov 2021 09:57:45 GMT
vary
Accept-Encoding
x-amz-request-id
KDNETRH1JW53KHMD
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
85
x-cache-hits
6227
/
pips.taboola.com/ Frame A97E 		64 B
99 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
5115de3e48e4fc8fdd9ffcf01cbd6b5e4e3a718e20b242ae5a6b6cf061930cd6

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:45 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-mxp6961-MXP
access-control-allow-methods
GET
access-control-allow-origin
https://hellonewyork.xyz
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
cds-pips.js
cdn.taboola.com/scripts/ Frame 2AF5 		2 KB
983 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211115-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding
gzip
etag
"3aa74dbf5cd656dbb65deda2d238ddbd"
age
764
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
911
x-amz-id-2
ui0WREJRAWACEGSu4OBQmpqLlko1BqKr/zJ9btetq21fE+nr6P7nnJxf0Bv6jH1EdZfVkxdyHro=
x-served-by
cache-cdg20781-CDG
last-modified
Wed, 14 Jul 2021 05:06:01 GMT
server
AmazonS3
x-timer
S1636970265.194605,VS0,VE0
date
Mon, 15 Nov 2021 09:57:45 GMT
vary
Accept-Encoding
x-amz-request-id
KDNETRH1JW53KHMD
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
85
x-cache-hits
6228
/
pips.taboola.com/ Frame 2AF5 		64 B
99 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
5115de3e48e4fc8fdd9ffcf01cbd6b5e4e3a718e20b242ae5a6b6cf061930cd6

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 09:57:45 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-mxp6961-MXP
access-control-allow-methods
GET
access-control-allow-origin
https://hellonewyork.xyz
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
/
cds.taboola.com/ Frame 2BC7 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=ac372b30-c760-447f-a289-3e10d559db8b-tuct88bb496&uad=00a022b603fec270cb6c1754f70d8314c0893da8bc5939a7fb54e9b7ad07d8cf
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 15 Nov 2021 09:57:45 GMT
Cache-Control
no-store
Server
nginx
Connection
close
/
cds.taboola.com/ Frame 2AF5 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=0af38538-93ae-47e6-b86a-f2cbd9e977ad-tuct88bb496&uad=00a022b603fec270cb6c1754f70d8314c0893da8bc5939a7fb54e9b7ad07d8cf
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 15 Nov 2021 09:57:45 GMT
Cache-Control
no-store
Server
nginx
Connection
close
/
cds.taboola.com/ Frame A97E 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=4ddb11d2-5a48-47e2-8d33-bfadd962c0fa-tuct88bb496&uad=00a022b603fec270cb6c1754f70d8314c0893da8bc5939a7fb54e9b7ad07d8cf
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://hellonewyork.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 15 Nov 2021 09:57:45 GMT
Cache-Control
no-store
Server
nginx
Connection
close
SucO4q9c4IRqqXt-dHbcBPfjolVgOIdfReuB9UYY1CSFo37_m5zk2_zwrQdm0uJ2rKULLGG902Mm44oqqVo_ISyUKFE8oqTzish54VH5CQAAbjQpOPnLQe6UEL9pPUGXcl1ibfZdAsiukkOUVTNA539DG_SoplizJiqgJXBp9_2JYbSmWF5j1vxGVFety0JS3WAwi...
rndhaunteran.com/impression/ 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rndhaunteran.com/impression/SucO4q9c4IRqqXt-dHbcBPfjolVgOIdfReuB9UYY1CSFo37_m5zk2_zwrQdm0uJ2rKULLGG902Mm44oqqVo_ISyUKFE8oqTzish54VH5CQAAbjQpOPnLQe6UEL9pPUGXcl1ibfZdAsiukkOUVTNA539DG_SoplizJiqgJXBp9_2JYbSmWF5j1vxGVFety0JS3WAwiD9CD7O8OBUpKYAC-YIpadlGlHNhyIl4yhVr_ySqEFjByMkvSovVb2mfBdJy0Igd5D1f9vQPKHykRP77S8FT_6-jdJq6FjwOfJyX5j5kw41wHsxJdLDdiG3b-f64Q_ZwwoKR8X4aWfB9Ts4a-zKYGcgG_KHtQfsSKD7HaGgJM1XQ0i8vZUmejj7UENMFFdasxQ==?_z=4637408&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=7&pl=https%3A%2F%2Fbiggbos.live%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-trace-id
aa4bee762ea6d27ad48d230abec6e23b
pragma
no-cache
date
Mon, 15 Nov 2021 09:57:50 GMT
x-content-type-options
nosniff
server
nginx
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security
max-age=1
timing-allow-origin
*
content-length
43
expires
Wed, 31 Dec 1969 19:00:00 EST
0906776135698.png
static.cdnativepush.com/contents/s/b7/03/48/610dd9904996ce353cefbd6227/ Frame 60E4 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.cdnativepush.com/contents/s/b7/03/48/610dd9904996ce353cefbd6227/0906776135698.png
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.197.156 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4f32e56f82a897f4e93c94bc9734ad7dd609e06d12710cc252e0bac847217a1a

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 15 Nov 2021 09:57:50 GMT
Last-Modified
Fri, 18 Jun 2021 10:34:23 GMT
Server
nginx
ETag
"60cc76af-26a1"
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length
9889
4637408
rndhaunteran.com/500/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rndhaunteran.com/500/4637408?excludes=9953302&oaid=60fd4b12a5c749948bf20b2a061b97ff&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=8&pl=https%3A%2F%2Fbiggbos.live%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Requested by
Host: rndhaunteran.com
URL: https://rndhaunteran.com/400/4637408
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
6d1e9459903d2df0e41b7768ae4d8be806085b2131b31da23a30587bb7bd0f01
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://biggbos.live/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
15f021d76c7243259f2904d6f857fbc6
pragma
no-cache
date
Mon, 15 Nov 2021 09:57:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://biggbos.live
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
strict-transport-security
max-age=1
timing-allow-origin
*
expires
Wed, 31 Dec 1969 19:00:00 EST
4637408
rndhaunteran.com/500/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://rndhaunteran.com/500/4637408?excludes=9953302&oaid=60fd4b12a5c749948bf20b2a061b97ff&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=8&pl=https%3A%2F%2Fbiggbos.live%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://biggbos.live
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Mon, 15 Nov 2021 09:57:51 GMT
content-length
0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET
access-control-allow-origin
https://biggbos.live
access-control-max-age
300
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
strict-transport-security
max-age=1
x-content-type-options
nosniff
timing-allow-origin
*
01313612136692.png
static.cdnativepush.com/contents/s/a1/08/e5/633b2e61b94c5fc41ca1ac7f2b/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.cdnativepush.com/contents/s/a1/08/e5/633b2e61b94c5fc41ca1ac7f2b/01313612136692.png
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.197.156 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
a31611ada0de071dda8a75cc0d251cfa4471908af5e36976ecbda745355a8304

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://biggbos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 15 Nov 2021 09:57:51 GMT
Last-Modified
Thu, 01 Jul 2021 08:59:45 GMT
Server
nginx
ETag
"60dd8401-1375"
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length
4981

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZIvF62JHoSTdaj29yaqRgAABH4AAAAB&google_gid=CAESEH4VfR_dcEzG5kQYvc6P3co&google_push=AYg5qPLexGEQ_hZ1eL_QkcYK728ziTUTu6eUA5geeuDuBb4kcsLP-dpF-vJrAAQF7_HgDg9PzMFjj2w9V193UIQhzCPXZrx5EWdE&google_cver=1
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=lD81222pSZeECg1a4i7tGg&google_push=AYg5qPK1-U6tCEMUoG8-6fJykXIYDZO9SWdsBUAkU0AAkRTtbReHxyn2DWNUNLYrZdDIfYE85FHA9V4gfEnCDyDiscDvJenjjKI
Domain
ads.travelaudience.com
URL
https://ads.travelaudience.com/google_pixel?google_gid=CAESEEi7yQ0nzudvQyou423xlLM&google_cver=1&google_push=AYg5qPLmaNso_v_L-HP8lcnDj8roTQbIJEuHtlTJVcCgvkmv2oSIc97J4Hc07-MgLFzxRKnJaxAqsJfT_19cEhSpw2qNAkeQZI1aGA

Verdicts & Comments Add Verdict or Comment

94 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| _wpemojiSettings undefined| $ function| jQuery function| gtag object| dataLayer object| interstitialSlot object| googletag object| twemoji object| wp object| regeneratorRuntime string| _uid object| AltPushPush object| AltPush object| Morath boolean| jQueryScriptOutputted function| initJQuery object| tie object| ggeac object| google_js_reporting_queue object| lkvm1a52mmm object| zfgformats object| webpushlogs object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| createTicker boolean| isInTag function| typetext object| tie_isMobile object| html5 object| Modernizr function| yepnope object| browserPrefixes object| $window object| $the_post object| $wrapper object| php_js boolean| isActive object| _mgIntExchangeNews object| AdskeeperInfC1208464 function| AdskeeperCContextBlock1208464 function| AdskeeperCMainBlock1208464 function| AdskeeperCInternalExchangeBlock1208464 function| AdskeeperCRejectBlock1208464 function| AdskeeperCInternalExchangeLoggerBlock1208464 function| AdskeeperCObserverBlock1208464 function| AdskeeperCSendDimensionsBlock1208464 function| AdskeeperCRtbBlock1208464 function| AdskeeperCIframeSizeChangerBlock1208464 function| AdskeeperCContentPreviewBlock1208464 function| AdskeeperCResponsiveBlock1208464 boolean| mg_loaded_657196_1208464 undefined| google_measure_js_timing object| google_reactive_ads_global_state object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| gaplugins object| gaData object| ampInaboxIframes object| ampInaboxPendingMessages object| onClickExcludes function| mgReject1208464 function| mgLoadAds1208464_0b5ec function| AdskeeperCReject1208464 function| AdskeeperLoadGoods1208464_0b5ec object| _mgq function| _mgqp number| _mgqt number| _mgqi string| _mgCanonicalUri boolean| _mgPageViewEndPoint657196 string| _mgPvid boolean| _mgPageView657196 boolean| i.js.loaded boolean| i-noref.js.loaded object| _mgwcapping boolean| _mgPageImp657196 object| GoogleGcLKhOms object| google_image_requests

53 Cookies

Domain/Path Name / Value
zeroethgipsy.com/ Name: GL_UI4
Value: eJw9jVtOwzAURPMOVUnESFkAS0jBrcgnYhF8Rtf2JTVN7Moxjdg9FhJ8zdE8NEmSZF2L9FblyL%2FoiMdBMUslSL88kyQpB6FF%2FzRIoRUJPp2wM%2BsYSM4cCtxPbNkbNSqnucFDjP6ci3WbLVBKT1Y3KJfYmBvU0rttZd%2FlKCwtjOrt7F3UcqFP55ENx4jGRkx7ZG7t8naH%2Bt1YHXftHtmhb5sqwf46U%2FhwfhmNrlKUkyfNSF9xpyjw5Pw3as3rJbgr4GY9%2Fvd%2Fb%2FPt0KPSfDMqfrtwZv8Da3NLtQ%3D%3D
zeroethgipsy.com/ Name: GL_GI10
Value: eJxNi9EKgjAYhW3WUArjhx6gF0jMDOk68KogfIEh9ie7cP%2FYVmRP30qIrs7Hd84JgoCtEmBSQ7Ir022epXlWpNtDAWGHBKyqYdHSXTkzCNX0CLwyjWp9GuwkKWDlHuYji5auCLOq3vy572l2aYy0MG2lG5I5xJ8c15Ffj2UorYbonBfl%2BuSuECt0wmpEj0cymkzjEJKf%2Fd55CJG0Qht6DnwCSyd7fJFCQbebRefV5MHZG53FQXw%3D
.vmuid.com/ Name: guid
Value: 297050aa-a801-4271-be81-898925bb7f7c
patalogs.com/ Name: av_sw_hit
Value: 1
.biggbos.live/ Name: _ga
Value: GA1.2.1044975218.1636970261
.biggbos.live/ Name: _gid
Value: GA1.2.1012286541.1636970261
.biggbos.live/ Name: _gat_gtag_UA_186889619_1
Value: 1
my.rtmark.net/ Name: ID
Value: 60fd4b12a5c749948bf20b2a061b97ff
rndhaunteran.com/ Name: OAID
Value: 60fd4b12a5c749948bf20b2a061b97ff
.biggbos.live/ Name: __gads
Value: ID=d3fc3acf16379346-2251071bb8cb00b6:T=1636970260:S=ALNI_Mb6zS9FRvuSxGsW8yz54vfbxEz_2A
servicer.adskeeper.com/ Name: __mglb
Value: b77c90ace61932b85ead847cc0fcb78b
.adskeeper.com/ Name: muidn
Value: lafFteU8KQV1
biggbos.live/ Name: AdskeeperStorage
Value: %7B%220%22%3A%7B%7D%2C%22C1208464%22%3A%7B%22page%22%3A1%2C%22time%22%3A1636970261699%7D%7D
.scorecardresearch.com/ Name: UID
Value: 1MAQL50UNIZIUQATDZWQ1Tg1636970263
.doubleclick.net/ Name: IDE
Value: AHWqTUkUSAVnWj0_GiaWOiTvE7eulca1KvoGT6eqZ9mwIZ_TiPU7rcidhWFfHOSSLyA
.mathtag.com/ Name: uuid
Value: 38c46192-2f16-4401-be54-1395eade9f3f
.adnxs.com/ Name: uuid2
Value: 1906774190439463609
.casalemedia.com/ Name: CMPS
Value: 1160
.turn.com/ Name: uid
Value: 8818776185413127727
.360yield.com/ Name: tuuid
Value: 943f35db-6da9-4997-840a-0d5ae22eed1a
.360yield.com/ Name: tuuid_lu
Value: 1636970263
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GU(hgz89!]tbPl1M>e)ZlrFUfJ+tGXxpK_.M[2SkvsgB2!VfBAox(Fw8Y/Oz!B00`SHo*bpRz*qF1`*b]_X)f#J=
.simpli.fi/ Name: suid
Value: E2DB430CE61346E690F549582784D71A
.w55c.net/ Name: wfivefivec
Value: 2SsOkqus1MMyKb5
.casalemedia.com/ Name: CMST
Value: YZIvF2GSLxcA
.casalemedia.com/ Name: CMID
Value: YZIvF0uOrZysc8w.MYb.EwAA
.casalemedia.com/ Name: CMPRO
Value: 1148
.w55c.net/ Name: matchgoogle
Value: 5
.doubleclick.net/ Name: DSID
Value: NO_DATA
.lijit.com/ Name: ljt_reader
Value: a3a62a171d0dd4f542089e8f
.yahoo.com/ Name: A3
Value: d=AQABBBcvkmECEKG8H-lLHM8SRXQOFD6U14QFEgEBAQGAk2GcYQAAAAAA_eMAAA&S=AQAAAvZkeyLpYCY94KdDOFSHuWo
.adfarm1.adition.com/ Name: UserID1
Value: 7030733744112924827
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YZIvFwAEs6UAHgAz
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 968938bd91c5b3a3
.demdex.net/ Name: demdex
Value: 87221301370057724172731248382031294925
.casalemedia.com/ Name: CMRUM3
Value: 2d61922f172760CAESEPK6vcv2XfwKgw_-g9nfScg
.analytics.yahoo.com/ Name: IDSYNC
Value: 18yx~21jl
.amplifon.demdex.net/ Name: amplifon
Value: 87221301370057724172731248382031294925
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-383dadb4-9039-44a7-aea8-3792efad620b-003%22%7D
.ads.avads.net/ Name: av-mid
Value: 427b9cb0-1cb8-4cb2-bf59-c19dd3164591
.ads.avads.net/ Name: av-tp-gadx
Value: 1
.mathtag.com/ Name: mt_mop
Value: 4:1636970263
.tidaltv.com/ Name: tidal_ttid
Value: 599af41c-5b85-4eaf-bede-fcd95a870d0f
.adform.net/ Name: C
Value: 1
.bidswitch.net/ Name: tuuid
Value: ab6abc1f-ba73-4332-9c35-4fb6b511407d
.bidswitch.net/ Name: c
Value: 1636970263
.bidswitch.net/ Name: tuuid_lu
Value: 1636970263
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-383dadb4-9039-44a7-aea8-3792efad620b-003%22%7D
.adform.net/ Name: uid
Value: 4475151205153874583
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0sjQ2tzI0sgAAph7yywkAAAA="
pool.admedo.com/ Name: tuuid
Value: d7d95a89-e0ce-4898-b5d7-0e1d20fdad60
pool.admedo.com/ Name: c
Value: 1636970264
pool.admedo.com/ Name: tuuid_lu
Value: 1636970264

8 Console Messages

Source Level URL
Text
other error URL: https://biggbos.live/
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
network error URL: https://prowesshearing.com/fe68b3c729f3c6872dd30af94f1fcf87/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://prowesshearing.com/764e49652f3b5b90f5aa525afaea43ab/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://prowesshearing.com/764e49652f3b5b90f5aa525afaea43ab/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://prowesshearing.com/764e49652f3b5b90f5aa525afaea43ab/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs(Line 2)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=lD81222pSZeECg1a4i7tGg&google_push=AYg5qPK1-U6tCEMUoG8-6fJykXIYDZO9SWdsBUAkU0AAkRTtbReHxyn2DWNUNLYrZdDIfYE85FHA9V4gfEnCDyDiscDvJenjjKI
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZIvF62JHoSTdaj29yaqRgAABH4AAAAB&google_gid=CAESEH4VfR_dcEzG5kQYvc6P3co&google_push=AYg5qPLexGEQ_hZ1eL_QkcYK728ziTUTu6eUA5geeuDuBb4kcsLP-dpF-vJrAAQF7_HgDg9PzMFjj2w9V193UIQhzCPXZrx5EWdE&google_cver=1
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5f2eda5863d9461a244c21ad04e9945e.safeframe.googlesyndication.com
69177f9f531aa1006a27a6b1cc644f57.safeframe.googlesyndication.com
79faa98cb7f572b31a8d8f63f7791b65.safeframe.googlesyndication.com
ad.turn.com
ads.avads.net
ads.travelaudience.com
adservice.google.com
adservice.google.fr
am-trc-events.taboola.com
amplifon.demdex.net
ap.lijit.com
biggbos.live
c.adskeeper.com
c1.adform.net
cdn.adskeeper.co.uk
cdn.ampproject.org
cdn.contentspread.net
cdn.taboola.com
cds.taboola.com
cm.adskeeper.com
cm.g.doubleclick.net
d5p.de17a.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
fd4f45ea4cafee28d3b3b683ecf7e6e8.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal900025.redintelligence.net
hal90005.redintelligence.net
hellonewyork.xyz
ib.adnxs.com
images.taboola.com
jsc.adskeeper.com
match.adsrvr.org
my.rtmark.net
p4-atfgjzduejpb2-chhulcweoy55jjcb-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
patalogs.com
pips.taboola.com
pixel.everesttech.net
pixel.mathtag.com
pixel.rubiconproject.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prefleks.com
prowesshearing.com
r.turn.com
rndhaunteran.com
s-img.adskeeper.com
s.ad.smaato.net
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
servicer.adskeeper.com
static.cdnativepush.com
sync-tm.everesttech.net
sync.1rx.io
sync.go.sonobi.com
sync.mathtag.com
sync.targeting.unrulymedia.com
sync.tidaltv.com
tags.mathtag.com
tags.orquideassp.com
tpc.googlesyndication.com
trc.taboola.com
um.simpli.fi
ups.analytics.yahoo.com
vmuid.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
zeroethgipsy.com
ads.travelaudience.com
cm.g.doubleclick.net
104.18.16.65
104.18.17.65
104.19.132.80
13.225.78.42
138.201.135.164
138.201.63.165
138.201.84.245
139.45.195.8
139.45.197.156
139.45.197.236
141.226.224.32
141.226.228.48
142.250.184.194
142.250.185.66
142.250.186.130
142.250.186.131
142.91.159.144
151.101.129.44
151.101.66.49
169.50.137.184
178.162.133.149
178.162.196.156
18.156.0.31
18.157.70.90
185.29.132.241
185.29.132.242
185.33.221.15
192.243.59.20
2.18.233.201
2.18.234.21
2001:678:cb4:bbbb::11
213.155.156.165
213.19.147.44
216.52.2.48
2600:9000:20eb:b200:1b:5138:8a40:93a1
2600:9000:21f3:c600:2:e529:700:93a1
2606:4700:3034::ac43:a421
2606:4700:3034::ac43:ce35
2606:4700:3036::ac43:96a6
2620:112:f002:bbbb::21
2a00:1288:110:c305::8000
2a00:1450:4001:809::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80f::2006
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::2001
2a00:1450:4001:813::2002
2a00:1450:4001:813::200e
2a00:1450:4001:827::2001
2a00:1450:4001:828::2004
2a00:1450:4001:828::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2008
2a00:1450:4001:831::2002
2a04:4e42:400::300
2a05:d018:24:b002:2591:850:d183:b9b4
3.33.220.150
35.205.207.25
35.210.53.219
37.157.5.142
52.18.11.109
52.51.58.216
52.58.94.171
69.173.144.139
85.114.159.93
88.99.69.161
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01a10be28bdad9ed81f9a7f1e09f4913d314f13abc7a7bb2d52be9666eff599d
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02ef66b1e382dc94c0a75f7fee02d17c0421830f47d55899ba57bbdabaf8b5f1
0550f5fabc287e8491f8a0c4cf0076e3f0a6fc685a5da6bdca2c4e582a3946f6
05974ceee889428857a6807825d8ceb76b499ba9a7c57a1701a326742bc07076
0665f5f3dfc038e410e2f0004a1a5ff6d2d91f392dd32208606eb8ff51195172
06bf7879c0b2309a917a869584405472fdfb19266f856dc88ee9a4538d0dba0c
06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e
06c572e99c878362d40d1f358efdfe400ae1310f35cf22174dcdd5db022dd810
080fa2d28695b11e72e6d26b3c5db5d9fe383267d8f09022ec42a3fb996fc8f1
0b09c68bca4ab5f14adfca62d7e22ae037bc7b684744d441a9b646103dc9e20b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c6cae0c25f8b1f1ef110d5d4d6fd633abaff274a012d05f7946c665f69d623c
0c8bdfb3947348c8750cfcbd43c7ca3153db740b0b61f7039ef25729ad919849
0caab7de2b6d190e7fad15e5e81b2e8130ac073fe1960149c597b9ac12509d1c
0d46a9894c93bdd741b1dd5bfb8055285382dfce624d08ee399ad7dd6c7223a4
0ef22a5ddd0a587097aa66e1b8fb0c87546b2cbd0e130a0c05c2e5c2c390c15a
0ef86a9c84acf9b67f78b397f644979af4b19eeca753b5b1e9d824de2a0fd6ab
10149e81621b3a46836cd42ffe55748208254e3054a3013cbd6dc6b9d593521d
10eae251d1f63da3e07a6aa466caaae39c7a88c2a0252035e8485bcd07175786
1255a027e3ca223797200f631b41fc5195e03ce07b70d8cc5e85ce4b9412a072
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13bd77c7ef012e9b89fe969298ed98cf990dd8075d9b549c978944088994d97c
1406b7a1d08682ea93c03924e5de6f900bc9f47b222bf0f126b1bf355f1e0226
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
17b686a9db1b6e7b9f35717bf2142cb0b9a0208699fdae7c927be2e2f4c44aaa
17ed3bff031009b4e753fefbd5a3be3988a142633235c7f9e14d76179b5cff2b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1914ae70e7b5ba43f3fffc59aeee5dbd360ab1027e1ea6b204723e62ae099095
1966a866f1d6cabd0e61447b6711a54b2f622758bf64c103b058ae201b135188
1a2f0b3910e41d2d2ea45a7f8620014803ad73dd3a1cabf35c619a0521812a16
1c5ea4549940e859e87fe8c66444a5b4dfa5c4e997da647444887492d0067298
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1ef0512e6b632cc38bd173268075e545db0d7b5e7b00cd87f885871f5823a052
1fdc67fe1803288afb5eb0f5b56a69a41f308e5a78727652ffd72258c8316095
2001ff119fa3c97bce2db74436f7870d9eee1fb8b2c1ac0627fb6b3bf0c94891
2116d7a6a9d76ad6d4e6a6932cc3cc93d1804085afc911ff479df2f3ae835409
23827d51606e4c1cc95fac86ca3db4fc4123790c13bb1b0ffb0cce7a824635b7
23c79bb552706be2ca97bdb259921e3269a5263326b147676c2f7909a45b58c9
24399bffe8443c72af67894609715b1936202dc5bf781be315662700a5cfd900
243dbeb2bc1666cd6dc5186731609c25d820c6bb1ad4f30c6073287133a45251
25ab6ceec7755ece499574d34bde990706bdb16ecbfac4ac211a7b89fa0b3928
2789bf402dd2de503301c0e8daa01238a264c8dbce1f90b5712bf9977c0eafa6
27dc1887f3d50ce1b7de779c747dab964569a524183f34c733ea1ca530db5851
287f11235e488057b3078cc67767126f9b6384d211ddae14bcd901f75885fd4c
290cb5d09439fb608eeeb01483d09a76d15f0056e3ff581a1a3d645f5ce9fb21
2adfa36ec7e8273e9497ddff9336d957adf4d2115ca9af4da8ec3c8c18378ad5
2c6b993a5662070ffc0fd5cb9be9abb814bfa439872b37ab1bfba8b3e60f46ae
2ca45d4a78b01e0b828d158620ef8bc0034d1d8634ad135bfdaea5bf28a07cb6
2ef9559a975465f64359a069d1b66b8a3b7527b75ecabdc1822478e0b61dee0e
2f7ca69eecdfbe98c8a4245bb941781e2c2ba30552263167d60a5771abd9d9b5
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
33f843ec1e06bb276f3542010f87e7ea75f05722355a9222d07fc78e0f363d17
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36731f024e5f8a4eec7440d6226de40b20292560e578250df5a055a3e9a342e6
36b265c7e9ff91d94a6730798ecde0e85093af4bf7a37938b9f17f20531aa3bf
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
376b71acfc81e9af8b707d78e0734ea7b92836f7b95603e7ee755ca480dfd49e
38b460c170cf350d5a802bfe8a14c6b949b7f8d424828dd0e94c2d473984b7e1
38e69614b0f67b202bcd31b6789208013c17f67acb593f6f3c4ee46320569634
3ae61aa180dac316ef4032d32f2ee10a3ba776b9f216bbc4f1ca0472c72848cd
3aec4d2c04534a584ea1499663a155c84eef58f100c8c576ac4a4976fccafdf5
3af9efc177ee8e91539f31021f5f35577914c117b56d324a5d9bfb501e421fe5
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be
3e2d12a8b66e4eea33f560a296762254c21d07251a413f9b1d5421fe5fcb0c38
428b41475ec929a13f4d7a6e655beb0abc11e97721b6cbd9f290d1d4308f2edd
4445068dc1c8f4c4ad45314d19806176220b9c3c63be9437e8553008f5270953
44c0c901ab84306965a25fc48d0cb5b7bbc4f4aa3eea40596b5e18b67574ed19
457a20cd2d790a90025ac843a0b1752efd5bf5a34f2ee30e9f1bdbbe2fde16e0
463b7ce96730a74d575769bd628c6f09fc47b1301b4187183f13a33a4418e5a9
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a8750a8640722a68b2c2ba1ac046162759ceb0da6a23d5870c099ff9fca5488
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f32e56f82a897f4e93c94bc9734ad7dd609e06d12710cc252e0bac847217a1a
4f4053bbe3f92c152d8e2e50d204b23c0f8d70e535fea875aad08ebabb2088fe
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fb21b68aa33aef8b3b83a7677cdd0439bd297729677ca8a8ac9f125e60de57c
5007a747602388ec2a3c6a9fa494642d8e348bcd08aa85ec2f2f78f2e32e913a
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5115de3e48e4fc8fdd9ffcf01cbd6b5e4e3a718e20b242ae5a6b6cf061930cd6
51272c944e66af600a15dc54c6c9201585f224e893672e85e1e7710d53d63db5
516ddc06af82ca6146ff2da77573321df08692e47feee78d7a033a900dbb502d
54aca4273834170f28ec1bcad65ad626db1f44c7315c36d4944a1f2e14075e0a
54e04366be056a039de5258e2e40fca9eb4491a2931b3874b7a5959271c620b9
55bd3c50a5450a4afdb605f8bcc8456877cba233f8fafaf5dbe053c79316e77f
5638b297bad891d75a97d3c0a0465f0f2c7b628f9550616d0036d780affb982d
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5826ae7aa8edbae07609191ba85f027d90d9a3a3c86424973805674bb0197acd
5a02ac6efcd55ee0c50db4068873d371113c5ad284aa28e19114c37d7d65538d
5b13a064c1d5cb212e70dd677d1b0c617d119145b71e158c9ed62da5d16193a7
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
5ddc9fc4d84b651bc99152bcc96ab60d6a835037cb3ee0a83c1d6c342637419c
5eed51655172cef00ed2056d1ced57cc0c55bfa509628a58b3bbdb5b295cfbed
6002a0f5187b8ff576479ddcd6cdf0f6cf7d9ef33fdb00dcf990724d47aa59a8
61dc309ec8b3d11aef7e9365f3dad0aa805188583a795c4d21d6e0b268efc183
62e5e94d76620aa07fe28e06d03983a146409c8011aaea93dc8bbbb497ff9a6a
62f3d3d0c242e891ce6b71214501d2cb97f4b9d1ecfbe03031dbc5c7c76ff64a
63d825e1d2acb840cee7f8c6107f7fe98d451b5c36a9e41f212f25f79335c08b
6404d19708c5b5159d3789e2b85df908016576f30ac88c1e8ad7a2bfe83acd2a
66d128a8663fa617cb6ae772e1f2fbcf5a5f45b4a31777ca735a158763ee984c
683c9f69bcb4e3624efe2776623acef25f58bd7d39eb0c9d34cf845f2f2bab3b
6854b6747c4bc23cf6bd557255c78ce183473267d0299b08c75b982d1549eca1
6963c149acbd8cb37d7e210d0b1abc1b81e9667458c09b842cb9b31abc99a7b5
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d1e9459903d2df0e41b7768ae4d8be806085b2131b31da23a30587bb7bd0f01
6da3027767ec81b8662192186ade6520dc8e89d566e142a5b7d25a47728154a4
72daeda089b97705aef40b6be9adb4d9ffb80f47191eb0f8c9595d157b0340b0
761580f2029c648210e4dd74c1c10dcf81426c863feed9e7e7b13f61a0d42249
777750fd9d46194a2030dfa9a045e3890cbec3a8f38aa5c761b6e3cedfd8c72b
77aecfb1f8472b4174b78cd6de1db59c8a1287f7050ed3e45c317296a398f226
77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658
7807b1d55098c7379ffb675b059581a14b95fee7eec3ca4fa9e880c03ddbeae3
7b77aecf5fb4fd661ae033755581271644ca43fd07b17f8f107f37cff0f08884
7d6421bbd9103141776f4b07892b5cf25dfb312b1d15efa81b0d3f98cafefd09
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7f35beb753d6e2c1f3b0a0707b5b4af971f63f6c87f92af6904d28752d5f4854
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
831db67d4c2b8bba3eeb99f047b16bb2f466faaa8379a0debe570539d9064ea6
86a65b0893d3dedeb9bf02e3f3e3599f6ac8f02053c7760dec43ad483815be2a
86d2d9b569b96e40e9d8d51322980d729cc34f7e299984639ae15aa9a96d4991
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8d0a68664fe5acec3375516a00b1b626c5f007ae503429fbfa896b17ecccfb5b
8d6050216a4bae779bcca48452cb92f7b26a0bae6670496207ed927de8789e48
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d90662adb117db7d7aaf1fe95098f23757d913059217fdeee97ecb9ea74c1f0
8e37956831bf8db49aea501243fa101d728424eec19a4a3c8cc8787a2f95c8ab
8e93414f896d6002f025697fd592d2393994fc8b21be6061dd55b8df904aa245
8f29178baacb1699bb64b5a43a18699cbb04ec4a1ea3e6f5f78948be0960d7d4
8f9a14d4b5c33c076b2d0e778eb5f7e99cd93ee2bd19be64b08fc154cadaae32
907e7babdb7b73195d76bdc0ebf419c5f3e557067ce3b76ab6cf86b615b31289
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
914cc50cb4d587364c7ea88a0894c8b403e8817b2befd382523767cc73707c9a
92cc8362bc2a2666dcd75055196c7759f89592018706aa3a83160f23e6443d61
9308f974e1dde5cf37c3b882f1cc85da444fa7a04b121206120dc46fe600e943
934be92cd06d10a40421472c4115b48b13dbd4c85561f25909c82b8b7d086ecb
947fab102b49e4bcb3f105fefef64cadee4e7d48f7c9f5536ba125f0b5932ec8
95783c1ae0fafb95a57fe483c80d16dc0172df96e263fec0468741f51704d061
966d00f6687aefd26cd28e7a67b28fa100f32b79c48c969524bd26003e2f412e
96b1bc36a8bcb0feeacaae0edf7213ab03e574a932349ce371270dc28d08766e
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b6e6113a006d0515914ee02775c363f28e885b79876578f059fe536ad726e2c
9d9f75c4b7c2c966e09b5a4b63d507fe8df41751ea8ee5f2cd18d521fd04dfd6
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9e819673c2da0d49dab476365ac96992c250af9147fc107f371f2be7e1e36868
9e9351987ab4c2c9927470f508620e5333d3631837cf5fead2f045281aa636fe
9eaa3628344b4e75faac67ebbe378cb52643ff6acbe5fefc9029a203dbdde8af
9f5874fb2c3632a34548feb383bdac63a9fb3294d454469cbe16375cee645f5e
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23b7874236efe4d71174b857560a86f0e8b2900a6d715075db33d18e1ea834a
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a31611ada0de071dda8a75cc0d251cfa4471908af5e36976ecbda745355a8304
a31d8cd4d7ab8945e7a131d93e8e6670434ddbb043e64cb5312977737a0647d6
a341dcada814ea82785cdb2840103760a26160a5df2f424c6cf382c7d8b484e5
a39b209b9b9dda47f5ab83993311092d861d5c3347876521cc6b9847c93411e2
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a615849237c0ce94e73fc69d86e5f9c58bdaca8d9756a5ff4c88fa86b14e6177
a6298dfc2f08ab2835f77d1008e62da43f8210d17d784c51b694e90cc95fbf2a
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8c1f3cf2241cebdb69cb7f6f1980e11aa384b1bc6ac8f2873bf6a624de691c5
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa2f78652f214c6ad18977b0094febab544e73f7ae52cd7a098972cf388b5006
ab53f031d510e785b7efeb025b423db675e898f169ef085074903f28637258dd
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107
ac201bd77ecd1366f66409f322916b5478719c1e45706b09c695fd7304ec5504
ac3e6a7747a782567b04c349aadc1314250e55d92275b1327d6b40dc787b0fc6
ad85a7fb08636994c220c3bae8eaba57a2900b0ae32750549121e0f8fc7367d8
b030bbcf492ecd42be534d0d1074fc575b47b694fbd4dfb0745bec9c431af8b9
b10b7cef548974d25fa454cd1224a00611988013e2232d6445190372ec6c6931
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8
b44101ade49001b3bb88a1cf054c1c20a6764278564464b43f888e14716e4e4e
b460a66a365df82bb8823d8c10660683e3e49663c1c9d4d05c2b93836207864e
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b5686069f5bf126c4e57f6d3c15f48a41840693ce741c049f85ad3c9f81b685a
b694472a4d7c89c05504feae234eb45fd123b4a88b579c2384993cdf2df51166
b6d295b1589e7bbbe19a389b3e06ff6df85d7f966ca8737e9a6f09f1c17160b3
b82f83e118060c258cefc3e67be277478da9e24b56784f8177717b3fe2e0fdf8
b9de8bda0543643462819c179beab2db03cf645e9eb857a9cc056ae668c4cca0
ba6f6a7a9bb3b2a285f694a06e4d7c9fe57f16deff77f690e83f5b60f8a403a1
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bde265880567a08d13f2ef1296d9b0f39ccece22a958b03bfe9d19e5ea781568
be32eb2045a4d0a5eeb1fbe7a87ec822ba313b1f8c5f3faf2f31ee8235dd3486
c00a2fde8840a3fccf407fd455bc1c9699fdcae0cc26540cf05441b67a949fa6
c41948cd82e94bd1533aae692b0b4adf26de18b0021e51c1cfcd0685a027fb16
c50fdd100702a167a08d0a190335eee173e8283856bb71646f352a31043bf5e9
c6e810bd35b5e9925e99ba612ae503f219e8792fe8150f54fd5413ed97cc80a6
c82834ea6f27fd9f7c76733563aa76687987b19f619ff39d9cc8f4410e167bc7
c996167bb8151312bf408ea47db08a5da8456c2394aedc5efb8cc4c2b1f4211e
cb52f41a24f412fdc1a40f44fd05d26642046cdadc01036a745e6c406b08b9c5
cd141e96e9e14938f45015c60120bf850203de6b765f779b0838a6bd6d7cf964
ce3c59bd94e2d9cf0e0f4a107f504b07cf52da82ac230734b32f8d779950d303
ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82
cee9777920422a147bbdc2980bb270ce05f96472f628ce235022c0a2a125ffcc
cf2c18dc823e0a901e3edbcf1e49dbdffd9dc23e4c99e7c6a3c8f515bd3d41c1
d06705eaf29b4f5efc8375b0a1cd105057cf92feaa02cc98de160708775995d5
d0aef6396a0bc8404f181d447b82ee3e9704b4cab859aaa677fb4c9ef54e042d
d172c7a7d560ee869c812c4ac36c85cc951ff822a10f4a1c8a845ae5769b8e7a
d3d10cdcd1a9b5f59ec6a6d1edbdae3f808566e59ca335c7acca54d74edf09c3
d3e2307e387efe806cb67fd157c273e2d256e5a3cc4b3ce50494315a4c248f62
d448abce537da88c348b0b810fd060c0cce547ccfdd1a9eebfa560963159ecc4
d60244b3722b4b538ee8773eb991cf38c7c0508e9f9e8e70a4ff79392cb4467c
d7b78aa51f2b5b51d96a9a575479435e73dfcfc3a5a9824910a0de00d4268967
d7ed0741d5d8b1f4c1e5d326052429a0e041baf1544d3dcddb140a0d12bf590c
d8ea4b836e4ec0a41758f39200b11f49368330fc59db1777944a067a83b64140
daa6194e7a0f374ee8add4947650d348ea36583e66decc6b7accfd2cae056531
dc1b5c792659571c47423106489b4315351d39d9033b23a17bb0df00cde46858
ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
dfc9ff95d2763076ea0619f310c5b15b62500769df77acb49cecfa4eb4577903
e12634fc28fdb920977e213574cf6d4b4d99dfa242eae8192e5647e5daafa33b
e160dea7a4f9848561447c92915ba26aa4900a2ea018f85c9bb0f02a4516220d
e1d4082b0bf5ff4a99b76ac0ff2acf5ce5f95cc7c62362d537672d0941fc70d4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d98fb5b9e84b642124588b369ed6ade1fa7b38e4e6300d81ece5d9b1f2aefd
e472c488689b09810ca0f4b68d7137677b2e1d4241ab4c48d341364dcd4d5dbc
e50450640116671739456fbee244980723524e9bf9920eec6091f65670f990f7
e6104fd34a854f1501aa6ca3969f4d07084b48c78aa530879daa10f4119f5804
e6ed1ec14635bec612551d6c977cec8a3cb4c7f5f6ea37b90fb7a1b9c6951781
e8c2e4d6ab0ad2f055a6cc3c777d31531e665758db5ca815f2613afad72f7088
e91e908fe630a9db9e41c8196c998fdd4cbd6d0a290586a23fe30890645f21a7
ea7318d20b082c813ae32a5d7fd71977ec6fbfcbde05212f3fdf3b4d00cca67f
eaaeaf5def876cc36115a889853c0c562fb3d6fcdc032b13cfb1b16124d1a3da
eda3ab970270fee3cfc79294bb1f23cd2e0c1109da0eba25eb30f0a365a60393
ee1918315692c238935e51d9b37dd45f6c6844ec2d36bda94749ce1433ec0d6b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb7454a61dfc771a2eba06467390149c3ae514dd222aec4e295dc9d8ff9913b
f23e92f2ad9c1b20e84ae45b1e9290d020e47977550fa2fd235ef480378db35d
f27af596e03576e4acbe76fe49c5535be8d98ca4c4e1f647bf3b39bf4bf581f7
f348fc3f728a30658922a61bb8d0e5c8fa709315b35b9875f2f053843d299cd7
f4bc8cb97a1b41327845db6c8045232c64cbbd0b53ea0a2a98f2a975929a9f5f
f5628d5224da01ac70d40a4714a660ac25d9c449bbcfb09764a84cd063c9cb62
f6293aeab6a9d99410be9777b8ad5a00f2beff14a31aea05a57e8cc086da0af2
f63de180098b5669cddeef897441f372161e25dde239a7f6fc03f5cb5ecec4be
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f73ebc52ed026d16c6624a149574ff907daa9ddbe40c20f61eaf56c67a3f98da
f7eaea0063c3dbd0b4af647c20458573b0d8ec387a28c32be36727db7012e13f
fa477fbff88a2687f7d0681a3397364f1aa77a7e6227d57e455996586b358095
fa5fb3483b99e673434a662e3bfe4d9df8a2d2d8af2ed1b6037ee6376d19312f
fb805ea8e0e2123c713b4613ec92e55d7c11db579417ab8bdbd070d5c18e5104
fcbfd2faca88740ed0f27ded819df341057d991264ca383a485e1126859adbeb
fd8578bf97d570169c7d14e51e6e7bc673e67052a7d21f21ef7260e8ab812da3
fea811e086749b12803cf6d1d3931b02d4bf466fe58c1c86c8aacc33dbdfe1cd