www.gregweeks.com Open in urlscan Pro
143.204.207.117 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://weekschevybuickgmc.com/
Effective URL:
https://www.gregweeks.com/
Submission: On September 22 via manual (September 22nd 2021, 5:01:27 pm UTC) from US — Scanned from DE

Summary HTTP 367 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 73 IPs in 9 countries across 65 domains to perform 367 HTTP transactions. The main IP is 143.204.207.117, located in United States and belongs to AMAZON-02, US. The main domain is www.gregweeks.com.
TLS certificate: Issued by Amazon on November 14th 2020. Valid for: a year.

This is the only time www.gregweeks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	184.168.131.241 184.168.131.241	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
1 4	143.204.207.117 143.204.207.117	16509 (AMAZON-02) (AMAZON-02)
50	65.9.71.114 65.9.71.114	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.70 99.86.4.70	16509 (AMAZON-02) (AMAZON-02)
1	104.16.18.94 104.16.18.94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	99.86.4.101 99.86.4.101	16509 (AMAZON-02) (AMAZON-02)
11	216.58.212.168 216.58.212.168	15169 (GOOGLE) (GOOGLE)
8	65.9.71.74 65.9.71.74	16509 (AMAZON-02) (AMAZON-02)
4	35.169.206.198 35.169.206.198	14618 (AMAZON-AES) (AMAZON-AES)
1	104.97.20.211 104.97.20.211	16625 (AKAMAI-AS) (AKAMAI-AS)
10	31.13.92.14 31.13.92.14	32934 (FACEBOOK) (FACEBOOK)
1 2	208.68.39.149 208.68.39.149	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	23.50.25.8 23.50.25.8	16625 (AKAMAI-AS) (AKAMAI-AS)
2	13.32.22.64 13.32.22.64	16509 (AMAZON-02) (AMAZON-02)
2 8	54.176.104.101 54.176.104.101	16509 (AMAZON-02) (AMAZON-02)
2 4	65.9.71.105 65.9.71.105	16509 (AMAZON-02) (AMAZON-02)
7	142.250.185.142 142.250.185.142	15169 (GOOGLE) (GOOGLE)
11	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	65.9.71.55 65.9.71.55	16509 (AMAZON-02) (AMAZON-02)
3	99.86.4.11 99.86.4.11	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.74 142.250.185.74	15169 (GOOGLE) (GOOGLE)
20 27	89.207.16.201 89.207.16.201	41041 (VCLK-EU-SE) (VCLK-EU-SE)
3	204.79.197.200 204.79.197.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3 10	54.246.44.247 54.246.44.247	16509 (AMAZON-02) (AMAZON-02)
2	143.204.209.113 143.204.209.113	16509 (AMAZON-02) (AMAZON-02)
1	52.52.232.60 52.52.232.60	16509 (AMAZON-02) (AMAZON-02)
4 7	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
52	31.13.92.36 31.13.92.36	32934 (FACEBOOK) (FACEBOOK)
1 17	52.46.154.242 52.46.154.242	16509 (AMAZON-02) (AMAZON-02)
1	18.168.102.56 18.168.102.56	16509 (AMAZON-02) (AMAZON-02)
2 3	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	46.228.164.13 46.228.164.13	56396 (AMOBEE) (AMOBEE)
1	23.42.166.8 23.42.166.8	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.169.11.179 35.169.11.179	14618 (AMAZON-AES) (AMAZON-AES)
2	206.189.187.108 206.189.187.108	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	74.125.206.155 74.125.206.155	15169 (GOOGLE) (GOOGLE)
6	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
8 12	142.250.185.166 142.250.185.166	15169 (GOOGLE) (GOOGLE)
2 2	142.250.185.110 142.250.185.110	15169 (GOOGLE) (GOOGLE)
2	108.177.15.155 108.177.15.155	15169 (GOOGLE) (GOOGLE)
12 15	104.18.13.5 104.18.13.5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 8	37.252.173.38 37.252.173.38	29990 (ASN-APPNEX) (ASN-APPNEX)
6	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
6 6	35.186.236.204 35.186.236.204	15169 (GOOGLE) (GOOGLE)
6	52.7.3.164 52.7.3.164	14618 (AMAZON-AES) (AMAZON-AES)
20	91.228.74.189 91.228.74.189	16509 (AMAZON-02) (AMAZON-02)
2 10	52.210.87.143 52.210.87.143	16509 (AMAZON-02) (AMAZON-02)
2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 3	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
5 6	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	3.92.250.172 3.92.250.172	14618 (AMAZON-AES) (AMAZON-AES)
3	98.129.164.22 98.129.164.22	33070 (RMH-14) (RMH-14)
6	104.91.76.237 104.91.76.237	16625 (AKAMAI-AS) (AKAMAI-AS)
9	142.250.185.132 142.250.185.132	15169 (GOOGLE) (GOOGLE)
1 3	104.18.12.120 104.18.12.120	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.138.200.61 52.138.200.61	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	99.86.4.115 99.86.4.115	16509 (AMAZON-02) (AMAZON-02)
1	216.58.212.176 216.58.212.176	15169 (GOOGLE) (GOOGLE)
1	18.203.33.226 18.203.33.226	16509 (AMAZON-02) (AMAZON-02)
1 1	34.248.191.66 34.248.191.66	16509 (AMAZON-02) (AMAZON-02)
4	13.65.210.166 13.65.210.166	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	65.9.65.116 65.9.65.116	16509 (AMAZON-02) (AMAZON-02)
4	37.252.173.62 37.252.173.62	29990 (ASN-APPNEX) (ASN-APPNEX)
5	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	15.188.95.229 15.188.95.229	16509 (AMAZON-02) (AMAZON-02)
1	13.32.22.88 13.32.22.88	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
1 2	104.16.11.243 104.16.11.243	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1 1	199.127.207.191 199.127.207.191	26120 (RHYTHMONE) (RHYTHMONE)
1	75.101.244.20 75.101.244.20	14618 (AMAZON-AES) (AMAZON-AES)
1	50.19.227.64 50.19.227.64	14618 (AMAZON-AES) (AMAZON-AES)
1 1	52.21.104.248 52.21.104.248	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.209.129.133 52.209.129.133	16509 (AMAZON-02) (AMAZON-02)
8 8	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
4	168.61.217.214 168.61.217.214	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	104.91.76.247 104.91.76.247	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1 2	3.209.254.227 3.209.254.227	14618 (AMAZON-AES) (AMAZON-AES)
367	73

1 184.168.131.241 (United States) 1 redirects

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-184-168-131-241.ip.secureserver.net

weekschevybuickgmc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.207.117 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-117.fra53.r.cloudfront.net

www.gregweeks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 65.9.71.114 (United States)

ASN16509 (AMAZON-02, US)

media.assets.sincrod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-70.fra6.r.cloudfront.net

wsassets.cobalt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.18.94 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 99.86.4.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-101.fra6.r.cloudfront.net

inv.assets.sincrod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 216.58.212.168 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f168.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 65.9.71.74 (United States)

ASN16509 (AMAZON-02, US)

tm.smedia.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.169.206.198 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-206-198.compute-1.amazonaws.com

px.marchex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.97.20.211 (Chennai, India)

ASN16625 (AKAMAI-AS, US)
PTR: a104-97-20-211.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 31.13.92.14 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-frt3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scontent.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 208.68.39.149 (North Bergen, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: cdn100.acsbapp.com

acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.50.25.8 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-50-25-8.deploy.static.akamaitechnologies.com

c.betrad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.22.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-22-64.fra56.r.cloudfront.net

fo-static.assets-cdk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.176.104.101 (San Jose, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-176-104-101.us-west-1.compute.amazonaws.com

dt.cobaltgroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dt.admission.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 65.9.71.105 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

traffic.prod.cobaltgroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.71.55 (United States)

ASN16509 (AMAZON-02, US)

tag.brandcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.4.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-11.fra6.r.cloudfront.net

universal.iperceptions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 89.207.16.201 (Roydon, United Kingdom) 20 redirects

ASN41041 (VCLK-EU-SE, US)
PTR: ams04-usadmm.dotomi.com

login.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
core.conversant.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 54.246.44.247 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-44-247.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.209.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-209-113.fra53.r.cloudfront.net

d1eoo1tco6rr5e.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.52.232.60 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-52-232-60.us-west-1.compute.amazonaws.com

adservices.brandcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.184.194 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

52 31.13.92.36 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-frt3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 52.46.154.242 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.168.102.56 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-168-102-56.eu-west-2.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.164.13 (United Kingdom)

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.42.166.8 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-42-166-8.deploy.static.akamaitechnologies.com

c.evidon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.169.11.179 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-11-179.compute-1.amazonaws.com

l.betrad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 206.189.187.108 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: cdn103.acsbapp.com

cdn.acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.125.206.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wk-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.185.166 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
9317774.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
9399534.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.110 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f14.1e100.net

segment-pixel.invitemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.177.15.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f155.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 104.18.13.5 (None, ) 12 redirects

ASN13335 (CLOUDFLARENET, US)

s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 37.252.173.38 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.186.236.204 (Kansas City, United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: 204.236.186.35.bc.googleusercontent.com

mpp.vindicosuite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.7.3.164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-3-164.compute-1.amazonaws.com

ad.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 91.228.74.189 (United Kingdom)

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.210.87.143 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-87-143.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.181.226 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.92.250.172 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-92-250-172.compute-1.amazonaws.com

app.carnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 98.129.164.22 (United States)

ASN33070 (RMH-14, US)

media.flickfusion.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.91.76.237 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a104-91-76-237.deploy.static.akamaitechnologies.com

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.185.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.12.120 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

go.activengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pageview.activengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.138.200.61 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

api.iperceptions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-115.fra6.r.cloudfront.net

sd.iperceptions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.176 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f16.1e100.net

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.203.33.226 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-33-226.eu-west-1.compute.amazonaws.com

gm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.248.191.66 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-191-66.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.65.210.166 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

api.mrg.agency	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.65.116 (United States)

ASN16509 (AMAZON-02, US)

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.173.62 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.188.95.229 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

generalmotorscorporation.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.22.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-22-88.fra56.r.cloudfront.net

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.245 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.11.243 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.127.207.191 (United States) 1 redirects

ASN26120 (RHYTHMONE, US)

dt.scanscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 75.101.244.20 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-75-101-244-20.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.19.227.64 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-19-227-64.compute-1.amazonaws.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.21.104.248 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-104-248.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.209.129.133 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-129-133.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.2.49 (United States) 8 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 168.61.217.214 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

mrg-fb.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.91.76.247 (Central, Hong Kong) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-91-76-247.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.209.254.227 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-254-227.compute-1.amazonaws.com

mid.rkdms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
64	sincrod.com media.assets.sincrod.com inv.assets.sincrod.com	5 MB
52	facebook.com www.facebook.com	923 KB
36	doubleclick.net 17 redirects googleads.g.doubleclick.net stats.g.doubleclick.net pubads.g.doubleclick.net ad.doubleclick.net bid.g.doubleclick.net cm.g.doubleclick.net 9317774.fls.doubleclick.net 9399534.fls.doubleclick.net	11 KB
20	quantserve.com pixel.quantserve.com secure.quantserve.com	14 KB
20	dotomi.com 13 redirects login.dotomi.com	8 KB
17	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	14 KB
15	tribalfusion.com 12 redirects s.tribalfusion.com a.tribalfusion.com	9 KB
14	google.com www.google.com adservice.google.com	2 KB
12	adnxs.com 4 redirects ib.adnxs.com secure.adnxs.com	12 KB
12	adsrvr.org 3 redirects insight.adsrvr.org js.adsrvr.org match.adsrvr.org	5 KB
11	demdex.net 2 redirects dpm.demdex.net gm.demdex.net	14 KB
11	googleadservices.com www.googleadservices.com	115 KB
11	googletagmanager.com www.googletagmanager.com	493 KB
10	cobaltgroup.com 4 redirects dt.cobaltgroup.com traffic.prod.cobaltgroup.com	29 KB
9	everesttech.net 9 redirects cm.everesttech.net sync-tm.everesttech.net	2 KB
8	smedia.ca tm.smedia.ca events.smedia.ca Failed	377 KB
7	ipredictive.com 1 redirects ad.ipredictive.com sync.ipredictive.com	7 KB
7	consensu.org 7 redirects core.conversant.mgr.consensu.org	3 KB
7	google-analytics.com www.google-analytics.com	39 KB
7	facebook.net connect.facebook.net	538 KB
6	adobedtm.com assets.adobedtm.com	95 KB
6	vindicosuite.com 6 redirects mpp.vindicosuite.com	3 KB
6	yahoo.com sp.analytics.yahoo.com	6 KB
6	iperceptions.com universal.iperceptions.com api.iperceptions.com sd.iperceptions.com	55 KB
4	azurewebsites.net mrg-fb.azurewebsites.net	466 B
4	mrg.agency api.mrg.agency	2 KB
4	acsbapp.com 1 redirects acsbapp.com cdn.acsbapp.com	158 KB
4	marchex.io px.marchex.io	7 KB
4	gregweeks.com 1 redirects www.gregweeks.com	73 KB
3	fbcdn.net scontent.xx.fbcdn.net static.xx.fbcdn.net	271 KB
3	activengage.com 1 redirects go.activengage.com pageview.activengage.com	21 KB
3	flickfusion.net media.flickfusion.net	16 KB
3	openx.net 1 redirects us-u.openx.net	575 B
3	rlcdn.com 2 redirects idsync.rlcdn.com	840 B
3	bing.com bat.bing.com	10 KB
2	rkdms.com 1 redirects mid.rkdms.com	71 B
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net	1 KB
2	navdmp.com 1 redirects navdmp.com cdn.navdmp.com	304 B
2	rubiconproject.com pixel.rubiconproject.com	478 B
2	invitemedia.com 2 redirects segment-pixel.invitemedia.com	364 B
2	admission.net dt.admission.net	905 B
2	cloudfront.net d1eoo1tco6rr5e.cloudfront.net	1 KB
2	googleapis.com fonts.googleapis.com storage.googleapis.com	70 KB
2	brandcdn.com tag.brandcdn.com adservices.brandcdn.com	2 KB
2	assets-cdk.com fo-static.assets-cdk.com	4 KB
2	betrad.com c.betrad.com l.betrad.com	2 KB
1	pubmatic.com image2.pubmatic.com	543 B
1	ipify.org api.ipify.org	243 B
1	postrelease.com jadserve.postrelease.com	427 B
1	scanscout.com 1 redirects dt.scanscout.com	692 B
1	twitter.com analytics.twitter.com	582 B
1	mathtag.com 1 redirects sync.mathtag.com	652 B
1	quantcount.com rules.quantcount.com	1 KB
1	omtrdc.net generalmotorscorporation.sc.omtrdc.net	394 B
1	carnow.com app.carnow.com
1	evidon.com c.evidon.com	907 B
1	turn.com d.turn.com	407 B
1	agkn.com aa.agkn.com	350 B
1	tiqcdn.com tags.tiqcdn.com	894 B
1	cloudflare.com cdnjs.cloudflare.com	2 KB
1	cobalt.com wsassets.cobalt.com	7 KB
1	weekschevybuickgmc.com 1 redirects weekschevybuickgmc.com	216 B
0	ixiaa.com Failed s.ixiaa.com Failed
367	65

	Domain	Requested by
52	www.facebook.com	connect.facebook.net www.facebook.com
50	media.assets.sincrod.com	www.gregweeks.com media.assets.sincrod.com wsassets.cobalt.com
20	login.dotomi.com	13 redirects www.gregweeks.com
19	pixel.quantserve.com	dt.cobaltgroup.com
17	s.amazon-adsystem.com	1 redirects dt.cobaltgroup.com
14	inv.assets.sincrod.com	www.gregweeks.com
11	www.googleadservices.com	www.googletagmanager.com 9317774.fls.doubleclick.net 9399534.fls.doubleclick.net www.googleadservices.com
11	www.googletagmanager.com	www.gregweeks.com media.assets.sincrod.com www.googletagmanager.com wsassets.cobalt.com
10	dpm.demdex.net	2 redirects assets.adobedtm.com
10	insight.adsrvr.org	3 redirects d1eoo1tco6rr5e.cloudfront.net js.adsrvr.org
9	www.google.com	9317774.fls.doubleclick.net 9399534.fls.doubleclick.net
9	s.tribalfusion.com	9 redirects
8	sync-tm.everesttech.net	8 redirects
8	ib.adnxs.com	4 redirects
8	ad.doubleclick.net	6 redirects
8	tm.smedia.ca	wsassets.cobalt.com tm.smedia.ca
7	googleads.g.doubleclick.net	4 redirects www.googleadservices.com
7	core.conversant.mgr.consensu.org	7 redirects
7	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
7	connect.facebook.net	wsassets.cobalt.com www.gregweeks.com connect.facebook.net
6	assets.adobedtm.com	www.googletagmanager.com assets.adobedtm.com
6	cm.g.doubleclick.net	5 redirects
6	ad.ipredictive.com
6	mpp.vindicosuite.com	6 redirects
6	sp.analytics.yahoo.com	dt.cobaltgroup.com
6	a.tribalfusion.com	3 redirects
6	pubads.g.doubleclick.net
6	dt.cobaltgroup.com	2 redirects media.assets.sincrod.com dt.cobaltgroup.com
5	adservice.google.com	9317774.fls.doubleclick.net 9399534.fls.doubleclick.net
4	mrg-fb.azurewebsites.net	www.gregweeks.com
4	secure.adnxs.com	www.googletagmanager.com
4	api.mrg.agency	www.gregweeks.com
4	traffic.prod.cobaltgroup.com	2 redirects
4	px.marchex.io	media.assets.sincrod.com
4	www.gregweeks.com	1 redirects media.assets.sincrod.com
3	media.flickfusion.net	media.assets.sincrod.com media.flickfusion.net
3	us-u.openx.net	1 redirects
3	stats.g.doubleclick.net	www.google-analytics.com
3	idsync.rlcdn.com	2 redirects
3	bat.bing.com	www.googletagmanager.com bat.bing.com
3	universal.iperceptions.com	media.assets.sincrod.com universal.iperceptions.com
2	mid.rkdms.com	1 redirects
2	sync.search.spotxchange.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	sync.crwdcntrl.net	2 redirects
2	9399534.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	9317774.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	static.xx.fbcdn.net	www.facebook.com
2	api.iperceptions.com	universal.iperceptions.com
2	pageview.activengage.com	go.activengage.com
2	pixel.rubiconproject.com
2	bid.g.doubleclick.net
2	segment-pixel.invitemedia.com	2 redirects
2	dt.admission.net
2	cdn.acsbapp.com	acsbapp.com
2	d1eoo1tco6rr5e.cloudfront.net	media.assets.sincrod.com
2	fo-static.assets-cdk.com	www.gregweeks.com fo-static.assets-cdk.com
2	acsbapp.com	1 redirects
1	image2.pubmatic.com
1	sync.ipredictive.com	1 redirects
1	api.ipify.org	www.gregweeks.com
1	jadserve.postrelease.com
1	dt.scanscout.com	1 redirects
1	analytics.twitter.com
1	cdn.navdmp.com
1	navdmp.com	1 redirects
1	match.adsrvr.org	js.adsrvr.org
1	sync.mathtag.com	1 redirects
1	rules.quantcount.com	secure.quantserve.com
1	generalmotorscorporation.sc.omtrdc.net
1	secure.quantserve.com	www.gregweeks.com
1	js.adsrvr.org	www.googletagmanager.com
1	cm.everesttech.net	1 redirects
1	gm.demdex.net	assets.adobedtm.com
1	storage.googleapis.com	media.flickfusion.net
1	sd.iperceptions.com	universal.iperceptions.com
1	scontent.xx.fbcdn.net	www.facebook.com
1	go.activengage.com	1 redirects
1	app.carnow.com	media.assets.sincrod.com
1	l.betrad.com
1	c.evidon.com
1	d.turn.com
1	aa.agkn.com
1	adservices.brandcdn.com	www.gregweeks.com
1	fonts.googleapis.com	media.assets.sincrod.com
1	tag.brandcdn.com	media.assets.sincrod.com
1	c.betrad.com	www.gregweeks.com
1	tags.tiqcdn.com	wsassets.cobalt.com
1	cdnjs.cloudflare.com	media.assets.sincrod.com
1	wsassets.cobalt.com	www.gregweeks.com
1	weekschevybuickgmc.com	1 redirects
0	events.smedia.ca Failed	tm.smedia.ca
0	s.ixiaa.com Failed
367	93

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
accessories.gm.com
nitra.wip.gmpsdealer.com
www.nhtsa.gov
www.google.com
info.evidon.com
accessibe.com

Subject Issuer	Validity	Valid
gregweeks.com Amazon	`2020-11-14` - `2021-12-13`	a year	crt.sh
*.assets.sincrod.com Amazon	`2021-06-20` - `2022-07-19`	a year	crt.sh
*.cobalt.com Amazon	`2021-03-20` - `2022-04-18`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
smedia.ca Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
*.marchex.io Amazon	`2021-06-09` - `2022-07-08`	a year	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2021-04-19` - `2022-04-27`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-09` - `2021-12-08`	3 months	crt.sh
*.acsbapp.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2020-10-05` - `2021-10-05`	a year	crt.sh
*.betrad.com DigiCert SHA2 Secure Server CA	`2021-07-21` - `2022-07-26`	a year	crt.sh
*.assets-cdk.com Amazon	`2021-04-25` - `2022-05-24`	a year	crt.sh
*.admission.net Amazon	`2021-09-15` - `2022-10-13`	a year	crt.sh
traffic.prod.cobaltgroup.com Amazon	`2021-03-25` - `2022-04-23`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
brandcdn.com R3	`2021-09-20` - `2021-12-19`	3 months	crt.sh
*.iperceptions.com Amazon	`2021-04-15` - `2022-05-14`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-07-06` - `2022-01-06`	6 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
s.amazon-adsystem.com Amazon	`2021-07-14` - `2022-06-27`	a year	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2020-07-25` - `2022-09-18`	2 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.turn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-31` - `2022-03-31`	a year	crt.sh
*.evidon.com DigiCert SHA2 Secure Server CA	`2021-05-30` - `2022-06-08`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-05-24` - `2021-11-17`	6 months	crt.sh
*.ipredictive.com Amazon	`2021-05-13` - `2022-06-11`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.carnow.com Go Daddy Secure Certificate Authority - G2	`2020-01-14` - `2022-02-28`	2 years	crt.sh
media.flickfusion.net Sectigo RSA Domain Validation Secure Server CA	`2021-09-06` - `2022-10-07`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-10` - `2022-09-10`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
activengage.com Cloudflare Inc ECC CA-3	`2021-06-29` - `2022-06-28`	a year	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
*.mrg.agency DigiCert TLS RSA SHA256 2020 CA1	`2020-12-04` - `2021-12-06`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.sc.omtrdc.net DigiCert SHA2 High Assurance Server CA	`2020-10-29` - `2021-11-29`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.postrelease.com Amazon	`2021-01-28` - `2022-02-25`	a year	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2021-01-19` - `2022-02-19`	a year	crt.sh
*.azurewebsites.net Microsoft RSA TLS CA 02	`2021-07-07` - `2022-07-07`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2021-04-08` - `2022-05-09`	a year	crt.sh
*.rkdms.com Entrust Certification Authority - L1K	`2020-10-08` - `2021-10-30`	a year	crt.sh

This page contains 21 frames:

Primary Page: https://www.gregweeks.com/
Frame ID: D768160367B274126D08F75C6CFD937F
Requests: 275 HTTP requests in this frame

Frame: https://tm.smedia.ca/smedia-scripts/xcookie.html
Frame ID: 151B008BC6B74ACE3674DB6BC6DA84FE
Requests: 1 HTTP requests in this frame

Frame: https://login.dotomi.com/ucm/UCMController?gdpr=1&dtm_com=28&dtm_fid=176&dtm_cid=2925&dtm_cmagic=ac34ae&dtm_format=5&cli_promo_id=10&dealer_brand=Buick%7CChevrolet%7CGMC&dealer_id=116531&dealer_name=Weeks+Chevrolet+Buick+GMC&dtm_user_id=2A3038A569889B4B828552752126EDD8&page_type=HomePage&canonical_url=https%3A%2F%2Fwww.gregweeks.com%2F&dtmc_loc=https%3A%2F%2Fwww.gregweeks.com%2F&dtm_user_ip=216.131.114.115&dtm_user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F93.0.4577.63+Safari%2F537.36&dtm_referrer=https%3A%2F%2Fwww.gregweeks.com%2F&gdpr_consent=
Frame ID: 42B6DF64D22597C0D688162CE37FB40F
Requests: 1 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/1kmflhb/cvdmkpp/iframe
Frame ID: BC28CB151773686C90FA6452D40253F8
Requests: 2 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/1kmflhb/kvgt7ru/iframe
Frame ID: AA96E4253431B88AB18216DB2CB66219
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v10.0/plugins/customerchat.php?app_id=&attribution=install_email&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df813eb2ae70e1c%26domain%3Dwww.gregweeks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.gregweeks.com%252Ff28c8e3a66a6048%26relation%3Dparent.parent&container_width=0&current_url=https%3A%2F%2Fwww.gregweeks.com%2F&locale=en_US&page_id=105871152774563&request_time=1632330077676&sdk=joey
Frame ID: 6AB4E22FD0445A2AB908303252864F16
Requests: 31 HTTP requests in this frame

Frame: https://universal.iperceptions.com/iFrame.html
Frame ID: 98F37C7AE0D098A5F5C95AE5B6A3963C
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: E2D7E49AF0DFEA166E31B653DA031EE0
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v10.0/plugins/customer_chat/bubble
Frame ID: A2CE68F20ED3AC0603814424142E1703
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/v10.0/plugins/customer_chat/bubble
Frame ID: 1006F354300F9C54096628463D295611
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v10.0/plugins/customer_chat/bubble
Frame ID: 4BB15D78EAED88B5880A6A87E5753EA7
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: CD10A427B78C21AA318514A902F61867
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 4CF95AD0318F07C005815281A646AF5D
Requests: 1 HTTP requests in this frame

Frame: https://gm.demdex.net/dest5.html?d_nsid=0
Frame ID: 6C58F7C0687B6E5F9E211D3C350E927A
Requests: 19 HTTP requests in this frame

Frame: https://9317774.fls.doubleclick.net/activityi;dc_pre=CK7j6bSHk_MCFQV70wod2m0Azw;src=9317774;type=sv;cat=chevy0;ord=2A3038A569889B4B828552752126EDD8;gtm=2wg9k0;auiddc=740098797.1632330077;u10=116531;u2=HomePage;u3=en-US;u4=https%3A%2F%2Fwww.gregweeks.com%2F;u5=;u6=1600;u7=2A3038A569889B4B828552752126EDD8;u8=2A3038A569889B4B828552752126EDD8;u9=Weeks%20Chevrolet%20Buick%20GMC;u1=www.gregweeks.com;u11=WEST%20FRANKFORT;u12=IL;u13=null;u14=null;u15=null;u16=null;u17=null;u18=null;u19=undefined;u20=undefined;~oref=https%3A%2F%2Fwww.gregweeks.com%2F
Frame ID: 0A37F9112B73093DABAD6AE825D5D82F
Requests: 8 HTTP requests in this frame

Frame: https://9399534.fls.doubleclick.net/activityi;dc_pre=CIux77SHk_MCFYts0wodoG8Jlg;src=9399534;type=t3sv;cat=t3sit0;ord=6751174135263;gtm=2wg9k0;auiddc=740098797.1632330077;u1=www.gregweeks.com;u2=HomePage;u3=en-US;u4=https%3A%2F%2Fwww.gregweeks.com%2F;u5=;u6=1600;u7=2A3038A569889B4B828552752126EDD8;u8=2A3038A569889B4B828552752126EDD8;u9=Weeks%20Chevrolet%20Buick%20GMC;u10=116531;u11=WEST%20FRANKFORT;u12=IL;u13=null;u14=null;u15=null;u16=null;u17=null;u18=null;u19=undefined;u20=undefined;u21=CDK;~oref=https%3A%2F%2Fwww.gregweeks.com%2F
Frame ID: 8661D6BBA13B7B59CF2CAAA45D5547B3
Requests: 8 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=pmijyo9&ref=https%3A%2F%2Fwww.gregweeks.com%2F&upid=evpjlkj&upv=1.1.0&td1=116531&td2=https://www.gregweeks.com/&td3=www.gregweeks.com
Frame ID: FD302399AC5446F0CA59071E2BC7FBC7
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=ebpumhx&ref=https%3A%2F%2Fwww.gregweeks.com%2F&upid=wqk15ah&upv=1.1.0&td1=116531&td2=https://www.gregweeks.com/&td3=www.gregweeks.com
Frame ID: 501B5AD6B37AB5E3A885045986F18446
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=3j9g7a6&ref=https%3A%2F%2Fwww.gregweeks.com%2F&upid=2au1d93&upv=1.1.0&td1=116531&td2=https://www.gregweeks.com/&td3=www.gregweeks.com
Frame ID: 9AA9AB411A7FBFD0058150C030551A67
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: E8939CFF9ADE812226E05F9373353907
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 429785A007796006C9410F11ACE92D77
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

New & Used Cars for Sale - Weeks Is Your Chevy Buick GMC Dealer In West Frankfort, Illinois. Right on the Price, Right Off I-57

Page URL History Show full URLs

http://weekschevybuickgmc.com/ HTTP 301
http://www.gregweeks.com/ HTTP 301
https://www.gregweeks.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Crownpeak (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

c\.evidon\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Tealium (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

^(?:https?:)?//tags\.tiqcdn\.com/

Page Statistics

367
Requests

98 %
HTTPS

0 %
IPv6

65
Domains

93
Subdomains

73
IPs

9
Countries

8364 kB
Transfer

18944 kB
Size

98
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/WeeksChevrolet
Title: Facebook

Search URL Search Domain Scan URL

URL: https://accessories.gm.com/gregweeks?bac=116531&cs:a:i=t3_nav_service&cs:r:v=&cs:s=gmps-weeks
Title: Accessories

Search URL Search Domain Scan URL

URL: http://nitra.wip.gmpsdealer.com/weeks/VehicleSearchResults?search=new&make=GMC&model=Yukon%20XL
Title: View Inventory

Search URL Search Domain Scan URL

URL: https://www.nhtsa.gov/recalls
Title: Check Recalls

Search URL Search Domain Scan URL

URL: http://www.google.com/maps/dir/Current+Location/37.8975,-88.9542
Title: Get Directions

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/search/Weeks%20Chevrolet%20Buick%20GMC+10881%20STATE%20HWY%20149%20+WEST%20FRANKFORT+IL+62896-4173
Title: Get Directions

Search URL Search Domain Scan URL

URL: http://www.google.com/maps/search/Weeks%20Chevrolet%20Buick%20GMC/@37.8975,-88.9542,16z
Title: Directions

Search URL Search Domain Scan URL

URL: https://info.evidon.com/pub_info/22486?v=1&nt=0&nw=false
Title: AdChoices

Search URL Search Domain Scan URL

URL: https://accessibe.com/?utm_medium=link&utm_source=widget
Title: Web Accessibility Solution By accessiBe

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://weekschevybuickgmc.com/ HTTP 301
http://www.gregweeks.com/ HTTP 301
https://www.gregweeks.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 75

https://acsbapp.com/apps/app/assets/js/acsb.js HTTP 301
https://acsbapp.com/apps/app/dist/js/app.js

Request Chain 83

https://traffic.prod.cobaltgroup.com/websites.gif?header_request_domain=www.gregweeks.com&header_page_name=HomePage&header_page_label=HomePage&header_page_layout=HomePage|Merchandise&header_request_uri=%2F&header_visitor_id=2A3038A569889B4B828552752126EDD8&header_event_id=8d0140e0281d10068b5b080020f0176c791500786198&header_session_id=2A3038A569889B4B828552752126EDD8&header_site_id=92709ed0868f10048cd50003ba0ae224&cs:plt=3624&cs:svrt=1230&cs:ttfb=1471&cs:loc=en_US&cs:theme=dcw-design-modern&cs:zip=62896-4173&cs:s=gmps-weeks&cs:userState=loggedOut&cs:checksum=1 HTTP 301
https://dt.cobaltgroup.com/cookiejar/1.0/correlate?url=http%253a%252f%252ftraffic.prod.cobaltgroup.com%252fwebsites.gif%253fcs%253agvid%253d%255bdtuid%255d%2526header_request_domain%253dwww.gregweeks.com%2526header_page_name%253dHomePage%2526header_page_label%253dHomePage%2526header_page_layout%253dHomePage%257cMerchandise%2526header_request_uri%253d%25252F%2526header_visitor_id%253d2A3038A569889B4B828552752126EDD8%2526header_event_id%253d8d0140e0281d10068b5b080020f0176c791500786198%2526header_session_id%253d2A3038A569889B4B828552752126EDD8%2526header_site_id%253d92709ed0868f10048cd50003ba0ae224%2526cs%253aplt%253d3624%2526cs%253asvrt%253d1230%2526cs%253attfb%253d1471%2526cs%253aloc%253den_US%2526cs%253atheme%253ddcw-design-modern%2526cs%253azip%253d62896-4173%2526cs%253as%253dgmps-weeks%2526cs%253auserState%253dloggedOut%2526cs%253achecksum%253d1&uid=2A3038A569889B4B828552752126EDD8&uidindex=ws HTTP 302
https://traffic.prod.cobaltgroup.com/websites.gif?cs:gvid=1632330077438189061&header_request_domain=www.gregweeks.com&header_page_name=HomePage&header_page_label=HomePage&header_page_layout=HomePage|Merchandise&header_request_uri=%2F&header_visitor_id=2A3038A569889B4B828552752126EDD8&header_event_id=8d0140e0281d10068b5b080020f0176c791500786198&header_session_id=2A3038A569889B4B828552752126EDD8&header_site_id=92709ed0868f10048cd50003ba0ae224&cs:plt=3624&cs:svrt=1230&cs:ttfb=1471&cs:loc=en_US&cs:theme=dcw-design-modern&cs:zip=62896-4173&cs:s=gmps-weeks&cs:userState=loggedOut&cs:checksum=1

Request Chain 92

https://traffic.prod.cobaltgroup.com/w.gif?cs:ev=8d0140e0281d10068b5b080020f0176c791500786198&cs:pg=HomePage&cs:plb=HomePage&cs:ply=HomePage_flex&cs:s=gmps-weeks&cs:si=92709ed0868f10048cd50003ba0ae224&cs:ssi=2A3038A569889B4B828552752126EDD8&cs:vi=2A3038A569889B4B828552752126EDD8&cs:theme=dcw-design-modern&cs:wt=card-header-c98d00b6-3eb0-4352-8aec-5caab451fd27,,0,0,0,1600,167,171,0,0&cs:wt=card-%F0%9F%8F%A0%20-221aba20-d09e-4e6b-9c8b-1b6e956e9ca3,,0,20,123,47,44,173,0,0&cs:wt=card-New%20Vehicles-6b37797f-618d-4eb5-b2a9-47484924f7bf,,0,67,123,147,44,174,0,0&cs:wt=card-navigationModelInventorya4d997c2-df4004b8-395f-4b78-b178-c3fe419c65db_41a83f15-3dae-42e8-9331-81dcd4b8bb9c,,0,0,0,100,100,174,0,0&cs:wt=card-navigationCMSd94ad941-b13fb727-bc96-4af9-9bc0-915a92d1a5a8_41a83f15-3dae-42e8-9331-81dcd4b8bb9c,,0,0,0,100,100,174,0,0&cs:wt=card-navigationModelInventory8b85bccb-c6cadc39-3e3b-4b3f-a413-1b034d455092_41a83f15-3dae-42e8-9331-81dcd4b8bb9c,,0,0,0,100,100,173,0,0&cs:wt=card-Finance-7fc0edb9-341f-4b86-87cb-a7ce10b16b5b,,0,410,123,108,44,173,0,0&cs:wt=card-Specials-e1d46b98-e94b-4f4d-a852-cc0bd6468da3,,0,518,123,113,44,173,0,0&cs:wt=card-Service%20%26%20Parts-140041d1-9e29-4ba3-b614-f3212da42ff5,,0,631,123,161,44,174,0,0&cs:wt=card-Shop%20Click%20Drive-c73d8f1e-79df-47a8-95d0-ad902616ea32,,0,792,123,171,44,174,0,0&cs:wt=card-Owners-cf39624b-ae1e-4170-9d1d-70a9748ea7b0,,0,963,123,107,44,174,0,0&cs:wt=card-HomePage-3b2e52c2-3abb-493c-9750-8e6a3e208a77,,0,0,167,1600,5500,89,0,0&cs:wt=card-promotionCard-2b0e2c4e-f55d-465e-be29-fc773424e548,,0,0,167,1600,247,173,0,0&cs:wt=card-promotionCard-e7e67fb8-9c7c-4d4f-a4a0-8094b7ec6b8e,,0,0.000012184696970507503,199,1600,203,173,0,0&cs:wt=card-promotionCard-26bc4527-02d8-482f-b328-77064dffb0f7,,0,0.000012184696970507503,199,1600,4,173,0,0&cs:wt=card-keywordSearch-2f197cc1-36a5-43fc-ac20-abf6ac707af2,,0,0,446,1598,125,173,0,0&cs:wt=card-promotionCard-d6667484-df45-46ca-9859-cbd2822b60a9,,0,0,573,1600,404,173,0,0&cs:wt=card-promotionCard-c2c2ba77-4021-4732-9633-27802f0b6a8a,,0,32,605,491,372,173,0,0&cs:wt=card-promotionCard-79a8c0e1-83da-456f-98b5-d77a1b3bc49c,,0,554.65625,605,490,372,174,0,0&cs:wt=card-promotionCard-74feea95-9def-4a4a-be0b-63a7f175f6aa,,0,1077.3125,605,491,372,174,0,0&cs:wt=card-vehicleShowcaseWrapper-4923bb5b-955a-43af-a3b2-ff1ee1754ece,,0,0,1008.90625,1600,604,109,0,0&cs:wt=card-vehicleShowcase-e45a0cda-88e2-43b4-9943-009958e09dea-0,,0,96.33755493164062,1071.90625,446,495,173,0,0&cs:wt=card-vehicleShowcase-e45a0cda-88e2-43b4-9943-009958e09dea-1,,0,576.1500244140625,1071.90625,446,495,173,0,0&cs:wt=card-vehicleShowcase-e45a0cda-88e2-43b4-9943-009958e09dea-2,,0,1055.9625244140625,1071.90625,446,495,173,0,0&cs:wt=card-vehicleShowcase-e45a0cda-88e2-43b4-9943-009958e09dea-3,,0,1479.6837158203125,1071.90625,467,495,173,0,0&cs:wt=card-promotionCard-5747a10f-ddc8-4f73-b207-617ba39c3cf0,,0,0,1613.390625,1600,453,95,0,0&cs:wt=card-heroCard-4d6eaba1-d6fc-4b05-b555-8bb6111247e0,,0,544,1645.390625,1056,453,95,0,0&cs:wt=card-promotionCard-cbf42267-017e-455f-be6f-676cad4acd20-0,,0,0,0,1056,453,108,0,0&cs:wt=card-promotionCard-cbf42267-017e-455f-be6f-676cad4acd20-1,,0,0,0,1056,453,106,0,0&cs:wt=card-promotionCard-cbf42267-017e-455f-be6f-676cad4acd20-2,,0,0,0,1056,453,102,0,0&cs:wt=card-promotionCard-cbf42267-017e-455f-be6f-676cad4acd20-3,,0,0,0,1056,453,100,0,0&cs:wt=card-aboutMessageCard-65d966cc-0520-41dc-a9cd-e0ef105947e1_0d949b5f-de8b-4cdb-8e37-82c99f4f5cfe,,0,0,3957.328125,1600,865,91,0,0&cs:wt=card-aboutMessageCard-371577e3-a514-4645-9acd-8a12fa8ce69b_0d949b5f-de8b-4cdb-8e37-82c99f4f5cfe,,0,0,3989.328125,1600,455,92,0,0&cs:wt=card-hoursOfOperation-e2e36056-28f4-40c1-abab-cc9f4640b0e0_0d949b5f-de8b-4cdb-8e37-82c99f4f5cfe,,0,32,4021.328125,1003,423,92,0,0&cs:wt=card-footer-044bc93a-49da-4e28-be2f-63751b08b481,,0,0,5667.109375,1600,492,89,0,0&cs:w=1600,1200,287&cs:vs=&cs:checksum=1 HTTP 301
https://dt.cobaltgroup.com/cookiejar/1.0/correlate?url=http%3a%2f%2ftraffic.prod.cobaltgroup.com%2fw.gif%3fcs%3agvid%3d%5bdtuid%5d%26cs%3aev%3d8d0140e0281d10068b5b080020f0176c791500786198%26cs%3apg%3dHomePage%26cs%3aplb%3dHomePage%26cs%3aply%3dHomePage_flex%26cs%3as%3dgmps-weeks%26cs%3asi%3d92709ed0868f10048cd50003ba0ae224%26cs%3assi%3d2A3038A569889B4B828552752126EDD8%26cs%3avi%3d2A3038A569889B4B828552752126EDD8%26cs%3atheme%3ddcw-design-modern%26cs%3awt%3dcard-header-c98d00b6-3eb0-4352-8aec-5caab451fd27%2c%2c0%2c0%2c0%2c1600%2c167%2c171%2c0%2c0%26cs%3awt%3dcard-%25F0%259F%258F%25A0%2520-221aba20-d09e-4e6b-9c8b-1b6e956e9ca3%2c%2c0%2c20%2c123%2c47%2c44%2c173%2c0%2c0%26cs%3awt%3dcard-New%2520Vehicles-6b37797f-618d-4eb5-b2a9-47484924f7bf%2c%2c0%2c67%2c123%2c147%2c44%2c174%2c0%2c0%26cs%3awt%3dcard-navigationModelInventorya4d997c2-df4004b8-395f-4b78-b178-c3fe419c65db_41a83f15-3dae-42e8-9331-81dcd4b8bb9c%2c%2c0%2c0%2c0%2c100%2c100%2c174%2c0%2c0%26cs%3awt%3dcard-navigationCMSd94ad941-b13fb727-bc96-4af9-9bc0-915a92d1a5a8_41a83f15-3dae-42e8-9331-81dcd4b8bb9c%2c%2c0%2c0%2c0%2c100%2c100%2c174%2c0%2c0%26cs%3awt%3dcard-navigationModelInventory8b85bccb-c6cadc39-3e3b-4b3f-a413-1b034d455092_41a83f15-3dae-42e8-9331-81dcd4b8bb9c%2c%2c0%2c0%2c0%2c100%2c100%2c173%2c0%2c0%26cs%3awt%3dcard-Finance-7fc0edb9-341f-4b86-87cb-a7ce10b16b5b%2c%2c0%2c410%2c123%2c108%2c44%2c173%2c0%2c0%26cs%3awt%3dcard-Specials-e1d46b98-e94b-4f4d-a852-cc0bd6468da3%2c%2c0%2c518%2c123%2c113%2c44%2c173%2c0%2c0%26cs%3awt%3dcard-Service%2520%2526%2520Parts-140041d1-9e29-4ba3-b614-f3212da42ff5%2c%2c0%2c631%2c123%2c161%2c44%2c174%2c0%2c0%26cs%3awt%3dcard-Shop%2520Click%2520Drive-c73d8f1e-79df-47a8-95d0-ad902616ea32%2c%2c0%2c792%2c123%2c171%2c44%2c174%2c0%2c0%26cs%3awt%3dcard-Owners-cf39624b-ae1e-4170-9d1d-70a9748ea7b0%2c%2c0%2c963%2c123%2c107%2c44%2c174%2c0%2c0%26cs%3awt%3dcard-HomePage-3b2e52c2-3abb-493c-9750-8e6a3e208a77%2c%2c0%2c0%2c167%2c1600%2c5500%2c89%2c0%2c0%26cs%3awt%3dcard-promotionCard-2b0e2c4e-f55d-465e-be29-fc773424e548%2c%2c0%2c0%2c167%2c1600%2c247%2c173%2c0%2c0%26cs%3awt%3dcard-promotionCard-e7e67fb8-9c7c-4d4f-a4a0-8094b7ec6b8e%2c%2c0%2c0.000012184696970507503%2c199%2c1600%2c203%2c173%2c0%2c0%26cs%3awt%3dcard-promotionCard-26bc4527-02d8-482f-b328-77064dffb0f7%2c%2c0%2c0.000012184696970507503%2c199%2c1600%2c4%2c173%2c0%2c0%26cs%3awt%3dcard-keywordSearch-2f197cc1-36a5-43fc-ac20-abf6ac707af2%2c%2c0%2c0%2c446%2c1598%2c125%2c173%2c0%2c0%26cs%3awt%3dcard-promotionCard-d6667484-df45-46ca-9859-cbd2822b60a9%2c%2c0%2c0%2c573%2c1600%2c404%2c173%2c0%2c0%26cs%3awt%3dcard-promotionCard-c2c2ba77-4021-4732-9633-27802f0b6a8a%2c%2c0%2c32%2c605%2c491%2c372%2c173%2c0%2c0%26cs%3awt%3dcard-promotionCard-79a8c0e1-83da-456f-98b5-d77a1b3bc49c%2c%2c0%2c554.65625%2c605%2c490%2c372%2c174%2c0%2c0%26cs%3awt%3dcard-promotionCard-74feea95-9def-4a4a-be0b-63a7f175f6aa%2c%2c0%2c1077.3125%2c605%2c491%2c372%2c174%2c0%2c0%26cs%3awt%3dcard-vehicleShowcaseWrapper-4923bb5b-955a-43af-a3b2-ff1ee1754ece%2c%2c0%2c0%2c1008.90625%2c1600%2c604%2c109%2c0%2c0%26cs%3awt%3dcard-vehicleShowcase-e45a0cda-88e2-43b4-9943-009958e09dea-0%2c%2c0%2c96.33755493164062%2c1071.90625%2c446%2c495%2c173%2c0%2c0%26cs%3awt%3dcard-vehicleShowcase-e45a0cda-88e2-43b4-9943-009958e09dea-1%2c%2c0%2c576.1500244140625%2c1071.90625%2c446%2c495%2c173%2c0%2c0%26cs%3awt%3dcard-vehicleShowcase-e45a0cda-88e2-43b4-9943-009958e09dea-2%2c%2c0%2c1055.9625244140625%2c1071.90625%2c446%2c495%2c173%2c0%2c0%26cs%3awt%3dcard-vehicleShowcase-e45a0cda-88e2-43b4-9943-009958e09dea-3%2c%2c0%2c1479.6837158203125%2c1071.90625%2c467%2c495%2c173%2c0%2c0%26cs%3awt%3dcard-promotionCard-5747a10f-ddc8-4f73-b207-617ba39c3cf0%2c%2c0%2c0%2c1613.390625%2c1600%2c453%2c95%2c0%2c0%26cs%3awt%3dcard-heroCard-4d6eaba1-d6fc-4b05-b555-8bb6111247e0%2c%2c0%2c544%2c1645.390625%2c1056%2c453%2c95%2c0%2c0%26cs%3awt%3dcard-promotionCard-cbf42267-017e-455f-be6f-676cad4acd20-0%2c%2c0%2c0%2c0%2c1056%2c453%2c108%2c0%2c0%26cs%3awt%3dcard-promotionCard-cbf42267-017e-455f-be6f-676cad4acd20-1%2c%2c0%2c0%2c0%2c1056%2c453%2c106%2c0%2c0%26cs%3awt%3dcard-promotionCard-cbf42267-017e-455f-be6f-676cad4acd20-2%2c%2c0%2c0%2c0%2c1056%2c453%2c102%2c0%2c0%26cs%3awt%3dcard-promotionCard-cbf42267-017e-455f-be6f-676cad4acd20-3%2c%2c0%2c0%2c0%2c1056%2c453%2c100%2c0%2c0%26cs%3awt%3dcard-aboutMessageCard-65d966cc-0520-41dc-a9cd-e0ef105947e1_0d949b5f-de8b-4cdb-8e37-82c99f4f5cfe%2c%2c0%2c0%2c3957.328125%2c1600%2c865%2c91%2c0%2c0%26cs%3awt%3dcard-aboutMessageCard-371577e3-a514-4645-9acd-8a12fa8ce69b_0d949b5f-de8b-4cdb-8e37-82c99f4f5cfe%2c%2c0%2c0%2c3989.328125%2c1600%2c455%2c92%2c0%2c0%26cs%3awt%3dcard-hoursOfOperation-e2e36056-28f4-40c1-abab-cc9f4640b0e0_0d949b5f-de8b-4cdb-8e37-82c99f4f5cfe%2c%2c0%2c32%2c4021.328125%2c1003%2c423%2c92%2c0%2c0%26cs%3awt%3dcard-footer-044bc93a-49da-4e28-be2f-63751b08b481%2c%2c0%2c0%2c5667.109375%2c1600%2c492%2c89%2c0%2c0%26cs%3aw%3d1600%2c1200%2c287%26cs%3avs%3d%26cs%3achecksum%3d1&uid=2A3038A569889B4B828552752126EDD8&uidindex=ws HTTP 302
https://traffic.prod.cobaltgroup.com/w.gif?cs:gvid=1632330077438189061&cs:ev=8d0140e0281d10068b5b080020f0176c791500786198&cs:pg=HomePage&cs:plb=HomePage&cs:ply=HomePage_flex&cs:s=gmps-weeks&cs:si=92709ed0868f10048cd50003ba0ae224&cs:ssi=2A3038A569889B4B828552752126EDD8&cs:vi=2A3038A569889B4B828552752126EDD8&cs:theme=dcw-design-modern&cs:wt=card-header-c98d00b6-3eb0-4352-8aec-5caab451fd27,,0,0,0,1600,167,171,0,0&cs:wt=card-%20-221aba20-d09e-4e6b-9c8b-1b6e956e9ca3,,0,20,123,47,44,173,0,0&cs:wt=card-New%20Vehicles-6b37797f-618d-4eb5-b2a9-47484924f7bf,,0,67,123,147,44,174,0,0&cs:wt=card-navigationModelInventorya4d997c2-df4004b8-395f-4b78-b178-c3fe419c65db_41a83f15-3dae-42e8-9331-81dcd4b8bb9c,,0,0,0,100,100,174,0,0&cs:wt=card-navigationCMSd94ad941-b13fb727-bc96-4af9-9bc0-915a92d1a5a8_41a83f15-3dae-42e8-9331-81dcd4b8bb9c,,0,0,0,100,100,174,0,0&cs:wt=card-navigationModelInventory8b85bccb-c6cadc39-3e3b-4b3f-a413-1b034d455092_41a83f15-3dae-42e8-9331-81dcd4b8bb9c,,0,0,0,100,100,173,0,0&cs:wt=card-Finance-7fc0edb9-341f-4b86-87cb-a7ce10b16b5b,,0,410,123,108,44,173,0,0&cs:wt=card-Specials-e1d46b98-e94b-4f4d-a852-cc0bd6468da3,,0,518,123,113,44,173,0,0&cs:wt=card-Service%20&%20Parts-140041d1-9e29-4ba3-b614-f3212da42ff5,,0,631,123,161,44,174,0,0&cs:wt=card-Shop%20Click%20Drive-c73d8f1e-79df-47a8-95d0-ad902616ea32,,0,792,123,171,44,174,0,0&cs:wt=card-Owners-cf39624b-ae1e-4170-9d1d-70a9748ea7b0,,0,963,123,107,44,174,0,0&cs:wt=card-HomePage-3b2e52c2-3abb-493c-9750-8e6a3e208a77,,0,0,167,1600,5500,89,0,0&cs:wt=card-promotionCard-2b0e2c4e-f55d-465e-be29-fc773424e548,,0,0,167,1600,247,173,0,0&cs:wt=card-promotionCard-e7e67fb8-9c7c-4d4f-a4a0-8094b7ec6b8e,,0,0.000012184696970507503,199,1600,203,173,0,0&cs:wt=card-promotionCard-26bc4527-02d8-482f-b328-77064dffb0f7,,0,0.000012184696970507503,199,1600,4,173,0,0&cs:wt=card-keywordSearch-2f197cc1-36a5-43fc-ac20-abf6ac707af2,,0,0,446,1598,125,173,0,0&cs:wt=card-promotionCard-d6667484-df45-46ca-9859-cbd2822b60a9,,0,0,573,1600,404,173,0,0&cs:wt=card-promotionCard-c2c2ba77-4021-4732-9633-27802f0b6a8a,,0,32,605,491,372,173,0,0&cs:wt=card-promotionCard-79a8c0e1-83da-456f-98b5-d77a1b3bc49c,,0,554.65625,605,490,372,174,0,0&cs:wt=card-promotionCard-74feea95-9def-4a4a-be0b-63a7f175f6aa,,0,1077.3125,605,491,372,174,0,0&cs:wt=card-vehicleShowcaseWrapper-4923bb5b-955a-43af-a3b2-ff1ee1754ece,,0,0,1008.90625,1600,604,109,0,0&cs:wt=card-vehicleShowcase-e45a0cda-88e2-43b4-9943-009958e09dea-0,,0,96.33755493164062,1071.90625,446,495,173,0,0&cs:wt=card-vehicleShowcase-e45a0cda-88e2-43b4-9943-009958e09dea-1,,0,576.1500244140625,1071.90625,446,495,173,0,0&cs:wt=card-vehicleShowcase-e45a0cda-88e2-43b4-9943-009958e09dea-2,,0,1055.9625244140625,1071.90625,446,495,173,0,0&cs:wt=card-vehicleShowcase-e45a0cda-88e2-43b4-9943-009958e09dea-3,,0,1479.6837158203125,1071.90625,467,495,173,0,0&cs:wt=card-promotionCard-5747a10f-ddc8-4f73-b207-617ba39c3cf0,,0,0,1613.390625,1600,453,95,0,0&cs:wt=card-heroCard-4d6eaba1-d6fc-4b05-b555-8bb6111247e0,,0,544,1645.390625,1056,453,95,0,0&cs:wt=card-promotionCard-cbf42267-017e-455f-be6f-676cad4acd20-0,,0,0,0,1056,453,108,0,0&cs:wt=card-promotionCard-cbf42267-017e-455f-be6f-676cad4acd20-1,,0,0,0,1056,453,106,0,0&cs:wt=card-promotionCard-cbf42267-017e-455f-be6f-676cad4acd20-2,,0,0,0,1056,453,102,0,0&cs:wt=card-promotionCard-cbf42267-017e-455f-be6f-676cad4acd20-3,,0,0,0,1056,453,100,0,0&cs:wt=card-aboutMessageCard-65d966cc-0520-41dc-a9cd-e0ef105947e1_0d949b5f-de8b-4cdb-8e37-82c99f4f5cfe,,0,0,3957.328125,1600,865,91,0,0&cs:wt=card-aboutMessageCard-371577e3-a514-4645-9acd-8a12fa8ce69b_0d949b5f-de8b-4cdb-8e37-82c99f4f5cfe,,0,0,3989.328125,1600,455,92,0,0&cs:wt=card-hoursOfOperation-e2e36056-28f4-40c1-abab-cc9f4640b0e0_0d949b5f-de8b-4cdb-8e37-82c99f4f5cfe,,0,32,4021.328125,1003,423,92,0,0&cs:wt=card-footer-044bc93a-49da-4e28-be2f-63751b08b481,,0,0,5667.109375,1600,492,89,0,0&cs:w=1600,1200,287&cs:vs=&cs:checksum=1

Request Chain 95

https://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_fid=176&dtm_cid=2925&dtm_cmagic=ac34ae&dtm_format=5&cli_promo_id=10&dealer_brand=Buick%7CChevrolet%7CGMC&dealer_id=116531&dealer_name=Weeks%20Chevrolet%20Buick%20GMC&dtm_user_id=2A3038A569889B4B828552752126EDD8&page_type=HomePage&vehicle_body_style=&vehicle_make=&vehicle_model=&vehicle_model_year=&vehicle_trim=&vehicle_color=&vehicle_condition=&vehicle_price=&vehicle_options=&vehicle_vin=&canonical_url=https%3A%2F%2Fwww.gregweeks.com%2F&dtm_user_token=&dtmc_ref=&dtmc_loc=https%3A%2F%2Fwww.gregweeks.com%2F&fpc_status= HTTP 302
https://core.conversant.mgr.consensu.org/gdpr/iab/consent/current?rdct_url=https%3A%2F%2Flogin.dotomi.com%2Fucm%2FUCMController%3Fgdpr%3D1%26dtm_com%3D28%26dtm_fid%3D176%26dtm_cid%3D2925%26dtm_cmagic%3Dac34ae%26dtm_format%3D5%26cli_promo_id%3D10%26dealer_brand%3DBuick%257CChevrolet%257CGMC%26dealer_id%3D116531%26dealer_name%3DWeeks%2BChevrolet%2BBuick%2BGMC%26dtm_user_id%3D2A3038A569889B4B828552752126EDD8%26page_type%3DHomePage%26canonical_url%3Dhttps%253A%252F%252Fwww.gregweeks.com%252F%26dtmc_loc%3Dhttps%253A%252F%252Fwww.gregweeks.com%252F%26dtm_user_ip%3D216.131.114.115%26dtm_user_agent%3DMozilla%252F5.0%2B%2528Windows%2BNT%2B10.0%253B%2BWin64%253B%2Bx64%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F93.0.4577.63%2BSafari%252F537.36%26dtm_referrer%3Dhttps%253A%252F%252Fwww.gregweeks.com%252F%26gdpr_consent%3D HTTP 302
https://login.dotomi.com/ucm/UCMController?gdpr=1&dtm_com=28&dtm_fid=176&dtm_cid=2925&dtm_cmagic=ac34ae&dtm_format=5&cli_promo_id=10&dealer_brand=Buick%7CChevrolet%7CGMC&dealer_id=116531&dealer_name=Weeks+Chevrolet+Buick+GMC&dtm_user_id=2A3038A569889B4B828552752126EDD8&page_type=HomePage&canonical_url=https%3A%2F%2Fwww.gregweeks.com%2F&dtmc_loc=https%3A%2F%2Fwww.gregweeks.com%2F&dtm_user_ip=216.131.114.115&dtm_user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F93.0.4577.63+Safari%2F537.36&dtm_referrer=https%3A%2F%2Fwww.gregweeks.com%2F&gdpr_consent=

Request Chain 104

https://insight.adsrvr.org/tags/1kmflhb/cvdmkpp/iframe HTTP 303
https://d1eoo1tco6rr5e.cloudfront.net/1kmflhb/cvdmkpp/iframe

Request Chain 105

https://insight.adsrvr.org/tags/1kmflhb/kvgt7ru/iframe HTTP 303
https://d1eoo1tco6rr5e.cloudfront.net/1kmflhb/kvgt7ru/iframe

Request Chain 116

https://s.amazon-adsystem.com/iu3?d=3pecm&ad=1509026001 HTTP 302
https://s.amazon-adsystem.com/iu3?d=3pecm&ad=1509026001&dcc=t

Request Chain 134

https://segment-pixel.invitemedia.com/pixel?pixelID=67458&partnerID=198&key=segment HTTP 302
https://bid.g.doubleclick.net/xbbe/invitepixel/pixel?pixelID=67458&partnerID=198&key=segment

Request Chain 135

https://s.tribalfusion.com/i.cid?c=663573&d=30&page=landingPage HTTP 302
https://s.tribalfusion.com/z/i.cid?c=663573&d=30&page=landingPage HTTP 302
https://ib.adnxs.com/getuidu?https://a.tribalfusion.com/i.match?p=b26&u=$UID&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db26%26u%3D%24UID%26redirect%3Dhttps%253A%252F%252Fib.adnxs.com%252Fsetuid%253Fentity%253D305%2526code%253D%2524TF_USER_ID_ENC%2524 HTTP 302
https://a.tribalfusion.com/i.match?p=b26&u=1118434049445511194&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24 HTTP 302
https://ib.adnxs.com/setuid?entity=305&code=18072662189053032986

Request Chain 137

https://mpp.vindicosuite.com/conv/v=5;m=1;t=26220;ts=77254217 HTTP 302
https://ad.ipredictive.com/d/rt/pixel?rtsite_id=44017&uuid=e0ce7954-5a71-4574-99b1-fcbc62fdcebf&rr=1632330082

Request Chain 140

https://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_cid=3035&dtm_cmagic=03bfc1&dtm_fid=101&dtm_format=6&cli_promo_id=2&brand=chevy&optin=true&dealer_id=gmps-weeks&cdk_id=1632330077438189061 HTTP 302
https://core.conversant.mgr.consensu.org/gdpr/iab/consent/current?rdct_url=https%3A%2F%2Flogin.dotomi.com%2Fucm%2FUCMController%3Fgdpr%3D1%26dtm_com%3D28%26dtm_cid%3D3035%26dtm_cmagic%3D03bfc1%26dtm_fid%3D101%26dtm_format%3D6%26cli_promo_id%3D2%26brand%3Dchevy%26optin%3Dtrue%26dealer_id%3Dgmps-weeks%26cdk_id%3D1632330077438189061%26dtm_user_ip%3D216.131.114.115%26dtm_user_agent%3DMozilla%252F5.0%2B%2528Windows%2BNT%2B10.0%253B%2BWin64%253B%2Bx64%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F93.0.4577.63%2BSafari%252F537.36%26dtm_referrer%3Dhttps%253A%252F%252Fwww.gregweeks.com%252F%26gdpr_consent%3D HTTP 302
https://login.dotomi.com/ucm/UCMController?gdpr=1&dtm_com=28&dtm_cid=3035&dtm_cmagic=03bfc1&dtm_fid=101&dtm_format=6&cli_promo_id=2&brand=chevy&optin=true&dealer_id=gmps-weeks&cdk_id=1632330077438189061&dtm_user_ip=216.131.114.115&dtm_user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F93.0.4577.63+Safari%2F537.36&dtm_referrer=https%3A%2F%2Fwww.gregweeks.com%2F&gdpr_consent= HTTP 302
https://login.dotomi.com/pixel.gif

Request Chain 143

https://s.tribalfusion.com/i.cid?c=663603&d=30&page=landingPage HTTP 302
https://s.tribalfusion.com/z/i.cid?c=663603&d=30&page=landingPage HTTP 302
https://ib.adnxs.com/getuidu?https://a.tribalfusion.com/i.match?p=b26&u=$UID&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24 HTTP 302
https://a.tribalfusion.com/i.match?p=b26&u=1118434049445511194&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24 HTTP 302
https://ib.adnxs.com/setuid?entity=305&code=18072662189053032986

Request Chain 145

https://mpp.vindicosuite.com/conv/v=5;m=1;t=26223;ts=77254217 HTTP 302
https://ad.ipredictive.com/d/rt/pixel?rtsite_id=44007&uuid=2622b0d8-2a57-4e58-91b7-02052fcc79d2&rr=1632330078

Request Chain 148

https://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_cid=3130&dtm_cmagic=c922de&dtm_fid=101&dtm_format=6&cli_promo_id=2&brand=gmc&optin=true&dealer_id=gmps-weeks&cdk_id=1632330077438189061 HTTP 302
https://core.conversant.mgr.consensu.org/gdpr/iab/consent/current?rdct_url=https%3A%2F%2Flogin.dotomi.com%2Fucm%2FUCMController%3Fgdpr%3D1%26dtm_com%3D28%26dtm_cid%3D3130%26dtm_cmagic%3Dc922de%26dtm_fid%3D101%26dtm_format%3D6%26cli_promo_id%3D2%26brand%3Dgmc%26optin%3Dtrue%26dealer_id%3Dgmps-weeks%26cdk_id%3D1632330077438189061%26dtm_user_ip%3D216.131.114.115%26dtm_user_agent%3DMozilla%252F5.0%2B%2528Windows%2BNT%2B10.0%253B%2BWin64%253B%2Bx64%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F93.0.4577.63%2BSafari%252F537.36%26dtm_referrer%3Dhttps%253A%252F%252Fwww.gregweeks.com%252F%26gdpr_consent%3D HTTP 302
https://login.dotomi.com/ucm/UCMController?gdpr=1&dtm_com=28&dtm_cid=3130&dtm_cmagic=c922de&dtm_fid=101&dtm_format=6&cli_promo_id=2&brand=gmc&optin=true&dealer_id=gmps-weeks&cdk_id=1632330077438189061&dtm_user_ip=216.131.114.115&dtm_user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F93.0.4577.63+Safari%2F537.36&dtm_referrer=https%3A%2F%2Fwww.gregweeks.com%2F&gdpr_consent= HTTP 302
https://login.dotomi.com/pixel.gif

Request Chain 154

https://s.tribalfusion.com/i.cid?c=663583&d=30&page=landingPage HTTP 302
https://s.tribalfusion.com/z/i.cid?c=663583&d=30&page=landingPage HTTP 302
https://ib.adnxs.com/getuidu?https://a.tribalfusion.com/i.match?p=b26&u=$UID&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24 HTTP 302
https://a.tribalfusion.com/i.match?p=b26&u=1118434049445511194&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24 HTTP 302
https://ib.adnxs.com/setuid?entity=305&code=18072662189053032986

Request Chain 156

https://mpp.vindicosuite.com/conv/v=5;m=1;t=26226;ts=77254217 HTTP 302
https://ad.ipredictive.com/d/rt/pixel?rtsite_id=44012&uuid=a8da3ce5-3c8e-47a4-a556-1ce107557240&rr=1632330082

Request Chain 159

https://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_cid=3129&dtm_cmagic=c6a014&dtm_fid=101&dtm_format=6&cli_promo_id=2&brand=buick&optin=true&dealer_id=gmps-weeks&cdk_id=1632330077438189061 HTTP 302
https://core.conversant.mgr.consensu.org/gdpr/iab/consent/current?rdct_url=https%3A%2F%2Flogin.dotomi.com%2Fucm%2FUCMController%3Fgdpr%3D1%26dtm_com%3D28%26dtm_cid%3D3129%26dtm_cmagic%3Dc6a014%26dtm_fid%3D101%26dtm_format%3D6%26cli_promo_id%3D2%26brand%3Dbuick%26optin%3Dtrue%26dealer_id%3Dgmps-weeks%26cdk_id%3D1632330077438189061%26dtm_user_ip%3D216.131.114.115%26dtm_user_agent%3DMozilla%252F5.0%2B%2528Windows%2BNT%2B10.0%253B%2BWin64%253B%2Bx64%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F93.0.4577.63%2BSafari%252F537.36%26dtm_referrer%3Dhttps%253A%252F%252Fwww.gregweeks.com%252F%26gdpr_consent%3D HTTP 302
https://login.dotomi.com/ucm/UCMController?gdpr=1&dtm_com=28&dtm_cid=3129&dtm_cmagic=c6a014&dtm_fid=101&dtm_format=6&cli_promo_id=2&brand=buick&optin=true&dealer_id=gmps-weeks&cdk_id=1632330077438189061&dtm_user_ip=216.131.114.115&dtm_user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F93.0.4577.63+Safari%2F537.36&dtm_referrer=https%3A%2F%2Fwww.gregweeks.com%2F&gdpr_consent= HTTP 302
https://login.dotomi.com/pixel.gif

Request Chain 165

https://dpm.demdex.net/ibs:dpid=313172&dpuuid=1632330077438189061&redir=https%3A%2F%2Fdt.cobaltgroup.com%2Fcookiejar%2F1.0%2Fcorrelate%3Fformat%3Dgif%26logonly%3D1%26uidindex%3Daam%26uid%3D$%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=313172&dpuuid=1632330077438189061&redir=https%3A%2F%2Fdt.cobaltgroup.com%2Fcookiejar%2F1.0%2Fcorrelate%3Fformat%3Dgif%26logonly%3D1%26uidindex%3Daam%26uid%3D$%7BDD_UUID%7D HTTP 302
https://dt.cobaltgroup.com/cookiejar/1.0/correlate?format=gif&logonly=1&uidindex=aam&uid=39913003496188322513202855812034217016

Request Chain 167

https://us-u.openx.net/w/1.0/sd?id=540213371&val=1632330077438189061 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=540213371&val=1632330077438189061

Request Chain 168

https://cm.g.doubleclick.net/pixel?google_nid=cobalt_group_adp&google_hm=MTYzMjMzMDA3NzQzODE4OTA2MQ HTTP 302
https://dt.admission.net/cookiejar/1.0/correlate?format=gif&uidindex=goo&uid=

Request Chain 182

https://go.activengage.com/1.js HTTP 302
https://pageview.activengage.com/js/pageview.min.js

Request Chain 232

https://segment-pixel.invitemedia.com/pixel?pixelID=67458&partnerID=198&key=segment HTTP 302
https://bid.g.doubleclick.net/xbbe/invitepixel/pixel?pixelID=67458&partnerID=198&key=segment

Request Chain 233

https://s.tribalfusion.com/i.cid?c=663573&d=30&page=landingPage HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662189053032986 HTTP 302
https://a.tribalfusion.com/i.match?p=b6&u=adx&google_error=15

Request Chain 237

https://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_cid=3035&dtm_cmagic=03bfc1&dtm_fid=101&dtm_format=6&cli_promo_id=2&brand=chevy&optin=true&dealer_id=gmps-weeks&cdk_id=1632330077438189061 HTTP 302
https://core.conversant.mgr.consensu.org/gdpr/iab/consent/current?rdct_url=https%3A%2F%2Flogin.dotomi.com%2Fucm%2FUCMController%3Fgdpr%3D1%26dtm_com%3D28%26dtm_cid%3D3035%26dtm_cmagic%3D03bfc1%26dtm_fid%3D101%26dtm_format%3D6%26cli_promo_id%3D2%26brand%3Dchevy%26optin%3Dtrue%26dealer_id%3Dgmps-weeks%26cdk_id%3D1632330077438189061%26dtm_user_ip%3D216.131.114.115%26dtm_user_agent%3DMozilla%252F5.0%2B%2528Windows%2BNT%2B10.0%253B%2BWin64%253B%2Bx64%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F93.0.4577.63%2BSafari%252F537.36%26dtm_referrer%3Dhttps%253A%252F%252Fwww.gregweeks.com%252F%26gdpr_consent%3D HTTP 302
https://login.dotomi.com/ucm/UCMController?gdpr=1&dtm_com=28&dtm_cid=3035&dtm_cmagic=03bfc1&dtm_fid=101&dtm_format=6&cli_promo_id=2&brand=chevy&optin=true&dealer_id=gmps-weeks&cdk_id=1632330077438189061&dtm_user_ip=216.131.114.115&dtm_user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F93.0.4577.63+Safari%2F537.36&dtm_referrer=https%3A%2F%2Fwww.gregweeks.com%2F&gdpr_consent= HTTP 302
https://login.dotomi.com/pixel.gif

Request Chain 240

https://s.tribalfusion.com/i.cid?c=663603&d=30&page=landingPage HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662189053032986 HTTP 302
https://a.tribalfusion.com/i.match?p=b6&u=adx&google_error=15

Request Chain 244

https://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_cid=3130&dtm_cmagic=c922de&dtm_fid=101&dtm_format=6&cli_promo_id=2&brand=gmc&optin=true&dealer_id=gmps-weeks&cdk_id=1632330077438189061 HTTP 302
https://core.conversant.mgr.consensu.org/gdpr/iab/consent/current?rdct_url=https%3A%2F%2Flogin.dotomi.com%2Fucm%2FUCMController%3Fgdpr%3D1%26dtm_com%3D28%26dtm_cid%3D3130%26dtm_cmagic%3Dc922de%26dtm_fid%3D101%26dtm_format%3D6%26cli_promo_id%3D2%26brand%3Dgmc%26optin%3Dtrue%26dealer_id%3Dgmps-weeks%26cdk_id%3D1632330077438189061%26dtm_user_ip%3D216.131.114.115%26dtm_user_agent%3DMozilla%252F5.0%2B%2528Windows%2BNT%2B10.0%253B%2BWin64%253B%2Bx64%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F93.0.4577.63%2BSafari%252F537.36%26dtm_referrer%3Dhttps%253A%252F%252Fwww.gregweeks.com%252F%26gdpr_consent%3D HTTP 302
https://login.dotomi.com/ucm/UCMController?gdpr=1&dtm_com=28&dtm_cid=3130&dtm_cmagic=c922de&dtm_fid=101&dtm_format=6&cli_promo_id=2&brand=gmc&optin=true&dealer_id=gmps-weeks&cdk_id=1632330077438189061&dtm_user_ip=216.131.114.115&dtm_user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F93.0.4577.63+Safari%2F537.36&dtm_referrer=https%3A%2F%2Fwww.gregweeks.com%2F&gdpr_consent= HTTP 302
https://login.dotomi.com/pixel.gif

Request Chain 248

https://s.tribalfusion.com/i.cid?c=663583&d=30&page=landingPage HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662189053032986 HTTP 302
https://a.tribalfusion.com/i.match?p=b6&u=adx&google_error=15

Request Chain 252

https://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_cid=3129&dtm_cmagic=c6a014&dtm_fid=101&dtm_format=6&cli_promo_id=2&brand=buick&optin=true&dealer_id=gmps-weeks&cdk_id=1632330077438189061 HTTP 302
https://core.conversant.mgr.consensu.org/gdpr/iab/consent/current?rdct_url=https%3A%2F%2Flogin.dotomi.com%2Fucm%2FUCMController%3Fgdpr%3D1%26dtm_com%3D28%26dtm_cid%3D3129%26dtm_cmagic%3Dc6a014%26dtm_fid%3D101%26dtm_format%3D6%26cli_promo_id%3D2%26brand%3Dbuick%26optin%3Dtrue%26dealer_id%3Dgmps-weeks%26cdk_id%3D1632330077438189061%26dtm_user_ip%3D216.131.114.115%26dtm_user_agent%3DMozilla%252F5.0%2B%2528Windows%2BNT%2B10.0%253B%2BWin64%253B%2Bx64%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F93.0.4577.63%2BSafari%252F537.36%26dtm_referrer%3Dhttps%253A%252F%252Fwww.gregweeks.com%252F%26gdpr_consent%3D HTTP 302
https://login.dotomi.com/ucm/UCMController?gdpr=1&dtm_com=28&dtm_cid=3129&dtm_cmagic=c6a014&dtm_fid=101&dtm_format=6&cli_promo_id=2&brand=buick&optin=true&dealer_id=gmps-weeks&cdk_id=1632330077438189061&dtm_user_ip=216.131.114.115&dtm_user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F93.0.4577.63+Safari%2F537.36&dtm_referrer=https%3A%2F%2Fwww.gregweeks.com%2F&gdpr_consent= HTTP 302
https://login.dotomi.com/pixel.gif

Request Chain 258

https://mpp.vindicosuite.com/conv/v=5;m=1;t=26220;ts=288066179 HTTP 302
https://ad.ipredictive.com/d/rt/pixel?rtsite_id=44017&uuid=e0ce7954-5a71-4574-99b1-fcbc62fdcebf&rr=1632330086

Request Chain 259

https://mpp.vindicosuite.com/conv/v=5;m=1;t=26223;ts=288066179 HTTP 302
https://ad.ipredictive.com/d/rt/pixel?rtsite_id=44007&uuid=2622b0d8-2a57-4e58-91b7-02052fcc79d2&rr=1632330079

Request Chain 262

https://mpp.vindicosuite.com/conv/v=5;m=1;t=26226;ts=288066179 HTTP 302
https://ad.ipredictive.com/d/rt/pixel?rtsite_id=44012&uuid=a8da3ce5-3c8e-47a4-a556-1ce107557240&rr=1632330079

Request Chain 288

https://cm.everesttech.net/cm/dd?d_uuid=39913003496188322513202855812034217016 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YUthYAAAAGilMwO1

Request Chain 289

https://9317774.fls.doubleclick.net/activityi;src=9317774;type=sv;cat=chevy0;ord=2A3038A569889B4B828552752126EDD8;gtm=2wg9k0;auiddc=740098797.1632330077;u10=116531;u2=HomePage;u3=en-US;u4=https%3A%2F%2Fwww.gregweeks.com%2F;u5=;u6=1600;u7=2A3038A569889B4B828552752126EDD8;u8=2A3038A569889B4B828552752126EDD8;u9=Weeks%20Chevrolet%20Buick%20GMC;u1=www.gregweeks.com;u11=WEST%20FRANKFORT;u12=IL;u13=null;u14=null;u15=null;u16=null;u17=null;u18=null;u19=undefined;u20=undefined;~oref=https%3A%2F%2Fwww.gregweeks.com%2F HTTP 302
https://9317774.fls.doubleclick.net/activityi;dc_pre=CK7j6bSHk_MCFQV70wod2m0Azw;src=9317774;type=sv;cat=chevy0;ord=2A3038A569889B4B828552752126EDD8;gtm=2wg9k0;auiddc=740098797.1632330077;u10=116531;u2=HomePage;u3=en-US;u4=https%3A%2F%2Fwww.gregweeks.com%2F;u5=;u6=1600;u7=2A3038A569889B4B828552752126EDD8;u8=2A3038A569889B4B828552752126EDD8;u9=Weeks%20Chevrolet%20Buick%20GMC;u1=www.gregweeks.com;u11=WEST%20FRANKFORT;u12=IL;u13=null;u14=null;u15=null;u16=null;u17=null;u18=null;u19=undefined;u20=undefined;~oref=https%3A%2F%2Fwww.gregweeks.com%2F

Request Chain 290

https://9399534.fls.doubleclick.net/activityi;src=9399534;type=t3sv;cat=t3sit0;ord=6751174135263;gtm=2wg9k0;auiddc=740098797.1632330077;u1=www.gregweeks.com;u2=HomePage;u3=en-US;u4=https%3A%2F%2Fwww.gregweeks.com%2F;u5=;u6=1600;u7=2A3038A569889B4B828552752126EDD8;u8=2A3038A569889B4B828552752126EDD8;u9=Weeks%20Chevrolet%20Buick%20GMC;u10=116531;u11=WEST%20FRANKFORT;u12=IL;u13=null;u14=null;u15=null;u16=null;u17=null;u18=null;u19=undefined;u20=undefined;u21=CDK;~oref=https%3A%2F%2Fwww.gregweeks.com%2F HTTP 302
https://9399534.fls.doubleclick.net/activityi;dc_pre=CIux77SHk_MCFYts0wodoG8Jlg;src=9399534;type=t3sv;cat=t3sit0;ord=6751174135263;gtm=2wg9k0;auiddc=740098797.1632330077;u1=www.gregweeks.com;u2=HomePage;u3=en-US;u4=https%3A%2F%2Fwww.gregweeks.com%2F;u5=;u6=1600;u7=2A3038A569889B4B828552752126EDD8;u8=2A3038A569889B4B828552752126EDD8;u9=Weeks%20Chevrolet%20Buick%20GMC;u10=116531;u11=WEST%20FRANKFORT;u12=IL;u13=null;u14=null;u15=null;u16=null;u17=null;u18=null;u19=undefined;u20=undefined;u21=CDK;~oref=https%3A%2F%2Fwww.gregweeks.com%2F

Request Chain 301

https://ad.doubleclick.net/ddm/activity/src=10687887;type=lmagm0;cat=rt-al0;u1=Buick,Chevrolet,GMC;u2=116531;u3=Sincro;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=65317374?gtmcb=1011234004 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=10687887;dc_pre=CL6m7LSHk_MCFcR70wodVZkG8A;type=lmagm0;cat=rt-al0;u1=Buick,Chevrolet,GMC;u2=116531;u3=Sincro;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=65317374?gtmcb=1011234004 HTTP 302
https://adservice.google.com/ddm/fls/z/src=10687887;dc_pre=CL6m7LSHk_MCFcR70wodVZkG8A;type=lmagm0;cat=rt-al0;u1=Buick,Chevrolet,GMC;u2=116531;u3=Sincro;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=65317374?gtmcb=1011234004

Request Chain 303

https://ad.doubleclick.net/ddm/activity/src=10687887;type=lmagm0;cat=rt-al0;u1=Buick,Chevrolet,GMC;u2=116531;u3=Sincro;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1047293086?gtmcb=1512523651 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=10687887;dc_pre=CJup7LSHk_MCFYV70wodx0gEIA;type=lmagm0;cat=rt-al0;u1=Buick,Chevrolet,GMC;u2=116531;u3=Sincro;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1047293086?gtmcb=1512523651 HTTP 302
https://adservice.google.com/ddm/fls/z/src=10687887;dc_pre=CJup7LSHk_MCFYV70wodx0gEIA;type=lmagm0;cat=rt-al0;u1=Buick,Chevrolet,GMC;u2=116531;u3=Sincro;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1047293086?gtmcb=1512523651

Request Chain 311

https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=39913003496188322513202855812034217016&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d39913003496188322513202855812034217016 HTTP 302
https://dpm.demdex.net/ibs:dpid=269&dpuuid=2a89614b-6160-4d00-920b-5f800d5c1665&ddsuuid=39913003496188322513202855812034217016

Request Chain 312

https://insight.adsrvr.org/track/up?adv=pmijyo9&ref=https%3A%2F%2Fwww.gregweeks.com%2F&upid=evpjlkj&upv=1.1.0&td1=116531&td2=https://www.gregweeks.com/&td3=www.gregweeks.com HTTP 302
https://match.adsrvr.org/track/upb/?adv=pmijyo9&ref=https%3A%2F%2Fwww.gregweeks.com%2F&upid=evpjlkj&upv=1.1.0&td1=116531&td2=https://www.gregweeks.com/&td3=www.gregweeks.com

Request Chain 323

https://idsync.rlcdn.com/365868.gif?partner_uid=39913003496188322513202855812034217016 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomMzk5MTMwMDM0OTYxODgzMjI1MTMyMDI4NTU4MTIwMzQyMTcwMTYQABoNCODCrYoGEgUI6AcQAEIASgA HTTP 307
https://dpm.demdex.net/ibs:dpid=477&dpuuid=11eb67d94b8523ca6c793125b501c188a73f1115c2a11c9428c8aa7e1afcd784b0da87c991749652

Request Chain 325

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/609383104/?random=43438502&cv=9&fst=1632330080782&num=1&npa=1&label=ws9qCPn7_9gBEMDlyaIC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9317774.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCK7j6bSHk_MCFQV70wod2m0Azw%3Bsrc%3D9317774%3Btype%3Dsv%3Bcat%3Dchevy0%3Bord%3D2A3038A569889B4B828552752126EDD8%3Bgtm%3D2wg9k0%3Bauiddc%3D740098797.1632330077%3Bu10%3D116531%3Bu2%3DHomePage%3Bu3%3Den-US%3Bu4%3Dhttps%253A%252F%252Fwww.gregweeks.com%252F%3Bu5%3D%3Bu6%3D1600%3Bu7%3D2A3038A569889B4B828552752126EDD8%3Bu8%3D2A3038A569889B4B828552752126EDD8%3Bu9%3DWeeks%2520Chevrolet%2520Buick%2520GMC%3Bu1%3Dwww.gregweeks.com%3Bu11%3DWEST%2520FRANKFORT%3Bu12%3DIL%3Bu13%3Dnull%3Bu14%3Dnull%3Bu15%3Dnull%3Bu16%3Dnull%3Bu17%3Dnull%3Bu18%3Dnull%3Bu19%3Dundefined%3Bu20%3Dundefined%3B~oref&ref=https%3A%2F%2Fwww.gregweeks.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=YGFLYfzYMIXpgQfRyYzgAw&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/609383104/?random=43438502&cv=9&fst=1632330080782&num=1&npa=1&label=ws9qCPn7_9gBEMDlyaIC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9317774.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCK7j6bSHk_MCFQV70wod2m0Azw%3Bsrc%3D9317774%3Btype%3Dsv%3Bcat%3Dchevy0%3Bord%3D2A3038A569889B4B828552752126EDD8%3Bgtm%3D2wg9k0%3Bauiddc%3D740098797.1632330077%3Bu10%3D116531%3Bu2%3DHomePage%3Bu3%3Den-US%3Bu4%3Dhttps%253A%252F%252Fwww.gregweeks.com%252F%3Bu5%3D%3Bu6%3D1600%3Bu7%3D2A3038A569889B4B828552752126EDD8%3Bu8%3D2A3038A569889B4B828552752126EDD8%3Bu9%3DWeeks%2520Chevrolet%2520Buick%2520GMC%3Bu1%3Dwww.gregweeks.com%3Bu11%3DWEST%2520FRANKFORT%3Bu12%3DIL%3Bu13%3Dnull%3Bu14%3Dnull%3Bu15%3Dnull%3Bu16%3Dnull%3Bu17%3Dnull%3Bu18%3Dnull%3Bu19%3Dundefined%3Bu20%3Dundefined%3B~oref&ref=https%3A%2F%2Fwww.gregweeks.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=YGFLYfzYMIXpgQfRyYzgAw&cid=CAQSKQCNIrLM6O0eCx_yvRtU6HqZ27QAkFHQ5wS118tZLqX-SnJM8iZ87j59&random=2119663401&resp=GooglemKTybQhCsO

Request Chain 327

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/455407040/?random=428901406&cv=9&fst=1632330080828&num=1&npa=1&label=5Sa7CJPBwe4BEMDrk9kB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9399534.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCIux77SHk_MCFYts0wodoG8Jlg%3Bsrc%3D9399534%3Btype%3Dt3sv%3Bcat%3Dt3sit0%3Bord%3D6751174135263%3Bgtm%3D2wg9k0%3Bauiddc%3D740098797.1632330077%3Bu1%3Dwww.gregweeks.com%3Bu2%3DHomePage%3Bu3%3Den-US%3Bu4%3Dhttps%253A%252F%252Fwww.gregweeks.com%252F%3Bu5%3D%3Bu6%3D1600%3Bu7%3D2A3038A569889B4B828552752126EDD8%3Bu8%3D2A3038A569889B4B828552752126EDD8%3Bu9%3DWeeks%2520Chevrolet%2520Buick%2520GMC%3Bu10%3D116531%3Bu11%3DWEST%2520FRANKFORT%3Bu12%3DIL%3Bu13%3Dnull%3Bu14%3Dnull%3Bu15%3Dnull%3Bu16%3Dnull%3Bu17%3Dnull%3Bu18%3Dnull%3Bu19%3Dundefined%3Bu20%3Dundefined%3Bu21%3DCDK%3B~oref%3Dhttps%253A&ref=https%3A%2F%2Fwww.gregweeks.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=YGFLYYy2M8jngQffl5vgCw&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/455407040/?random=428901406&cv=9&fst=1632330080828&num=1&npa=1&label=5Sa7CJPBwe4BEMDrk9kB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9399534.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCIux77SHk_MCFYts0wodoG8Jlg%3Bsrc%3D9399534%3Btype%3Dt3sv%3Bcat%3Dt3sit0%3Bord%3D6751174135263%3Bgtm%3D2wg9k0%3Bauiddc%3D740098797.1632330077%3Bu1%3Dwww.gregweeks.com%3Bu2%3DHomePage%3Bu3%3Den-US%3Bu4%3Dhttps%253A%252F%252Fwww.gregweeks.com%252F%3Bu5%3D%3Bu6%3D1600%3Bu7%3D2A3038A569889B4B828552752126EDD8%3Bu8%3D2A3038A569889B4B828552752126EDD8%3Bu9%3DWeeks%2520Chevrolet%2520Buick%2520GMC%3Bu10%3D116531%3Bu11%3DWEST%2520FRANKFORT%3Bu12%3DIL%3Bu13%3Dnull%3Bu14%3Dnull%3Bu15%3Dnull%3Bu16%3Dnull%3Bu17%3Dnull%3Bu18%3Dnull%3Bu19%3Dundefined%3Bu20%3Dundefined%3Bu21%3DCDK%3B~oref%3Dhttps%253A&ref=https%3A%2F%2Fwww.gregweeks.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=YGFLYYy2M8jngQffl5vgCw&cid=CAQSKQCNIrLMLgru2b2cxG-k8uL0qO2aj-gAfpBd68aF25jS3HyVwV_zPnfi&random=3562009157&resp=GooglemKTybQhCsO

Request Chain 328

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/459928202/?random=1479229731&cv=9&fst=1632330080782&num=2&npa=1&label=GZcgCIaY8u0BEIrlp9sB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9317774.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCK7j6bSHk_MCFQV70wod2m0Azw%3Bsrc%3D9317774%3Btype%3Dsv%3Bcat%3Dchevy0%3Bord%3D2A3038A569889B4B828552752126EDD8%3Bgtm%3D2wg9k0%3Bauiddc%3D740098797.1632330077%3Bu10%3D116531%3Bu2%3DHomePage%3Bu3%3Den-US%3Bu4%3Dhttps%253A%252F%252Fwww.gregweeks.com%252F%3Bu5%3D%3Bu6%3D1600%3Bu7%3D2A3038A569889B4B828552752126EDD8%3Bu8%3D2A3038A569889B4B828552752126EDD8%3Bu9%3DWeeks%2520Chevrolet%2520Buick%2520GMC%3Bu1%3Dwww.gregweeks.com%3Bu11%3DWEST%2520FRANKFORT%3Bu12%3DIL%3Bu13%3Dnull%3Bu14%3Dnull%3Bu15%3Dnull%3Bu16%3Dnull%3Bu17%3Dnull%3Bu18%3Dnull%3Bu19%3Dundefined%3Bu20%3Dundefined%3B~oref&ref=https%3A%2F%2Fwww.gregweeks.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=YGFLYZjnM5XpgQeJxLH4CQ&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/459928202/?random=1479229731&cv=9&fst=1632330080782&num=2&npa=1&label=GZcgCIaY8u0BEIrlp9sB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9317774.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCK7j6bSHk_MCFQV70wod2m0Azw%3Bsrc%3D9317774%3Btype%3Dsv%3Bcat%3Dchevy0%3Bord%3D2A3038A569889B4B828552752126EDD8%3Bgtm%3D2wg9k0%3Bauiddc%3D740098797.1632330077%3Bu10%3D116531%3Bu2%3DHomePage%3Bu3%3Den-US%3Bu4%3Dhttps%253A%252F%252Fwww.gregweeks.com%252F%3Bu5%3D%3Bu6%3D1600%3Bu7%3D2A3038A569889B4B828552752126EDD8%3Bu8%3D2A3038A569889B4B828552752126EDD8%3Bu9%3DWeeks%2520Chevrolet%2520Buick%2520GMC%3Bu1%3Dwww.gregweeks.com%3Bu11%3DWEST%2520FRANKFORT%3Bu12%3DIL%3Bu13%3Dnull%3Bu14%3Dnull%3Bu15%3Dnull%3Bu16%3Dnull%3Bu17%3Dnull%3Bu18%3Dnull%3Bu19%3Dundefined%3Bu20%3Dundefined%3B~oref&ref=https%3A%2F%2Fwww.gregweeks.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=YGFLYZjnM5XpgQeJxLH4CQ&cid=CAQSKQCNIrLMw9u3fwsKdT4F5YMEPfOMhjUCParPGj2ek-yC6JEmHBrFbb6S&random=977225997&resp=GooglemKTybQhCsO

Request Chain 330

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/589079120/?random=1554203882&cv=9&fst=1632330080828&num=2&npa=1&label=f5kYCLjxhd8BENDE8pgC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9399534.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCIux77SHk_MCFYts0wodoG8Jlg%3Bsrc%3D9399534%3Btype%3Dt3sv%3Bcat%3Dt3sit0%3Bord%3D6751174135263%3Bgtm%3D2wg9k0%3Bauiddc%3D740098797.1632330077%3Bu1%3Dwww.gregweeks.com%3Bu2%3DHomePage%3Bu3%3Den-US%3Bu4%3Dhttps%253A%252F%252Fwww.gregweeks.com%252F%3Bu5%3D%3Bu6%3D1600%3Bu7%3D2A3038A569889B4B828552752126EDD8%3Bu8%3D2A3038A569889B4B828552752126EDD8%3Bu9%3DWeeks%2520Chevrolet%2520Buick%2520GMC%3Bu10%3D116531%3Bu11%3DWEST%2520FRANKFORT%3Bu12%3DIL%3Bu13%3Dnull%3Bu14%3Dnull%3Bu15%3Dnull%3Bu16%3Dnull%3Bu17%3Dnull%3Bu18%3Dnull%3Bu19%3Dundefined%3Bu20%3Dundefined%3Bu21%3DCDK%3B~oref%3Dhttps%253A&ref=https%3A%2F%2Fwww.gregweeks.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=YGFLYZu0NqOpx_AP3c6ruA8&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/589079120/?random=1554203882&cv=9&fst=1632330080828&num=2&npa=1&label=f5kYCLjxhd8BENDE8pgC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9399534.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCIux77SHk_MCFYts0wodoG8Jlg%3Bsrc%3D9399534%3Btype%3Dt3sv%3Bcat%3Dt3sit0%3Bord%3D6751174135263%3Bgtm%3D2wg9k0%3Bauiddc%3D740098797.1632330077%3Bu1%3Dwww.gregweeks.com%3Bu2%3DHomePage%3Bu3%3Den-US%3Bu4%3Dhttps%253A%252F%252Fwww.gregweeks.com%252F%3Bu5%3D%3Bu6%3D1600%3Bu7%3D2A3038A569889B4B828552752126EDD8%3Bu8%3D2A3038A569889B4B828552752126EDD8%3Bu9%3DWeeks%2520Chevrolet%2520Buick%2520GMC%3Bu10%3D116531%3Bu11%3DWEST%2520FRANKFORT%3Bu12%3DIL%3Bu13%3Dnull%3Bu14%3Dnull%3Bu15%3Dnull%3Bu16%3Dnull%3Bu17%3Dnull%3Bu18%3Dnull%3Bu19%3Dundefined%3Bu20%3Dundefined%3Bu21%3DCDK%3B~oref%3Dhttps%253A&ref=https%3A%2F%2Fwww.gregweeks.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=YGFLYZu0NqOpx_AP3c6ruA8&cid=CAQSKQCNIrLMgwac92l6UHR3tNAF2vH1IAb-YT5NP9uoCQxJFVlvCqueNeSv&random=1813527408&resp=GooglemKTybQhCsO

Request Chain 331

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=Mzk5MTMwMDM0OTYxODgzMjI1MTMyMDI4NTU4MTIwMzQyMTcwMTY= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=&google_error=15?gdpr=0&gdpr_consent=

Request Chain 332

https://navdmp.com/req?adID=39913003496188322513202855812034217016 HTTP 301
https://cdn.navdmp.com/req?adID=39913003496188322513202855812034217016

Request Chain 334

https://dt.scanscout.com/ssframework/uid?UIAA=39913003496188322513202855812034217016&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D HTTP 302
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-fc5fe10f437cb5121fcb184690c56b0f

Request Chain 338

https://ad.doubleclick.net/ddm/activity/src=10434923;type=s_visits;cat=svisit;u1=CDK;u2=116531;u3=undefined;u4=www.gregweeks.com;u5=https://www.gregweeks.com/;u6=HomePage;u7=;u8=1600;u9=null;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1420650283 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=10434923;dc_pre=CIubpbWHk_MCFUkZ0wodI3oGCQ;type=s_visits;cat=svisit;u1=CDK;u2=116531;u3=undefined;u4=www.gregweeks.com;u5=https://www.gregweeks.com/;u6=HomePage;u7=;u8=1600;u9=null;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1420650283 HTTP 302
https://adservice.google.com/ddm/fls/z/src=10434923;dc_pre=CIubpbWHk_MCFUkZ0wodI3oGCQ;type=s_visits;cat=svisit;u1=CDK;u2=116531;u3=undefined;u4=www.gregweeks.com;u5=https://www.gregweeks.com/;u6=HomePage;u7=;u8=1600;u9=null;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1420650283

Request Chain 339

https://sync.ipredictive.com/d/sync/cookie/generic?https://dpm.demdex.net/ibs:dpid=2340&dpuuid=${ADELPHIC_CUID} HTTP 302
https://dpm.demdex.net/ibs:dpid=2340&dpuuid=b489634d-1bc6-11ec-9980-b12fefe76091

Request Chain 340

https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=39913003496188322513202855812034217016?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/tpid=39913003496188322513202855812034217016?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=4a192dd73d3af78c785a0037a2399737

Request Chain 346

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVV0aFlBQUFBR2lsTXdPMQ==

Request Chain 347

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YUthYAAAAGilMwO1&expires=90

Request Chain 357

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YUthYAAAAGilMwO1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YUthYAAAAGilMwO1&C=1

Request Chain 358

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=YUthYAAAAGilMwO1

Request Chain 359

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YUthYAAAAGilMwO1

Request Chain 361

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YUthYAAAAGilMwO1

Request Chain 362

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YUthYAAAAGilMwO1&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YUthYAAAAGilMwO1&img=1&__user_check__=1&sync_id=b6a628f9-1bc6-11ec-96f3-1b1ae21b0306

Request Chain 364

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YUthYAAAAGilMwO1&t=2592000&o=0

Request Chain 365

https://mid.rkdms.com/bct?pid=8bc436aa-e0fc-4baa-9c9a-06fbeca87826&puid=39913003496188322513202855812034217016&_ct=img HTTP 302
https://mid.rkdms.com/restricted

367 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.gregweeks.com/
Redirect Chain

http://weekschevybuickgmc.com/
http://www.gregweeks.com/
https://www.gregweeks.com/

525 KB
65 KB

613ms
590ms

Document
text/html

143.204.207.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gregweeks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.207.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-207-117.fra53.r.cloudfront.net

Software

CDK-Websites /

Resource Hash

5fb06ac056f6483e6eee10713ba195fea67601939b100a9743ddde096fa9bd15

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

:method: GET
:authority: www.gregweeks.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
cookie: JSESSIONID=2A3038A569889B4B828552752126EDD8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html;charset=UTF-8
content-length: 65454
date: Wed, 22 Sep 2021 17:01:14 GMT
server: CDK-Websites
x-server-response-time: 1249
strict-transport-security: max-age=7776000
nitra-side: b
logging-correlationid: ULihY4D1fz-qtnn37k2hh6TmZOnv1KzYcKfmHHtDIBOAh3gUndZAcg==
cache-control: public,max-age=60
x-origin-id: cdk-pdx
x-server-start-time: 1632329943643
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: sameorigin
x-sf-cache: Hit from sitefront
x-cache: Miss from cloudfront
via: 1.1 a75b67932d84d80b40e12159613deb17.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: L6U0WntQyk_XeMvssDkIW_YJSDxr7iv8SIqwE19G4of5uy9m9qDdpA==

Redirect headers

Content-Type: application/octet-stream
Content-Length: 0
Connection: keep-alive
Date: Wed, 22 Sep 2021 17:01:14 GMT
X-Server-Response-Time: 7
nitra-side: b
Vary: *
Cache-Control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
Set-Cookie: JSESSIONID=2A3038A569889B4B828552752126EDD8; Path=/; HttpOnly
Location: https://www.gregweeks.com/
X-Server-Start-Time: 1632330076584
Logging-CorrelationId: yZFNwMRhUM2raV_Y9SjvbiMbX0eQ-nGqQOfsW7nx3kayAFxcWR_hBQ==
Pragma: no-cache
X-Origin-Id: cdk-pdx
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Server: CDK-Websites
X-Cache: Miss from cloudfront
Via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: yZFNwMRhUM2raV_Y9SjvbiMbX0eQ-nGqQOfsW7nx3kayAFxcWR_hBQ==

GET
H2 200 Preload.js Show response
media.assets.sincrod.com/hydra-graph/hydra-graph-1.0.23253/vendor/hydra-base/base/sitefront/ 11 KB
4 KB 71ms
15ms Script
application/javascript 65.9.71.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/hydra-graph/hydra-graph-1.0.23253/vendor/hydra-base/base/sitefront/Preload.js
Requested by: Host: www.gregweeks.com
URL: https://www.gregweeks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 61f348e34c97dba76aa0844a360836d15f218ca4ff87bfddbb9ae2fe82f8bb3a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Wed, 22 Sep 2021 10:25:27 GMT
content-encoding: gzip
x-original-content-length: 11686
age: 23747
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
x-server-start-time: 1632306327621
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: gsyL6e8POelUMGiTvNTRo5USCCtCEiBFAumrIcQjc61_WUWeAjqfxg==
access-control-allow-origin: *
last-modified: Wed, 22 Sep 2021 08:28:21 GMT
server: nginx
x-server-response-time: 68
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: rAUxhc0Ik2_3UuBZFufMunTxGkOCZWogQ-Ssb_Bq3B9eZ9fFI5wPow==
expires: Thu, 22 Sep 2022 10:25:27 GMT

GET
H2 200 bundle.css
media.assets.sincrod.com/websites/generated/bundles/5.0-7746/tky/jts87irqjtrqcmsmddw==/ 2 MB
175 KB 66ms
16ms Stylesheet
text/css 65.9.71.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/websites/generated/bundles/5.0-7746/tky/jts87irqjtrqcmsmddw==/bundle.css
Requested by: Host: www.gregweeks.com
URL: https://www.gregweeks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 3659bd6ddd5bc0f3e4a325c1eff92779ed31244e3671ef584b35ff1fed7dd4aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Mon, 20 Sep 2021 22:23:10 GMT
content-encoding: gzip
x-original-content-length: 1921421
age: 153484
x-cache: Hit from cloudfront
x-server-start-time: 1632176590066
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: jhStoM-Pm0LAIxAx_1vNJpOjrxGQ8GrFUIJcMOvn7IWHX1fpuVtTLQ==
access-control-allow-origin: *
last-modified: Mon, 20 Sep 2021 11:25:01 GMT
server: nginx
x-server-response-time: 104
vary: Accept-Encoding
content-type: text/css
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: kMhyXFFeWV3Bqh2c-aXDWtM56pT6yMWjRXpmWtRPecEUilVTLflA8Q==
expires: Tue, 20 Sep 2022 22:23:10 GMT

GET
H2 200 bundle.js Show response
media.assets.sincrod.com/websites/generated/bundles/5.0-7746/q47/yqs8bthj4e0-xz49mua==/ 80 KB
17 KB 65ms
15ms Script
application/javascript 65.9.71.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/websites/generated/bundles/5.0-7746/q47/yqs8bthj4e0-xz49mua==/bundle.js
Requested by: Host: www.gregweeks.com
URL: https://www.gregweeks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 49cb91c4f1144347a19ee071b30fa8ca705d8ff05187984935c678bac2a9c546

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Thu, 16 Sep 2021 08:59:30 GMT
content-encoding: gzip
x-original-content-length: 81875
age: 547304
x-cache: Hit from cloudfront
x-server-start-time: 1631782770563
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: BS8tOmiOojAClq1NOSstvmc2jPxE1Mwus4eaAvqQopL6PimGXU5u-w==
access-control-allow-origin: *
last-modified: Thu, 16 Sep 2021 03:43:02 GMT
server: nginx
x-server-response-time: 38
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: RMpF0pKvt7scepEI5fLiWGgSDx1_JsyTjFC3HMD_S1ZbkahO1PNdYA==
expires: Fri, 16 Sep 2022 08:59:30 GMT

GET
H2 200 Buick.png
media.assets.sincrod.com/hydra-graph/hydra-graph-1.0.23253/vendor/hydra-base/client/assets/logos/ 9 KB
10 KB 9ms
9ms Image
image/png 65.9.71.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.assets.sincrod.com/hydra-graph/hydra-graph-1.0.23253/vendor/hydra-base/client/assets/logos/Buick.png
Requested by: Host: www.gregweeks.com
URL: https://www.gregweeks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7ecc9d8e6218a210d45fd400ec5ae0ba8e00bc02449ebb659ec657f54f2116f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Wed, 22 Sep 2021 10:25:53 GMT
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
x-original-content-length: 9719
age: 23721
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
x-server-start-time: 1632306353172
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: 5tOoO8ISz-1tO-gQqo-IfJpw4oKqmTdVFCVinGIuocLKI0EbzGglDA==
last-modified: Wed, 22 Sep 2021 08:28:21 GMT
server: nginx
x-server-response-time: 16
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
content-length: 9719
x-amz-cf-id: UzPUW6IbW-Y9jExIs1-5N8rcEXr1gyQTCEyT8rbsiEdyQtEZWuB7UQ==
expires: Thu, 22 Sep 2022 10:25:53 GMT

GET
H2 200 Chevrolet.png
media.assets.sincrod.com/hydra-graph/hydra-graph-1.0.23253/vendor/hydra-base/client/assets/logos/ 11 KB
12 KB 8ms
8ms Image
image/png 65.9.71.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.assets.sincrod.com/hydra-graph/hydra-graph-1.0.23253/vendor/hydra-base/client/assets/logos/Chevrolet.png
Requested by: Host: www.gregweeks.com
URL: https://www.gregweeks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a5f58f6b3d0c3ffdc15315e5eb1309fe70cf97091e7dd619c2e67a477a32eb0a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Wed, 22 Sep 2021 10:25:39 GMT
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
x-original-content-length: 11301
age: 23735
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
x-server-start-time: 1632306339394
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: PSd9dHx63H8m6ZCrt_tTDdhMEDPivFy-vgq1UdP1nHoVtwJki7LBZQ==
last-modified: Wed, 22 Sep 2021 08:28:19 GMT
server: nginx
x-server-response-time: 15
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
content-length: 11301
x-amz-cf-id: jiMhRgKDpOgT-Ehbc8f2NzolEhWPeec0rkPahHCsRSzv8VS8NyOiKQ==
expires: Thu, 22 Sep 2022 10:25:39 GMT

GET
H2 200 GMC.png
media.assets.sincrod.com/hydra-graph/hydra-graph-1.0.23253/vendor/hydra-base/client/assets/logos/ 11 KB
12 KB 9ms
8ms Image
image/png 65.9.71.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.assets.sincrod.com/hydra-graph/hydra-graph-1.0.23253/vendor/hydra-base/client/assets/logos/GMC.png
Requested by: Host: www.gregweeks.com
URL: https://www.gregweeks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9c0f07cb72b8aed894612b92436a36102ce9114a40394dbfd07969204a8ebb7b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Wed, 22 Sep 2021 10:25:53 GMT
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
x-original-content-length: 11388
age: 23721
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
x-server-start-time: 1632306353178
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: 6Ojhm6RWPFY48BtvZkutAPD4Vui8jV6M_KjEbybCv0cYKMX9i2CWzw==
last-modified: Wed, 22 Sep 2021 08:28:19 GMT
server: nginx
x-server-response-time: 51
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
content-length: 11388
x-amz-cf-id: u1V8Oju_ci0Murt8c_Qh1E_Z10oDyiQD4AAdUJKHXI2ds6znifyPBA==
expires: Thu, 22 Sep 2022 10:25:53 GMT

GET
H2 200 af5e4b98db1910058adb0050568b6442.png
media.assets.sincrod.com/teams/repository/export/v/1/af5/e4b98db1910058adb0050568b6442/ 16 KB
16 KB 21ms
20ms Image
image/png 65.9.71.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.assets.sincrod.com/teams/repository/export/v/1/af5/e4b98db1910058adb0050568b6442/af5e4b98db1910058adb0050568b6442.png
Requested by: Host: www.gregweeks.com
URL: https://www.gregweeks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a1a79906192ebb9c92eb5d39eca3a20c03e488b0005627869481d7d19dbe5108

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Sat, 31 Jul 2021 15:28:52 GMT
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
x-original-content-length: 16114
age: 4584742
x-cache: Hit from cloudfront
x-server-start-time: 1627745332850
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: aDk2Ht1hKr5-VAtXhBrVqauqRo0fE-19NGTAxjiTpe4q22FAUQsmDA==
last-modified: Wed, 16 Jan 2019 16:19:50 GMT
server: nginx
x-server-response-time: 50
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
content-length: 16114
x-amz-cf-id: U7L8JuV4CWTZH8zw8740Kdbm0cW3OXK0R56sLeHxOgB9kGb7EUJeuw==
expires: Sun, 31 Jul 2022 15:28:52 GMT

GET
H2 200 280409c0a99a4b57b3fde4f6ab502ed5_c0x0-1600x200_x1600.jpg
media.assets.sincrod.com/websites/content/gmps-weeks/generic/ 63 KB
64 KB 284ms
284ms Image
image/jpeg 65.9.71.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.assets.sincrod.com/websites/content/gmps-weeks/generic/280409c0a99a4b57b3fde4f6ab502ed5_c0x0-1600x200_x1600.jpg
Requested by: Host: www.gregweeks.com
URL: https://www.gregweeks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a440adc9d288087abe01a700ec479078c2cfde7b4d3f62e847a5da2ddafa3ae6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Wed, 22 Sep 2021 17:01:15 GMT
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
x-original-content-length: 112354
x-edge-origin-shield-skipped: 0
x-cache: Miss from cloudfront
x-server-start-time: 1632330075036
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: rZ5Owq-TPJnNhvfYQerTfyDPcY48ao6Z1TpJuWNTkWgfafejAmhA3A==
last-modified: Thu, 22 Apr 2021 22:32:44 GMT
server: nginx
x-server-response-time: 125
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
content-length: 64711
x-amz-cf-id: rZ5Owq-TPJnNhvfYQerTfyDPcY48ao6Z1TpJuWNTkWgfafejAmhA3A==
expires: Thu, 22 Sep 2022 17:01:15 GMT

GET
H2 200 / Show response
www.gregweeks.com/ 21 KB
7 KB 1680ms
1680ms XHR
text/html 143.204.207.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gregweeks.com/?format=pagediff&siteFrontPass=2&hashTreeUUID=cf43fc54-2164-4417-b1f1-40e8701d3751

Requested by

Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/hydra-graph/hydra-graph-1.0.23253/vendor/hydra-base/base/sitefront/Preload.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.207.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-207-117.fra53.r.cloudfront.net

Software

CDK-Websites /

Resource Hash

4483a662e464af610124eaa798ecdcfdae015ba669e638c1e4cc7018268cd001

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

x-page-referer
sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: JSESSIONID=2A3038A569889B4B828552752126EDD8
:path: /?format=pagediff&siteFrontPass=2&hashTreeUUID=cf43fc54-2164-4417-b1f1-40e8701d3751
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.gregweeks.com
referer: https://www.gregweeks.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
x-page-referer
Referer: https://www.gregweeks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Wed, 22 Sep 2021 17:01:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
nitra-side: b
vary: *
x-server-start-time: 1632330077998
logging-correlationid: gKOAblQMOk6t3C44gXv-Y07dvg4wPcTE4ZJ6lAWmrTiOKAZzbVVD7w==
pragma: no-cache
server: CDK-Websites
x-frame-options: sameorigin
x-server-response-time: 1063
strict-transport-security: max-age=7776000
content-type: text/html;charset=UTF-8
via: 1.1 a75b67932d84d80b40e12159613deb17.cloudfront.net (CloudFront)
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
set-cookie: visitorId=2A3038A569889B4B828552752126EDD8; Version=1; Comment="Tracking Visitors"; Max-Age=63072000; Expires=Fri, 22-Sep-2023 17:01:17 GMT; Secure sId=2A3038A569889B4B828552752126EDD8; Version=1; Comment="Tracking Sessions"; Max-Age=1800; Expires=Wed, 22-Sep-2021 17:31:17 GMT; Secure savedVehicleIds=%20; expires=Tue, 21 Sep 2021 17:01:16 GMT; path=/ x-hydra-version=UNSPECIFIED
content-length: 6144
x-amz-cf-id: gKOAblQMOk6t3C44gXv-Y07dvg4wPcTE4ZJ6lAWmrTiOKAZzbVVD7w==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 silver-lights-bg.png
media.assets.sincrod.com/design-deployer/dcw-designs-deployable/1.0.13489/package/designs/dcw-design-modern/assets/ 193 KB
194 KB 139ms
137ms Image
image/png 65.9.71.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.assets.sincrod.com/design-deployer/dcw-designs-deployable/1.0.13489/package/designs/dcw-design-modern/assets/silver-lights-bg.png
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/websites/generated/bundles/5.0-7746/tky/jts87irqjtrqcmsmddw==/bundle.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 4b091665879c59a7e15c7cf5f007efbbee790c5c5f843d9e4781c54f53d0e766

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://media.assets.sincrod.com/websites/generated/bundles/5.0-7746/tky/jts87irqjtrqcmsmddw==/bundle.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Mon, 20 Sep 2021 11:39:38 GMT
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
x-original-content-length: 197941
age: 192097
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
x-server-start-time: 1632137978543
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: SAqVcGq0lDT09h8fpFubdIhFkP-eXSaQ4-ma2gtvIHxGbxmlqA7TSg==
last-modified: Sat, 18 Sep 2021 06:04:12 GMT
server: nginx
x-server-response-time: 71
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
content-length: 197941
x-amz-cf-id: TVwu2T3B2Ap6FaQxjGubmeDjXH7p5QAJvwOTKVOtvZXch0PRGMr0uQ==
expires: Tue, 20 Sep 2022 11:39:38 GMT

GET
DATA 200
OK truncated
/ 311 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 61065452b9a409f83b95000fd546fd5d7b6b058ffb8113065e2224c755451a81

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 Roboto-Regular.woff2
media.assets.sincrod.com/agency/release/agency-web-fonts/fonts/ 10 KB
11 KB 44ms
18ms Font
application/font-woff2 65.9.71.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/agency/release/agency-web-fonts/fonts/Roboto-Regular.woff2
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/websites/generated/bundles/5.0-7746/tky/jts87irqjtrqcmsmddw==/bundle.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b6cb334272988052b287ab0af9b48c6cd1a53d2d685712a3941e90f4e8ba2e46

Request headers

Referer: https://media.assets.sincrod.com/websites/generated/bundles/5.0-7746/tky/jts87irqjtrqcmsmddw==/bundle.css
Origin: https://www.gregweeks.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Thu, 02 Sep 2021 04:58:09 GMT
via: 1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
x-original-content-length: 10292
age: 1771386
x-cache: Hit from cloudfront
x-server-start-time: 1630558689740
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: yyhBY06wKw4l6FrweFlFxpppc-MwBbQcykkASAgVo0bwNBzGpz71IA==
last-modified: Fri, 25 Jan 2019 22:10:28 GMT
server: nginx
x-server-response-time: 19
content-type: application/font-woff2
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
content-length: 10292
x-amz-cf-id: Em9M-ql3vqjl2mNCP1mbl7--hvPsGRif4cmoCEu8SFd8_Q56jnsTzg==
expires: Fri, 02 Sep 2022 04:58:09 GMT

GET
H2 200 ionicons-subset.woff
media.assets.sincrod.com/design-deployer/dcw-designs-deployable/1.0.13489/package/designs/dcw-design-base/fonts/ion-icons/ 10 KB
10 KB 35ms
9ms Font
application/font-woff 65.9.71.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/design-deployer/dcw-designs-deployable/1.0.13489/package/designs/dcw-design-base/fonts/ion-icons/ionicons-subset.woff
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/websites/generated/bundles/5.0-7746/tky/jts87irqjtrqcmsmddw==/bundle.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a57834c9a7978711d3d27a53b13e2a46548deee1685fb2e4a5561f256a2fcd91

Request headers

Referer: https://media.assets.sincrod.com/websites/generated/bundles/5.0-7746/tky/jts87irqjtrqcmsmddw==/bundle.css
Origin: https://www.gregweeks.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Mon, 20 Sep 2021 22:23:13 GMT
via: 1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
x-original-content-length: 9996
age: 153482
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
x-server-start-time: 1632176593627
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: JTmMUz5FUMiQCPv2Gy0axJ556m8OYTuZI6270wn04KrdmlnSE0ti2w==
last-modified: Sat, 18 Sep 2021 06:04:14 GMT
server: nginx
x-server-response-time: 19
content-type: application/font-woff
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
content-length: 9996
x-amz-cf-id: SWthBOO_ntco286OANG9FOSx5F2Z8X6wk81HHBt2JoT7YW8bX4n_WA==
expires: Tue, 20 Sep 2022 22:23:13 GMT

GET
H2 200 Roboto-Thin.woff2
media.assets.sincrod.com/agency/release/agency-web-fonts/fonts/ 17 KB
18 KB 41ms
16ms Font
application/font-woff2 65.9.71.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/agency/release/agency-web-fonts/fonts/Roboto-Thin.woff2
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/websites/generated/bundles/5.0-7746/tky/jts87irqjtrqcmsmddw==/bundle.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: fb8ba805dc281b018881a727961b9d112e7a76754e737865512dd65e68eb29d7

Request headers

Referer: https://media.assets.sincrod.com/websites/generated/bundles/5.0-7746/tky/jts87irqjtrqcmsmddw==/bundle.css
Origin: https://www.gregweeks.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Tue, 14 Sep 2021 22:10:39 GMT
via: 1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
x-original-content-length: 17504
age: 672636
x-cache: Hit from cloudfront
x-server-start-time: 1631657439431
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: azsg6n4ULZBVfDXPWsjKssvqYR9GMCv1HZzAt7O2niiSpZl9Rjnx8A==
last-modified: Fri, 25 Jan 2019 22:10:29 GMT
server: nginx
x-server-response-time: 15
content-type: application/font-woff2
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
content-length: 17504
x-amz-cf-id: zRlcTpRwRva3Y10a4KOQ1jUt1GQbF28mObeV6BH9oUgQ5Q2x9bhOig==
expires: Wed, 14 Sep 2022 22:10:39 GMT

GET
H2 200 bundle.js Show response
media.assets.sincrod.com/websites/generated/bundles/5.0-7746/iek/1p-gu2wri793uk2oczq==/ 579 KB
168 KB 15ms
12ms Script
application/javascript 65.9.71.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/websites/generated/bundles/5.0-7746/iek/1p-gu2wri793uk2oczq==/bundle.js
Requested by: Host: www.gregweeks.com
URL: https://www.gregweeks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 602945730c77528e1f91c9d168eb2b680813b6dce0205abb0a77867e0ae7907d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Wed, 22 Sep 2021 14:08:45 GMT
content-encoding: gzip
x-original-content-length: 592778
age: 10350
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
x-server-start-time: 1632319725198
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: Nt97GdTwpUBOttSIoeZt-bVZNccYl7j-U7EHaHCL1-M2uszvKMjx_w==
access-control-allow-origin: *
last-modified: Wed, 22 Sep 2021 10:30:56 GMT
server: nginx
x-server-response-time: 74
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: mQzlpZqHgZj7Rif1PLP_ZaWdQwcG4SYaWa_Ztgo6kJHJmgZuMqzXLw==
expires: Thu, 22 Sep 2022 14:08:45 GMT

GET
H2 200 pixeltag.js Show response
wsassets.cobalt.com/websites/dynamic/bundles/5.0-7746/tyl/weklwp6tddcbmxiw8vq==/ 24 KB
7 KB 416ms
23ms Script
application/javascript 99.86.4.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wsassets.cobalt.com/websites/dynamic/bundles/5.0-7746/tyl/weklwp6tddcbmxiw8vq==/pixeltag.js?webId=gmps-weeks&locale=en_US&originalDomain=http%3A%2F%2Fwww.gregweeks.com%2F
Requested by: Host: www.gregweeks.com
URL: https://www.gregweeks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-70.fra6.r.cloudfront.net
Software: CDK-Websites /
Resource Hash: c074a4f072dec3b0fd2b0192943004e31b4f0923e2ff3ac8a2ea86d7b98dc60e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Fri, 17 Sep 2021 13:46:23 GMT
content-encoding: gzip
age: 443692
x-cache: Hit from cloudfront
nitra-side: b
x-server-start-time: 1631886385774
logging-correlationid: LmqGXecXRmI72-hkUoUr3P4rmnYN4IPBTAHk8Uk6dYrg-gYnppuBsA==
server: CDK-Websites
etag: tylweklwp6tddcbmxiw8vq==
x-server-response-time: 7
content-type: application/javascript;charset=ISO-8859-1
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA6-C1
content-length: 6600
x-amz-cf-id: Uk5zRb_9L-M2m4m0WLuQ8FMKyU79EnUwLPce_LZ4ehpZosB9MKPFsg==
expires: Sat, 17 Sep 2022 13:46:25 GMT

GET
H2 200 canvas-bg.png
media.assets.sincrod.com/design-deployer/dcw-designs-deployable/1.0.13489/package/designs/dcw-design-modern/assets/ 183 KB
184 KB 16ms
16ms Image
image/png 65.9.71.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.assets.sincrod.com/design-deployer/dcw-designs-deployable/1.0.13489/package/designs/dcw-design-modern/assets/canvas-bg.png
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/websites/generated/bundles/5.0-7746/tky/jts87irqjtrqcmsmddw==/bundle.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 50c479b06b3adac94144f38b75a54db5f5adea5bd5a346490653bafac26fa655

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://media.assets.sincrod.com/websites/generated/bundles/5.0-7746/tky/jts87irqjtrqcmsmddw==/bundle.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Mon, 20 Sep 2021 11:30:08 GMT
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
x-original-content-length: 187537
age: 192667
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
x-server-start-time: 1632137408167
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: ZfWXIIsBCQFS6lU_rgvdvyGv0jJUDYDrDGw39mLy9SHwMaFl8cdQRQ==
last-modified: Sat, 18 Sep 2021 06:04:12 GMT
server: nginx
x-server-response-time: 37
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
content-length: 187537
x-amz-cf-id: euaur_KhiUR-C6bAggpsqV_6cstfJCQirBkAMHa7CU95w9oDocyeRw==
expires: Tue, 20 Sep 2022 11:30:08 GMT

POST
H2 200 service Show response
www.gregweeks.com/route/ 44 B
940 B 616ms
610ms XHR
application/json 143.204.207.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gregweeks.com/route/service

Requested by

Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/websites/generated/bundles/5.0-7746/iek/1p-gu2wri793uk2oczq==/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.207.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-207-117.fra53.r.cloudfront.net

Software

CDK-Websites /

Resource Hash

dbab65929cb6541dbbe70cc31350a83500a62d961d8ff970bc5b3dd43bf058ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-fetch-mode: cors
origin: https://www.gregweeks.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: JSESSIONID=2A3038A569889B4B828552752126EDD8
content-length: 1191
:path: /route/service
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/x-www-form-urlencoded; charset=UTF-8
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: www.gregweeks.com
referer: https://www.gregweeks.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gregweeks.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-origin-id: cdk-pdx
date: Wed, 22 Sep 2021 17:01:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
vary: *
x-server-start-time: 1632330078766
x-amz-cf-id: 93VyqdQ4PDiITflcjUOdAiCRxp5o9VGchaFdgMqbFPIcfDfwPhwI1w==
logging-correlationid: 93VyqdQ4PDiITflcjUOdAiCRxp5o9VGchaFdgMqbFPIcfDfwPhwI1w==
pragma: no-cache
access-control-allow-origin: https://www.gregweeks.com
server: CDK-Websites
x-frame-options: sameorigin
x-server-response-time: 9
strict-transport-security: max-age=7776000
content-type: application/json;charset=utf-8
via: 1.1 a75b67932d84d80b40e12159613deb17.cloudfront.net (CloudFront)
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
set-cookie: visitorId=2A3038A569889B4B828552752126EDD8; Version=1; Comment="Tracking Visitors"; Max-Age=63072000; Expires=Fri, 22-Sep-2023 17:01:18 GMT; Secure sId=2A3038A569889B4B828552752126EDD8; Version=1; Comment="Tracking Sessions"; Max-Age=1800; Expires=Wed, 22-Sep-2021 17:31:18 GMT; Secure
content-length: 64
nitra-side: b
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 annyang.min.js Show response
cdnjs.cloudflare.com/ajax/libs/annyang/2.6.0/ 4 KB
2 KB 41ms
10ms Script
application/javascript 104.16.18.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/annyang/2.6.0/annyang.min.js

Requested by

Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/websites/generated/bundles/5.0-7746/iek/1p-gu2wri793uk2oczq==/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

272b9ff60113bccbe6ae7a3bbfb5656ef98a1c0364639ed13e598c1cdaacb37c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1793955
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1753
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d2a-1167"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IJZ1XCyvKaLTY0BjO0bsyr995eroMFnn8M%2B7NvBXw3fCjiqd%2F%2BVWZYnJGnFUsI6aceB%2F783bx9GUp38paQC7Tc57Er%2FvgKTQ7wJXftY16RS%2FwzecwtFjL4fQQ3CF940fJWAxRjwx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 692d181d9bfb16ea-FRA
expires: Mon, 12 Sep 2022 17:01:15 GMT

GET
H2 200 c83ecf10c1844ac08e4bc7d59801b8e4_c51x0-798x600_x798.png
media.assets.sincrod.com/websites/content/gmps-weeks// 254 KB
255 KB 437ms
435ms Image
image/png 65.9.71.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.assets.sincrod.com/websites/content/gmps-weeks//c83ecf10c1844ac08e4bc7d59801b8e4_c51x0-798x600_x798.png
Requested by: Host: www.gregweeks.com
URL: https://www.gregweeks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: edc87068c09bef8879b68390f62984f343cbf1e3e1327a3c09601b0b02175126

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Wed, 22 Sep 2021 17:01:16 GMT
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
x-original-content-length: 231320
x-edge-origin-shield-skipped: 0
x-cache: Miss from cloudfront
x-server-start-time: 1632330075891
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: nlqQMnpZjbRWln_FYcedLPoTeO8yRJimt9SQ4wwDbqUH2Hs_GsH6eQ==
last-modified: Fri, 20 Aug 2021 15:15:42 GMT
server: nginx
x-server-response-time: 279
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
content-length: 259911
x-amz-cf-id: nlqQMnpZjbRWln_FYcedLPoTeO8yRJimt9SQ4wwDbqUH2Hs_GsH6eQ==
expires: Thu, 22 Sep 2022 17:01:16 GMT

GET
H2 200 7c6cac8575044d168e0cbecbc9570d35_c51x0-798x600_x798.png
media.assets.sincrod.com/websites/content/gmps-weeks// 145 KB
146 KB 371ms
368ms Image
image/png 65.9.71.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.assets.sincrod.com/websites/content/gmps-weeks//7c6cac8575044d168e0cbecbc9570d35_c51x0-798x600_x798.png
Requested by: Host: www.gregweeks.com
URL: https://www.gregweeks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1e2c21cd3e33a2279a7afa6a6188ff84f28fe37335f9c1b47ba1abe1b6680a3d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Wed, 22 Sep 2021 17:01:16 GMT
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
x-original-content-length: 141833
x-edge-origin-shield-skipped: 0
x-cache: Miss from cloudfront
x-server-start-time: 1632330075905
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: Lyx3id1nxOyfb0H6i211puwF-jROv9i_33sGnLSSQcksAp6cntEoMw==
last-modified: Fri, 20 Aug 2021 15:17:27 GMT
server: nginx
x-server-response-time: 197
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
content-length: 148857
x-amz-cf-id: Lyx3id1nxOyfb0H6i211puwF-jROv9i_33sGnLSSQcksAp6cntEoMw==
expires: Thu, 22 Sep 2022 17:01:16 GMT

GET
H2 200 090ca55b8fe64115bc74cee4960f2ad6_c51x0-798x600_x798.png
media.assets.sincrod.com/websites/content/gmps-weeks// 332 KB
333 KB 419ms
416ms Image
image/png 65.9.71.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.assets.sincrod.com/websites/content/gmps-weeks//090ca55b8fe64115bc74cee4960f2ad6_c51x0-798x600_x798.png
Requested by: Host: www.gregweeks.com
URL: https://www.gregweeks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 3d401301481c1da1ee56b7ca5c57ad969f0a9dd795f265efc7d492248684dd9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Wed, 22 Sep 2021 17:01:16 GMT
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
x-original-content-length: 317098
x-edge-origin-shield-skipped: 0
x-cache: Miss from cloudfront
x-server-start-time: 1632330075895
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: j2Rb-3F7qdfyeKEixuD6JwipD84K5D21mijun2cE7c075gaJYcFZ7w==
last-modified: Fri, 20 Aug 2021 17:10:36 GMT
server: nginx
x-server-response-time: 257
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
content-length: 340375
x-amz-cf-id: j2Rb-3F7qdfyeKEixuD6JwipD84K5D21mijun2cE7c075gaJYcFZ7w==
expires: Thu, 22 Sep 2022 17:01:16 GMT

GET
H2 200 ext_GAZ_deg01.jpg
inv.assets.sincrod.com/RTT/Chevrolet/2020/4251033/default/ 43 KB
44 KB 152ms
15ms Image
image/jpeg 99.86.4.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://inv.assets.sincrod.com/RTT/Chevrolet/2020/4251033/default/ext_GAZ_deg01.jpg
Requested by: Host: www.gregweeks.com
URL: https://www.gregweeks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-101.fra6.r.cloudfront.net
Software: nginx /
Resource Hash: fa87f219afd129892c595142de9ebc3d827ed310d23eb364420ee7dfd4d77bf5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 14:08:46 GMT
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
x-original-content-length: 44250
age: 10349
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
x-server-start-time: 1632189161076
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: CI5NpWwQEsLZXSsa-fcFeASyzEaR9xID28ueHjaEGCmrSLlesIv46w==
last-modified: Sun, 27 Dec 2020 01:08:36 GMT
server: nginx
x-server-response-time: 73
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=86400
x-amz-cf-pop: FRA6-C1
content-length: 44250
x-amz-cf-id: 2wN6qtdNRynknofBZ6cfwXsSJ_ziqoM8prO3JxNDJv0QULubl9uCaQ==
expires: Wed, 22 Sep 2021 01:52:41 GMT

GET
H2 200 28855191686.jpg
inv.assets.sincrod.com/6/8/6/ 48 KB
48 KB 159ms
23ms Image
image/jpeg 99.86.4.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://inv.assets.sincrod.com/6/8/6/28855191686.jpg
Requested by: Host: www.gregweeks.com
URL: https://www.gregweeks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-101.fra6.r.cloudfront.net
Software: nginx /
Resource Hash: 0ddeca77618cdec9e8e48ded07ec9407fe397587eeacfd2326fe69013cd9f06e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 14:08:46 GMT
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
x-original-content-length: 48886
age: 10349
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
x-server-start-time: 1632319726740
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: WyBvedSApBtNxMmA-GekYRBQgyy3KaCvxZBR_LM22jN1OCMLAosdZw==
last-modified: Wed, 22 Sep 2021 09:15:54 GMT
server: nginx
x-server-response-time: 53
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA6-C1
content-length: 48886
x-amz-cf-id: LCdUFzWR83_HhrH6klmWz4t1c7O7R2W9djgVwqrOK0hOQnC6N7zvxg==
expires: Thu, 22 Sep 2022 14:08:46 GMT

GET
H2 200 28855187685.jpg
inv.assets.sincrod.com/5/8/6/ 49 KB
49 KB 161ms
25ms Image
image/jpeg 99.86.4.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://inv.assets.sincrod.com/5/8/6/28855187685.jpg
Requested by: Host: www.gregweeks.com
URL: https://www.gregweeks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-101.fra6.r.cloudfront.net
Software: nginx /
Resource Hash: aa7a4937520a3c55cf8fe7646b1c4d2298eb47f435c76937674f0ccf66bb6025

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 14:08:46 GMT
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
x-original-content-length: 49673
age: 10349
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
x-server-start-time: 1632319726804
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: VBUqw771HNeMwlCYs9-Hb4eS7gMhM9AMsanJbA2W6CY300_J0OvzGg==
last-modified: Wed, 22 Sep 2021 09:15:07 GMT
server: nginx
x-server-response-time: 23
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA6-C1
content-length: 49673
x-amz-cf-id: f9DRoi4TU2a9KagoDa5oUOUnQe0PLaJmFqgrEJingnMQ3zwgxLGPWA==
expires: Thu, 22 Sep 2022 14:08:46 GMT

GET
H2 200 ext_G0Y_deg01.jpg
inv.assets.sincrod.com/RTT/Buick/2019/4071093/default/ 23 KB
24 KB 355ms
219ms Image
image/jpeg 99.86.4.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://inv.assets.sincrod.com/RTT/Buick/2019/4071093/default/ext_G0Y_deg01.jpg
Requested by: Host: www.gregweeks.com
URL: https://www.gregweeks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-101.fra6.r.cloudfront.net
Software: nginx /
Resource Hash: 0dde7fcea7d82d932785f39535dabc190085acd44ca2ea54baa8ad9ec7464269

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:16 GMT
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
x-original-content-length: 23471
x-edge-origin-shield-skipped: 0
x-cache: Miss from cloudfront
x-server-start-time: 1632330076038
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: tCe5Y1qYFW4m_S2Z1etliTWFxQu9Udr379vuTzWU2nFd2wweJ3nudA==
last-modified: Mon, 01 Oct 2018 19:05:15 GMT
server: nginx
x-server-response-time: 50
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=86400
x-amz-cf-pop: FRA6-C1
content-length: 23471
x-amz-cf-id: tCe5Y1qYFW4m_S2Z1etliTWFxQu9Udr379vuTzWU2nFd2wweJ3nudA==
expires: Thu, 23 Sep 2021 17:01:16 GMT

GET
H2 200 ext_GAZ_deg01.jpg
inv.assets.sincrod.com/RTT/Buick/2019/4071443/default/ 23 KB
23 KB 344ms
209ms Image
image/jpeg 99.86.4.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://inv.assets.sincrod.com/RTT/Buick/2019/4071443/default/ext_GAZ_deg01.jpg
Requested by: Host: www.gregweeks.com
URL: https://www.gregweeks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-101.fra6.r.cloudfront.net
Software: nginx /
Resource Hash: 84ca8d2705b50ed46df316ee330f4598dc6c5b01e0b7255abb8b5fac0a2371fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:16 GMT
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
x-original-content-length: 23354
x-edge-origin-shield-skipped: 0
x-cache: Miss from cloudfront
x-server-start-time: 1632330076034
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: orq75A2LfEp5DjqV9eGP6Elzv9iHgA4-XU2R27Dy71kIsgI-Wd_bRQ==
last-modified: Mon, 01 Oct 2018 19:05:41 GMT
server: nginx
x-server-response-time: 46
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=86400
x-amz-cf-pop: FRA6-C1
content-length: 23354
x-amz-cf-id: orq75A2LfEp5DjqV9eGP6Elzv9iHgA4-XU2R27Dy71kIsgI-Wd_bRQ==
expires: Thu, 23 Sep 2021 17:01:16 GMT

GET
H2 200 ext_G1W_deg01.jpg
inv.assets.sincrod.com/RTT/Buick/2017/3273303/default/ 28 KB
29 KB 332ms
197ms Image
image/jpeg 99.86.4.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://inv.assets.sincrod.com/RTT/Buick/2017/3273303/default/ext_G1W_deg01.jpg
Requested by: Host: www.gregweeks.com
URL: https://www.gregweeks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-101.fra6.r.cloudfront.net
Software: nginx /
Resource Hash: e50c5fa4413277c75b1b83e4ca87bf94a9e58cbb6c0937114735ec952fee93f0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:16 GMT
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
x-original-content-length: 29162
x-edge-origin-shield-skipped: 0
x-cache: Miss from cloudfront
x-server-start-time: 1632330076034
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: URYOZGr88x6-w7h1GRE4zD2ayWsX7eq_vAgcfNi6nTA0zFPmxNC-Vg==
last-modified: Wed, 13 Jun 2018 15:51:07 GMT
server: nginx
x-server-response-time: 35
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=86400
x-amz-cf-pop: FRA6-C1
content-length: 29162
x-amz-cf-id: URYOZGr88x6-w7h1GRE4zD2ayWsX7eq_vAgcfNi6nTA0zFPmxNC-Vg==
expires: Thu, 23 Sep 2021 17:01:16 GMT

GET
H2 200 28850847757.jpg
inv.assets.sincrod.com/7/5/7/ 51 KB
52 KB 240ms
224ms Image
image/jpeg 99.86.4.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://inv.assets.sincrod.com/7/5/7/28850847757.jpg
Requested by: Host: www.gregweeks.com
URL: https://www.gregweeks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-101.fra6.r.cloudfront.net
Software: nginx /
Resource Hash: 984b4e1426e4537cc4ec4fe92faa1eeac51ed6605781e02022bc2dfb449ff4dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:16 GMT
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
x-original-content-length: 52480
x-edge-origin-shield-skipped: 0
x-cache: Miss from cloudfront
x-server-start-time: 1632330076050
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: nEy23kDgjX0AS4lR54QLo6L-88xq86VDe4fWoaMTPzOXzF5NnUa0HA==
last-modified: Tue, 21 Sep 2021 09:21:21 GMT
server: nginx
x-server-response-time: 55
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA6-C1
content-length: 52480
x-amz-cf-id: nEy23kDgjX0AS4lR54QLo6L-88xq86VDe4fWoaMTPzOXzF5NnUa0HA==
expires: Thu, 22 Sep 2022 17:01:16 GMT

GET
H2 200 ext_GAZ_deg01.jpg
inv.assets.sincrod.com/RTT/Buick/2017/3273383/default/ 28 KB
29 KB 281ms
265ms Image
image/jpeg 99.86.4.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://inv.assets.sincrod.com/RTT/Buick/2017/3273383/default/ext_GAZ_deg01.jpg
Requested by: Host: www.gregweeks.com
URL: https://www.gregweeks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-101.fra6.r.cloudfront.net
Software: nginx /
Resource Hash: 8ed811c9190d82a788240c166046d1457fc0ec7a2525461b80a8a2d20058d0bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:16 GMT
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
x-original-content-length: 28612
x-edge-origin-shield-skipped: 0
x-cache: Miss from cloudfront
x-server-start-time: 1632330076051
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: aLCk0v7dKYY1IBIuni6IDNEYOh62wJfkL-S1C5wehVps3gzHsRnDLQ==
last-modified: Wed, 13 Jun 2018 15:51:06 GMT
server: nginx
x-server-response-time: 102
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=86400
x-amz-cf-pop: FRA6-C1
content-length: 28612
x-amz-cf-id: aLCk0v7dKYY1IBIuni6IDNEYOh62wJfkL-S1C5wehVps3gzHsRnDLQ==
expires: Thu, 23 Sep 2021 17:01:16 GMT

GET
H2 200 28855175578.jpg
inv.assets.sincrod.com/8/7/5/ 46 KB
47 KB 256ms
240ms Image
image/jpeg 99.86.4.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://inv.assets.sincrod.com/8/7/5/28855175578.jpg
Requested by: Host: www.gregweeks.com
URL: https://www.gregweeks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-101.fra6.r.cloudfront.net
Software: nginx /
Resource Hash: 36d8c551ec4abc2c114688355ecea26e5ede190b776b2ba2fa75bd69d2da3dec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:16 GMT
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
x-original-content-length: 47518
x-edge-origin-shield-skipped: 0
x-cache: Miss from cloudfront
x-server-start-time: 1632330076056
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: sxZhWvDfTTei5mMO0T1p2uZFRA6LgqFaNnZ1nyJYU1j53Y8GMkKXXQ==
last-modified: Wed, 22 Sep 2021 09:10:30 GMT
server: nginx
x-server-response-time: 66
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA6-C1
content-length: 47518
x-amz-cf-id: sxZhWvDfTTei5mMO0T1p2uZFRA6LgqFaNnZ1nyJYU1j53Y8GMkKXXQ==
expires: Thu, 22 Sep 2022 17:01:16 GMT

GET
H2 200 noImage_large.png
media.assets.sincrod.com/websites/5.0-7746/websitesEar/websitesWebApp/css/common/images/en_US/ 13 KB
13 KB 22ms
14ms Image
image/png 65.9.71.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.assets.sincrod.com/websites/5.0-7746/websitesEar/websitesWebApp/css/common/images/en_US/noImage_large.png
Requested by: Host: www.gregweeks.com
URL: https://www.gregweeks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c186a8a426a5633cc480e4966f3c88619666890206c53631792e4bf9499d2aaa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Thu, 16 Sep 2021 09:36:45 GMT
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
x-original-content-length: 12878
age: 545070
x-cache: Hit from cloudfront
x-server-start-time: 1631785005730
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: ppMCYsWm0u5bpk9lSV1wmokMpBA92pY7HEryE6SL6VBoz7c8ltEy6g==
last-modified: Thu, 16 Sep 2021 03:21:03 GMT
server: nginx
x-server-response-time: 30
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
content-length: 12878
x-amz-cf-id: V5TmLpjS2_pnZPlFxBlbhJpnkM95CsUxWjJXL3qaCQDAR4I1EGsfiA==
expires: Fri, 16 Sep 2022 09:36:45 GMT

GET
H2 200 28855182452.jpg
inv.assets.sincrod.com/2/5/4/ 59 KB
60 KB 199ms
184ms Image
image/jpeg 99.86.4.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://inv.assets.sincrod.com/2/5/4/28855182452.jpg
Requested by: Host: www.gregweeks.com
URL: https://www.gregweeks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-101.fra6.r.cloudfront.net
Software: nginx /
Resource Hash: 13696c6afc15b0e9b5d7a626e55561316cb6dae717346398b0c2df2cc9168c41

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:16 GMT
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
x-original-content-length: 60303
x-edge-origin-shield-skipped: 0
x-cache: Miss from cloudfront
x-server-start-time: 1632330076047
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: wSJ_-oR98LPqs7Ao39mxRSc9w3Gjt-ZOZZkToWdUbsm51irwwGzMDw==
last-modified: Wed, 22 Sep 2021 09:13:38 GMT
server: nginx
x-server-response-time: 30
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA6-C1
content-length: 60303
x-amz-cf-id: wSJ_-oR98LPqs7Ao39mxRSc9w3Gjt-ZOZZkToWdUbsm51irwwGzMDw==
expires: Thu, 22 Sep 2022 17:01:16 GMT

GET
H2 200 28850892413.jpg
inv.assets.sincrod.com/3/1/4/ 46 KB
47 KB 219ms
204ms Image
image/jpeg 99.86.4.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://inv.assets.sincrod.com/3/1/4/28850892413.jpg
Requested by: Host: www.gregweeks.com
URL: https://www.gregweeks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-101.fra6.r.cloudfront.net
Software: nginx /
Resource Hash: 510f7026d86d77f8ec7f68f8ec4949508d57a9c4f5ef60776ebb3c4349863fcb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:16 GMT
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
x-original-content-length: 47308
x-edge-origin-shield-skipped: 0
x-cache: Miss from cloudfront
x-server-start-time: 1632330076052
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: HOTGnd1wh7NCFzscXBwLi0paJs2HsKsqk3bitNJLzL2z6oPbcmEKGw==
last-modified: Tue, 21 Sep 2021 09:28:31 GMT
server: nginx
x-server-response-time: 37
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA6-C1
content-length: 47308
x-amz-cf-id: HOTGnd1wh7NCFzscXBwLi0paJs2HsKsqk3bitNJLzL2z6oPbcmEKGw==
expires: Thu, 22 Sep 2022 17:01:16 GMT

GET
H2 200 ext_GAZ_deg01.jpg
inv.assets.sincrod.com/RTT/Buick/2020/4250533/default/ 20 KB
20 KB 34ms
19ms Image
image/jpeg 99.86.4.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://inv.assets.sincrod.com/RTT/Buick/2020/4250533/default/ext_GAZ_deg01.jpg
Requested by: Host: www.gregweeks.com
URL: https://www.gregweeks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-101.fra6.r.cloudfront.net
Software: nginx /
Resource Hash: ff6d0419e84868e94225aa92f79130854b6d2f17cd2a1fa14814ea434feff5a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 19:37:57 GMT
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
x-original-content-length: 20092
age: 76997
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
x-server-start-time: 1632253077888
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: zodFMW88dOMoYE3wQjVkW991KW9g0hHN6aoGCemJ9dd6YuuaOQwSSA==
last-modified: Sun, 27 Dec 2020 01:37:36 GMT
server: nginx
x-server-response-time: 50
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=86400
x-amz-cf-pop: FRA6-C1
content-length: 20092
x-amz-cf-id: XHIXG6zkXrycEsKs5alnPVQ2LX5hIzGv1bB0LXc3JjVmNSXVYwXo8Q==
expires: Wed, 22 Sep 2021 19:37:57 GMT

GET
H2 200 28850891195.jpg
inv.assets.sincrod.com/5/9/1/ 50 KB
51 KB 218ms
202ms Image
image/jpeg 99.86.4.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://inv.assets.sincrod.com/5/9/1/28850891195.jpg
Requested by: Host: www.gregweeks.com
URL: https://www.gregweeks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-101.fra6.r.cloudfront.net
Software: nginx /
Resource Hash: 3db11fa01d164ee166042d10fa1bd99f81f9d09f81c7917a5b9f81a4e36166b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:16 GMT
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
x-original-content-length: 51266
x-edge-origin-shield-skipped: 0
x-cache: Miss from cloudfront
x-server-start-time: 1632330076054
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: 2jh3GRqC3DVq0SySYaPxSzS3gzuJBi3u5U7p9QiTXc5Kd1OS8hOaHQ==
last-modified: Tue, 21 Sep 2021 09:28:20 GMT
server: nginx
x-server-response-time: 35
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA6-C1
content-length: 51266
x-amz-cf-id: 2jh3GRqC3DVq0SySYaPxSzS3gzuJBi3u5U7p9QiTXc5Kd1OS8hOaHQ==
expires: Thu, 22 Sep 2022 17:01:16 GMT

GET
H2 200 28850800105.jpg
inv.assets.sincrod.com/5/0/1/ 46 KB
47 KB 248ms
233ms Image
image/jpeg 99.86.4.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://inv.assets.sincrod.com/5/0/1/28850800105.jpg
Requested by: Host: www.gregweeks.com
URL: https://www.gregweeks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-101.fra6.r.cloudfront.net
Software: nginx /
Resource Hash: 477548f35111b804dbae065c1cb322199726613f224199b94bf44c31d048dca3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:16 GMT
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
x-original-content-length: 47081
x-edge-origin-shield-skipped: 0
x-cache: Miss from cloudfront
x-server-start-time: 1632330076054
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: u406d7OWG7jpMjxq8P3f9SuA-WTlmpJ2Yma4-WE_wZeNsraA88AI-Q==
last-modified: Tue, 21 Sep 2021 09:13:14 GMT
server: nginx
x-server-response-time: 57
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA6-C1
content-length: 47081
x-amz-cf-id: u406d7OWG7jpMjxq8P3f9SuA-WTlmpJ2Yma4-WE_wZeNsraA88AI-Q==
expires: Thu, 22 Sep 2022 17:01:16 GMT

GET
H2 200 5b1fb5f68a33421aa98eeacd92c08d5b_c0x0-1600x686_x1600.jpg
media.assets.sincrod.com/websites/content/gmps-weeks/generic/ 116 KB
117 KB 374ms
367ms Image
image/jpeg 65.9.71.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.assets.sincrod.com/websites/content/gmps-weeks/generic/5b1fb5f68a33421aa98eeacd92c08d5b_c0x0-1600x686_x1600.jpg
Requested by: Host: www.gregweeks.com
URL: https://www.gregweeks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 42eddbe32d2c51de10d14296e19e6477756db7753d1fbb83fcfbb911fbe8e7f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Wed, 22 Sep 2021 17:01:16 GMT
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
x-original-content-length: 206865
x-edge-origin-shield-skipped: 0
x-cache: Miss from cloudfront
x-server-start-time: 1632330075907
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: dOOfGRAG4MupR9GKJADK0idPqRB7eSgZ_elLA7t9As8No5ICHqS7sg==
last-modified: Thu, 19 Mar 2020 18:30:45 GMT
server: nginx
x-server-response-time: 197
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
content-length: 118703
x-amz-cf-id: dOOfGRAG4MupR9GKJADK0idPqRB7eSgZ_elLA7t9As8No5ICHqS7sg==
expires: Thu, 22 Sep 2022 17:01:16 GMT

GET
H2 200 a8bd5cd2cdfa47cb8633896471ba1efe_c0x0-1600x686_x1600.jpg
media.assets.sincrod.com/websites/content/cblt-ms-gmps-en-us/generic/ 101 KB
102 KB 22ms
16ms Image
image/jpeg 65.9.71.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.assets.sincrod.com/websites/content/cblt-ms-gmps-en-us/generic/a8bd5cd2cdfa47cb8633896471ba1efe_c0x0-1600x686_x1600.jpg
Requested by: Host: www.gregweeks.com
URL: https://www.gregweeks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e716deded6e90424b2ba7c37bf29668d796892af11f0c09b81e42a036b732355

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Mon, 20 Sep 2021 13:16:16 GMT
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
x-original-content-length: 170497
age: 186299
x-cache: Hit from cloudfront
x-server-start-time: 1632143776329
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: eetvKNSrXHhna8jx5eMNN9acA7jf4wiwLAwh_CrnQb8P60B184_jyQ==
last-modified: Thu, 09 Apr 2020 17:19:50 GMT
server: nginx
x-server-response-time: 145
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
content-length: 103872
x-amz-cf-id: 9dgwuxbvkJR5rj2u5PLO-X5vVWnLg9PlKJNyInDRnuhYGP8wa2KPUw==
expires: Tue, 20 Sep 2022 13:16:16 GMT

GET
H2 200 55be630fd42042f38de35e231c9a0dfa_c0x0-1600x686_x1600.jpg
media.assets.sincrod.com/websites/content/cblt-ms-gmps-en-us/generic/ 251 KB
252 KB 21ms
16ms Image
image/jpeg 65.9.71.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.assets.sincrod.com/websites/content/cblt-ms-gmps-en-us/generic/55be630fd42042f38de35e231c9a0dfa_c0x0-1600x686_x1600.jpg
Requested by: Host: www.gregweeks.com
URL: https://www.gregweeks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c28b0961e5a0dc89d3d6d75d2dda96fbd855400fe55b077ddb04a4fde96ed175

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Mon, 20 Sep 2021 11:24:48 GMT
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
x-original-content-length: 440516
age: 192987
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
x-server-start-time: 1632137087948
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: YEw41P8XGs48OWlUjrwaEnNoSM2p-25sbw21T7XnS5nEO150TPHvaw==
last-modified: Tue, 07 Sep 2021 17:51:59 GMT
server: nginx
x-server-response-time: 175
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
content-length: 257291
x-amz-cf-id: cAyF8tAHF-frlQXL0YH5HhFCQXYpFPrz-yX5TZrjsPLt8sVHgyQImQ==
expires: Tue, 20 Sep 2022 11:24:48 GMT

GET
H2 200 c07e3965846f4485ae7e8568c9a0f4a2_c0x0-1600x686_x1600.jpg
media.assets.sincrod.com/websites/content/cblt-ms-gmps-en-us/generic/ 184 KB
184 KB 32ms
26ms Image
image/jpeg 65.9.71.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.assets.sincrod.com/websites/content/cblt-ms-gmps-en-us/generic/c07e3965846f4485ae7e8568c9a0f4a2_c0x0-1600x686_x1600.jpg
Requested by: Host: www.gregweeks.com
URL: https://www.gregweeks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b997f44a5657e55223f98b65729a1c9787ff85ee2c7d07a4de0ee3e84b5c17d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Mon, 20 Sep 2021 11:27:27 GMT
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
x-original-content-length: 295117
age: 192828
x-cache: Hit from cloudfront
x-server-start-time: 1632137246853
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: DSWzx47os9a9u3TS_494ISTBz8FH06jeNkMy5c18cCD-3bbMsi68KA==
last-modified: Wed, 01 Sep 2021 20:54:53 GMT
server: nginx
x-server-response-time: 179
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
content-length: 188118
x-amz-cf-id: WL_ZWUztmo8YPmzPoi38NUpxhsdeVUaLjDaknqUgQ1UJLsxAmwQtFw==
expires: Tue, 20 Sep 2022 11:27:27 GMT

GET
H2 200 52ddb30cb3064bc99cb2087d8f12d39e_c0x0-1600x686_x1600.jpg
media.assets.sincrod.com/websites/content/cblt-ms-gmps-en-us/generic/ 236 KB
237 KB 22ms
17ms Image
image/jpeg 65.9.71.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.assets.sincrod.com/websites/content/cblt-ms-gmps-en-us/generic/52ddb30cb3064bc99cb2087d8f12d39e_c0x0-1600x686_x1600.jpg
Requested by: Host: www.gregweeks.com
URL: https://www.gregweeks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6eba17755675efe597ed1d6b33a2a839fab64f54678d7ea73e747233d8492257

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Mon, 20 Sep 2021 11:27:14 GMT
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
x-original-content-length: 384318
age: 192841
x-cache: Hit from cloudfront
x-server-start-time: 1632137234591
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: l_WF-E4WoIwLKaPFzIalY2ec9OMWf2jCmLNWq9LbjEvk6Bx_ggYW8A==
last-modified: Tue, 31 Aug 2021 18:18:07 GMT
server: nginx
x-server-response-time: 183
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
content-length: 241301
x-amz-cf-id: 2eHUKdULLY9q7SUz8w1RBwDOxNFKnoi0TZw93Q-_J6lIiUEPAePHiQ==
expires: Tue, 20 Sep 2022 11:27:14 GMT

GET
H2 200 f8592bce984f4c97bfd1a5628f1488f6_c0x0-1600x686_x1600.jpg
media.assets.sincrod.com/websites/content/cblt-ms-gmps-en-us/generic/ 204 KB
205 KB 23ms
20ms Image
image/jpeg 65.9.71.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.assets.sincrod.com/websites/content/cblt-ms-gmps-en-us/generic/f8592bce984f4c97bfd1a5628f1488f6_c0x0-1600x686_x1600.jpg
Requested by: Host: www.gregweeks.com
URL: https://www.gregweeks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a0a5eaa72d4f4ad6d507aa2ab9fab84d6b88f86797bc570ba380c4aebd98bb1a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Mon, 20 Sep 2021 11:30:06 GMT
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
x-original-content-length: 321738
age: 192669
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
x-server-start-time: 1632137406460
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: uUJ3hQdLOL6ceqO_SavLHckJ4nvSpwaKenvkrZl5Xsm95gGYEZhkow==
last-modified: Tue, 31 Aug 2021 17:01:45 GMT
server: nginx
x-server-response-time: 156
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
content-length: 208867
x-amz-cf-id: mtQ5hYVLIYTZ_xo7lE5-FHEEZmXx53ljw0PO1edYB8MSAmWp0kJ6Jg==
expires: Tue, 20 Sep 2022 11:30:06 GMT

GET
H2 200 5905ab96f0a34b9c9202a10e39b25eda_c0x0-1600x686_x1600.jpg
media.assets.sincrod.com/websites/content/cblt-ms-gmps-en-us/generic/ 131 KB
131 KB 177ms
174ms Image
image/jpeg 65.9.71.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.assets.sincrod.com/websites/content/cblt-ms-gmps-en-us/generic/5905ab96f0a34b9c9202a10e39b25eda_c0x0-1600x686_x1600.jpg
Requested by: Host: www.gregweeks.com
URL: https://www.gregweeks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 871bfc99434c2003630853c8ccb6e825aa34629c85181bc8a484ba85d425464b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Mon, 20 Sep 2021 11:30:06 GMT
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
x-original-content-length: 215624
age: 192669
x-cache: Hit from cloudfront
x-server-start-time: 1632137406452
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: -rhz9NNXnn6FcZn8jJoaG_aRZ_-5zhpZV96qGe_4SYg9X4sBG0zQ-w==
last-modified: Tue, 31 Aug 2021 05:20:51 GMT
server: nginx
x-server-response-time: 163
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
content-length: 133770
x-amz-cf-id: REcrw80rhcUcC2_iuHFnIyhB99xMwRct6Np5TutekAVzdCu29gT5HQ==
expires: Tue, 20 Sep 2022 11:30:06 GMT

GET
H2 200 0b2749c6680d44acbf2c2b3f8b4a292b_c0x0-1600x686_x1600.jpg
media.assets.sincrod.com/websites/content/cblt-ms-gmps-en-us/generic/ 130 KB
131 KB 174ms
171ms Image
image/jpeg 65.9.71.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.assets.sincrod.com/websites/content/cblt-ms-gmps-en-us/generic/0b2749c6680d44acbf2c2b3f8b4a292b_c0x0-1600x686_x1600.jpg
Requested by: Host: www.gregweeks.com
URL: https://www.gregweeks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 56766a5ab3c7c2b1b12ab1cd197ef5a1f430af8138d1ca899e6fbba3d89b8523

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Mon, 20 Sep 2021 11:30:06 GMT
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
x-original-content-length: 234639
age: 192669
x-cache: Hit from cloudfront
x-server-start-time: 1632137406460
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: JGFMSShH-4JGXbXu1H8s3Oc4XkrgheVtL8QIU24UNZAgUdLYnrbeoQ==
last-modified: Wed, 21 Jul 2021 22:46:56 GMT
server: nginx
x-server-response-time: 171
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
content-length: 133204
x-amz-cf-id: 2K8RFc0eKyiN1FrtPFRp6Z8OEfEGMRhiJZDVp55jPPV7wh73wvZrlA==
expires: Tue, 20 Sep 2022 11:30:06 GMT

GET
H2 200 eb2f3593b2aa490aabb7625d0432e831_c3x0-1593x900_x1593.jpg
media.assets.sincrod.com/websites/content/cblt-ms-gmps-en-us// 204 KB
205 KB 147ms
144ms Image
image/jpeg 65.9.71.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.assets.sincrod.com/websites/content/cblt-ms-gmps-en-us//eb2f3593b2aa490aabb7625d0432e831_c3x0-1593x900_x1593.jpg
Requested by: Host: www.gregweeks.com
URL: https://www.gregweeks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 85f7b2ea166dd4ef02cf786a9bcccba5ba9f057d30e90b56fd6c07eaea580234

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Mon, 20 Sep 2021 11:39:15 GMT
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
x-original-content-length: 353457
age: 192120
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
x-server-start-time: 1632137955222
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: XYEzTdmnP975ca64YLZ3l4r5C5nVobpx5ndWelCq1yBS6vyBHwVgGQ==
last-modified: Tue, 31 Aug 2021 20:17:50 GMT
server: nginx
x-server-response-time: 145
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
content-length: 209014
x-amz-cf-id: OcctZzKsSrXILA-n1bUI5M0WPa8xPxU2GIzKfGQWG-_vBbsIJ7IzYA==
expires: Tue, 20 Sep 2022 11:39:15 GMT

GET
H2 200 18d270ceda404d0cb813b9a5d3d3ef95_c0x0-1600x899_x1600.jpg
media.assets.sincrod.com/websites/content/cblt-ms-gmps-en-us// 123 KB
124 KB 149ms
146ms Image
image/jpeg 65.9.71.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.assets.sincrod.com/websites/content/cblt-ms-gmps-en-us//18d270ceda404d0cb813b9a5d3d3ef95_c0x0-1600x899_x1600.jpg
Requested by: Host: www.gregweeks.com
URL: https://www.gregweeks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ae36f7023cfe2b1970ab41c8bb6de281358135c72275fff20ea27108d3c2b9f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Mon, 20 Sep 2021 11:39:15 GMT
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
x-original-content-length: 270811
age: 192120
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
x-server-start-time: 1632137955223
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: NF1hxdYop27B-dfBanw0uCIdTLaKFX-bMXRTsljb2KPmbdrjfO59IA==
last-modified: Fri, 30 Jul 2021 17:07:19 GMT
server: nginx
x-server-response-time: 179
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
content-length: 126322
x-amz-cf-id: JMYHyLo06coIC9i2j42QX52grENXisBN_i7IcbPMjWPcSgo9GpHXIg==
expires: Tue, 20 Sep 2022 11:39:15 GMT

GET
H2 200 c5dcbb2a2d104d11827a3dc60f829685_c0x0-1200x675_x1200.jpg
media.assets.sincrod.com/websites/content/cblt-ms-gmps-en-us/generic/ 81 KB
81 KB 146ms
143ms Image
image/jpeg 65.9.71.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.assets.sincrod.com/websites/content/cblt-ms-gmps-en-us/generic/c5dcbb2a2d104d11827a3dc60f829685_c0x0-1200x675_x1200.jpg
Requested by: Host: www.gregweeks.com
URL: https://www.gregweeks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7324f6ac9f2be2b74aa96e9b3a8288b93bd2ea5cbf00cfbf2847a85307701667

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Mon, 20 Sep 2021 11:32:14 GMT
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
x-original-content-length: 154231
age: 192541
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
x-server-start-time: 1632137534590
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: UX4QPpBJGasJKyUZmNwvy_EGMISCzqurC-qAmuUbTx3Jw5dO_myZgQ==
last-modified: Mon, 01 Feb 2021 22:21:47 GMT
server: nginx
x-server-response-time: 86
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
content-length: 82502
x-amz-cf-id: HF6zJ_pNrxAKJoBGVqCiAZqHbT9oHMg8D543IKr5Gl0uwDpkt-fOQQ==
expires: Tue, 20 Sep 2022 11:32:14 GMT

GET
H2 200 718235c2efae4b1c818c283d463533d8_544x56.png
media.assets.sincrod.com/websites/content/cblt-ms-gmps-en-us/promotion/ 3 KB
4 KB 146ms
143ms Image
image/png 65.9.71.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.assets.sincrod.com/websites/content/cblt-ms-gmps-en-us/promotion/718235c2efae4b1c818c283d463533d8_544x56.png
Requested by: Host: www.gregweeks.com
URL: https://www.gregweeks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1689e8638601adba778799df743611d2e150007f4e86e71ebdf34945e2b2a6e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Sat, 31 Jul 2021 08:33:18 GMT
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
x-original-content-length: 5224
age: 4609677
x-cache: Hit from cloudfront
x-server-start-time: 1627720398120
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: 8CzG4oG7j75A-YewPWDaqfaoA9xwKbu11vYdhhxSCjjp01DEnPztoQ==
last-modified: Fri, 29 Jan 2021 17:38:56 GMT
server: nginx
x-server-response-time: 79
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
content-length: 3303
x-amz-cf-id: MClNuP3vl1u_5MArzPNEyST09tx6AfE4FtIbzg3oR1DxBS27sdLTRQ==
expires: Sun, 31 Jul 2022 08:33:18 GMT

GET
H2 200 08a658157f9a4cc3a1509c1988d5e22f_c0x0-1200x674_x1200.jpg
media.assets.sincrod.com/websites/content/cblt-ms-gmps-en-us// 69 KB
70 KB 159ms
156ms Image
image/jpeg 65.9.71.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.assets.sincrod.com/websites/content/cblt-ms-gmps-en-us//08a658157f9a4cc3a1509c1988d5e22f_c0x0-1200x674_x1200.jpg
Requested by: Host: www.gregweeks.com
URL: https://www.gregweeks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 97ab2a9813d1e0bc444380c5cb2bbb297d431f06c26adb728c7ad0a161e6cc25

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Mon, 20 Sep 2021 11:30:06 GMT
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
x-original-content-length: 70805
age: 192669
x-cache: Hit from cloudfront
x-server-start-time: 1632137406457
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: emXzp7XtaEfXcN1DfDcVIarpFE0AOp1TmvaRGHE46lISp_yWMRpZdw==
last-modified: Fri, 29 Jan 2021 17:19:23 GMT
server: nginx
x-server-response-time: 75
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
content-length: 70780
x-amz-cf-id: BUyNeKg9tHGneHzi7RJ0n45OHlas2k_ZhVxDbeVObgmm7G_z5Jzpmg==
expires: Tue, 20 Sep 2022 11:30:06 GMT

GET
H2 200 b403e33b8f6346c28316adc908536e87_c0x0-1200x674_x1200.jpg
media.assets.sincrod.com/websites/content/cblt-ms-gmps-en-us/promotion/ 83 KB
84 KB 172ms
169ms Image
image/jpeg 65.9.71.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.assets.sincrod.com/websites/content/cblt-ms-gmps-en-us/promotion/b403e33b8f6346c28316adc908536e87_c0x0-1200x674_x1200.jpg
Requested by: Host: www.gregweeks.com
URL: https://www.gregweeks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1de4a74a9bcc6b9e79c92d22db0eebf13d3a75ea8cb960a4cf6101730b3780b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Mon, 20 Sep 2021 11:30:06 GMT
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
x-original-content-length: 85297
age: 192669
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
x-server-start-time: 1632137406463
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: Oyp-WLml3qs67cxTEe9tckxywmMbrzmTGEOwWh0LU9WXm1-iR9YeCg==
last-modified: Fri, 29 Jan 2021 17:32:00 GMT
server: nginx
x-server-response-time: 97
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
content-length: 85255
x-amz-cf-id: 7VjldJJmQCTEGkGGMM33SUJ-Sw0XD-PJf_VP6BbB-vwIzTn9AGXygQ==
expires: Tue, 20 Sep 2022 11:30:06 GMT

GET
H2 200 48832fb592c14199a4a56aa876095beb_1600x115.png
media.assets.sincrod.com/websites/content/ 136 KB
136 KB 168ms
165ms Image
image/png 65.9.71.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.assets.sincrod.com/websites/content/48832fb592c14199a4a56aa876095beb_1600x115.png
Requested by: Host: www.gregweeks.com
URL: https://www.gregweeks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 01b671523cc1d728535d1cb35dcb41910faab9f51a50a4e6895d7dbf63159e92

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Wed, 22 Sep 2021 14:08:47 GMT
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
x-original-content-length: 128641
age: 10348
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
x-server-start-time: 1632319727539
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: Vbw1d1JJvXDS6ho2n8fqapIWsInNNjT8uTFonIJRUrhhpTxMr73I_Q==
last-modified: Sun, 22 Apr 2018 03:44:16 GMT
server: nginx
x-server-response-time: 141
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
content-length: 138998
x-amz-cf-id: qsaGl7bt3yPMDUxO7IJ23-nMNoPQPZGupb1ZtBPHw2qfr9buBbUyAA==
expires: Thu, 22 Sep 2022 14:08:47 GMT

GET
H2 200 bce0c4882f74472a99f127d575f9b16b_386x347.png
media.assets.sincrod.com/websites/content/gmps-weeks// 141 KB
142 KB 356ms
353ms Image
image/png 65.9.71.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.assets.sincrod.com/websites/content/gmps-weeks//bce0c4882f74472a99f127d575f9b16b_386x347.png
Requested by: Host: www.gregweeks.com
URL: https://www.gregweeks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: d3313553cdaf1734f86ed279c4238dcfdfcc4378e17c29a29d38beb9f26ffbad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Wed, 22 Sep 2021 17:01:16 GMT
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
x-original-content-length: 130637
x-edge-origin-shield-skipped: 0
x-cache: Miss from cloudfront
x-server-start-time: 1632330075919
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: 3oSliMP11nrx6HLUVw4WrXC4CUzY_ZGD7aL6alApuHQqZVJmdYcYKQ==
last-modified: Tue, 10 Aug 2021 20:03:23 GMT
server: nginx
x-server-response-time: 177
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
content-length: 144766
x-amz-cf-id: 3oSliMP11nrx6HLUVw4WrXC4CUzY_ZGD7aL6alApuHQqZVJmdYcYKQ==
expires: Thu, 22 Sep 2022 17:01:16 GMT

GET
H2 200 6cba0e94775a4a1588223c86e2ae9bbf_385x357.png
media.assets.sincrod.com/websites/content/gmps-weeks// 133 KB
134 KB 317ms
315ms Image
image/png 65.9.71.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.assets.sincrod.com/websites/content/gmps-weeks//6cba0e94775a4a1588223c86e2ae9bbf_385x357.png
Requested by: Host: www.gregweeks.com
URL: https://www.gregweeks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: fef7385022bf16a620bbebb8a295fffd1a5eaf2d996ee837133c21a6200dd724

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Wed, 22 Sep 2021 17:01:16 GMT
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
x-original-content-length: 117018
x-edge-origin-shield-skipped: 0
x-cache: Miss from cloudfront
x-server-start-time: 1632330075923
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: tla0F5THoxYjjPBkVbBjeuUAIz6IPc62RhfUn5BuCIH3U2dUbdYtrQ==
last-modified: Tue, 10 Aug 2021 20:01:29 GMT
server: nginx
x-server-response-time: 140
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
content-length: 136285
x-amz-cf-id: tla0F5THoxYjjPBkVbBjeuUAIz6IPc62RhfUn5BuCIH3U2dUbdYtrQ==
expires: Thu, 22 Sep 2022 17:01:16 GMT

GET
H2 200 5c30b65bdfc845e999935253502d023b_389x355.png
media.assets.sincrod.com/websites/content/gmps-weeks// 181 KB
182 KB 339ms
337ms Image
image/png 65.9.71.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.assets.sincrod.com/websites/content/gmps-weeks//5c30b65bdfc845e999935253502d023b_389x355.png
Requested by: Host: www.gregweeks.com
URL: https://www.gregweeks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b7f4da99d87743d3d58e11d10133393b3aade2699d7dc1fb55ae8215485dd03e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Wed, 22 Sep 2021 17:01:16 GMT
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
x-original-content-length: 160010
x-edge-origin-shield-skipped: 0
x-cache: Miss from cloudfront
x-server-start-time: 1632330075928
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: nm4PLaSa8n7IxGDSG72aBDLtpklt16gXGTh2Aa2ISz-VsDYKhxFoIg==
last-modified: Tue, 10 Aug 2021 19:57:36 GMT
server: nginx
x-server-response-time: 152
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
content-length: 185682
x-amz-cf-id: nm4PLaSa8n7IxGDSG72aBDLtpklt16gXGTh2Aa2ISz-VsDYKhxFoIg==
expires: Thu, 22 Sep 2022 17:01:16 GMT

GET
H2 200 484b66807998100580ab20145efa6b30.js Show response
media.assets.sincrod.com/teams/repository/export/484/b66807998100580ab20145efa6b30/ 24 KB
6 KB 14ms
14ms Script
text/javascript 65.9.71.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/teams/repository/export/484/b66807998100580ab20145efa6b30/484b66807998100580ab20145efa6b30.js
Requested by: Host: www.gregweeks.com
URL: https://www.gregweeks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a2a24924de8430c1e2b8d4ea1fd64d5c9da6a99a492c42f4a38b0ac03a2b843c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Wed, 22 Sep 2021 17:01:16 GMT
content-encoding: gzip
x-original-content-length: 24575
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
x-server-start-time: 1630110752431
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: T85jy1qLMn6RFN6UJfpdrp_R3W-Uem59nN0T9PmpzNBPUq93qB3VAw==
access-control-allow-origin: *
last-modified: Mon, 26 Nov 2018 19:55:56 GMT
server: nginx
x-server-response-time: 19
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=300
x-amz-cf-id: Oyl092cs3OF3ZngIixkFUQQiGVhZ01iTC4YnjU7fvZyTjQBQveHjyw==
expires: Tue, 21 Sep 2021 00:36:27 GMT

GET
H2 200 7cdce3907c97100587d020145edef087.js Show response
media.assets.sincrod.com/teams/repository/export/7cdce3907c97100587d020145edef087/ 51 KB
11 KB 8ms
8ms Script
text/javascript 65.9.71.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/teams/repository/export/7cdce3907c97100587d020145edef087/7cdce3907c97100587d020145edef087.js
Requested by: Host: www.gregweeks.com
URL: https://www.gregweeks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c1c6c18e564c90badd969953bdbc7c5297fdca53dd3eff7f50a6ee69c24b042e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Wed, 22 Sep 2021 16:56:45 GMT
content-encoding: gzip
x-original-content-length: 52178
age: 276
x-cache: Hit from cloudfront
x-server-start-time: 1630717758097
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: i80sgayXv7SoUuQHeK5gNuvqlKyB7IijCUXSMPbPKTwPFomiBKNTDQ==
access-control-allow-origin: *
last-modified: Fri, 14 Jun 2019 22:09:57 GMT
server: nginx
x-server-response-time: 18
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=300
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: uVwOJ3kWqgBlJGD63OkD4suVHWSuBPd_B7hVHlIXCk4CnfF8Y6Mp3A==
expires: Wed, 22 Sep 2021 01:18:45 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 94 KB
37 KB 97ms
56ms Script
application/javascript 216.58.212.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TF7ZQ3V

Requested by

Host: www.gregweeks.com
URL: https://www.gregweeks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.168 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f168.1e100.net

Software

Google Tag Manager /

Resource Hash

5df07d1f8498706d18b5bb255231aa4600eec5f426aad0931a4c99c8b8b66800

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37333
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:32:57 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 22 Sep 2021 17:01:16 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
39 KB 66ms
40ms Script
application/javascript 216.58.212.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-780419323

Requested by

Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/teams/repository/export/7cdce3907c97100587d020145edef087/7cdce3907c97100587d020145edef087.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.168 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f168.1e100.net

Software

Google Tag Manager /

Resource Hash

f1b2248b37de501ddfb47b92fbb33f62ee92983306d7d632720078b45b29f9e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39046
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:32:57 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 22 Sep 2021 17:01:16 GMT

GET
H2 200 Co.directive.insight.js Show response
media.assets.sincrod.com/hydra-graph/hydra-graph-1.0.23253/vendor/hydra-core/client/directives/ 39 KB
10 KB 8ms
8ms Script
application/javascript 65.9.71.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/hydra-graph/hydra-graph-1.0.23253/vendor/hydra-core/client/directives/Co.directive.insight.js
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/websites/generated/bundles/5.0-7746/iek/1p-gu2wri793uk2oczq==/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: f4794cf7673eb8cfa769bea7abad324e13c48b03d3b5e6bb9106f1251a6254a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Wed, 22 Sep 2021 10:25:02 GMT
content-encoding: gzip
x-original-content-length: 39615
age: 23773
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
x-server-start-time: 1632306302957
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: vyr4VLc7Cu3WAm8o2oyB41cCP3hz8_V9ydVOS67kLSoHD077_UaNvg==
access-control-allow-origin: *
last-modified: Wed, 22 Sep 2021 08:28:20 GMT
server: nginx
x-server-response-time: 18
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: JlyFyIjlK2oDO8RPkJOklPW7D0Q57ogM-96XSK0nhTToPDEgEXvatQ==
expires: Thu, 22 Sep 2022 10:25:02 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 100 KB
40 KB 39ms
38ms Script
application/javascript 216.58.212.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-171844001-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-780419323

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.168 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f168.1e100.net

Software

Google Tag Manager /

Resource Hash

180d36d388563c465f2b49e4ceacb50c3d0b67ba183e4593bab838c008d05544

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40378
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:32:57 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 22 Sep 2021 17:01:16 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 100 KB
40 KB 42ms
42ms Script
application/javascript 216.58.212.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-130418598-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-780419323

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.168 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f168.1e100.net

Software

Google Tag Manager /

Resource Hash

8600fb9b8c6b9e71c9ce3781f5ea45bf3847d9e13a0c4b6e2cca6fa79f9a081b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40378
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:32:57 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 22 Sep 2021 17:01:16 GMT

GET
H2 200 Co.directive.datalayer.js Show response
media.assets.sincrod.com/hydra-graph/hydra-graph-1.0.23253/vendor/hydra-core/client/directives/ 45 KB
10 KB 8ms
8ms Script
application/javascript 65.9.71.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/hydra-graph/hydra-graph-1.0.23253/vendor/hydra-core/client/directives/Co.directive.datalayer.js
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/websites/generated/bundles/5.0-7746/iek/1p-gu2wri793uk2oczq==/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9253a69aeeb9c415d101c27669f1d1daf6be673d54aa3318c1dba05623bb4e54

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Wed, 22 Sep 2021 10:25:03 GMT
content-encoding: gzip
x-original-content-length: 45647
age: 23773
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
x-server-start-time: 1632306303896
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: -ImV2EFihhYddOryr77ze3qAoMUIcLDbbs9kVzAu1WiWWpeOoBDVTw==
access-control-allow-origin: *
last-modified: Wed, 22 Sep 2021 08:28:20 GMT
server: nginx
x-server-response-time: 19
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: KrRpLzi3s_CADOj0Q3yKcZ-I7s8r8e8SGlx6dr-_RVfLjuK2bLnxtQ==
expires: Thu, 22 Sep 2022 10:25:03 GMT

GET
H2 200 script.js Show response
tm.smedia.ca/analytics/ 139 KB
33 KB 56ms
12ms Script
application/javascript 65.9.71.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.smedia.ca/analytics/script.js
Requested by: Host: wsassets.cobalt.com
URL: https://wsassets.cobalt.com/websites/dynamic/bundles/5.0-7746/tyl/weklwp6tddcbmxiw8vq==/pixeltag.js?webId=gmps-weeks&locale=en_US&originalDomain=http%3A%2F%2Fwww.gregweeks.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 383033356734bad4ec8b876e168c593d91b0d9d05a1d3d6e9dea2879838e3a86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 02:07:58 GMT
content-encoding: br
last-modified: Mon, 20 Sep 2021 01:24:47 GMT
server: Apache
age: 226398
vary: Accept-Encoding
x-edge-origin-shield-skipped: 0
content-type: application/javascript
via: 1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: qxxCPo7rHHI2P7KjYGJ3w-mBZHlE6SRD7nkH5jHBP7i6uHIs_Q0fpw==

GET
H2 200 ds.js Show response
px.marchex.io/ 6 KB
6 KB 330ms
99ms Script
text/javascript 35.169.206.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://px.marchex.io/ds.js?_=1632330075341
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/websites/generated/bundles/5.0-7746/iek/1p-gu2wri793uk2oczq==/bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.206.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-206-198.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 5f22c75ea3d26a7ca021bac74aa01a905506f8a9bd98cb3a0ea9b7c713ce4cf9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:17 GMT
last-modified: Thu, 01 Jul 2021 14:25:02 GMT
server: Apache
etag: "17fb-5c6109ac82177"
p3p: policyref="px.marchex.io/w3c/p3p.xml", CP="NOI DSP COR CUR ADM DEV PSA PSD TAI IVA IVD HIS OUR UNI IND COM"
accept-ranges: bytes
content-type: text/javascript
content-length: 6139

GET
H2 200 2e815bb0c16e1005809c0050568bfc31.js Show response
media.assets.sincrod.com/teams/repository/export/2e8/15bb0c16e1005809c0050568bfc31/ 5 KB
2 KB 179ms
178ms Script
application/javascript 65.9.71.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/teams/repository/export/2e8/15bb0c16e1005809c0050568bfc31/2e815bb0c16e1005809c0050568bfc31.js
Requested by: Host: wsassets.cobalt.com
URL: https://wsassets.cobalt.com/websites/dynamic/bundles/5.0-7746/tyl/weklwp6tddcbmxiw8vq==/pixeltag.js?webId=gmps-weeks&locale=en_US&originalDomain=http%3A%2F%2Fwww.gregweeks.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9c7fcb1fa705fa40278333a8b3834c06af49fa8cc2245051c6d6629b5e7a56a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Wed, 22 Sep 2021 17:01:17 GMT
content-encoding: gzip
x-original-content-length: 4642
x-amz-cf-pop: FRA56-C1
x-cache: RefreshHit from cloudfront
x-server-start-time: 1630639825140
logging-correlationid: Yc5XNmUqgqiDx7uAyq6QlNdBLqflJZ4ONui1mLgVSV80MqQXpfjzWw==
access-control-allow-origin: *
last-modified: Thu, 04 Mar 2021 17:44:33 GMT
server: nginx
x-server-response-time: 16
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=300
x-amz-cf-id: ikbUTY5Y0Xc6gOb4-cT9Ywr-dWA-LRUYF3lrcKw_vHWmu6CQjd_1iA==
expires: Mon, 20 Sep 2021 01:25:32 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 147 KB
50 KB 25ms
25ms Script
application/javascript 216.58.212.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NVRF2Q2

Requested by

Host: wsassets.cobalt.com
URL: https://wsassets.cobalt.com/websites/dynamic/bundles/5.0-7746/tyl/weklwp6tddcbmxiw8vq==/pixeltag.js?webId=gmps-weeks&locale=en_US&originalDomain=http%3A%2F%2Fwww.gregweeks.com%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.168 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f168.1e100.net

Software

Google Tag Manager /

Resource Hash

edea11eb2bbfa4b3a92af94720dedc89a172aa75e8b2c192e62e32eda2c0af7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50770
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:32:57 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 22 Sep 2021 17:01:16 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 245 KB
73 KB 34ms
34ms Script
application/javascript 216.58.212.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NBTHFZD

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.168 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f168.1e100.net

Software

Google Tag Manager /

Resource Hash

5c2ad1f081ccf1b46399eb8c4790aea00b1220a48c0797c96785699e5fc149e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74324
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:32:57 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 22 Sep 2021 17:01:16 GMT

GET
H2 200 c798ee2acf1c4d7a8e57e12226134ae4.js Show response
media.assets.sincrod.com/websites/content/cblt-ms-gmps-en-us/file/v/3/ed3870af-fb5c-4af3-b23a-3b59ccc7688e/ 6 KB
2 KB 9ms
9ms Script
application/javascript 65.9.71.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/websites/content/cblt-ms-gmps-en-us/file/v/3/ed3870af-fb5c-4af3-b23a-3b59ccc7688e/c798ee2acf1c4d7a8e57e12226134ae4.js
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/websites/generated/bundles/5.0-7746/iek/1p-gu2wri793uk2oczq==/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 4e96a42492bf53f25ff9d2558ed3bae209f12d98a854504ca4e8b6b0a27eb292

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Sat, 31 Jul 2021 08:08:02 GMT
content-encoding: gzip
x-original-content-length: 6492
age: 4611193
x-cache: Hit from cloudfront
x-server-start-time: 1627718882916
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: Ys0pVLgRKG1jxAUCStqNXVbTbWVGa0Ldx4inpWqbVVcIAmZm3hoWIg==
access-control-allow-origin: *
last-modified: Thu, 15 Apr 2021 20:09:13 GMT
server: nginx
x-server-response-time: 15
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: iRXBUNZyXryJ6Uo41NY0dQX-5gRH7UND6AxTihxCQTo30Qp6RDDPWw==
expires: Sun, 31 Jul 2022 08:08:02 GMT

GET
H2 200 e39f15e0949c100588110050568b5709.js Show response
media.assets.sincrod.com/teams/repository/export/e39/f15e0949c100588110050568b5709/ 27 KB
7 KB 11ms
11ms Script
text/javascript 65.9.71.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/teams/repository/export/e39/f15e0949c100588110050568b5709/e39f15e0949c100588110050568b5709.js
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/websites/generated/bundles/5.0-7746/iek/1p-gu2wri793uk2oczq==/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 2401ba04172df8d8d08948f32b9d7eeccd145eafa3888a24412a1f71981c37ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Wed, 22 Sep 2021 16:56:53 GMT
content-encoding: gzip
x-original-content-length: 27687
age: 263
x-cache: Hit from cloudfront
x-server-start-time: 1630202963310
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: QrVdsqBng1CD30N-cHbRO4zGKf7A0TR9ca2GGG9bhyJpTeTCeOtnRg==
access-control-allow-origin: *
last-modified: Thu, 30 Aug 2018 08:35:42 GMT
server: nginx
x-server-response-time: 16
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=300
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: __0y-EG0YKQihAg_vtEe7DhzGnFDFN5A95MNxqpyQiE5varg4TRdGw==
expires: Wed, 22 Sep 2021 02:28:45 GMT

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/martinretailgroup/main/prod/ 688 B
894 B 558ms
169ms Script
application/x-javascript 104.97.20.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/martinretailgroup/main/prod/utag.js
Requested by: Host: wsassets.cobalt.com
URL: https://wsassets.cobalt.com/websites/dynamic/bundles/5.0-7746/tyl/weklwp6tddcbmxiw8vq==/pixeltag.js?webId=gmps-weeks&locale=en_US&originalDomain=http%3A%2F%2Fwww.gregweeks.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.97.20.211 Chennai, India, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-97-20-211.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2d0dd3009cdf76da2ae68952b266facf5fec3fcac2f7493de2f5f544675c2af4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:17 GMT
last-modified: Fri, 13 Sep 2019 21:53:54 GMT
server: AkamaiNetStorage
etag: "391a561cc2999d7e611e7463774b161f:1568411634.021471"
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 688
expires: Wed, 22 Sep 2021 17:06:17 GMT

GET
H2 200 999cc6f7c943440d806d536e488970b5.js Show response
media.assets.sincrod.com/websites/content/cblt-ms-product/file/90b0284b-b946-4630-8dd7-0c8d904557b3/ 13 KB
5 KB 11ms
11ms Script
application/javascript 65.9.71.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/websites/content/cblt-ms-product/file/90b0284b-b946-4630-8dd7-0c8d904557b3/999cc6f7c943440d806d536e488970b5.js
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/websites/generated/bundles/5.0-7746/iek/1p-gu2wri793uk2oczq==/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 243ee9d9bf3d31bf74d4bab58dc2b5f6a804a3bcbaf8b6391884038daf7f074c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Wed, 22 Sep 2021 16:53:21 GMT
content-encoding: gzip
x-original-content-length: 13304
age: 475
x-cache: Hit from cloudfront
x-server-start-time: 1632022021713
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: VOwwufWF0tU4DL_nN-PmKCRThQhYdKM9y7ATHc48EoNwBlo0myn20w==
access-control-allow-origin: *
last-modified: Mon, 05 Apr 2021 15:46:14 GMT
server: nginx
x-server-response-time: 17
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=3600
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: ZL1daRPdIFMRd7rQOH_JOEP7oUZLTXuBYs4cCZyvhDocigQixmUCwg==
expires: Wed, 22 Sep 2021 04:51:49 GMT

GET
H2 404 699b55a895d010058fed0050568ba825.js
media.assets.sincrod.com/teams/repository/export/v/37/699/b55a895d010058fed0050568ba825/ 0
0 16ms
16ms Script
text/plain 65.9.71.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/teams/repository/export/v/37/699/b55a895d010058fed0050568ba825/699b55a895d010058fed0050568ba825.js
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/websites/generated/bundles/5.0-7746/iek/1p-gu2wri793uk2oczq==/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

logging-correlationid: cDc_Emkt6Zuv0uE80SrG9DbB5ggoy4mB9aSXBvi0Ks6KP7U-w5Os7Q==
date: Wed, 22 Sep 2021 17:01:08 GMT
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
x-origin-id: cdk-pdx
server: nginx
age: 8
x-server-response-time: 12
x-edge-origin-shield-skipped: 0
x-cache: Error from cloudfront
x-amz-cf-pop: FRA56-C1
x-server-start-time: 1632330068780
x-amz-cf-id: Ik4rWPPSXZPZ02MJR6sm-yPojgXUJaHEqANes8lTGjMxp6R2q5QBYA==
x-application-context: mediaStorageService:prod-cfp-pdx

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 28ms
8ms Script
application/x-javascript 31.13.92.14
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frt3.fbcdn.net

Software

Resource Hash

ab43cf929d649dba8ce38c92dec4849c8049b678fec9942ae08df5ca57757280

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25969
x-xss-protection: 0
pragma: public
x-fb-debug: 7X6qU7k1dlFpr/iwBPY4ltB/k40dQrjVK1hkTgE/CppSnuI6AvsIgPA1l2O4W2XeV3hMIrLNKLedWyG71bnlDQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 22 Sep 2021 17:01:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

app.js Show response
acsbapp.com/apps/app/dist/js/
Redirect Chain

https://acsbapp.com/apps/app/assets/js/acsb.js
https://acsbapp.com/apps/app/dist/js/app.js

419 KB
137 KB

151ms
151ms

Script
application/x-javascript

208.68.39.149
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 208.68.39.149 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: cdn100.acsbapp.com
Software: /
Resource Hash: 374d53f70466dd5b44567e335271c2a00e51dfde7797d70d593748db9cc4e170

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:17 GMT
content-encoding: br
last-modified: Mon, 20 Sep 2021 21:30:50 GMT
etag: "68b29-6148fd8a-b4a39529efd379f1;br"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=432000 public
accept-ranges: bytes
access-control-allow-headers: *
content-length: 140495
expires: Thu, 23 Sep 2021 17:01:17 GMT

Redirect headers

location: https://acsbapp.com/apps/app/dist/js/app.js
date: Wed, 22 Sep 2021 17:01:17 GMT
content-length: 707
content-type: text/html

GET
H2 200 tag.js Show response
c.betrad.com/pub/ 3 KB
2 KB 656ms
207ms Script
application/x-javascript 23.50.25.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.betrad.com/pub/tag.js
Requested by: Host: www.gregweeks.com
URL: https://www.gregweeks.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.50.25.8 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-50-25-8.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 0385ee74ecfb95851591d855ebe9ce33585c9e2521b333105b1177813700c300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:17 GMT
content-encoding: gzip
last-modified: Thu, 24 Oct 2019 16:47:06 GMT
server: AkamaiNetStorage
etag: "a9fd30e65e1837e0ec743c20de372581:1571935627"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=172800
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1250

GET
H2 200 index.js Show response
media.assets.sincrod.com/agency/release/iz/framework/js/ 13 KB
4 KB 9ms
9ms Script
application/javascript 65.9.71.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/agency/release/iz/framework/js/index.js
Requested by: Host: www.gregweeks.com
URL: https://www.gregweeks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a5d7cd2ddb93d7f7467719cf7364dc3c2ed9ca35160286a2c529494af4d684d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Wed, 22 Sep 2021 16:47:03 GMT
content-encoding: gzip
x-original-content-length: 13778
age: 858
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
x-server-start-time: 1632257958582
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: 7li-sIwCsD3JIc0iQ8MeCtJKtEjBPEQc-fRP5EoVb5jF71Bsb41v6w==
access-control-allow-origin: *
last-modified: Tue, 21 Sep 2021 20:42:14 GMT
server: nginx
x-server-response-time: 18
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=1800
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: Ml1Yb1w7j1aeHPJqK8uEttrcH6gkHsSmujBmJ1VSsMHU1oc1E_wImQ==
expires: Wed, 22 Sep 2021 02:43:43 GMT

GET
H2 200 nextGen.js Show response
fo-static.assets-cdk.com/app/connectedstore/web/integration/ 299 B
723 B 660ms
598ms Script
text/javascript 13.32.22.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fo-static.assets-cdk.com/app/connectedstore/web/integration/nextGen.js
Requested by: Host: www.gregweeks.com
URL: https://www.gregweeks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.22.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-22-64.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 349735b8cb9eb961d7008ea2026ca9d8eac90ee373b7001dfdb875627da53fd8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
x-amz-version-id: H1TbHPoSd01SZTBW.yHMGkwS5v4E2IPh
via: 1.1 747e99d9d8c5e29fdc713cf866bc3f83.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jul 2021 07:07:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
etag: "d85e1f0b4887faead691f47545400cb3"
x-cache: RefreshHit from cloudfront
content-type: text/javascript
date: Wed, 22 Sep 2021 17:01:18 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 299
x-amz-cf-id: XBXaaWPJSynVoQMo5Dzw366_IyVNUiP-y0cP785gdJe1ukKvCAtIVQ==

GET
H2 200 xfbml.customerchat.js Show response
connect.facebook.net/en_US/sdk/ 259 KB
77 KB 23ms
9ms Script
application/x-javascript 31.13.92.14
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js

Requested by

Host: www.gregweeks.com
URL: https://www.gregweeks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frt3.fbcdn.net

Software

Resource Hash

28ce99edb4b8fe05944d7d3243ea07635726ba23adfc741d6b75a5fd21d8dab0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 92LNvhrmnTyRxtH00jrYsQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 78166
x-fb-rlafr: 0
x-fb-debug: cgwufD8Bd8FqJ4RmOGQkvR3UIBFic3m+M/yjGsSYLy+jKCbkYUtNuoEzNqeHgtxA1ETU/rnTFBqRFxLzPor06A==
x-fb-trip-id: 686109401
x-fb-content-md5: 844ef2d4bbab38c063d62743a8ee55af
x-frame-options: DENY
date: Wed, 22 Sep 2021 17:01:16 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "0114d14924ab9bacb0fe0f7edf61e897"
timing-allow-origin: *
expires: Wed, 22 Sep 2021 17:12:55 GMT

GET
H2 200 basel.js Show response
media.assets.sincrod.com/partner-packages/partner-packages-1.0.2874/baselDeploy/ 292 KB
47 KB 11ms
11ms Script
application/javascript 65.9.71.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/partner-packages/partner-packages-1.0.2874/baselDeploy/basel.js
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/websites/generated/bundles/5.0-7746/iek/1p-gu2wri793uk2oczq==/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 21149c0b8b57df1276cab793e38edc4f306acd380c85cfb2007013fbda9dbc30

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Wed, 15 Sep 2021 17:28:32 GMT
content-encoding: gzip
x-original-content-length: 298602
age: 603164
x-cache: Hit from cloudfront
x-server-start-time: 1631726912255
logging-correlationid: p4mI6KfbQWG48WFgfV2HrSpFCNPoI9Tv0qMJ6uKi_85vjO4SqVtR1g==
access-control-allow-origin: *
last-modified: Wed, 15 Sep 2021 17:28:21 GMT
server: nginx
x-server-response-time: 16
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: g1WGN-H7Y_g3AJymccJVvnmoFBMyQ1owpUQLhnHT2u6TjCfK1tobWw==
expires: Thu, 15 Sep 2022 17:28:32 GMT

GET
H2 200 dt.js Show response
dt.cobaltgroup.com/ 25 KB
9 KB 565ms
181ms Script
text/javascript 54.176.104.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dt.cobaltgroup.com/dt.js?uidindex=ws&uid=2A3038A569889B4B828552752126EDD8&webid=gmps-weeks&sitetype=dealer&eventId=8d0140e0281d10068b5b080020f0176c&cs:ssi=2A3038A569889B4B828552752126EDD8&_=1632330075342
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/websites/generated/bundles/5.0-7746/iek/1p-gu2wri793uk2oczq==/bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.176.104.101 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-176-104-101.us-west-1.compute.amazonaws.com
Software: Display Tracker 2.0 /
Resource Hash: 6cb4570b28aba015b8a0335c3e163f1c7ded68b3524d18a8f92ab2edc3316e3d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:17 GMT
content-encoding: gzip
x-autoscale-group: dt-prod-ca-asg
last-modified: Wed, 22 Sep 2021 17:01:17 GMT
server: Display Tracker 2.0
p3p: CP="NOI DSP CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
content-type: text/javascript
content-length: 7836
expires: Tue, 19 Apr 1994 04:00:00 GMT

GET
H2 200 f10d4c7301b948d7a74f6d1305d97cc6_c0x0-1600x200_x1600.jpg
media.assets.sincrod.com/websites/content/gmps-weeks/generic/ 69 KB
69 KB 321ms
320ms Image
image/jpeg 65.9.71.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.assets.sincrod.com/websites/content/gmps-weeks/generic/f10d4c7301b948d7a74f6d1305d97cc6_c0x0-1600x200_x1600.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 2e3aafbdd786760a994964ba1797d11a8d465e0e453881a911a8cd41dde691b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Wed, 22 Sep 2021 17:01:17 GMT
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
x-original-content-length: 116940
x-edge-origin-shield-skipped: 0
x-cache: Miss from cloudfront
x-server-start-time: 1632330077054
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: mOTT-JhsqOYkjPwliF9EXQ_F0EXiB-66HqPocGnTIOHMHwnWEjteHg==
last-modified: Wed, 11 Nov 2020 16:45:31 GMT
server: nginx
x-server-response-time: 154
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
content-length: 70250
x-amz-cf-id: mOTT-JhsqOYkjPwliF9EXQ_F0EXiB-66HqPocGnTIOHMHwnWEjteHg==
expires: Thu, 22 Sep 2022 17:01:17 GMT

GET
H2

200

websites.gif
traffic.prod.cobaltgroup.com/
Redirect Chain

https://traffic.prod.cobaltgroup.com/websites.gif?header_request_domain=www.gregweeks.com&header_page_name=HomePage&header_page_label=HomePage&header_page_layout=HomePage|Merchandise&header_request...
https://dt.cobaltgroup.com/cookiejar/1.0/correlate?url=http%253a%252f%252ftraffic.prod.cobaltgroup.com%252fwebsites.gif%253fcs%253agvid%253d%255bdtuid%255d%2526header_request_domain%253dwww.gregwee...
https://traffic.prod.cobaltgroup.com/websites.gif?cs:gvid=1632330077438189061&header_request_domain=www.gregweeks.com&header_page_name=HomePage&header_page_label=HomePage&header_page_layout=HomePag...

43 B
994 B

446ms
446ms

Image
image/gif

65.9.71.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://traffic.prod.cobaltgroup.com/websites.gif?cs:gvid=1632330077438189061&header_request_domain=www.gregweeks.com&header_page_name=HomePage&header_page_label=HomePage&header_page_layout=HomePage|Merchandise&header_request_uri=%2F&header_visitor_id=2A3038A569889B4B828552752126EDD8&header_event_id=8d0140e0281d10068b5b080020f0176c791500786198&header_session_id=2A3038A569889B4B828552752126EDD8&header_site_id=92709ed0868f10048cd50003ba0ae224&cs:plt=3624&cs:svrt=1230&cs:ttfb=1471&cs:loc=en_US&cs:theme=dcw-design-modern&cs:zip=62896-4173&cs:s=gmps-weeks&cs:userState=loggedOut&cs:checksum=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) mod_perl/2.0.4 Perl/v5.10.1 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:18 GMT
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
last-modified: Wed, 22 Sep 2021 13:37:35 GMT
server: Apache/2.2.15 (CentOS) mod_perl/2.0.4 Perl/v5.10.1
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate, post-check=0, pre-check=0
accept-ranges: bytes
content-length: 43
x-amz-cf-id: RhvvQwGJ0RrT_bcgU9MhsqC2v1eI2Y9TwMN3nCLSF8tplMp7pQNljw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Wed, 22 Sep 2021 17:01:17 GMT
x-autoscale-group: x-prod-ca-asg
last-modified: Wed, 22 Sep 2021 17:01:17 GMT
server: CJ Service 2.0
location: https://traffic.prod.cobaltgroup.com/websites.gif?cs:gvid=1632330077438189061&header_request_domain=www.gregweeks.com&header_page_name=HomePage&header_page_label=HomePage&header_page_layout=HomePage|Merchandise&header_request_uri=%2F&header_visitor_id=2A3038A569889B4B828552752126EDD8&header_event_id=8d0140e0281d10068b5b080020f0176c791500786198&header_session_id=2A3038A569889B4B828552752126EDD8&header_site_id=92709ed0868f10048cd50003ba0ae224&cs:plt=3624&cs:svrt=1230&cs:ttfb=1471&cs:loc=en_US&cs:theme=dcw-design-modern&cs:zip=62896-4173&cs:s=gmps-weeks&cs:userState=loggedOut&cs:checksum=1
p3p: CP="NOI DSP CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
content-type: application/json
expires: Tue, 19 Apr 1994 04:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 36ms
6ms Script
text/javascript 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-171844001-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 860
date: Wed, 22 Sep 2021 16:46:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Wed, 22 Sep 2021 18:46:57 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 68ms
25ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-780419323

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

0899c22c6b5ecb084f0746f194d82a887c52906770ff9b168eabdc775da7c728

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14069
x-xss-protection: 0
server: cafe
etag: 5051469215060845982
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 22 Sep 2021 17:01:17 GMT

GET
H2 200 xcookie.html Show response
tm.smedia.ca/smedia-scripts/ Frame 151B 4 KB
1 KB 290ms
282ms Document
text/html 65.9.71.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.smedia.ca/smedia-scripts/xcookie.html
Requested by: Host: tm.smedia.ca
URL: https://tm.smedia.ca/analytics/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: a3344a48268ae189637f125b77a0917528f85712a29ff1017c900dd5f1f6cd60

Request headers

:method: GET
:authority: tm.smedia.ca
:scheme: https
:path: /smedia-scripts/xcookie.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gregweeks.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/

Response headers

content-type: text/html; charset=UTF-8
vary: Accept-Encoding
date: Wed, 22 Sep 2021 17:01:17 GMT
server: Apache
last-modified: Wed, 22 Sep 2021 07:08:51 GMT
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: LNtjOAaw67GeANMpkUEib5RrQdHJ-NVMqyEP68T3ubiMrtyLZAkbhg==

GET
H2 200 Weeks_Chevy_West_Frankfort.js Show response
tag.brandcdn.com/autoscript/ 877 B
1 KB 97ms
13ms Script
text/javascript 65.9.71.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.brandcdn.com/autoscript/Weeks_Chevy_West_Frankfort.js
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/teams/repository/export/e39/f15e0949c100588110050568b5709/e39f15e0949c100588110050568b5709.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 56d5a9da863e0d1250c7d244fbf8b0f695c827fbaffabd17222f8aa968ae6f3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: ehWUe.eFT2FTIIT8jZM18zO.0CtUxSxk
via: 1.1 28ccbefb54459137bb0b0d946fd75e49.cloudfront.net (CloudFront)
last-modified: Fri, 30 Apr 2021 10:35:12 GMT
server: AmazonS3
age: 10347
etag: "58fbfc0a1e726fd8a88cd247fd9f6abc"
x-edge-origin-shield-skipped: 0
content-type: text/javascript
date: Wed, 22 Sep 2021 14:08:51 GMT
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 877
x-amz-cf-id: 6tqHJhWkLanBODBXqrTdiLczo6xCVwTO6ddHyhLsCznMDLMa1Jpfdg==

GET
H3 200 281451819025246 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 153ms
144ms Script
application/x-javascript 31.13.92.14
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/281451819025246?v=2.9.46&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frt3.fbcdn.net

Software

Resource Hash

c5301030ace3eb6febb7968e8bd1954e7b0f34dcab66b2a08b493d9b6f900bfa

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: gm2CJTDI/a42nCeAzyiX2ws6nZNFrGk5U8v2T8uiQO9LlncGDg3lmA/Cy6Vhv87cvnWDj9rX2foU/4zLETRRDg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 22 Sep 2021 17:01:17 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 wrapper.js Show response
universal.iperceptions.com/ 9 KB
4 KB 74ms
8ms Script
application/javascript 99.86.4.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://universal.iperceptions.com/wrapper.js
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/teams/repository/export/2e8/15bb0c16e1005809c0050568bfc31/2e815bb0c16e1005809c0050568bfc31.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-11.fra6.r.cloudfront.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 962d83de183651c6c15d9dce622d311455a9e6bd8cf09dd1cbf9ec3a3892a1ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 22 Sep 2021 16:56:35 GMT
content-encoding: gzip
content-md5: d5YIeO59lrTqhttidyvULA==
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-ms-lease-status: unlocked
access-control-allow-origin: *
last-modified: Mon, 22 Mar 2021 18:02:49 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
x-ms-request-id: e708c8da-601e-011a-02a1-ae99a7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: QUEJkKwIfYvbrj3U0UDWmnZLIPktS9LHcXNNTxpzT0-GuuLzfuTGsw==

GET
H2 200 icon
fonts.googleapis.com/ 569 B
851 B 44ms
17ms Stylesheet
text/css 142.250.185.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/partner-packages/partner-packages-1.0.2874/baselDeploy/basel.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f10.1e100.net

Software

ESF /

Resource Hash

2c71745918d46e6af5586966f2f42d86f2941efd67fed12961b5d1cbb331d4bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 17:01:17 GMT
server: ESF
date: Wed, 22 Sep 2021 17:01:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Sep 2021 17:01:17 GMT

GET
H2 200 master.css
media.assets.sincrod.com/partner-packages/partner-packages-1.0.2874/baselDeploy/ 5 KB
2 KB 8ms
7ms Stylesheet
text/css 65.9.71.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/partner-packages/partner-packages-1.0.2874/baselDeploy/master.css
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/partner-packages/partner-packages-1.0.2874/baselDeploy/basel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: fe4348eaa2a357ccc3a9043c01635b6bd617044116d50d8fbc8c46e9ac57d2c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Wed, 15 Sep 2021 17:28:32 GMT
content-encoding: gzip
x-original-content-length: 4720
age: 603165
x-cache: Hit from cloudfront
x-server-start-time: 1631726912808
logging-correlationid: 9aO3HhWfx_L5Tpxw8yEHbuyXj2THOlttyCnRPJiZZRcNJaH_KM9KMQ==
access-control-allow-origin: *
last-modified: Wed, 15 Sep 2021 17:28:20 GMT
server: nginx
x-server-response-time: 23
vary: Accept-Encoding
content-type: text/css
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: R9tVHulhv1F7VNsTxLfwerjO5AjNU8pxNcvvIX9o4DNKoqhGa3NopA==
expires: Thu, 15 Sep 2022 17:28:32 GMT

GET
H2

200

w.gif
traffic.prod.cobaltgroup.com/
Redirect Chain

https://traffic.prod.cobaltgroup.com/w.gif?cs:ev=8d0140e0281d10068b5b080020f0176c791500786198&cs:pg=HomePage&cs:plb=HomePage&cs:ply=HomePage_flex&cs:s=gmps-weeks&cs:si=92709ed0868f10048cd50003ba0ae...
https://dt.cobaltgroup.com/cookiejar/1.0/correlate?url=http%3a%2f%2ftraffic.prod.cobaltgroup.com%2fw.gif%3fcs%3agvid%3d%5bdtuid%5d%26cs%3aev%3d8d0140e0281d10068b5b080020f0176c791500786198%26cs%3apg...
https://traffic.prod.cobaltgroup.com/w.gif?cs:gvid=1632330077438189061&cs:ev=8d0140e0281d10068b5b080020f0176c791500786198&cs:pg=HomePage&cs:plb=HomePage&cs:ply=HomePage_flex&cs:s=gmps-weeks&cs:si=9...

43 B
1000 B

438ms
436ms

Image
image/gif

65.9.71.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://traffic.prod.cobaltgroup.com/w.gif?cs:gvid=1632330077438189061&cs:ev=8d0140e0281d10068b5b080020f0176c791500786198&cs:pg=HomePage&cs:plb=HomePage&cs:ply=HomePage_flex&cs:s=gmps-weeks&cs:si=92709ed0868f10048cd50003ba0ae224&cs:ssi=2A3038A569889B4B828552752126EDD8&cs:vi=2A3038A569889B4B828552752126EDD8&cs:theme=dcw-design-modern&cs:wt=card-header-c98d00b6-3eb0-4352-8aec-5caab451fd27,,0,0,0,1600,167,171,0,0&cs:wt=card-%20-221aba20-d09e-4e6b-9c8b-1b6e956e9ca3,,0,20,123,47,44,173,0,0&cs:wt=card-New%20Vehicles-6b37797f-618d-4eb5-b2a9-47484924f7bf,,0,67,123,147,44,174,0,0&cs:wt=card-navigationModelInventorya4d997c2-df4004b8-395f-4b78-b178-c3fe419c65db_41a83f15-3dae-42e8-9331-81dcd4b8bb9c,,0,0,0,100,100,174,0,0&cs:wt=card-navigationCMSd94ad941-b13fb727-bc96-4af9-9bc0-915a92d1a5a8_41a83f15-3dae-42e8-9331-81dcd4b8bb9c,,0,0,0,100,100,174,0,0&cs:wt=card-navigationModelInventory8b85bccb-c6cadc39-3e3b-4b3f-a413-1b034d455092_41a83f15-3dae-42e8-9331-81dcd4b8bb9c,,0,0,0,100,100,173,0,0&cs:wt=card-Finance-7fc0edb9-341f-4b86-87cb-a7ce10b16b5b,,0,410,123,108,44,173,0,0&cs:wt=card-Specials-e1d46b98-e94b-4f4d-a852-cc0bd6468da3,,0,518,123,113,44,173,0,0&cs:wt=card-Service%20&%20Parts-140041d1-9e29-4ba3-b614-f3212da42ff5,,0,631,123,161,44,174,0,0&cs:wt=card-Shop%20Click%20Drive-c73d8f1e-79df-47a8-95d0-ad902616ea32,,0,792,123,171,44,174,0,0&cs:wt=card-Owners-cf39624b-ae1e-4170-9d1d-70a9748ea7b0,,0,963,123,107,44,174,0,0&cs:wt=card-HomePage-3b2e52c2-3abb-493c-9750-8e6a3e208a77,,0,0,167,1600,5500,89,0,0&cs:wt=card-promotionCard-2b0e2c4e-f55d-465e-be29-fc773424e548,,0,0,167,1600,247,173,0,0&cs:wt=card-promotionCard-e7e67fb8-9c7c-4d4f-a4a0-8094b7ec6b8e,,0,0.000012184696970507503,199,1600,203,173,0,0&cs:wt=card-promotionCard-26bc4527-02d8-482f-b328-77064dffb0f7,,0,0.000012184696970507503,199,1600,4,173,0,0&cs:wt=card-keywordSearch-2f197cc1-36a5-43fc-ac20-abf6ac707af2,,0,0,446,1598,125,173,0,0&cs:wt=card-promotionCard-d6667484-df45-46ca-9859-cbd2822b60a9,,0,0,573,1600,404,173,0,0&cs:wt=card-promotionCard-c2c2ba77-4021-4732-9633-27802f0b6a8a,,0,32,605,491,372,173,0,0&cs:wt=card-promotionCard-79a8c0e1-83da-456f-98b5-d77a1b3bc49c,,0,554.65625,605,490,372,174,0,0&cs:wt=card-promotionCard-74feea95-9def-4a4a-be0b-63a7f175f6aa,,0,1077.3125,605,491,372,174,0,0&cs:wt=card-vehicleShowcaseWrapper-4923bb5b-955a-43af-a3b2-ff1ee1754ece,,0,0,1008.90625,1600,604,109,0,0&cs:wt=card-vehicleShowcase-e45a0cda-88e2-43b4-9943-009958e09dea-0,,0,96.33755493164062,1071.90625,446,495,173,0,0&cs:wt=card-vehicleShowcase-e45a0cda-88e2-43b4-9943-009958e09dea-1,,0,576.1500244140625,1071.90625,446,495,173,0,0&cs:wt=card-vehicleShowcase-e45a0cda-88e2-43b4-9943-009958e09dea-2,,0,1055.9625244140625,1071.90625,446,495,173,0,0&cs:wt=card-vehicleShowcase-e45a0cda-88e2-43b4-9943-009958e09dea-3,,0,1479.6837158203125,1071.90625,467,495,173,0,0&cs:wt=card-promotionCard-5747a10f-ddc8-4f73-b207-617ba39c3cf0,,0,0,1613.390625,1600,453,95,0,0&cs:wt=card-heroCard-4d6eaba1-d6fc-4b05-b555-8bb6111247e0,,0,544,1645.390625,1056,453,95,0,0&cs:wt=card-promotionCard-cbf42267-017e-455f-be6f-676cad4acd20-0,,0,0,0,1056,453,108,0,0&cs:wt=card-promotionCard-cbf42267-017e-455f-be6f-676cad4acd20-1,,0,0,0,1056,453,106,0,0&cs:wt=card-promotionCard-cbf42267-017e-455f-be6f-676cad4acd20-2,,0,0,0,1056,453,102,0,0&cs:wt=card-promotionCard-cbf42267-017e-455f-be6f-676cad4acd20-3,,0,0,0,1056,453,100,0,0&cs:wt=card-aboutMessageCard-65d966cc-0520-41dc-a9cd-e0ef105947e1_0d949b5f-de8b-4cdb-8e37-82c99f4f5cfe,,0,0,3957.328125,1600,865,91,0,0&cs:wt=card-aboutMessageCard-371577e3-a514-4645-9acd-8a12fa8ce69b_0d949b5f-de8b-4cdb-8e37-82c99f4f5cfe,,0,0,3989.328125,1600,455,92,0,0&cs:wt=card-hoursOfOperation-e2e36056-28f4-40c1-abab-cc9f4640b0e0_0d949b5f-de8b-4cdb-8e37-82c99f4f5cfe,,0,32,4021.328125,1003,423,92,0,0&cs:wt=card-footer-044bc93a-49da-4e28-be2f-63751b08b481,,0,0,5667.109375,1600,492,89,0,0&cs:w=1600,1200,287&cs:vs=&cs:checksum=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) mod_perl/2.0.4 Perl/v5.10.1 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:18 GMT
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
last-modified: Wed, 22 Sep 2021 13:37:35 GMT
server: Apache/2.2.15 (CentOS) mod_perl/2.0.4 Perl/v5.10.1
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate, post-check=0, pre-check=0
accept-ranges: bytes
content-length: 43
x-amz-cf-id: zpwN0O8a3ZZC5YDej7yFEb8n5zP4xlNgjDgTIf17Mh5NREiUIXKzkw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Wed, 22 Sep 2021 17:01:18 GMT
x-autoscale-group: x-prod-ca-asg
last-modified: Wed, 22 Sep 2021 17:01:18 GMT
server: CJ Service 2.0
location: https://traffic.prod.cobaltgroup.com/w.gif?cs:gvid=1632330077438189061&cs:ev=8d0140e0281d10068b5b080020f0176c791500786198&cs:pg=HomePage&cs:plb=HomePage&cs:ply=HomePage_flex&cs:s=gmps-weeks&cs:si=92709ed0868f10048cd50003ba0ae224&cs:ssi=2A3038A569889B4B828552752126EDD8&cs:vi=2A3038A569889B4B828552752126EDD8&cs:theme=dcw-design-modern&cs:wt=card-header-c98d00b6-3eb0-4352-8aec-5caab451fd27,,0,0,0,1600,167,171,0,0&cs:wt=card- -221aba20-d09e-4e6b-9c8b-1b6e956e9ca3,,0,20,123,47,44,173,0,0&cs:wt=card-New Vehicles-6b37797f-618d-4eb5-b2a9-47484924f7bf,,0,67,123,147,44,174,0,0&cs:wt=card-navigationModelInventorya4d997c2-df4004b8-395f-4b78-b178-c3fe419c65db_41a83f15-3dae-42e8-9331-81dcd4b8bb9c,,0,0,0,100,100,174,0,0&cs:wt=card-navigationCMSd94ad941-b13fb727-bc96-4af9-9bc0-915a92d1a5a8_41a83f15-3dae-42e8-9331-81dcd4b8bb9c,,0,0,0,100,100,174,0,0&cs:wt=card-navigationModelInventory8b85bccb-c6cadc39-3e3b-4b3f-a413-1b034d455092_41a83f15-3dae-42e8-9331-81dcd4b8bb9c,,0,0,0,100,100,173,0,0&cs:wt=card-Finance-7fc0edb9-341f-4b86-87cb-a7ce10b16b5b,,0,410,123,108,44,173,0,0&cs:wt=card-Specials-e1d46b98-e94b-4f4d-a852-cc0bd6468da3,,0,518,123,113,44,173,0,0&cs:wt=card-Service & Parts-140041d1-9e29-4ba3-b614-f3212da42ff5,,0,631,123,161,44,174,0,0&cs:wt=card-Shop Click Drive-c73d8f1e-79df-47a8-95d0-ad902616ea32,,0,792,123,171,44,174,0,0&cs:wt=card-Owners-cf39624b-ae1e-4170-9d1d-70a9748ea7b0,,0,963,123,107,44,174,0,0&cs:wt=card-HomePage-3b2e52c2-3abb-493c-9750-8e6a3e208a77,,0,0,167,1600,5500,89,0,0&cs:wt=card-promotionCard-2b0e2c4e-f55d-465e-be29-fc773424e548,,0,0,167,1600,247,173,0,0&cs:wt=card-promotionCard-e7e67fb8-9c7c-4d4f-a4a0-8094b7ec6b8e,,0,0.000012184696970507503,199,1600,203,173,0,0&cs:wt=card-promotionCard-26bc4527-02d8-482f-b328-77064dffb0f7,,0,0.000012184696970507503,199,1600,4,173,0,0&cs:wt=card-keywordSearch-2f197cc1-36a5-43fc-ac20-abf6ac707af2,,0,0,446,1598,125,173,0,0&cs:wt=card-promotionCard-d6667484-df45-46ca-9859-cbd2822b60a9,,0,0,573,1600,404,173,0,0&cs:wt=card-promotionCard-c2c2ba77-4021-4732-9633-27802f0b6a8a,,0,32,605,491,372,173,0,0&cs:wt=card-promotionCard-79a8c0e1-83da-456f-98b5-d77a1b3bc49c,,0,554.65625,605,490,372,174,0,0&cs:wt=card-promotionCard-74feea95-9def-4a4a-be0b-63a7f175f6aa,,0,1077.3125,605,491,372,174,0,0&cs:wt=card-vehicleShowcaseWrapper-4923bb5b-955a-43af-a3b2-ff1ee1754ece,,0,0,1008.90625,1600,604,109,0,0&cs:wt=card-vehicleShowcase-e45a0cda-88e2-43b4-9943-009958e09dea-0,,0,96.33755493164062,1071.90625,446,495,173,0,0&cs:wt=card-vehicleShowcase-e45a0cda-88e2-43b4-9943-009958e09dea-1,,0,576.1500244140625,1071.90625,446,495,173,0,0&cs:wt=card-vehicleShowcase-e45a0cda-88e2-43b4-9943-009958e09dea-2,,0,1055.9625244140625,1071.90625,446,495,173,0,0&cs:wt=card-vehicleShowcase-e45a0cda-88e2-43b4-9943-009958e09dea-3,,0,1479.6837158203125,1071.90625,467,495,173,0,0&cs:wt=card-promotionCard-5747a10f-ddc8-4f73-b207-617ba39c3cf0,,0,0,1613.390625,1600,453,95,0,0&cs:wt=card-heroCard-4d6eaba1-d6fc-4b05-b555-8bb6111247e0,,0,544,1645.390625,1056,453,95,0,0&cs:wt=card-promotionCard-cbf42267-017e-455f-be6f-676cad4acd20-0,,0,0,0,1056,453,108,0,0&cs:wt=card-promotionCard-cbf42267-017e-455f-be6f-676cad4acd20-1,,0,0,0,1056,453,106,0,0&cs:wt=card-promotionCard-cbf42267-017e-455f-be6f-676cad4acd20-2,,0,0,0,1056,453,102,0,0&cs:wt=card-promotionCard-cbf42267-017e-455f-be6f-676cad4acd20-3,,0,0,0,1056,453,100,0,0&cs:wt=card-aboutMessageCard-65d966cc-0520-41dc-a9cd-e0ef105947e1_0d949b5f-de8b-4cdb-8e37-82c99f4f5cfe,,0,0,3957.328125,1600,865,91,0,0&cs:wt=card-aboutMessageCard-371577e3-a514-4645-9acd-8a12fa8ce69b_0d949b5f-de8b-4cdb-8e37-82c99f4f5cfe,,0,0,3989.328125,1600,455,92,0,0&cs:wt=card-hoursOfOperation-e2e36056-28f4-40c1-abab-cc9f4640b0e0_0d949b5f-de8b-4cdb-8e37-82c99f4f5cfe,,0,32,4021.328125,1003,423,92,0,0&cs:wt=card-footer-044bc93a-49da-4e28-be2f-63751b08b481,,0,0,5667.109375,1600,492,89,0,0&cs:w=1600,1200,287&cs:vs=&cs:checksum=1
p3p: CP="NOI DSP CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
content-type: application/json
expires: Tue, 19 Apr 1994 04:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 36ms
15ms Script
text/javascript 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBTHFZD

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 860
date: Wed, 22 Sep 2021 16:46:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Wed, 22 Sep 2021 18:46:57 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 323ms
22ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBTHFZD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

0899c22c6b5ecb084f0746f194d82a887c52906770ff9b168eabdc775da7c728

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14069
x-xss-protection: 0
server: cafe
etag: 5051469215060845982
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 22 Sep 2021 17:01:17 GMT

GET
H2

200

UCMController Show response
login.dotomi.com/ucm/ Frame 42B6
Redirect Chain

https://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_fid=176&dtm_cid=2925&dtm_cmagic=ac34ae&dtm_format=5&cli_promo_id=10&dealer_brand=Buick%7CChevrolet%7CGMC&dealer_id=116531&dealer_name=Weeks...
https://core.conversant.mgr.consensu.org/gdpr/iab/consent/current?rdct_url=https%3A%2F%2Flogin.dotomi.com%2Fucm%2FUCMController%3Fgdpr%3D1%26dtm_com%3D28%26dtm_fid%3D176%26dtm_cid%3D2925%26dtm_cmag...
https://login.dotomi.com/ucm/UCMController?gdpr=1&dtm_com=28&dtm_fid=176&dtm_cid=2925&dtm_cmagic=ac34ae&dtm_format=5&cli_promo_id=10&dealer_brand=Buick%7CChevrolet%7CGMC&dealer_id=116531&dealer_nam...

2 KB
1 KB

17ms
16ms

Document
text/html

89.207.16.201
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://login.dotomi.com/ucm/UCMController?gdpr=1&dtm_com=28&dtm_fid=176&dtm_cid=2925&dtm_cmagic=ac34ae&dtm_format=5&cli_promo_id=10&dealer_brand=Buick%7CChevrolet%7CGMC&dealer_id=116531&dealer_name=Weeks+Chevrolet+Buick+GMC&dtm_user_id=2A3038A569889B4B828552752126EDD8&page_type=HomePage&canonical_url=https%3A%2F%2Fwww.gregweeks.com%2F&dtmc_loc=https%3A%2F%2Fwww.gregweeks.com%2F&dtm_user_ip=216.131.114.115&dtm_user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F93.0.4577.63+Safari%2F537.36&dtm_referrer=https%3A%2F%2Fwww.gregweeks.com%2F&gdpr_consent=
Requested by: Host: www.gregweeks.com
URL: https://www.gregweeks.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.207.16.201 Roydon, United Kingdom, ASN41041 (VCLK-EU-SE, US),
Reverse DNS: ams04-usadmm.dotomi.com
Software: nginx /
Resource Hash: 7a34bf88a27f7a34f40d827af21f0bcbfc3a1246973e3c98cc6d2dee59d551c4

Request headers

:method: GET
:authority: login.dotomi.com
:scheme: https
:path: /ucm/UCMController?gdpr=1&dtm_com=28&dtm_fid=176&dtm_cid=2925&dtm_cmagic=ac34ae&dtm_format=5&cli_promo_id=10&dealer_brand=Buick%7CChevrolet%7CGMC&dealer_id=116531&dealer_name=Weeks+Chevrolet+Buick+GMC&dtm_user_id=2A3038A569889B4B828552752126EDD8&page_type=HomePage&canonical_url=https%3A%2F%2Fwww.gregweeks.com%2F&dtmc_loc=https%3A%2F%2Fwww.gregweeks.com%2F&dtm_user_ip=216.131.114.115&dtm_user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F93.0.4577.63+Safari%2F537.36&dtm_referrer=https%3A%2F%2Fwww.gregweeks.com%2F&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gregweeks.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/

Response headers

server: nginx
date: Wed, 22 Sep 2021 17:01:18 GMT
content-type: text/html
content-length: 993
cache-control: no-cache, private, max-age=0, no-store
expires: 0
pragma: no-cache
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
content-encoding: gzip

Redirect headers

server: nginx
date: Wed, 22 Sep 2021 17:01:18 GMT
content-length: 0
cache-control: no-cache, private, max-age=0, no-store
expires: 0
pragma: no-cache
location: https://login.dotomi.com/ucm/UCMController?gdpr=1&dtm_com=28&dtm_fid=176&dtm_cid=2925&dtm_cmagic=ac34ae&dtm_format=5&cli_promo_id=10&dealer_brand=Buick%7CChevrolet%7CGMC&dealer_id=116531&dealer_name=Weeks+Chevrolet+Buick+GMC&dtm_user_id=2A3038A569889B4B828552752126EDD8&page_type=HomePage&canonical_url=https%3A%2F%2Fwww.gregweeks.com%2F&dtmc_loc=https%3A%2F%2Fwww.gregweeks.com%2F&dtm_user_ip=216.131.114.115&dtm_user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F93.0.4577.63+Safari%2F537.36&dtm_referrer=https%3A%2F%2Fwww.gregweeks.com%2F&gdpr_consent=

GET
H2 200 bat.js Show response
bat.bing.com/ 34 KB
10 KB 646ms
45ms Script
application/javascript 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBTHFZD
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: a-0001.a-msedge.net
Software: /
Resource Hash: bbb8a9ae5ce61d328c7904045c107506055c81333bd224b2244e2ff39ae882e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:17 GMT
content-encoding: gzip
last-modified: Wed, 15 Sep 2021 18:56:21 GMT
x-msedge-ref: Ref A: 39155A577AC7495CB69469F32AC25D08 Ref B: PRG01EDGE1013 Ref C: 2021-09-22T17:01:18Z
etag: "80386a5f63aad71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 9827

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 160 KB
50 KB 22ms
22ms Script
application/javascript 216.58.212.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NBGB6LV

Requested by

Host: www.gregweeks.com
URL: https://www.gregweeks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.168 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f168.1e100.net

Software

Google Tag Manager /

Resource Hash

d1d2bd2cb1fa09f391c822f91df93e8b81815ea1f0068516d12488d1e21db934

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:17 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51044
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:32:57 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 22 Sep 2021 17:01:17 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 85 KB
34 KB 21ms
20ms Script
application/javascript 216.58.212.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P3DB5M4

Requested by

Host: www.gregweeks.com
URL: https://www.gregweeks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.168 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f168.1e100.net

Software

Google Tag Manager /

Resource Hash

bdbad02f3cd8b9a224a48f6fdf5b715adc53e82f79d3ded1897d72ea0abd5d3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:17 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34544
x-xss-protection: 0
expires: Wed, 22 Sep 2021 17:01:17 GMT

GET
BLOB 200
OK 49f3fa2a-58c4-4e38-ba05-88a18fd8a808
https://www.gregweeks.com/ 9 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.gregweeks.com/49f3fa2a-58c4-4e38-ba05-88a18fd8a808
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c48aeb5fd15a7c40c8e367d1ac76ffab5c51e2279b3e2a162c0181dd03f47586

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length: 9141

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 20ms
20ms XHR
text/plain 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=226948857&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gregweeks.com%2F&ul=en-us&de=UTF-8&dt=New%20%26%20Used%20Cars%20for%20Sale%20-%20Weeks%20Is%20Your%20Chevy%20Buick%20GMC%20Dealer%20In%20West%20Frankfort%2C%20Illinois.%20Right%20on%20the%20Price%2C%20Right%20Off%20I-57&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1039350978&gjid=1605728223&cid=786439804.1632330078&tid=UA-171844001-1&_gid=1609757215.1632330078&_r=1&gtm=2ou9k0&z=938410509

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gregweeks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gregweeks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 21ms
21ms XHR
text/plain 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=226948857&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gregweeks.com%2F&ul=en-us&de=UTF-8&dt=New%20%26%20Used%20Cars%20for%20Sale%20-%20Weeks%20Is%20Your%20Chevy%20Buick%20GMC%20Dealer%20In%20West%20Frankfort%2C%20Illinois.%20Right%20on%20the%20Price%2C%20Right%20Off%20I-57&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAAC~&jid=1768222945&gjid=248868741&cid=786439804.1632330078&tid=UA-130418598-1&_gid=1609757215.1632330078&_r=1&gtm=2ou9k0&z=1175772756

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gregweeks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gregweeks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 21ms
20ms XHR
text/plain 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=226948857&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gregweeks.com%2F&ul=en-us&de=UTF-8&dt=New%20%26%20Used%20Cars%20for%20Sale%20-%20Weeks%20Is%20Your%20Chevy%20Buick%20GMC%20Dealer%20In%20West%20Frankfort%2C%20Illinois.%20Right%20on%20the%20Price%2C%20Right%20Off%20I-57&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAAC~&jid=1311014955&gjid=63638152&cid=786439804.1632330078&tid=UA-111806281-27&_gid=1609757215.1632330078&_r=1&gtm=2wg9k0NBTHFZD&z=535536557

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gregweeks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gregweeks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 21ms
20ms XHR
text/plain 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=226948857&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gregweeks.com%2F&ul=en-us&de=UTF-8&dt=New%20%26%20Used%20Cars%20for%20Sale%20-%20Weeks%20Is%20Your%20Chevy%20Buick%20GMC%20Dealer%20In%20West%20Frankfort%2C%20Illinois.%20Right%20on%20the%20Price%2C%20Right%20Off%20I-57&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAAC~&jid=998933553&gjid=1667613098&cid=786439804.1632330078&tid=UA-111031593-1&_gid=1609757215.1632330078&_r=1&gtm=2wg9k0NBTHFZD&z=663278026

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gregweeks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gregweeks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

iframe Show response
d1eoo1tco6rr5e.cloudfront.net/1kmflhb/cvdmkpp/ Frame BC28
Redirect Chain

https://insight.adsrvr.org/tags/1kmflhb/cvdmkpp/iframe
https://d1eoo1tco6rr5e.cloudfront.net/1kmflhb/cvdmkpp/iframe

133 B
615 B

445ms
405ms

Document
text/html

143.204.209.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1eoo1tco6rr5e.cloudfront.net/1kmflhb/cvdmkpp/iframe
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/partner-packages/partner-packages-1.0.2874/baselDeploy/basel.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-113.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4654946b667603adc6813827f2d7476f65f6109004f5997ce01a27004e8ab87e

Request headers

Host: d1eoo1tco6rr5e.cloudfront.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.gregweeks.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/

Response headers

Content-Type: text/html
Content-Length: 133
Connection: keep-alive
Last-Modified: Tue, 05 Jul 2016 16:42:47 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Wed, 22 Sep 2021 17:01:19 GMT
Cache-Control: no-cache
ETag: "a9fb75e52e7162b5c0e453f717481579"
X-Cache: RefreshHit from cloudfront
Via: 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: sgse3JJVWPFE1x_3W9U5J3tJKTKEacILb2eA7JnHNx_N75CSlZRXcw==

Redirect headers

date: Wed, 22 Sep 2021 17:01:18 GMT
content-type: text/html; charset=UTF-8
content-length: 183
location: https://d1eoo1tco6rr5e.cloudfront.net/1kmflhb/cvdmkpp/iframe
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H/1.1

200
OK

iframe Show response
d1eoo1tco6rr5e.cloudfront.net/1kmflhb/kvgt7ru/ Frame AA96
Redirect Chain

https://insight.adsrvr.org/tags/1kmflhb/kvgt7ru/iframe
https://d1eoo1tco6rr5e.cloudfront.net/1kmflhb/kvgt7ru/iframe

133 B
648 B

452ms
414ms

Document
text/html

143.204.209.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1eoo1tco6rr5e.cloudfront.net/1kmflhb/kvgt7ru/iframe
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/partner-packages/partner-packages-1.0.2874/baselDeploy/basel.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-113.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d57867e7414e43bf313e1c3a485ade1b13de56237fed34ce5f4553e5eeff43a6

Request headers

Host: d1eoo1tco6rr5e.cloudfront.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.gregweeks.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/

Response headers

Content-Type: text/html
Content-Length: 133
Connection: keep-alive
Last-Modified: Tue, 05 Jul 2016 16:42:48 GMT
Accept-Ranges: bytes
Server: AmazonS3
X-Edge-Origin-Shield-Skipped: 0
Date: Wed, 22 Sep 2021 17:01:19 GMT
Cache-Control: no-cache
ETag: "882ca2eab80b65c45c213741fdb3cc0b"
X-Cache: RefreshHit from cloudfront
Via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: ZkxV0Sj0OUmrTFbFDrWanx7t8ax9Dkch1fda9-5Qk0TnSPJOg6gtiw==

Redirect headers

date: Wed, 22 Sep 2021 17:01:18 GMT
content-type: text/html; charset=UTF-8
content-length: 183
location: https://d1eoo1tco6rr5e.cloudfront.net/1kmflhb/kvgt7ru/iframe
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 cv_pixel.js Show response
adservices.brandcdn.com/pixel/ 2 KB
1 KB 683ms
166ms Script
application/javascript 52.52.232.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adservices.brandcdn.com/pixel/cv_pixel.js
Requested by: Host: www.gregweeks.com
URL: https://www.gregweeks.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.52.232.60 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-52-232-60.us-west-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: bc530c3c75bb87677cb79d645697759ea411ab9ca7ba55cb28d5e040ff44f603

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:18 GMT
content-encoding: gzip
last-modified: Fri, 23 Apr 2021 14:43:33 GMT
server: Apache/2.4.29 (Ubuntu)
etag: "613-5c0a4d1fc7d19-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 745

GET
H2 200 /
insight.adsrvr.org/track/evnt/ 70 B
260 B 543ms
29ms Image
image/gif 54.246.44.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/evnt/?ct=0:qojeqvgn&adv=lisifaq&fmt=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.44.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-44-247.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:18 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 /
insight.adsrvr.org/track/evnt/ 70 B
261 B 542ms
29ms Image
image/gif 54.246.44.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/evnt/?adv=1kmflhb&ct=0:cvdmkpp&fmt=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.44.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-44-247.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:18 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/780419323/ 2 KB
2 KB 540ms
28ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/780419323/?random=1632330077629&cv=9&fst=1632330077629&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9k0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.gregweeks.com%2F&tiba=New%20%26%20Used%20Cars%20for%20Sale%20-%20Weeks%20Is%20Your%20Chevy%20Buick%20GMC%20Dealer%20In%20West%20Frankfort%2C%20Illinois.%20Right%20on%20the%20Price%2C%20Right%20Off%20I-57&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

7a6b9a7b00b55af8910a069ec31fb8215c00c0c5a0071374d715cc22530df196

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1104
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.marchex.io/ 43 B
285 B 99ms
98ms Image
image/gif 35.169.206.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.marchex.io/pixel.gif?c=1632330077632&p=wum6wF,4um6wF,Q-Y6wF,VpEIkH,og.NAD
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.206.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-206-198.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:17 GMT
last-modified: Thu, 01 Jul 2021 14:25:02 GMT
server: Apache
etag: "2b-5c6109ac86f97"
p3p: policyref="px.marchex.io/w3c/p3p.xml", CP="NOI DSP COR CUR ADM DEV PSA PSD TAI IVA IVD HIS OUR UNI IND COM"
accept-ranges: bytes
content-type: image/gif
content-length: 43

GET
H2 200 pixel.gif
px.marchex.io/ 43 B
285 B 99ms
99ms Image
image/gif 35.169.206.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.marchex.io/pixel.gif?c=1632330077632&p=wum6wF,4um6wF,Q-Y6wF,VpEIkH,og.NAD&cid=Q6kaDT7u0x6b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.206.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-206-198.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:17 GMT
last-modified: Thu, 01 Jul 2021 14:25:02 GMT
server: Apache
etag: "2b-5c6109ac86f97"
p3p: policyref="px.marchex.io/w3c/p3p.xml", CP="NOI DSP COR CUR ADM DEV PSA PSD TAI IVA IVD HIS OUR UNI IND COM"
accept-ranges: bytes
content-type: image/gif
content-length: 43

GET
H2 200 customerchat.php Show response
www.facebook.com/v10.0/plugins/ Frame 6AB4 110 KB
34 KB 269ms
244ms Document
text/html 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v10.0/plugins/customerchat.php?app_id=&attribution=install_email&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df813eb2ae70e1c%26domain%3Dwww.gregweeks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.gregweeks.com%252Ff28c8e3a66a6048%26relation%3Dparent.parent&container_width=0&current_url=https%3A%2F%2Fwww.gregweeks.com%2F&locale=en_US&page_id=105871152774563&request_time=1632330077676&sdk=joey

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

Resource Hash

86463fd8092799a570ffb7ae829e01202f78da2fb102154f8ed4c43d5225421b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://www.gregweeks.com; default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v10.0/plugins/customerchat.php?app_id=&attribution=install_email&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df813eb2ae70e1c%26domain%3Dwww.gregweeks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.gregweeks.com%252Ff28c8e3a66a6048%26relation%3Dparent.parent&container_width=0&current_url=https%3A%2F%2Fwww.gregweeks.com%2F&locale=en_US&page_id=105871152774563&request_time=1632330077676&sdk=joey
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gregweeks.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/

Response headers

vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
x-fb-rlafr: 0
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: frame-ancestors https://www.gregweeks.com; default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version: v10.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: X7eGT+XVPHeFVWKGPYq7YGuCx4yAG7Bjpkv1P+S1jtAtgHWxiwfO1yJHGRI8IwcA/dQelsNXLX+UcJ4W5EFCaQ==
date: Wed, 22 Sep 2021 17:01:18 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 f10d4c7301b948d7a74f6d1305d97cc6_c0x0-1600x200_x1600.jpg
media.assets.sincrod.com/websites/content/gmps-weeks/generic/ 69 KB
69 KB 13ms
13ms Image
image/jpeg 65.9.71.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.assets.sincrod.com/websites/content/gmps-weeks/generic/f10d4c7301b948d7a74f6d1305d97cc6_c0x0-1600x200_x1600.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 2e3aafbdd786760a994964ba1797d11a8d465e0e453881a911a8cd41dde691b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Wed, 22 Sep 2021 17:01:17 GMT
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
x-original-content-length: 116940
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
x-server-start-time: 1632330077054
x-application-context: mediaStorageService:prod-cfp-pdx
logging-correlationid: mOTT-JhsqOYkjPwliF9EXQ_F0EXiB-66HqPocGnTIOHMHwnWEjteHg==
last-modified: Wed, 11 Nov 2020 16:45:31 GMT
server: nginx
x-server-response-time: 154
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
content-length: 70250
x-amz-cf-id: jjGDE2KEvyjUD6XVJNQzIwpWQKkQl49ltUUpDJq3zyY4aV1rIb4nbQ==
expires: Thu, 22 Sep 2022 17:01:17 GMT

GET
H2 200 iFrame.html Show response
universal.iperceptions.com/ Frame 98F3 2 KB
1 KB 9ms
8ms Document
text/html 99.86.4.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://universal.iperceptions.com/iFrame.html
Requested by: Host: universal.iperceptions.com
URL: https://universal.iperceptions.com/wrapper.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-11.fra6.r.cloudfront.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 7d0bae598799d3c42ca5d7d7c8a8b79b67de62afe2e9d3dcee258328e40f39eb

Request headers

:method: GET
:authority: universal.iperceptions.com
:scheme: https
:path: /iFrame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gregweeks.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/

Response headers

content-type: text/html
content-md5: Vmg/mBwwVR6Kl52r4KoGqg==
last-modified: Tue, 28 Jan 2020 16:03:04 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 3a80df15-301e-0024-688a-ae69d3000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
content-encoding: gzip
date: Wed, 22 Sep 2021 16:57:51 GMT
vary: Accept-Encoding
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
cache-control: public,max-age=7200
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: bXnZO1fMU7ionUlWK2i7fU8wsS6X2GaAZBIBcuwF3-d1j6hA7L-ntg==

GET
H2 200 ckCookies.js Show response
dt.cobaltgroup.com/dt/ 17 B
170 B 165ms
165ms Script
text/javascript 54.176.104.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dt.cobaltgroup.com/dt/ckCookies.js?dtuid=1632330077438189061
Requested by: Host: dt.cobaltgroup.com
URL: https://dt.cobaltgroup.com/dt.js?uidindex=ws&uid=2A3038A569889B4B828552752126EDD8&webid=gmps-weeks&sitetype=dealer&eventId=8d0140e0281d10068b5b080020f0176c&cs:ssi=2A3038A569889B4B828552752126EDD8&_=1632330075342
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.176.104.101 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-176-104-101.us-west-1.compute.amazonaws.com
Software: Display Tracker 2.0 /
Resource Hash: 46787dd8637d6a3eb90accc10852bfbcec47e4509d0e8be42535e007d253c78b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:17 GMT
content-encoding: gzip
x-autoscale-group: dt-prod-ca-asg
server: Display Tracker 2.0
content-length: 37
content-type: text/javascript

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/
Redirect Chain

https://s.amazon-adsystem.com/iu3?d=3pecm&ad=1509026001
https://s.amazon-adsystem.com/iu3?d=3pecm&ad=1509026001&dcc=t

0
0

133ms
133ms

Image
text/html

52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iu3?d=3pecm&ad=1509026001&dcc=t
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Wed, 22 Sep 2021 17:01:18 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: ZJNYCQFQC31QY6G9D0PY
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?d=3pecm&ad=1509026001&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 g.pixel
aa.agkn.com/adscores/ 43 B
350 B 423ms
19ms Image
image/gif 18.168.102.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212297528&puid=1632330077438189061
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.168.102.56 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-168-102-56.eu-west-2.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:18 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 msid.gif
px.marchex.io/ 43 B
285 B 99ms
98ms Image
image/gif 35.169.206.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.marchex.io/msid.gif?spid=cdk&uid=1632330077438189061
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.206.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-206-198.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:17 GMT
last-modified: Thu, 01 Jul 2021 14:25:02 GMT
server: Apache
etag: "2b-5c6109ac87f37"
p3p: policyref="px.marchex.io/w3c/p3p.xml", CP="NOI DSP COR CUR ADM DEV PSA PSD TAI IVA IVD HIS OUR UNI IND COM"
accept-ranges: bytes
content-type: image/gif
content-length: 43

GET
H2 451 398676.gif
idsync.rlcdn.com/ 0
66 B 426ms
14ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/398676.gif?partner_uid=1632330077438189061
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:18 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET a.gif
s.ixiaa.com/ 0
0

GET
H2 200 L21rdC84MTYvY2lkLzI4NTkwODExL3QvMi9jYXQvMzE2MTg0MTQ
d.turn.com/r/dd/id/ 43 B
407 B 346ms
19ms Image
image/gif 46.228.164.13
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzI4NTkwODExL3QvMi9jYXQvMzE2MTg0MTQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.228.164.13 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:17 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H3 200 644621039655564 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 291ms
290ms Script
application/x-javascript 31.13.92.14
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/644621039655564?v=2.9.46&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frt3.fbcdn.net

Software

Resource Hash

636ab8e6ba87263dafc083512c38026738e2165be977710583afab3f1b12dc0c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: fgTXK/QKdBokjFSRetSlgbUWd8UMXeag5ACZvmpaCqAaoB9OSJX0XAL2Dm0NUudnDR4uxU/Gs4MO1bQNDzOC+Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 22 Sep 2021 17:01:18 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
313 B 7ms
7ms Image
image/gif 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=281451819025246&ev=PageView&dl=https%3A%2F%2Fwww.gregweeks.com%2F&rl=&if=false&ts=1632330077747&sw=1600&sh=1200&v=2.9.46&r=stable&ec=0&o=30&fbp=fb.1.1632330077746.726864890&it=1632330077376&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:18 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 22 Sep 2021 17:01:18 GMT

GET
H2 200 icon1.png
c.evidon.com/pub/ 600 B
907 B 606ms
185ms Image
image/png 23.42.166.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.evidon.com/pub/icon1.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.42.166.8 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-42-166-8.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 40d2dae0209b964e6ceb2607faafc02bb3d6efa0d73f47a4ab2a17279f642b91

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:18 GMT
content-encoding: gzip
last-modified: Thu, 02 Jun 2011 18:30:38 GMT
server: AkamaiNetStorage
etag: "d08da9f445b63100a56646de99043059:1307039438"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: image/png
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=864000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 623

GET
H2 204 p.gif
l.betrad.com/pub/ 0
121 B 352ms
114ms Image
text/plain 35.169.11.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.betrad.com/pub/p.gif?pid=22486&ocid=6896&ii=1&mb=0&r=0.18664531168646725
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.11.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-11-179.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:18 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

GET
H2 200 nextGenFrameLoader.js Show response
fo-static.assets-cdk.com/app/connectedstore/web/integration/ 13 KB
4 KB 642ms
641ms Script
text/javascript 13.32.22.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fo-static.assets-cdk.com/app/connectedstore/web/integration/nextGenFrameLoader.js?_=1632330077750
Requested by: Host: fo-static.assets-cdk.com
URL: https://fo-static.assets-cdk.com/app/connectedstore/web/integration/nextGen.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.22.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-22-64.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 875fc9e292b1e1b5ea02145900ab2dc3c079e6612f72e9c4d3d9d32d10af731b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 22 Sep 2021 17:01:19 GMT
content-encoding: gzip
last-modified: Tue, 21 Sep 2021 06:58:26 GMT
server: AmazonS3
x-edge-origin-shield-skipped: 0
etag: W/"0424ffdbc5716ae1ef66b876816e529a"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: oPCvUhWSJNGjnoXssV9TODxnWHXyHWAX
via: 1.1 747e99d9d8c5e29fdc713cf866bc3f83.cloudfront.net (CloudFront)
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA56-C2
content-type: text/javascript
x-amz-cf-id: c0AFRz4RJD8TEoJD_MLwq2RkQuJjXxICXcjUE6HCO6PkdrippfsE_Q==

GET
H2 200 config.json Show response
cdn.acsbapp.com/cache/app/gregweeks.com/ 136 B
323 B 406ms
86ms Fetch
application/json 206.189.187.108
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.acsbapp.com/cache/app/gregweeks.com/config.json
Requested by: Host: acsbapp.com
URL: https://acsbapp.com/apps/app/assets/js/acsb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 206.189.187.108 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: cdn103.acsbapp.com
Software: /
Resource Hash: e1d605a253d179b591cae0bcbe99bba76761520e595e0234eed07e68d6d739f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:18 GMT
last-modified: Wed, 22 Sep 2021 02:56:04 GMT
etag: "88-614a9b44-a79d29ee613bd7f5;;;"
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=432000 public
accept-ranges: bytes
access-control-allow-headers: *
content-length: 136
expires: Thu, 23 Sep 2021 17:01:18 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
413 B 46ms
14ms XHR
text/plain 74.125.206.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-111806281-27&cid=786439804.1632330078&jid=1311014955&gjid=63638152&_gid=1609757215.1632330078&_u=YEDAAUABAAAAAC~&z=786960326

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.206.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wk-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gregweeks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 22 Sep 2021 17:01:18 GMT
content-type: text/plain
access-control-allow-origin: https://www.gregweeks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
68 B 46ms
14ms XHR
text/plain 74.125.206.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-111031593-1&cid=786439804.1632330078&jid=998933553&gjid=1667613098&_gid=1609757215.1632330078&_u=YEDAAUABAAAAAC~&z=1589127180

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.206.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wk-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gregweeks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 22 Sep 2021 17:01:18 GMT
content-type: text/plain
access-control-allow-origin: https://www.gregweeks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1042608535/ 2 KB
1 KB 27ms
26ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1042608535/?random=1632330078129&cv=9&fst=1632330078129&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9k0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.gregweeks.com%2F&tiba=New%20%26%20Used%20Cars%20for%20Sale%20-%20Weeks%20Is%20Your%20Chevy%20Buick%20GMC%20Dealer%20In%20West%20Frankfort%2C%20Illinois.%20Right%20on%20the%20Price%2C%20Right%20Off%20I-57&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3e89a70dd3c89ab90f2031c54c979519545e48c84de1a536dc6ecea69989edb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1083
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt.gif
dt.admission.net/ 43 B
454 B 167ms
165ms Image
image/gif 54.176.104.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.admission.net/dt.gif?sync=1&dtuid=1632330077438189061
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.176.104.101 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-176-104-101.us-west-1.compute.amazonaws.com
Software: Display Tracker 2.0 /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:18 GMT
x-autoscale-group: dt-prod-ca-asg
last-modified: Wed, 22 Sep 2021 17:01:18 GMT
server: Display Tracker 2.0
p3p: CP="NOI DSP CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
content-type: image/gif
content-length: 43
expires: Tue, 19 Apr 1994 04:00:00 GMT

GET
H2 200 DFPAudiencePixel;ord=77254217;dc_seg=543911685
pubads.g.doubleclick.net/activity;dc_iu=/18353239/ 42 B
656 B 43ms
19ms Image
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;dc_iu=/18353239/DFPAudiencePixel;ord=77254217;dc_seg=543911685?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activity;src=1139716;dcnet=3880;boom=40149;sz=1x1;ord=77254217
ad.doubleclick.net/ 42 B
656 B 73ms
19ms Image
image/gif 142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;src=1139716;dcnet=3880;boom=40149;sz=1x1;ord=77254217?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
bid.g.doubleclick.net/xbbe/invitepixel/
Redirect Chain

https://segment-pixel.invitemedia.com/pixel?pixelID=67458&partnerID=198&key=segment
https://bid.g.doubleclick.net/xbbe/invitepixel/pixel?pixelID=67458&partnerID=198&key=segment

43 B
761 B

94ms
30ms

Image
image/gif

108.177.15.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bid.g.doubleclick.net/xbbe/invitepixel/pixel?pixelID=67458&partnerID=198&key=segment

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.177.15.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wr-in-f155.1e100.net

Software

cafe /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:18 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Wed, 22 Sep 2021 17:01:18 GMT

Redirect headers

date: Wed, 22 Sep 2021 17:01:18 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
location: https://bid.g.doubleclick.net/xbbe/invitepixel/pixel?pixelID=67458&partnerID=198&key=segment
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 297
x-xss-protection: 0

GET
H/1.1

200
OK

setuid
ib.adnxs.com/
Redirect Chain

https://s.tribalfusion.com/i.cid?c=663573&d=30&page=landingPage
https://s.tribalfusion.com/z/i.cid?c=663573&d=30&page=landingPage
https://ib.adnxs.com/getuidu?https://a.tribalfusion.com/i.match?p=b26&u=$UID&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24
https://ib.adnxs.com/bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db26%26u%3D%24UID%26redirect%3Dhttps%253A%252F%252Fib.adnxs.com%252Fsetuid%253Fentity%253D305%2526code%253D%...
https://a.tribalfusion.com/i.match?p=b26&u=1118434049445511194&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24
https://ib.adnxs.com/setuid?entity=305&code=18072662189053032986

43 B
998 B

8ms
8ms

Image
image/gif

37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=305&code=18072662189053032986

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Sep 2021 17:01:19 GMT
X-Proxy-Origin: 216.131.114.115; 216.131.114.115; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 4cac5cc5-f782-4392-b34d-8e250a2c9ad9
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:18 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 12
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 692d1830bccc4d89-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://ib.adnxs.com/setuid?entity=305&code=18072662189053032986
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK spp.pl
sp.analytics.yahoo.com/ 43 B
964 B 102ms
34ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10061121&ec=chevyin

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 17:01:18 GMT
X-Content-Type-Options: nosniff
Age: 0
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Wed, 22 Sep 2021 17:01:18 GMT

GET
H/1.1

200
OK

pixel
ad.ipredictive.com/d/rt/
Redirect Chain

https://mpp.vindicosuite.com/conv/v=5;m=1;t=26220;ts=77254217
https://ad.ipredictive.com/d/rt/pixel?rtsite_id=44017&uuid=e0ce7954-5a71-4574-99b1-fcbc62fdcebf&rr=1632330082

631 B
1 KB

111ms
111ms

Image
image/jpeg

52.7.3.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.ipredictive.com/d/rt/pixel?rtsite_id=44017&uuid=e0ce7954-5a71-4574-99b1-fcbc62fdcebf&rr=1632330082
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.7.3.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-3-164.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 17:01:22 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 631
X-CI-RTID: b6ff6c65-1bc6-11ec-a4f0-b50003689f11
Content-Type: image/jpeg

Redirect headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:22 GMT
via: 1.1 google
server: ee2d5e08078cb640588ad60c1400dd319af22492be28c0a4480b033de6b3114a
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, POST, TRACE, OPTIONS
p3p: CP="NOI DSP COR DEVa TAIa OUR BUS UNI NAV"
location: https://ad.ipredictive.com/d/rt/pixel?rtsite_id=44017&uuid=e0ce7954-5a71-4574-99b1-fcbc62fdcebf&rr=1632330082
cache-control: no-store,no-cache,must-revalidate,post-check=0,pre-check=0
access-control-allow-headers: Content-Type
content-type: text/html;charset=ISO-8859-1
alt-svc: clear
content-length: 0
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 p-BQgmK_JYr5DWc.gif
pixel.quantserve.com/pixel/ 35 B
371 B 58ms
10ms Image
image/gif 91.228.74.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-BQgmK_JYr5DWc.gif?labels=_fp.event.ChevyInNew

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.189 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:18 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 p-BQgmK_JYr5DWc.gif
pixel.quantserve.com/pixel/ 35 B
372 B 9ms
8ms Image
image/gif 91.228.74.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-BQgmK_JYr5DWc.gif?labels=_fp.event.Chevy+In+Q217

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.189 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:18 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel.gif
login.dotomi.com/
Redirect Chain

https://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_cid=3035&dtm_cmagic=03bfc1&dtm_fid=101&dtm_format=6&cli_promo_id=2&brand=chevy&optin=true&dealer_id=gmps-weeks&cdk_id=1632330077438189061
https://core.conversant.mgr.consensu.org/gdpr/iab/consent/current?rdct_url=https%3A%2F%2Flogin.dotomi.com%2Fucm%2FUCMController%3Fgdpr%3D1%26dtm_com%3D28%26dtm_cid%3D3035%26dtm_cmagic%3D03bfc1%26dt...
https://login.dotomi.com/ucm/UCMController?gdpr=1&dtm_com=28&dtm_cid=3035&dtm_cmagic=03bfc1&dtm_fid=101&dtm_format=6&cli_promo_id=2&brand=chevy&optin=true&dealer_id=gmps-weeks&cdk_id=16323300774381...
https://login.dotomi.com/pixel.gif

43 B
129 B

25ms
25ms

Image
image/gif

89.207.16.201
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.dotomi.com/pixel.gif
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.207.16.201 Roydon, United Kingdom, ASN41041 (VCLK-EU-SE, US),
Reverse DNS: ams04-usadmm.dotomi.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:18 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:18 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://login.dotomi.com/pixel.gif
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H/1.1 200
OK iui3
s.amazon-adsystem.com/ 43 B
932 B 305ms
108ms Image
image/gif 52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3Ddf4de44b-17de-975d-411b-e5e14064606f%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.chevrolet.com/&ex-hargs=v%3D1.0%3Bc%3D4772903830801%3Bp%3DDF4DE44B-17DE-975D-411B-E5E14064606F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Sep 2021 17:01:18 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 1C16EC3XHH8B1JAZCN4Z
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 p-ZXDzrsfZtpwXm.gif
pixel.quantserve.com/pixel/ 35 B
374 B 10ms
9ms Image
image/gif 91.228.74.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-ZXDzrsfZtpwXm.gif?labels=_fp.event.Chevy+In

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.189 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:18 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/
Redirect Chain

https://s.tribalfusion.com/i.cid?c=663603&d=30&page=landingPage
https://s.tribalfusion.com/z/i.cid?c=663603&d=30&page=landingPage
https://ib.adnxs.com/getuidu?https://a.tribalfusion.com/i.match?p=b26&u=$UID&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24
https://a.tribalfusion.com/i.match?p=b26&u=1118434049445511194&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24
https://ib.adnxs.com/setuid?entity=305&code=18072662189053032986

43 B
998 B

16ms
15ms

Image
image/gif

37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=305&code=18072662189053032986

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Sep 2021 17:01:19 GMT
X-Proxy-Origin: 216.131.114.115; 216.131.114.115; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 2f43b592-b349-478a-a0ab-d1ce3bf532e2
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:19 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 261
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 692d18313ddb4d89-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://ib.adnxs.com/setuid?entity=305&code=18072662189053032986
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK spp.pl
sp.analytics.yahoo.com/ 43 B
964 B 35ms
34ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10061121&ec=gmcin

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 17:01:18 GMT
X-Content-Type-Options: nosniff
Age: 0
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Wed, 22 Sep 2021 17:01:18 GMT

GET
H/1.1

200
OK

pixel
ad.ipredictive.com/d/rt/
Redirect Chain

https://mpp.vindicosuite.com/conv/v=5;m=1;t=26223;ts=77254217
https://ad.ipredictive.com/d/rt/pixel?rtsite_id=44007&uuid=2622b0d8-2a57-4e58-91b7-02052fcc79d2&rr=1632330078

631 B
1 KB

460ms
110ms

Image
image/jpeg

52.7.3.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.ipredictive.com/d/rt/pixel?rtsite_id=44007&uuid=2622b0d8-2a57-4e58-91b7-02052fcc79d2&rr=1632330078
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.7.3.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-3-164.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 17:01:18 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 631
X-CI-RTID: b489634e-1bc6-11ec-9980-b12fefe76091
Content-Type: image/jpeg

Redirect headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:18 GMT
via: 1.1 google
server: 7c5e8a410f9751e5f6b0dbb8546eaa6a4daad487dfe1a0d22e3756a55d64160b
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, POST, TRACE, OPTIONS
p3p: CP="NOI DSP COR DEVa TAIa OUR BUS UNI NAV"
location: https://ad.ipredictive.com/d/rt/pixel?rtsite_id=44007&uuid=2622b0d8-2a57-4e58-91b7-02052fcc79d2&rr=1632330078
cache-control: no-store,no-cache,must-revalidate,post-check=0,pre-check=0
access-control-allow-headers: Content-Type
content-type: text/html;charset=ISO-8859-1
alt-svc: clear
content-length: 0
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 p-BQgmK_JYr5DWc.gif
pixel.quantserve.com/pixel/ 35 B
210 B 10ms
10ms Image
image/gif 91.228.74.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-BQgmK_JYr5DWc.gif?labels=_fp.event.GMC+In

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.189 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:18 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 p-BQgmK_JYr5DWc.gif
pixel.quantserve.com/pixel/ 35 B
210 B 10ms
9ms Image
image/gif 91.228.74.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-BQgmK_JYr5DWc.gif?labels=_fp.event.GMC+In+Q217

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.189 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:18 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel.gif
login.dotomi.com/
Redirect Chain

https://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_cid=3130&dtm_cmagic=c922de&dtm_fid=101&dtm_format=6&cli_promo_id=2&brand=gmc&optin=true&dealer_id=gmps-weeks&cdk_id=1632330077438189061
https://core.conversant.mgr.consensu.org/gdpr/iab/consent/current?rdct_url=https%3A%2F%2Flogin.dotomi.com%2Fucm%2FUCMController%3Fgdpr%3D1%26dtm_com%3D28%26dtm_cid%3D3130%26dtm_cmagic%3Dc922de%26dt...
https://login.dotomi.com/ucm/UCMController?gdpr=1&dtm_com=28&dtm_cid=3130&dtm_cmagic=c922de&dtm_fid=101&dtm_format=6&cli_promo_id=2&brand=gmc&optin=true&dealer_id=gmps-weeks&cdk_id=1632330077438189...
https://login.dotomi.com/pixel.gif

43 B
129 B

69ms
69ms

Image
image/gif

89.207.16.201
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.dotomi.com/pixel.gif
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.207.16.201 Roydon, United Kingdom, ASN41041 (VCLK-EU-SE, US),
Reverse DNS: ams04-usadmm.dotomi.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:18 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:18 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://login.dotomi.com/pixel.gif
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H/1.1 200
OK iui3
s.amazon-adsystem.com/ 43 B
932 B 301ms
104ms Image
image/gif 52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/iui3?d=3p-hbg&ex-src=gmc.com&ex-hargs=v%3D1.0%3Bc%3DGMC%3Bp%3DGMC_H

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Sep 2021 17:01:18 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 3QXD5SP1G27RP8K18RJN
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK iui3
s.amazon-adsystem.com/ 43 B
932 B 304ms
107ms Image
image/gif 52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D20ff866d-98e6-0932-c45b-ef214eceb300%26type%3D55%26m%3D1&ex-fch=416613&ex-src=www.gmc.com/&ex-hargs=v%3D1.0%3Bc%3D6455319672209%3Bp%3D20FF866D-98E6-0932-C45B-EF214ECEB300

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Sep 2021 17:01:18 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: GZVP7ETG5GXEAPWHV0KV
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK iui3
s.amazon-adsystem.com/ 43 B
932 B 299ms
106ms Image
image/gif 52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3Daf46554b-9778-e432-2167-481677381371%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.cdkglobal.com/&ex-hargs=v%3D1.0%3Bc%3D4772903830801%3Bp%3DAF46554B-9778-E432-2167-481677381371

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Sep 2021 17:01:18 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: DMQXH75ZC735V5TP1QPB
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 cdkgmc;sect8=innetwork;ord=77254217
pubads.g.doubleclick.net/activity;dc_iu=/75548861/wired.audience.pixel/ 42 B
65 B 64ms
40ms Image
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;dc_iu=/75548861/wired.audience.pixel/cdkgmc;sect8=innetwork;ord=77254217?

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p-VXAtmdTPRUjUp.gif
pixel.quantserve.com/pixel/ 35 B
390 B 9ms
9ms Image
image/gif 91.228.74.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-VXAtmdTPRUjUp.gif?labels=_fp.event.GMC+IN&r=77254217

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.189 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:18 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/
Redirect Chain

https://s.tribalfusion.com/i.cid?c=663583&d=30&page=landingPage
https://s.tribalfusion.com/z/i.cid?c=663583&d=30&page=landingPage
https://ib.adnxs.com/getuidu?https://a.tribalfusion.com/i.match?p=b26&u=$UID&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24
https://a.tribalfusion.com/i.match?p=b26&u=1118434049445511194&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24
https://ib.adnxs.com/setuid?entity=305&code=18072662189053032986

43 B
998 B

29ms
29ms

Image
image/gif

37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=305&code=18072662189053032986

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Sep 2021 17:01:19 GMT
X-Proxy-Origin: 216.131.114.115; 216.131.114.115; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 14f52c34-b5a7-494d-9d10-2255192762f3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:19 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 17
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 692d18313ddd4d89-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://ib.adnxs.com/setuid?entity=305&code=18072662189053032986
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK spp.pl
sp.analytics.yahoo.com/ 43 B
964 B 36ms
35ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10061121&ec=buickin

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 17:01:18 GMT
X-Content-Type-Options: nosniff
Age: 0
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Wed, 22 Sep 2021 17:01:18 GMT

GET
H/1.1

200
OK

pixel
ad.ipredictive.com/d/rt/
Redirect Chain

https://mpp.vindicosuite.com/conv/v=5;m=1;t=26226;ts=77254217
https://ad.ipredictive.com/d/rt/pixel?rtsite_id=44012&uuid=a8da3ce5-3c8e-47a4-a556-1ce107557240&rr=1632330082

631 B
1 KB

102ms
102ms

Image
image/jpeg

52.7.3.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.ipredictive.com/d/rt/pixel?rtsite_id=44012&uuid=a8da3ce5-3c8e-47a4-a556-1ce107557240&rr=1632330082
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.7.3.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-3-164.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 17:01:22 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 631
X-CI-RTID: b70ed5f1-1bc6-11ec-91ce-4fd15df1bfd3
Content-Type: image/jpeg

Redirect headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:22 GMT
via: 1.1 google
server: 441c888ef13a4a9910313f7562f49f87db25497a8b79daf540ab15052ce5a0d0
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, POST, TRACE, OPTIONS
p3p: CP="NOI DSP COR DEVa TAIa OUR BUS UNI NAV"
location: https://ad.ipredictive.com/d/rt/pixel?rtsite_id=44012&uuid=a8da3ce5-3c8e-47a4-a556-1ce107557240&rr=1632330082
cache-control: no-store,no-cache,must-revalidate,post-check=0,pre-check=0
access-control-allow-headers: Content-Type
content-type: text/html;charset=ISO-8859-1
alt-svc: clear
content-length: 0
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 p-BQgmK_JYr5DWc.gif
pixel.quantserve.com/pixel/ 35 B
210 B 11ms
10ms Image
image/gif 91.228.74.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-BQgmK_JYr5DWc.gif?labels=_fp.event.Buick+In

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.189 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:18 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 p-BQgmK_JYr5DWc.gif
pixel.quantserve.com/pixel/ 35 B
210 B 10ms
10ms Image
image/gif 91.228.74.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-BQgmK_JYr5DWc.gif?labels=_fp.event.Buick+In+Q217

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.189 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:18 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel.gif
login.dotomi.com/
Redirect Chain

https://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_cid=3129&dtm_cmagic=c6a014&dtm_fid=101&dtm_format=6&cli_promo_id=2&brand=buick&optin=true&dealer_id=gmps-weeks&cdk_id=1632330077438189061
https://core.conversant.mgr.consensu.org/gdpr/iab/consent/current?rdct_url=https%3A%2F%2Flogin.dotomi.com%2Fucm%2FUCMController%3Fgdpr%3D1%26dtm_com%3D28%26dtm_cid%3D3129%26dtm_cmagic%3Dc6a014%26dt...
https://login.dotomi.com/ucm/UCMController?gdpr=1&dtm_com=28&dtm_cid=3129&dtm_cmagic=c6a014&dtm_fid=101&dtm_format=6&cli_promo_id=2&brand=buick&optin=true&dealer_id=gmps-weeks&cdk_id=16323300774381...
https://login.dotomi.com/pixel.gif

43 B
129 B

13ms
12ms

Image
image/gif

89.207.16.201
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.dotomi.com/pixel.gif
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.207.16.201 Roydon, United Kingdom, ASN41041 (VCLK-EU-SE, US),
Reverse DNS: ams04-usadmm.dotomi.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:18 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:18 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://login.dotomi.com/pixel.gif
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H/1.1 200
OK iui3
s.amazon-adsystem.com/ 43 B
932 B 313ms
109ms Image
image/gif 52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/iui3?d=3p-hbg&ex-src=buick.com&ex-hargs=v%3D1.0%3Bc%3DBUICK%3Bp%3DBUICK_H

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Sep 2021 17:01:18 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 1FBZYNADT9712AV2RQJ2
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK iui3
s.amazon-adsystem.com/ 43 B
932 B 295ms
106ms Image
image/gif 52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3Da88f2728-f19c-5468-d5ff-f5db85aa29ee%26type%3D55%26m%3D1&ex-fch=416613&ex-src=www.buick.com/&ex-hargs=v%3D1.0%3Bc%3D6455319672209%3Bp%3DA88F2728-F19C-5468-D5FF-F5DB85AA29EE

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Sep 2021 17:01:18 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: E0KVB2JE906KS8KNG528
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK iui3
s.amazon-adsystem.com/ 43 B
932 B 106ms
103ms Image
image/gif 52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D28121a32-2a61-3cb6-f54c-32fd86bf3561%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.cdkglobal.com/&ex-hargs=v%3D1.0%3Bc%3D4772903830801%3Bp%3D28121A32-2A61-3CB6-F54C-32FD86BF3561

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Sep 2021 17:01:18 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 8HXRSJY5E1TEQGC6YQE1
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 cdkbuick;sect8=innetwork;ord=77254217
pubads.g.doubleclick.net/activity;dc_iu=/75548861/wired.audience.pixel/ 42 B
63 B 38ms
38ms Image
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;dc_iu=/75548861/wired.audience.pixel/cdkbuick;sect8=innetwork;ord=77254217?

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p-gxazwcayu8BeY.gif
pixel.quantserve.com/pixel/ 35 B
433 B 10ms
9ms Image
image/gif 91.228.74.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-gxazwcayu8BeY.gif?labels=_fp.event.Buick+IN&r=77254217

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.189 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:18 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

correlate
dt.cobaltgroup.com/cookiejar/1.0/
Redirect Chain

https://dpm.demdex.net/ibs:dpid=313172&dpuuid=1632330077438189061&redir=https%3A%2F%2Fdt.cobaltgroup.com%2Fcookiejar%2F1.0%2Fcorrelate%3Fformat%3Dgif%26logonly%3D1%26uidindex%3Daam%26uid%3D$%7BDD_U...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=313172&dpuuid=1632330077438189061&redir=https%3A%2F%2Fdt.cobaltgroup.com%2Fcookiejar%2F1.0%2Fcorrelate%3Fformat%3Dgif%26logonly%3D1%26uidindex%...
https://dt.cobaltgroup.com/cookiejar/1.0/correlate?format=gif&logonly=1&uidindex=aam&uid=39913003496188322513202855812034217016

43 B
556 B

171ms
170ms

Image
image/gif

54.176.104.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.cobaltgroup.com/cookiejar/1.0/correlate?format=gif&logonly=1&uidindex=aam&uid=39913003496188322513202855812034217016
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.176.104.101 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-176-104-101.us-west-1.compute.amazonaws.com
Software: CJ Service 2.0 /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:19 GMT
x-autoscale-group: x-prod-ca-asg
last-modified: Wed, 22 Sep 2021 17:01:19 GMT
server: CJ Service 2.0
p3p: CP="NOI DSP CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
content-type: image/gif
content-length: 43
expires: Tue, 19 Apr 1994 04:00:00 GMT

Redirect headers

DCS: dcs-prod-irl1-2-v017-0129d1f89.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: vVH4GFrMTEo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dt.cobaltgroup.com/cookiejar/1.0/correlate?format=gif&logonly=1&uidindex=aam&uid=39913003496188322513202855812034217016
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ 0
239 B 41ms
13ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=580120&nid=5494&put=1632330077438189061
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://us-u.openx.net/w/1.0/sd?id=540213371&val=1632330077438189061
https://us-u.openx.net/w/1.0/sd?cc=1&id=540213371&val=1632330077438189061

43 B
180 B

411ms
411ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=540213371&val=1632330077438189061
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.216.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:19 GMT
via: 1.1 google
server: OXGW/16.216.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=540213371&val=1632330077438189061
date: Wed, 22 Sep 2021 17:01:19 GMT
via: 1.1 google
server: OXGW/16.216.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

correlate
dt.admission.net/cookiejar/1.0/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cobalt_group_adp&google_hm=MTYzMjMzMDA3NzQzODE4OTA2MQ
https://dt.admission.net/cookiejar/1.0/correlate?format=gif&uidindex=goo&uid=

43 B
451 B

166ms
166ms

Image
image/gif

54.176.104.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.admission.net/cookiejar/1.0/correlate?format=gif&uidindex=goo&uid=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.176.104.101 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-176-104-101.us-west-1.compute.amazonaws.com
Software: CJ Service 2.0 /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:18 GMT
x-autoscale-group: x-prod-ca-asg
last-modified: Wed, 22 Sep 2021 17:01:18 GMT
server: CJ Service 2.0
p3p: CP="NOI DSP CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
content-type: image/gif
content-length: 43
expires: Tue, 19 Apr 1994 04:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dt.admission.net/cookiejar/1.0/correlate?format=gif&uidindex=goo&uid=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 282
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 403
Forbidden carnow_plugin.js
app.carnow.com/dealers/ 0
0 494ms
132ms Script
text/html 3.92.250.172
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://app.carnow.com/dealers/carnow_plugin.js?key=gmps-weeks
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/partner-packages/partner-packages-1.0.2874/baselDeploy/basel.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.92.250.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-92-250-172.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H/1.1 200
OK hp_wid_js.php Show response
media.flickfusion.net/widget/ 11 KB
11 KB 772ms
249ms Script
application/javascript 98.129.164.22
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://media.flickfusion.net/widget/hp_wid_js.php
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/partner-packages/partner-packages-1.0.2874/baselDeploy/basel.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 98.129.164.22 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Microsoft-IIS/7.5 / PHP/5.6.27, ASP.NET
Resource Hash: 632acf755faa3f748bcfba22204efb2f5ec5bb7c545f899b23585580607f305b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 17:01:13 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: PHP/5.6.27, ASP.NET
Content-Length: 11036
Content-Type: application/javascript

GET
BLOB 200
OK 56a33ed9-8a0e-47a5-a803-0924f87030a8
https://www.gregweeks.com/ 9 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.gregweeks.com/56a33ed9-8a0e-47a5-a803-0924f87030a8
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c48aeb5fd15a7c40c8e367d1ac76ffab5c51e2279b3e2a162c0181dd03f47586

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length: 9141

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 15ms
7ms Image
image/gif 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=644621039655564&ev=PageView&dl=https%3A%2F%2Fwww.gregweeks.com%2F&rl=&if=false&ts=1632330078175&sw=1600&sh=1200&v=2.9.46&r=stable&ec=0&o=30&fbp=fb.1.1632330077746.726864890&it=1632330077376&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:18 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 22 Sep 2021 17:01:18 GMT

GET
H2 200 launch-ENa596b27c3ae9499e9217a9f181c0cb56.min.js Show response
assets.adobedtm.com/ 227 KB
71 KB 818ms
200ms Script
application/x-javascript 104.91.76.237
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-ENa596b27c3ae9499e9217a9f181c0cb56.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBGB6LV
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.91.76.237 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-91-76-237.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 352eeb469764e58c4b87d168bc9c9fe4fd33c3e2ce387e7aacfa4194ce214a95

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:19 GMT
content-encoding: gzip
last-modified: Thu, 05 Aug 2021 23:34:55 GMT
server: AkamaiNetStorage
etag: "cbec75bd377d3142e85ac7625265fdfe:1628206495.875493"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.gregweeks.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 72164
expires: Wed, 22 Sep 2021 18:01:19 GMT

GET
H2 200 dealerDataPartial.php Show response
tm.smedia.ca/APIs/v1/ 9 KB
10 KB 1178ms
1161ms XHR
application/json 65.9.71.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.smedia.ca/APIs/v1/dealerDataPartial.php?url=www.gregweeks.com
Requested by: Host: tm.smedia.ca
URL: https://tm.smedia.ca/analytics/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache / PHP/7.2.34
Resource Hash: cb81499e430396e82806bdc56e05b0b3cdb2c75603c4ba5146d9a6127a4a77b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:18 GMT
via: 1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA56-C1
x-powered-by: PHP/7.2.34
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amz-cf-id: f0C_CXuQs6uP5cIpslwyPe9ZydSlKpATysQtBA14px2T__RIJvIjmA==

GET
H2 200 pageDataFull.php Show response
tm.smedia.ca/APIs/v1/ 443 B
729 B 321ms
305ms XHR
application/json 65.9.71.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.smedia.ca/APIs/v1/pageDataFull.php?url=https%3A%2F%2Fwww.gregweeks.com%2F
Requested by: Host: tm.smedia.ca
URL: https://tm.smedia.ca/analytics/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache / PHP/7.2.34
Resource Hash: 31ae04e7bd8cd97a625e52e072bdbeac56f95536c58b32124deb08b07b5470a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:18 GMT
via: 1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA56-C1
x-powered-by: PHP/7.2.34
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amz-cf-id: yskxk6LO3baCHz9YqCnaiFXRMg3VVKRfK1OMwSuqSDzRMfB3anpWyw==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 56ms
34ms Image
image/gif 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-111806281-27&cid=786439804.1632330078&jid=1311014955&_u=YEDAAUABAAAAAC~&z=227031105

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 31ms
31ms Image
image/gif 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-111031593-1&cid=786439804.1632330078&jid=998933553&_u=YEDAAUABAAAAAC~&z=1654825662

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/780419323/ 42 B
108 B 21ms
21ms Image
image/gif 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/780419323/?random=1632330077629&cv=9&fst=1632330000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9k0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.gregweeks.com%2F&tiba=New%20%26%20Used%20Cars%20for%20Sale%20-%20Weeks%20Is%20Your%20Chevy%20Buick%20GMC%20Dealer%20In%20West%20Frankfort%2C%20Illinois.%20Right%20on%20the%20Price%2C%20Right%20Off%20I-57&async=1&fmt=3&is_vtc=1&random=1090542810&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1042608535/ 42 B
569 B 19ms
18ms Image
image/gif 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1042608535/?random=1632330078129&cv=9&fst=1632330000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9k0&sendb=1&frm=0&url=https%3A%2F%2Fwww.gregweeks.com%2F&tiba=New%20%26%20Used%20Cars%20for%20Sale%20-%20Weeks%20Is%20Your%20Chevy%20Buick%20GMC%20Dealer%20In%20West%20Frankfort%2C%20Illinois.%20Right%20on%20the%20Price%2C%20Right%20Off%20I-57&async=1&fmt=3&is_vtc=1&random=2322111294&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 18001589.js Show response
bat.bing.com/p/action/ 0
128 B 171ms
170ms Script
text/plain 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/18001589.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: a-0001.a-msedge.net
Software: / ARR/3.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 22 Sep 2021 17:01:17 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: 92C0EEA8EFB244BF9981AD6927A4697F Ref B: PRG01EDGE1013 Ref C: 2021-09-22T17:01:18Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
150 B 50ms
49ms Image
text/plain 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=18001589&tm=gtm002&Ver=2&mid=62cd788a-9be6-4fec-a8d0-0ec3de31728a&sid=b42d89501bc611ecbd207b67b728b7bf&vid=b42dbfc01bc611ecb6ce2f8e413b1942&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=New%20%26%20Used%20Cars%20for%20Sale%20-%20Weeks%20Is%20Your%20Chevy%20Buick%20GMC%20Dealer%20In%20West%20Frankfort,%20Illinois.%20Right%20on%20the%20Price,%20Right%20Off%20I-57&kw=Weeks%20Chevrolet%20Buick%20GMC,%20Weeks%20Chevrolet%20Buick%20GMC%20WEST%20FRANKFORT,%20%20Buick%20WEST%20FRANKFORT,%20%20GMC%20WEST%20FRANKFORT,%20%20Chevrolet%20WEST%20FRANKFORT,%20%20Buick%20WEST%20FRANKFORT%20IL,%20%20GMC%20WEST%20FRANKFORT%20IL,%20%20Chevrolet%20WEST%20FRANKFORT%20IL,%20Buick%20WEST%20FRANKFORT,%20GMC%20WEST%20FRANKFORT,%20Chevrolet%20WEST%20FRANKFORT,%20Carbondale%20Buick,%20Carbondale%20GMC,%20Carbondale%20Chevrolet,%20Marion%20Buick,%20Marion%20GMC,%20Marion%20Chevrolet,%20Rental.%20West%20Frankfort%20Rental,%20Rent%20From%20us,%20Weeks%20Rental,%20Weeks%20Service%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20&p=https%3A%2F%2Fwww.gregweeks.com%2F&r=&lt=3156&evt=pageLoad&msclkid=N&sv=1&rn=125216
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: a-0001.a-msedge.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 22 Sep 2021 17:01:17 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 50F8568C7ACD4856846218DFE7253038 Ref B: PRG01EDGE1013 Ref C: 2021-09-22T17:01:18Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pageview.min.js Show response
pageview.activengage.com/js/
Redirect Chain

https://go.activengage.com/1.js
https://pageview.activengage.com/js/pageview.min.js

75 KB
21 KB

79ms
25ms

Script
application/javascript

104.18.12.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pageview.activengage.com/js/pageview.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.12.120 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99ff1eb22dde2132e0b18a910d8941c6d1660adf92ec52dc6aa3734a185b8fb4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 30 Aug 2021 21:19:57 GMT
server: cloudflare
age: 6537
etag: W/"612d4b7d-12c44"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
x-envoy-upstream-service-time: 1
cf-ray: 692d18318aa32bce-FRA
expires: Wed, 22 Sep 2021 15:48:21 GMT

Redirect headers

date: Wed, 22 Sep 2021 17:01:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
location: https://pageview.activengage.com/js/pageview.min.js
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 692d1830a92b2bce-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
BLOB 200
OK d299bf32-7631-494f-ac86-663a8e688f02
https://www.gregweeks.com/ 9 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.gregweeks.com/d299bf32-7631-494f-ac86-663a8e688f02
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c48aeb5fd15a7c40c8e367d1ac76ffab5c51e2279b3e2a162c0181dd03f47586

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length: 9141

GET
H2 200 en.build.json Show response
cdn.acsbapp.com/cache/app/ 202 KB
20 KB 88ms
88ms Fetch
application/json 206.189.187.108
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.acsbapp.com/cache/app/en.build.json
Requested by: Host: acsbapp.com
URL: https://acsbapp.com/apps/app/assets/js/acsb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 206.189.187.108 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: cdn103.acsbapp.com
Software: /
Resource Hash: 4ec274161f692fb658c3b607017d4eac73b93646c7a43a12412b28bca0000683

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:18 GMT
content-encoding: br
last-modified: Mon, 20 Sep 2021 21:32:03 GMT
etag: "32729-6148fdd3-899a5d9cba6f9c54;br"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=432000 public
accept-ranges: bytes
access-control-allow-headers: *
content-length: 20205
expires: Thu, 23 Sep 2021 17:01:18 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame E2D7 0
15 B 9ms
6ms Document
text/plain 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: POST
:authority: www.facebook.com
:scheme: https
:path: /tr/
content-length: 31312
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://www.gregweeks.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gregweeks.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Origin: https://www.gregweeks.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.gregweeks.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
date: Wed, 22 Sep 2021 17:01:18 GMT

GET
H3 200 kQNIxcpqoFU.css
www.facebook.com/rsrc.php/v3/yb/l/0,cross/ Frame 6AB4 26 KB
6 KB 7ms
7ms Stylesheet
text/css 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yb/l/0,cross/kQNIxcpqoFU.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v10.0/plugins/customerchat.php?app_id=&attribution=install_email&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df813eb2ae70e1c%26domain%3Dwww.gregweeks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.gregweeks.com%252Ff28c8e3a66a6048%26relation%3Dparent.parent&container_width=0&current_url=https%3A%2F%2Fwww.gregweeks.com%2F&locale=en_US&page_id=105871152774563&request_time=1632330077676&sdk=joey

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

Resource Hash

37e2f171dfa990138aa13b6f22d3682604ef01254bdebf4324d2d9ce09df9daa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v10.0/plugins/customerchat.php?app_id=&attribution=install_email&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df813eb2ae70e1c%26domain%3Dwww.gregweeks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.gregweeks.com%252Ff28c8e3a66a6048%26relation%3Dparent.parent&container_width=0&current_url=https%3A%2F%2Fwww.gregweeks.com%2F&locale=en_US&page_id=105871152774563&request_time=1632330077676&sdk=joey
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 13:59:24 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: LV7vmqaHhGUVGz5ABpipow==
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
cross-origin-resource-policy: cross-origin
content-length: 5994
x-fb-rlafr: 0
x-fb-debug: gYvyEAOIffnXnMP7jLXaEJuXZrhCvhTauySWnmq1K/udo+hPOIOvzDjcsRufC3/51kBWUi6LlD+dgJNe2cN9Cw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 22 Sep 2022 13:59:24 GMT

GET
H3 200 FPdNN1TK3wJ.css
www.facebook.com/rsrc.php/v3/yF/l/0,cross/ Frame 6AB4 2 KB
867 B 8ms
7ms Stylesheet
text/css 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yF/l/0,cross/FPdNN1TK3wJ.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

Resource Hash

a33a18d3ade364ae94fdc88f786c869ff8b45cae9bf98f2e2a16dd1459d98cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v10.0/plugins/customerchat.php?app_id=&attribution=install_email&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df813eb2ae70e1c%26domain%3Dwww.gregweeks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.gregweeks.com%252Ff28c8e3a66a6048%26relation%3Dparent.parent&container_width=0&current_url=https%3A%2F%2Fwww.gregweeks.com%2F&locale=en_US&page_id=105871152774563&request_time=1632330077676&sdk=joey
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 15:19:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: qki4Wy05mlz5CwH9oqDKag==
cross-origin-resource-policy: cross-origin
content-length: 815
x-fb-rlafr: 0
x-fb-debug: S5dVg9d0HZs6+4xYkzc7emxZkaFClYLNOXRW+WkOAPxxFY0XZ97PQg87Gqs5LVc+EzBclmOinitOYMlLx3spvg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 20 Sep 2022 15:19:43 GMT

GET
H3 200 -Uwpe017HDy.js Show response
www.facebook.com/rsrc.php/v3/yy/r/ Frame 6AB4 300 KB
81 KB 8ms
8ms Script
application/x-javascript 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yy/r/-Uwpe017HDy.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

Resource Hash

49112c117865ae352bab61ac86026100b33a9b8d8fe83a69e4dc7a75262e664e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v10.0/plugins/customerchat.php?app_id=&attribution=install_email&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df813eb2ae70e1c%26domain%3Dwww.gregweeks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.gregweeks.com%252Ff28c8e3a66a6048%26relation%3Dparent.parent&container_width=0&current_url=https%3A%2F%2Fwww.gregweeks.com%2F&locale=en_US&page_id=105871152774563&request_time=1632330077676&sdk=joey
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 00:34:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: dL2S5xqdLnDUgHMavUou8w==
cross-origin-resource-policy: cross-origin
content-length: 83231
x-fb-rlafr: 0
x-fb-debug: Q1Ab0iF85KPZ9pKnQdpdwPNkqHaoN3RS+oSt4oQIaol03/KAFKoKE2XJqO2FlJOtDbOFILMX5zoLApE72By3pQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 22 Sep 2022 00:34:13 GMT

GET
H3 200 GG1Y0sYc7My.js Show response
www.facebook.com/rsrc.php/v3/yv/r/ Frame 6AB4 5 KB
2 KB 12ms
11ms Script
application/x-javascript 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

Resource Hash

39685db80e880ec9e59c22115c5bcbf76586a95bf618a714d61fc0e5f271fe77

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v10.0/plugins/customerchat.php?app_id=&attribution=install_email&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df813eb2ae70e1c%26domain%3Dwww.gregweeks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.gregweeks.com%252Ff28c8e3a66a6048%26relation%3Dparent.parent&container_width=0&current_url=https%3A%2F%2Fwww.gregweeks.com%2F&locale=en_US&page_id=105871152774563&request_time=1632330077676&sdk=joey
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 05:50:54 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: kw22OIA6eDgOltzbJdNVmQ==
cross-origin-resource-policy: cross-origin
content-length: 1640
x-fb-rlafr: 0
x-fb-debug: /cq9GEVfu+xxwhVaEWM+qjW92NmnmCqJJHGUUXEKOjvt0IQ535RLdPnUkF0u9xkhgTsUpom4pHilLhMUraIMyA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 19 Sep 2022 05:50:54 GMT

GET
H3 200 5IUqmPEqVXe.js Show response
www.facebook.com/rsrc.php/v3/yw/r/ Frame 6AB4 65 KB
20 KB 12ms
11ms Script
application/x-javascript 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yw/r/5IUqmPEqVXe.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

Resource Hash

e7aa6b0f0e41040b29a7bbde77aa295d13be95ff684ed1040bb9e36b9e649d26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v10.0/plugins/customerchat.php?app_id=&attribution=install_email&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df813eb2ae70e1c%26domain%3Dwww.gregweeks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.gregweeks.com%252Ff28c8e3a66a6048%26relation%3Dparent.parent&container_width=0&current_url=https%3A%2F%2Fwww.gregweeks.com%2F&locale=en_US&page_id=105871152774563&request_time=1632330077676&sdk=joey
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 18:21:14 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: kBdGwq+a9zU/cIQ4fSYPnA==
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.facebook.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy: cross-origin
content-length: 20515
x-fb-rlafr: 0
x-fb-debug: IsDlEoVoYkQqMCsCf3Q0FdM2GAn+2nejxRsKw78YHjv5noyQs4j+vTvy9nMDlOVsbywWf8DBp8kBGjWaDy6xsw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 21 Sep 2022 18:21:14 GMT

GET
H3 200 LaSaGFy1cqz.js Show response
www.facebook.com/rsrc.php/v3iEpO4/yk/l/en_US/ Frame 6AB4 126 KB
35 KB 12ms
12ms Script
application/x-javascript 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iEpO4/yk/l/en_US/LaSaGFy1cqz.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

Resource Hash

6aa40d95ce6aec657a94a1a1cc96404308b573ce189a91f13266f304bdec484b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v10.0/plugins/customerchat.php?app_id=&attribution=install_email&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df813eb2ae70e1c%26domain%3Dwww.gregweeks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.gregweeks.com%252Ff28c8e3a66a6048%26relation%3Dparent.parent&container_width=0&current_url=https%3A%2F%2Fwww.gregweeks.com%2F&locale=en_US&page_id=105871152774563&request_time=1632330077676&sdk=joey
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 15:07:01 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 14MXO6Me+nzpT1RB2KPlCw==
cross-origin-resource-policy: cross-origin
content-length: 35830
x-fb-rlafr: 0
x-fb-debug: 6Mk+rAmz/D0XKoc7A5uFVkx/xwgOGd3OEcEsB3HtJaxhRxpsxQ2kcR2v17SskqVJKa+HwLKFH/M+LluP4HyrnQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 18 Sep 2022 15:07:01 GMT

GET
H2 200 InviteTriggers Show response
api.iperceptions.com/ 241 B
305 B 60ms
59ms XHR
application/json 52.138.200.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.iperceptions.com/InviteTriggers
Requested by: Host: universal.iperceptions.com
URL: https://universal.iperceptions.com/wrapper.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.138.200.61 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5e21cbac6db33e69b8eb0a41d666b0fb72a3d3e03395f2aa0f96ae7e4636cc4a

Request headers

Referer: https://www.gregweeks.com/
Accept-Language: de-DE,de;q=0.9
SecurityToken: af185a2d-67f3-475b-86c7-fb0b0148fac4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:18 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
content-length: 241
expires: -1

GET
H3 200 UL9AxhGrrCI.js Show response
www.facebook.com/rsrc.php/v3/yB/r/ Frame 6AB4 18 KB
6 KB 7ms
7ms Script
application/x-javascript 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yB/r/UL9AxhGrrCI.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yy/r/-Uwpe017HDy.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

Resource Hash

e08a4d0be4f20b3fc5e1c59ae29731a3f2d03abac992e3be1b4a1bf1ae0ed4fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v10.0/plugins/customerchat.php?app_id=&attribution=install_email&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df813eb2ae70e1c%26domain%3Dwww.gregweeks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.gregweeks.com%252Ff28c8e3a66a6048%26relation%3Dparent.parent&container_width=0&current_url=https%3A%2F%2Fwww.gregweeks.com%2F&locale=en_US&page_id=105871152774563&request_time=1632330077676&sdk=joey
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 15:07:01 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: ozxnsGEO6qp4GZOC727j8A==
cross-origin-resource-policy: cross-origin
content-length: 5983
x-fb-rlafr: 0
x-fb-debug: JxjrqBrprk6+tflo8gHXQpNw9ziEospL04oI6mv9uCAKLH9/3ygh/tA2Kv1ovPT610BBUhF+QfKNNcyvd1GvkA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 18 Sep 2022 15:07:01 GMT

GET
H3 200 cN-N4Eu_deZ.js Show response
www.facebook.com/rsrc.php/v3/yv/r/ Frame 6AB4 7 KB
2 KB 8ms
8ms Script
application/x-javascript 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yv/r/cN-N4Eu_deZ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yy/r/-Uwpe017HDy.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

Resource Hash

095eceabca5358699a8efc64f4e44b27576d45c2ab864f1f50c3401676f9a827

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v10.0/plugins/customerchat.php?app_id=&attribution=install_email&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df813eb2ae70e1c%26domain%3Dwww.gregweeks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.gregweeks.com%252Ff28c8e3a66a6048%26relation%3Dparent.parent&container_width=0&current_url=https%3A%2F%2Fwww.gregweeks.com%2F&locale=en_US&page_id=105871152774563&request_time=1632330077676&sdk=joey
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:07:59 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: XkHzn1WHKMxOAJmWI3FJ7A==
content-security-policy-report-only: default-src data: blob: 'self';script-src *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline';connect-src *.fbcdn.net attachment.fbsbx.com blob: 'self';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy: cross-origin
content-length: 2277
x-fb-rlafr: 0
x-fb-debug: dU7udLzo1R3zC4NHDp1fkfVJBHM5k4z5W6f33Y0eLOGWgG4sdG0BHILnz2wNVt9u3Phc/kZVSvkIPEhmlvFLQQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 14 Sep 2022 05:07:59 GMT

GET
H3 200 XbnCqHWlvfV.js Show response
www.facebook.com/rsrc.php/v3/yY/r/ Frame 6AB4 14 KB
5 KB 8ms
7ms Script
application/x-javascript 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yY/r/XbnCqHWlvfV.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yy/r/-Uwpe017HDy.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

Resource Hash

774f9fbe7d97d109d82d48f252370b5646ce108ee730d4cde0eaa7b3596c4ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v10.0/plugins/customerchat.php?app_id=&attribution=install_email&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df813eb2ae70e1c%26domain%3Dwww.gregweeks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.gregweeks.com%252Ff28c8e3a66a6048%26relation%3Dparent.parent&container_width=0&current_url=https%3A%2F%2Fwww.gregweeks.com%2F&locale=en_US&page_id=105871152774563&request_time=1632330077676&sdk=joey
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 05:50:55 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: sss2jGeA5fiCohm9wyk50w==
cross-origin-resource-policy: cross-origin
content-length: 4846
x-fb-rlafr: 0
x-fb-debug: rpjAGNWQWpLdBtTSfTl2agu+mSV5WrZGFz+m1ebNzD71lG9aB2FmxOSwmOgCfFT5cV/SRcG89GNuf1VOUrXX+A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 19 Sep 2022 05:50:55 GMT

GET
H3 200 Ebj5sRvj5WB.js Show response
www.facebook.com/rsrc.php/v3idVx4/yC/l/en_US/ Frame 6AB4 806 KB
181 KB 9ms
8ms Script
application/x-javascript 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3idVx4/yC/l/en_US/Ebj5sRvj5WB.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yy/r/-Uwpe017HDy.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

Resource Hash

7115070ed28ba69522d2dcdcb3c39fbb06cb8ec5781a1cdfcfe101b677fb4f83

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v10.0/plugins/customerchat.php?app_id=&attribution=install_email&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df813eb2ae70e1c%26domain%3Dwww.gregweeks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.gregweeks.com%252Ff28c8e3a66a6048%26relation%3Dparent.parent&container_width=0&current_url=https%3A%2F%2Fwww.gregweeks.com%2F&locale=en_US&page_id=105871152774563&request_time=1632330077676&sdk=joey
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 01:36:05 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: QeLtDMbiR876I0q6gnqcAw==
cross-origin-resource-policy: cross-origin
content-length: 185466
x-fb-rlafr: 0
x-fb-debug: AUPAf4z1Khw3yV8iyRAad3patgotKqfjk2FvzZ3ZMTPorOnVoaBsBs/3NIIUUbex8hbJY4NgpmygsczGD1Fm2w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 22 Sep 2022 01:36:05 GMT

GET
H3 200 bwPaz112Ad7.js Show response
www.facebook.com/rsrc.php/v3/yh/r/ Frame 6AB4 79 KB
21 KB 11ms
10ms Script
application/x-javascript 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yh/r/bwPaz112Ad7.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yy/r/-Uwpe017HDy.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

Resource Hash

59feb0e09ac127647aa564626b17838582073c84922dbaebe6b4317d09938990

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v10.0/plugins/customerchat.php?app_id=&attribution=install_email&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df813eb2ae70e1c%26domain%3Dwww.gregweeks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.gregweeks.com%252Ff28c8e3a66a6048%26relation%3Dparent.parent&container_width=0&current_url=https%3A%2F%2Fwww.gregweeks.com%2F&locale=en_US&page_id=105871152774563&request_time=1632330077676&sdk=joey
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 15:13:45 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: yjVpC63qSUH6NBxnSfYZow==
cross-origin-resource-policy: cross-origin
content-length: 21390
x-fb-rlafr: 0
x-fb-debug: fev2ZALZLUxo0Qxg1h9tHbn10CIZkvoxrOPrVqin9CDJJ1IBgPI24TBSjTmhQwcPHpVpE28NqeTzXWdz+yLzyg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 18 Sep 2022 15:13:45 GMT

GET
H3 200 GzT8vanoxcJ.js Show response
www.facebook.com/rsrc.php/v3/yK/r/ Frame 6AB4 285 KB
64 KB 12ms
10ms Script
application/x-javascript 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yK/r/GzT8vanoxcJ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yy/r/-Uwpe017HDy.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

Resource Hash

f3cadec4d6c071a96bbcab0fbd4329ebddcf6a86d6fbe88a730ec3e544288a50

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v10.0/plugins/customerchat.php?app_id=&attribution=install_email&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df813eb2ae70e1c%26domain%3Dwww.gregweeks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.gregweeks.com%252Ff28c8e3a66a6048%26relation%3Dparent.parent&container_width=0&current_url=https%3A%2F%2Fwww.gregweeks.com%2F&locale=en_US&page_id=105871152774563&request_time=1632330077676&sdk=joey
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 20:09:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 6odFgKWy5b5Cso3FmT3Giw==
cross-origin-resource-policy: cross-origin
content-length: 65592
x-fb-rlafr: 0
x-fb-debug: c7eNrJJ55B+YX9wE+XqoldORsq9bEBmaVA/UxULNSR1cmYvIkGf/UvfmbSIJRiv5eszC8tQTVTvcOFCUJBwkWA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 21 Sep 2022 20:09:11 GMT

GET
H3 200 zp8vpfiVhIQ.js Show response
www.facebook.com/rsrc.php/v3/yF/r/ Frame 6AB4 16 KB
5 KB 12ms
10ms Script
application/x-javascript 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yF/r/zp8vpfiVhIQ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yy/r/-Uwpe017HDy.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

Resource Hash

5369f37fbe9e4dcc7d43b5a8a857fc6b52f2faf62fe6ec98afcd23848c20347e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v10.0/plugins/customerchat.php?app_id=&attribution=install_email&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df813eb2ae70e1c%26domain%3Dwww.gregweeks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.gregweeks.com%252Ff28c8e3a66a6048%26relation%3Dparent.parent&container_width=0&current_url=https%3A%2F%2Fwww.gregweeks.com%2F&locale=en_US&page_id=105871152774563&request_time=1632330077676&sdk=joey
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 18:21:38 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: eq5jx75CpGw1YojNYLD5iQ==
cross-origin-resource-policy: cross-origin
content-length: 5462
x-fb-rlafr: 0
x-fb-debug: C2RG4fTv8y2smO5LQauSJtYvN9Z4bb23uOS8YTMO9hXNn88gUN0LFRkMNrY+BJ2gF5Dhy4nKGdV1rWDj3ZVhMQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 21 Sep 2022 18:21:38 GMT

GET
H3 200 rTI5uu6VSyv.js Show response
www.facebook.com/rsrc.php/v3/yH/r/ Frame 6AB4 5 KB
2 KB 13ms
11ms Script
application/x-javascript 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yH/r/rTI5uu6VSyv.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yy/r/-Uwpe017HDy.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

Resource Hash

1923805a44d1944281dfbbeb7cb956c1efe2f55f968bb61fd93ae1c9612d721f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v10.0/plugins/customerchat.php?app_id=&attribution=install_email&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df813eb2ae70e1c%26domain%3Dwww.gregweeks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.gregweeks.com%252Ff28c8e3a66a6048%26relation%3Dparent.parent&container_width=0&current_url=https%3A%2F%2Fwww.gregweeks.com%2F&locale=en_US&page_id=105871152774563&request_time=1632330077676&sdk=joey
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 18:21:38 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 8Ap7dUiQzGnsB+7O9Uq3qw==
cross-origin-resource-policy: cross-origin
content-length: 1743
x-fb-rlafr: 0
x-fb-debug: ISA8sepV39rcexGB5WpImpj3IN23WTrdbsitrKleFAODr8qZ5JaGxlo5ImIlo+44TvqXqSovJEeTH1BNiYsLyA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 21 Sep 2022 18:21:38 GMT

GET
H3 200 Hpv0yogNBuK.js Show response
www.facebook.com/rsrc.php/v3icSI4/y5/l/en_US/ Frame 6AB4 614 KB
124 KB 15ms
13ms Script
application/x-javascript 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3icSI4/y5/l/en_US/Hpv0yogNBuK.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yy/r/-Uwpe017HDy.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

Resource Hash

62dc053c78b5830c18a40c039f163f7f9385dbc97a7c5ad675b7fd32c3243bd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v10.0/plugins/customerchat.php?app_id=&attribution=install_email&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df813eb2ae70e1c%26domain%3Dwww.gregweeks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.gregweeks.com%252Ff28c8e3a66a6048%26relation%3Dparent.parent&container_width=0&current_url=https%3A%2F%2Fwww.gregweeks.com%2F&locale=en_US&page_id=105871152774563&request_time=1632330077676&sdk=joey
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 03:55:40 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 2ubGa623tPBB6IrVcKTsPA==
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
cross-origin-resource-policy: cross-origin
content-length: 127167
x-fb-rlafr: 0
x-fb-debug: hEJk6SqKGMwVaJHmYQ+iKXe6qZjhLZAvouUFRqbVBoUvsOXQ/xfNuqxH8qswmxecn8XEBRh5xuM1RsZBJDpXbw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 22 Sep 2022 03:55:40 GMT

GET
H3 200 aB3FITMVbfJ.js Show response
www.facebook.com/rsrc.php/v3/y4/r/ Frame 6AB4 95 KB
26 KB 13ms
11ms Script
application/x-javascript 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y4/r/aB3FITMVbfJ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yy/r/-Uwpe017HDy.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

Resource Hash

62c6651e95b797e7856e126c0e3db49e24f50431dc4c4880222b8adc3551b78f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v10.0/plugins/customerchat.php?app_id=&attribution=install_email&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df813eb2ae70e1c%26domain%3Dwww.gregweeks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.gregweeks.com%252Ff28c8e3a66a6048%26relation%3Dparent.parent&container_width=0&current_url=https%3A%2F%2Fwww.gregweeks.com%2F&locale=en_US&page_id=105871152774563&request_time=1632330077676&sdk=joey
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 15:07:08 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: lzd22PM9s8MQSjaNz1zghQ==
cross-origin-resource-policy: cross-origin
content-length: 26780
x-fb-rlafr: 0
x-fb-debug: EqfeXRKiKpRLcMSnVSk5B09XwPiwvgiPTBoFUc3k3oULn/AwHzo+Oz0MzxmFt1GXRIE1SfKVK+mP5U9GpsyYyA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 18 Sep 2022 15:07:08 GMT

GET
H3 200 szR8HlQAhZc.js Show response
www.facebook.com/rsrc.php/v3iEBX4/yY/l/en_US/ Frame 6AB4 46 KB
14 KB 16ms
14ms Script
application/x-javascript 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iEBX4/yY/l/en_US/szR8HlQAhZc.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yy/r/-Uwpe017HDy.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

Resource Hash

755cacbb57bc35fed7f8fbdc0cf01921d566f8883952c7aa49a028186fe97cec

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v10.0/plugins/customerchat.php?app_id=&attribution=install_email&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df813eb2ae70e1c%26domain%3Dwww.gregweeks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.gregweeks.com%252Ff28c8e3a66a6048%26relation%3Dparent.parent&container_width=0&current_url=https%3A%2F%2Fwww.gregweeks.com%2F&locale=en_US&page_id=105871152774563&request_time=1632330077676&sdk=joey
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 15:07:01 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 1ykOv0+c2xDxVNVNShYtcw==
cross-origin-resource-policy: cross-origin
content-length: 13896
x-fb-rlafr: 0
x-fb-debug: Hr7QuxdkLJt8AWmmJI31a6PNxwXZcwKkdWmlHKa4TeRyF/+moChoSR+E9j/cuxxrXaoO9NEDIJHzfSB7RdOKVg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 18 Sep 2022 15:07:01 GMT

GET
H3 200 ZKtygEhiNBd.js Show response
www.facebook.com/rsrc.php/v3/y9/r/ Frame 6AB4 361 KB
77 KB 17ms
15ms Script
application/x-javascript 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y9/r/ZKtygEhiNBd.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yy/r/-Uwpe017HDy.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

Resource Hash

e16ad3fdd8457a653bafae84d11bb3e0c023e7d7d43423842267232fba75946a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v10.0/plugins/customerchat.php?app_id=&attribution=install_email&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df813eb2ae70e1c%26domain%3Dwww.gregweeks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.gregweeks.com%252Ff28c8e3a66a6048%26relation%3Dparent.parent&container_width=0&current_url=https%3A%2F%2Fwww.gregweeks.com%2F&locale=en_US&page_id=105871152774563&request_time=1632330077676&sdk=joey
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 18:21:38 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: okP+TnH5I8PU8Yk39QtYJQ==
cross-origin-resource-policy: cross-origin
content-length: 78873
x-fb-rlafr: 0
x-fb-debug: IpYSvm/KIbXiDyVjKUJ3HNGTflbzn+NTuMt3n4j9yrsqH7onllg9sRh5chkp8OFk5wYlgncQ5iFRSuwzTRljUw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 21 Sep 2022 18:21:38 GMT

GET
H3 200 VRzSVH5iU-V.js Show response
www.facebook.com/rsrc.php/v3/ye/r/ Frame 6AB4 8 KB
2 KB 17ms
15ms Script
application/x-javascript 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/ye/r/VRzSVH5iU-V.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yy/r/-Uwpe017HDy.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

Resource Hash

af3903db50a67f20683404e58394179910de4cf09b4afb28daa5cfaf6d48769c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v10.0/plugins/customerchat.php?app_id=&attribution=install_email&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df813eb2ae70e1c%26domain%3Dwww.gregweeks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.gregweeks.com%252Ff28c8e3a66a6048%26relation%3Dparent.parent&container_width=0&current_url=https%3A%2F%2Fwww.gregweeks.com%2F&locale=en_US&page_id=105871152774563&request_time=1632330077676&sdk=joey
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 15:13:30 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: xP9c/D1lFTvbdouj8XbBew==
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy: cross-origin
content-length: 2065
x-fb-rlafr: 0
x-fb-debug: RrI7IOLhk/vZMFyTdpK/CRJEyh8CKpAeDJ/c8F7oo4BA+XbFIR2MCt+4PRRKvKlQsE7GVwXUrVe3NwBBZtWpOg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 20 Sep 2022 15:13:30 GMT

GET
H3 200 dmhkSZLSJ02.js Show response
www.facebook.com/rsrc.php/v3iLl54/yY/l/en_US/ Frame 6AB4 24 KB
7 KB 18ms
15ms Script
application/x-javascript 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iLl54/yY/l/en_US/dmhkSZLSJ02.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yy/r/-Uwpe017HDy.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

Resource Hash

9280b7cce969aca0ef1cb83103763716bfe080c80317c6dbcf85c972d132d349

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v10.0/plugins/customerchat.php?app_id=&attribution=install_email&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df813eb2ae70e1c%26domain%3Dwww.gregweeks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.gregweeks.com%252Ff28c8e3a66a6048%26relation%3Dparent.parent&container_width=0&current_url=https%3A%2F%2Fwww.gregweeks.com%2F&locale=en_US&page_id=105871152774563&request_time=1632330077676&sdk=joey
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 07:12:58 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 59aD13hIV1CNcH+PLH9/Ag==
content-security-policy-report-only: default-src data: blob: 'self';script-src *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline';connect-src *.fbcdn.net attachment.fbsbx.com blob: 'self';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy: cross-origin
content-length: 7340
x-fb-rlafr: 0
x-fb-debug: FB2JvZh+IFa1Nv/bKQXoqOKrwkFeTO/DZ8lrslZ1V/biQFqs0n1MHpLs4uNQTp3phQexvHFtxhl2heWcwQlUFg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 14 Sep 2022 07:12:58 GMT

GET
H3 200 MaKYlkVNo0w.js Show response
www.facebook.com/rsrc.php/v3iwcW4/yv/l/en_US/ Frame 6AB4 87 KB
17 KB 20ms
18ms Script
application/x-javascript 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iwcW4/yv/l/en_US/MaKYlkVNo0w.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yy/r/-Uwpe017HDy.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

Resource Hash

3bb7cb128f6fcfbe1c87e1db79c872dedf00909deaffe5b0cfa521e447326fb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v10.0/plugins/customerchat.php?app_id=&attribution=install_email&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df813eb2ae70e1c%26domain%3Dwww.gregweeks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.gregweeks.com%252Ff28c8e3a66a6048%26relation%3Dparent.parent&container_width=0&current_url=https%3A%2F%2Fwww.gregweeks.com%2F&locale=en_US&page_id=105871152774563&request_time=1632330077676&sdk=joey
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 04:36:10 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: /kCzNtFXGC5k5ZGjCyAyyA==
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.facebook.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy: cross-origin
content-length: 17182
x-fb-rlafr: 0
x-fb-debug: NqgozdLs2oUQj0TlNb3c1Zqk265Un7taxUSSHtGcCKm5pjdx/ZukEg5g7c/5bQdp6U+f/mZF0PTabFltWZzXFw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 22 Sep 2022 04:36:10 GMT

GET
H3 200 AHS_FdksHj5.js Show response
www.facebook.com/rsrc.php/v3/ye/r/ Frame 6AB4 887 B
508 B 20ms
18ms Script
application/x-javascript 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/ye/r/AHS_FdksHj5.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yy/r/-Uwpe017HDy.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

Resource Hash

04a693221c65bcda853b4ac1d5c381b2b47914985587560845d2665350fc1de4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v10.0/plugins/customerchat.php?app_id=&attribution=install_email&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df813eb2ae70e1c%26domain%3Dwww.gregweeks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.gregweeks.com%252Ff28c8e3a66a6048%26relation%3Dparent.parent&container_width=0&current_url=https%3A%2F%2Fwww.gregweeks.com%2F&locale=en_US&page_id=105871152774563&request_time=1632330077676&sdk=joey
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 14:01:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: pkfmxqk0DcCIXrRFc26L1g==
cross-origin-resource-policy: cross-origin
content-length: 450
x-fb-rlafr: 0
x-fb-debug: wbVjD3OBZXZ4nJspsUxLVjGNSzccmcAiC7apmwooLXYJeotk6Hh7JfZVRjxzp7LV2QzyPAWZ3lDPPyY7B7D3Ww==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 22 Sep 2022 14:01:25 GMT

GET
H3 200 rx4MxnSdGkz.js Show response
www.facebook.com/rsrc.php/v3/yz/r/ Frame 6AB4 21 KB
7 KB 21ms
19ms Script
application/x-javascript 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yz/r/rx4MxnSdGkz.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yy/r/-Uwpe017HDy.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

Resource Hash

4566f9c0517c0eb1f7e979b11f4c7bb02fa150627ea4d334989a00a59ccf76c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v10.0/plugins/customerchat.php?app_id=&attribution=install_email&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df813eb2ae70e1c%26domain%3Dwww.gregweeks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.gregweeks.com%252Ff28c8e3a66a6048%26relation%3Dparent.parent&container_width=0&current_url=https%3A%2F%2Fwww.gregweeks.com%2F&locale=en_US&page_id=105871152774563&request_time=1632330077676&sdk=joey
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 15:13:45 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: n64Fct+Dtt6C0Pz03g9JwA==
cross-origin-resource-policy: cross-origin
content-length: 7597
x-fb-rlafr: 0
x-fb-debug: QrwBLHos/9rK/+pUgbO7UvqB9g8jR7Mi2J1apPm1cTz5ar2zLXTU8wVOd6ZYG5/G/mNBQEo+fqnflX2JQMoXzw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 18 Sep 2022 15:13:45 GMT

GET
H3 200 eWl_7UBUhRh.js Show response
www.facebook.com/rsrc.php/v3/y4/r/ Frame 6AB4 155 KB
46 KB 22ms
20ms Script
application/x-javascript 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y4/r/eWl_7UBUhRh.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yy/r/-Uwpe017HDy.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

Resource Hash

a447d8581b1e61dda53d0bc3cdbff941353b58ded8965ef6077e20440ebf47c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v10.0/plugins/customerchat.php?app_id=&attribution=install_email&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df813eb2ae70e1c%26domain%3Dwww.gregweeks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.gregweeks.com%252Ff28c8e3a66a6048%26relation%3Dparent.parent&container_width=0&current_url=https%3A%2F%2Fwww.gregweeks.com%2F&locale=en_US&page_id=105871152774563&request_time=1632330077676&sdk=joey
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 15:19:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: cpOD+yZvpZmiQkWiuphckw==
cross-origin-resource-policy: cross-origin
content-length: 46629
x-fb-rlafr: 0
x-fb-debug: +eECeFwINvoVaoq4kpQB5/Cxbpnj8GLZnPVKSHKRHHlT5avUaySj4LAXeJ0VqdG5tF020/uN5eXm3N0Qs52yeA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 20 Sep 2022 15:19:43 GMT

GET
H3 200 BqEjD1dj1pL.js Show response
www.facebook.com/rsrc.php/v3/yY/r/ Frame 6AB4 888 B
437 B 22ms
21ms Script
application/x-javascript 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yY/r/BqEjD1dj1pL.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yy/r/-Uwpe017HDy.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

Resource Hash

aeb79106b2e11ba22cb8bc42024ee8ac2c2aebc710070990eecb2dbf03602a54

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v10.0/plugins/customerchat.php?app_id=&attribution=install_email&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df813eb2ae70e1c%26domain%3Dwww.gregweeks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.gregweeks.com%252Ff28c8e3a66a6048%26relation%3Dparent.parent&container_width=0&current_url=https%3A%2F%2Fwww.gregweeks.com%2F&locale=en_US&page_id=105871152774563&request_time=1632330077676&sdk=joey
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 15:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: W0GjseafI92ObXQDDMiLwQ==
cross-origin-resource-policy: cross-origin
content-length: 379
x-fb-rlafr: 0
x-fb-debug: Xxt4nVPmsdGhIEpsYdaY++d2f5+pPCrmfM12QlFprvjluOS1A/CYSeEZvrSjfCgVOHYqFYkjaoFqRg6775gdYQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 20 Sep 2022 15:22:26 GMT

GET
H3 200 DLPyftFJBJE.css
www.facebook.com/rsrc.php/v3/yL/l/0,cross/ Frame 6AB4 396 KB
108 KB 24ms
22ms Stylesheet
text/css 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yL/l/0,cross/DLPyftFJBJE.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yy/r/-Uwpe017HDy.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

Resource Hash

de3a3becfa282f9bad5babe2bff14510357db56f975955c28744a84689bd4450

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v10.0/plugins/customerchat.php?app_id=&attribution=install_email&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df813eb2ae70e1c%26domain%3Dwww.gregweeks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.gregweeks.com%252Ff28c8e3a66a6048%26relation%3Dparent.parent&container_width=0&current_url=https%3A%2F%2Fwww.gregweeks.com%2F&locale=en_US&page_id=105871152774563&request_time=1632330077676&sdk=joey
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 14:01:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: pzViZ+W77jRSaETWWt78Dg==
cross-origin-resource-policy: cross-origin
content-length: 110757
x-fb-rlafr: 0
x-fb-debug: i+jMsTgHln+/Ln97GRcLTJN8QcasguhyKx9f35KdZYLz3yI94c3OG+RMPSfP/+mNnnj9yvEni91cXw6sAUi+Cg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 22 Sep 2022 14:01:25 GMT

GET
H3 200 ZOzCjVS449f.css
www.facebook.com/rsrc.php/v3/yD/l/0,cross/ Frame 6AB4 11 KB
2 KB 23ms
21ms Stylesheet
text/css 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yD/l/0,cross/ZOzCjVS449f.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yy/r/-Uwpe017HDy.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

Resource Hash

60f83bbbdb3f285146464549e606ab79866a530408801d1262997e9a53d9bb65

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v10.0/plugins/customerchat.php?app_id=&attribution=install_email&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df813eb2ae70e1c%26domain%3Dwww.gregweeks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.gregweeks.com%252Ff28c8e3a66a6048%26relation%3Dparent.parent&container_width=0&current_url=https%3A%2F%2Fwww.gregweeks.com%2F&locale=en_US&page_id=105871152774563&request_time=1632330077676&sdk=joey
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 14:00:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 9SmjgCBvm/Y3J+73ezr4aQ==
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.facebook.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy: cross-origin
content-length: 2498
x-fb-rlafr: 0
x-fb-debug: z9V8mJDDjokXZOz2fRkQeu+GjMm/zUdDlZaAudRRFtsT4m/Bwe48Dg86dlHxYYANpjXOuzUQ6KiJ14pnwqf4IQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 22 Sep 2022 14:00:21 GMT

GET
H3 200 UJMcCTNEqM7.css
www.facebook.com/rsrc.php/v3/yG/l/0,cross/ Frame 6AB4 33 KB
6 KB 24ms
23ms Stylesheet
text/css 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yG/l/0,cross/UJMcCTNEqM7.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yy/r/-Uwpe017HDy.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

Resource Hash

6fe258975122a4a66c8c0be05b6f9063803dbdfa17643a34e65078f950510664

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v10.0/plugins/customerchat.php?app_id=&attribution=install_email&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df813eb2ae70e1c%26domain%3Dwww.gregweeks.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.gregweeks.com%252Ff28c8e3a66a6048%26relation%3Dparent.parent&container_width=0&current_url=https%3A%2F%2Fwww.gregweeks.com%2F&locale=en_US&page_id=105871152774563&request_time=1632330077676&sdk=joey
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 15:15:49 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: j+BexzRfWtntx2ryhJFGgQ==
cross-origin-resource-policy: cross-origin
content-length: 6233
x-fb-rlafr: 0
x-fb-debug: zMJKKvpocCUNEmPl3U8k5EB0VXay+x/xY3EPX9qRfEnt0GSQfeUXV8gqI2zS1quBsFzYdfyO08xKnbPjYZxqUQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 18 Sep 2022 15:15:49 GMT

OPTIONS
H2 200 InviteTriggers
api.iperceptions.com/ Frame 0
0 232ms
49ms Preflight 52.138.200.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.iperceptions.com/InviteTriggers
Protocol: H2
Server: 52.138.200.61 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: securitytoken
Origin: https://www.gregweeks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache
pragma: no-cache
expires: -1
server: Microsoft-IIS/10.0
access-control-allow-origin: *
access-control-allow-headers: securitytoken
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Wed, 22 Sep 2021 17:01:18 GMT
content-length: 0

GET
H2 200 198148_205157156179295_7122576_n.jpg
scontent.xx.fbcdn.net/v/t1.18169-1/cp0/c0.0.80.80a/p80x80/ Frame 6AB4 2 KB
2 KB 116ms
115ms Image
image/jpeg 31.13.92.14
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t1.18169-1/cp0/c0.0.80.80a/p80x80/198148_205157156179295_7122576_n.jpg?_nc_cat=106&ccb=1-5&_nc_sid=dbb9e7&_nc_ohc=YlhXmY54qQMAX-lXu-P&_nc_ht=scontent.xx&oh=1f6289b58cdbbebf9d5146f7270c4520&oe=616FBAC4
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/welcome
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS: xx-fbcdn-shv-01-frt3.fbcdn.net
Software: /
Resource Hash: ba93fa54ea1644681406d6c22e42252487b71ed78896c549948e2e23e1c8b6ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-haystack-needlechecksum: 457101399
date: Wed, 22 Sep 2021 17:01:18 GMT
x-fb-trip-id: 686109401
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: reg0wFY-6yI3OG40tRag82vgXwISIQu0kH2Sy47I50gjaGNa95F16W0c6t-_sdTTHjrJxW1OHBZWzOiSdnwWzA
cross-origin-resource-policy: cross-origin
x-needle-checksum: 163417388
timing-allow-origin: *
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1982

GET
H3 200 bubble Show response
www.facebook.com/v10.0/plugins/customer_chat/ Frame A2CE 22 KB
9 KB 136ms
136ms Document
text/html 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v10.0/plugins/customer_chat/bubble

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

Resource Hash

c7c86cab7f83f6aaaf68161c3b974957b44555d105e8ccbda0d779a62ae97888

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v10.0/plugins/customer_chat/bubble
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gregweeks.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/

Response headers

vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-fb-rlafr: 0
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version: v10.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: q/pWxOWHGRtZ6ijznsHq3lsIDUNErziCZJkvqqJSGWoBK+7HWs2LVCJhzwSR9OUg1sWc695Ct4Tr+1ZOBbJcYg==
date: Wed, 22 Sep 2021 17:01:18 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET bubble
www.facebook.com/v10.0/plugins/customer_chat/ Frame 1006 0
0

GET
H3 200 bubble Show response
www.facebook.com/v10.0/plugins/customer_chat/ Frame 4BB1 22 KB
9 KB 138ms
138ms Document
text/html 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v10.0/plugins/customer_chat/bubble

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

Resource Hash

75f0068daa3f943df21545a3e76f795288cf99c658dcaa14af785ed586838fac

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v10.0/plugins/customer_chat/bubble
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gregweeks.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/

Response headers

vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-fb-rlafr: 0
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version: v10.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: X2ioil0v8YofMzKXwgZaoXHcTRNebI0uf5h4ulMuI+OL0WBui4xS5DOqsKQQgBhFowk8aiVPT66Zx+uCe1Er4g==
date: Wed, 22 Sep 2021 17:01:18 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 IpEngine_v78.0.js Show response
universal.iperceptions.com/core/ 11 KB
4 KB 10ms
9ms Script
application/javascript 99.86.4.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://universal.iperceptions.com/core/IpEngine_v78.0.js
Requested by: Host: universal.iperceptions.com
URL: https://universal.iperceptions.com/wrapper.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-11.fra6.r.cloudfront.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 70dc97a60ab824c4b4f362341733bde439ac6bd7534d2b5b193fbd37d9413ea6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 22 Sep 2021 16:56:36 GMT
content-encoding: gzip
content-md5: ofN/a2/Vf6dAsat1lPzqnA==
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-ms-lease-status: unlocked
access-control-allow-origin: *
last-modified: Mon, 22 Mar 2021 17:01:33 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
x-ms-request-id: 9ed3e7f7-d01e-00ad-0796-aed0f7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: r3CwjfUnSEg4OUc66QofIWbnlvcPtbS8hma1s0N-TQUet3S1kNOR7A==

POST
H3 200 / Show response
www.facebook.com/tr/ Frame CD10 0
23 B 14ms
13ms Document
text/plain 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: POST
:authority: www.facebook.com
:scheme: https
:path: /tr/
content-length: 31312
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://www.gregweeks.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gregweeks.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Origin: https://www.gregweeks.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.gregweeks.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
date: Wed, 22 Sep 2021 17:01:18 GMT

GET
H2 200 /
insight.adsrvr.org/track/evnt/ Frame BC28 70 B
260 B 32ms
31ms Image
image/gif 54.246.44.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/evnt/?adv=1kmflhb&ct=0:cvdmkpp&fmt=3
Requested by: Host: d1eoo1tco6rr5e.cloudfront.net
URL: https://d1eoo1tco6rr5e.cloudfront.net/1kmflhb/cvdmkpp/iframe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.44.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-44-247.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1eoo1tco6rr5e.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:18 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 /
insight.adsrvr.org/track/conv/ Frame AA96 70 B
260 B 33ms
32ms Image
image/gif 54.246.44.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/conv/?adv=1kmflhb&ct=0:kvgt7ru&fmt=3
Requested by: Host: d1eoo1tco6rr5e.cloudfront.net
URL: https://d1eoo1tco6rr5e.cloudfront.net/1kmflhb/kvgt7ru/iframe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.44.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-44-247.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1eoo1tco6rr5e.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:18 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 35282_637678492826084994 Show response
sd.iperceptions.com/ius-359cd6b861125d638f6cea04ffb14739/ 382 KB
45 KB 73ms
12ms Script
application/javascript 99.86.4.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sd.iperceptions.com/ius-359cd6b861125d638f6cea04ffb14739/35282_637678492826084994
Requested by: Host: universal.iperceptions.com
URL: https://universal.iperceptions.com/wrapper.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-115.fra6.r.cloudfront.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 75e6127c0be6c9226d146a8196ad36642a53e482499def878d6badfe8e74e0a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 22 Sep 2021 16:57:43 GMT
content-encoding: gzip
content-md5: D5/LXEUIkgixgyzPTqykHQ==
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 45422
x-ms-lease-status: unlocked
access-control-allow-origin: *
last-modified: Tue, 21 Sep 2021 19:28:02 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D97D35EDDDB943
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
x-ms-request-id: 59ac1d3d-101e-0089-451f-af7cab000000
cache-control: x-ms-blob-cache-control: public, max-age=900
x-ms-version: 2009-09-19
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: nTfzyTkVoNmCOKSiJigm_slyRi2tkf8ojO9_7I1ujSOmY6Em2WOCnA==

GET
H2 200 dt.js Show response
dt.cobaltgroup.com/ 23 KB
8 KB 184ms
183ms Script
text/javascript 54.176.104.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dt.cobaltgroup.com/dt.js?uidindex=ws&uid=2A3038A569889B4B828552752126EDD8&webid=gmps-weeks&sitetype=dealer&eventId=8d0140e0281d10068b5b080020f0176c&cs:ssi=2A3038A569889B4B828552752126EDD8&_=1632330075343
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/websites/generated/bundles/5.0-7746/iek/1p-gu2wri793uk2oczq==/bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.176.104.101 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-176-104-101.us-west-1.compute.amazonaws.com
Software: Display Tracker 2.0 /
Resource Hash: a905a3d77920633e2e3c46a0a7bf07015922a4ccadaae230b55e2376255a8e83

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:19 GMT
content-encoding: gzip
x-autoscale-group: dt-prod-ca-asg
last-modified: Wed, 22 Sep 2021 17:01:19 GMT
server: Display Tracker 2.0
p3p: CP="NOI DSP CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
content-type: text/javascript
content-length: 7373
expires: Tue, 19 Apr 1994 04:00:00 GMT

GET
H2 200 hTUwNmNSUJu.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yd/l/en_US/ Frame A2CE 513 KB
134 KB 35ms
15ms Script
application/x-javascript 31.13.92.14
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yd/l/en_US/hTUwNmNSUJu.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v10.0/plugins/customer_chat/bubble

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frt3.fbcdn.net

Software

Resource Hash

fcfb0f591afdff0c9967b93aa0684609689f2b5123e8dbee646aca11a625d700

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:19 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: oUE6Nffr564I1pYuuaCVEw==
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 137467
x-fb-rlafr: 0
x-fb-debug: wmPIX5g8V+rqEB4CwSZyAk7irvd9D4YeHMxS5ipUmtVyeVbjd+6uQYsOjdi6Nan8pHYth4h/qaD/xAInMh6W8A==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 22 Sep 2022 01:29:00 GMT

GET
H2 200 hTUwNmNSUJu.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yd/l/en_US/ Frame 4BB1 513 KB
135 KB 20ms
14ms Script
application/x-javascript 31.13.92.14
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yd/l/en_US/hTUwNmNSUJu.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v10.0/plugins/customer_chat/bubble

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frt3.fbcdn.net

Software

Resource Hash

fcfb0f591afdff0c9967b93aa0684609689f2b5123e8dbee646aca11a625d700

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:19 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: oUE6Nffr564I1pYuuaCVEw==
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 137467
x-fb-rlafr: 0
x-fb-debug: wmPIX5g8V+rqEB4CwSZyAk7irvd9D4YeHMxS5ipUmtVyeVbjd+6uQYsOjdi6Nan8pHYth4h/qaD/xAInMh6W8A==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 22 Sep 2022 01:29:00 GMT

GET
H2 404 www.gregweeks.com
pageview.activengage.com/config/ 0
0 142ms
139ms Script
text/plain 104.18.12.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pageview.activengage.com/config/www.gregweeks.com?callback=__aecb_www_gregweeks_com
Requested by: Host: go.activengage.com
URL: https://go.activengage.com/1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.12.120 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:19 GMT
cf-cache-status: HIT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cache-control: public, max-age=300
x-envoy-upstream-service-time: 4
cf-ray: 692d18320b5e2bce-FRA
content-length: 0
expires: Wed, 22 Sep 2021 17:06:19 GMT

GET
H3 200 cavalry_endpoint.php
www.facebook.com/common/ Frame 4BB1 67 B
103 B 119ms
118ms Image
image/png 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1632330079015&t_start=1632330079015&t_domcontent=1632330079028&t_layout=1632330079098&t_onload=1632330079098&t_paint=1632330079098&t_creport=1632330079099&t_tti=1632330079028&lid=7010804301302254646-0

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/v10.0/plugins/customer_chat/bubble
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: br
x-content-type-options: nosniff
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.facebook.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: no-cache
x-fb-debug: uQ/BWY1Sg1O/jyVMy5KHvOYQGyLGRtbbd2R/CbV/cOywG8AFoFrXOOCn/7DUjzDX9omKO3PVKrRvgORb7p2Wpw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 22 Sep 2021 17:01:19 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 cavalry_endpoint.php
www.facebook.com/common/ Frame A2CE 67 B
103 B 112ms
111ms Image
image/png 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1632330079000&t_start=1632330079000&t_domcontent=1632330079017&t_layout=1632330079126&t_onload=1632330079126&t_paint=1632330079126&t_creport=1632330079126&t_tti=1632330079017&lid=7010804303080655125-0

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/v10.0/plugins/customer_chat/bubble
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: br
x-content-type-options: nosniff
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.facebook.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: no-cache
x-fb-debug: hoF/UdjMSGhl5CEXkSlXSBVshOxj/tkdxbiOsxGD8UAjNBQGDAv7HRS7Yz/riV+BjpYb1WqaijKutDq+0wWQtA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 22 Sep 2021 17:01:19 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/plugins/chat/tab_impression_logging/ Frame 6AB4 138 B
149 B 114ms
114ms XHR
application/x-javascript 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/chat/tab_impression_logging/?page_id=105871152774563&request_id=d38a089b-8824-40a0-8742-3bf0d83f8d85&plugin_interface=desktop&user_is_logged_in=false&tab_name=plugin_icon&loading_time=924&client_loading_time=1454&debug_data=%7B%22fromTime%22%3A1632330078206%2C%22now%22%3A1632330079129.9%2C%22loadingTime%22%3A924%2C%22clientLoadingTime%22%3A1454%2C%22hasStorageAccess%22%3Atrue%7D

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3iEpO4/yk/l/en_US/LaSaGFy1cqz.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

Resource Hash

adac1cd14a5df88bd0e3e39d5a372604fd37fbee529a142329d6659f0d72b3f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: mfJff8VfdSmPq6sRn-XNIF
Referer: https://www.facebook.com/welcome
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: Q4PWXcduDB54QQSmALQXrzGhnWlMG7lUYSDwqbCLDNrncVRcNYdy/ZSWjbo55D4qWagZlLNbVFyeELIB44r+7w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 22 Sep 2021 17:01:19 GMT
vary: Origin, Accept-Encoding
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
bid.g.doubleclick.net/xbbe/invitepixel/
Redirect Chain

https://segment-pixel.invitemedia.com/pixel?pixelID=67458&partnerID=198&key=segment
https://bid.g.doubleclick.net/xbbe/invitepixel/pixel?pixelID=67458&partnerID=198&key=segment

43 B
63 B

50ms
26ms

Image
image/gif

108.177.15.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bid.g.doubleclick.net/xbbe/invitepixel/pixel?pixelID=67458&partnerID=198&key=segment

Protocol

Security

QUIC, , AES_128_GCM

Server

108.177.15.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wr-in-f155.1e100.net

Software

cafe /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:19 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0

Redirect headers

date: Wed, 22 Sep 2021 17:01:19 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
location: https://bid.g.doubleclick.net/xbbe/invitepixel/pixel?pixelID=67458&partnerID=198&key=segment
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 297
x-xss-protection: 0

GET
H3

200

i.match
a.tribalfusion.com/
Redirect Chain

https://s.tribalfusion.com/i.cid?c=663573&d=30&page=landingPage
https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662189053032986
https://a.tribalfusion.com/i.match?p=b6&u=adx&google_error=15

43 B
710 B

167ms
167ms

Image
image/gif

104.18.13.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=adx&google_error=15
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.13.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:19 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 692d1833ec894e37-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://a.tribalfusion.com/i.match?p=b6&u=adx&google_error=15
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 266
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK spp.pl
sp.analytics.yahoo.com/ 43 B
964 B 37ms
36ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10061121&ec=chevyin

Requested by

Host: dt.cobaltgroup.com
URL: https://dt.cobaltgroup.com/dt.js?uidindex=ws&uid=2A3038A569889B4B828552752126EDD8&webid=gmps-weeks&sitetype=dealer&eventId=8d0140e0281d10068b5b080020f0176c&cs:ssi=2A3038A569889B4B828552752126EDD8&_=1632330075343

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 17:01:19 GMT
X-Content-Type-Options: nosniff
Age: 0
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Wed, 22 Sep 2021 17:01:19 GMT

GET
H2 200 p-BQgmK_JYr5DWc.gif
pixel.quantserve.com/pixel/ 35 B
210 B 20ms
14ms Image
image/gif 91.228.74.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-BQgmK_JYr5DWc.gif?labels=_fp.event.ChevyInNew

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.189 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:19 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 p-BQgmK_JYr5DWc.gif
pixel.quantserve.com/pixel/ 35 B
210 B 21ms
15ms Image
image/gif 91.228.74.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-BQgmK_JYr5DWc.gif?labels=_fp.event.Chevy+In+Q217

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.189 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:19 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel.gif
login.dotomi.com/
Redirect Chain

https://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_cid=3035&dtm_cmagic=03bfc1&dtm_fid=101&dtm_format=6&cli_promo_id=2&brand=chevy&optin=true&dealer_id=gmps-weeks&cdk_id=1632330077438189061
https://core.conversant.mgr.consensu.org/gdpr/iab/consent/current?rdct_url=https%3A%2F%2Flogin.dotomi.com%2Fucm%2FUCMController%3Fgdpr%3D1%26dtm_com%3D28%26dtm_cid%3D3035%26dtm_cmagic%3D03bfc1%26dt...
https://login.dotomi.com/ucm/UCMController?gdpr=1&dtm_com=28&dtm_cid=3035&dtm_cmagic=03bfc1&dtm_fid=101&dtm_format=6&cli_promo_id=2&brand=chevy&optin=true&dealer_id=gmps-weeks&cdk_id=16323300774381...
https://login.dotomi.com/pixel.gif

43 B
129 B

25ms
24ms

Image
image/gif

89.207.16.201
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.dotomi.com/pixel.gif
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.207.16.201 Roydon, United Kingdom, ASN41041 (VCLK-EU-SE, US),
Reverse DNS: ams04-usadmm.dotomi.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:19 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:19 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://login.dotomi.com/pixel.gif
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H/1.1 200
OK iui3
s.amazon-adsystem.com/ 43 B
932 B 105ms
103ms Image
image/gif 52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Sep 2021 17:01:19 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: T6Z47VBDAXQYKQ0CACQ9
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 p-ZXDzrsfZtpwXm.gif
pixel.quantserve.com/pixel/ 35 B
210 B 20ms
13ms Image
image/gif 91.228.74.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-ZXDzrsfZtpwXm.gif?labels=_fp.event.Chevy+In

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.189 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:19 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

i.match
a.tribalfusion.com/
Redirect Chain

https://s.tribalfusion.com/i.cid?c=663603&d=30&page=landingPage
https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662189053032986
https://a.tribalfusion.com/i.match?p=b6&u=adx&google_error=15

43 B
704 B

166ms
166ms

Image
image/gif

104.18.13.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=adx&google_error=15
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.13.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:19 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 692d1833ec8e4e37-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://a.tribalfusion.com/i.match?p=b6&u=adx&google_error=15
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 266
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK spp.pl
sp.analytics.yahoo.com/ 43 B
964 B 73ms
36ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10061121&ec=gmcin

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 17:01:19 GMT
X-Content-Type-Options: nosniff
Age: 0
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Wed, 22 Sep 2021 17:01:19 GMT

GET
H2 200 p-BQgmK_JYr5DWc.gif
pixel.quantserve.com/pixel/ 35 B
210 B 20ms
13ms Image
image/gif 91.228.74.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-BQgmK_JYr5DWc.gif?labels=_fp.event.GMC+In

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.189 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:19 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 p-BQgmK_JYr5DWc.gif
pixel.quantserve.com/pixel/ 35 B
210 B 19ms
12ms Image
image/gif 91.228.74.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-BQgmK_JYr5DWc.gif?labels=_fp.event.GMC+In+Q217

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.189 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:19 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel.gif
login.dotomi.com/
Redirect Chain

https://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_cid=3130&dtm_cmagic=c922de&dtm_fid=101&dtm_format=6&cli_promo_id=2&brand=gmc&optin=true&dealer_id=gmps-weeks&cdk_id=1632330077438189061
https://core.conversant.mgr.consensu.org/gdpr/iab/consent/current?rdct_url=https%3A%2F%2Flogin.dotomi.com%2Fucm%2FUCMController%3Fgdpr%3D1%26dtm_com%3D28%26dtm_cid%3D3130%26dtm_cmagic%3Dc922de%26dt...
https://login.dotomi.com/ucm/UCMController?gdpr=1&dtm_com=28&dtm_cid=3130&dtm_cmagic=c922de&dtm_fid=101&dtm_format=6&cli_promo_id=2&brand=gmc&optin=true&dealer_id=gmps-weeks&cdk_id=1632330077438189...
https://login.dotomi.com/pixel.gif

43 B
129 B

68ms
67ms

Image
image/gif

89.207.16.201
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.dotomi.com/pixel.gif
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.207.16.201 Roydon, United Kingdom, ASN41041 (VCLK-EU-SE, US),
Reverse DNS: ams04-usadmm.dotomi.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:19 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:19 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://login.dotomi.com/pixel.gif
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H/1.1 200
OK iui3
s.amazon-adsystem.com/ 43 B
932 B 109ms
105ms Image
image/gif 52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/iui3?d=3p-hbg&ex-src=gmc.com&ex-hargs=v%3D1.0%3Bc%3DGMC%3Bp%3DGMC_H

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Sep 2021 17:01:19 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: ATE6583SFC6C7TS3M9EV
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK iui3
s.amazon-adsystem.com/ 43 B
932 B 111ms
111ms Image
image/gif 52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Sep 2021 17:01:19 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: FKH7MK9V9TB446S9N9DB
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK iui3
s.amazon-adsystem.com/ 43 B
932 B 110ms
108ms Image
image/gif 52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Sep 2021 17:01:19 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 181ETN6MP1BPRS60X9TF
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

i.match
a.tribalfusion.com/
Redirect Chain

https://s.tribalfusion.com/i.cid?c=663583&d=30&page=landingPage
https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662189053032986
https://a.tribalfusion.com/i.match?p=b6&u=adx&google_error=15

43 B
710 B

166ms
165ms

Image
image/gif

104.18.13.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=adx&google_error=15
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.13.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:19 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 692d1833ec8b4e37-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://a.tribalfusion.com/i.match?p=b6&u=adx&google_error=15
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 266
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK spp.pl
sp.analytics.yahoo.com/ 43 B
964 B 62ms
34ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10061121&ec=buickin

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 17:01:19 GMT
X-Content-Type-Options: nosniff
Age: 0
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Wed, 22 Sep 2021 17:01:19 GMT

GET
H2 200 p-BQgmK_JYr5DWc.gif
pixel.quantserve.com/pixel/ 35 B
210 B 19ms
13ms Image
image/gif 91.228.74.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-BQgmK_JYr5DWc.gif?labels=_fp.event.Buick+In

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.189 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:19 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 p-BQgmK_JYr5DWc.gif
pixel.quantserve.com/pixel/ 35 B
210 B 18ms
13ms Image
image/gif 91.228.74.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-BQgmK_JYr5DWc.gif?labels=_fp.event.Buick+In+Q217

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.189 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:19 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel.gif
login.dotomi.com/
Redirect Chain

https://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_cid=3129&dtm_cmagic=c6a014&dtm_fid=101&dtm_format=6&cli_promo_id=2&brand=buick&optin=true&dealer_id=gmps-weeks&cdk_id=1632330077438189061
https://core.conversant.mgr.consensu.org/gdpr/iab/consent/current?rdct_url=https%3A%2F%2Flogin.dotomi.com%2Fucm%2FUCMController%3Fgdpr%3D1%26dtm_com%3D28%26dtm_cid%3D3129%26dtm_cmagic%3Dc6a014%26dt...
https://login.dotomi.com/ucm/UCMController?gdpr=1&dtm_com=28&dtm_cid=3129&dtm_cmagic=c6a014&dtm_fid=101&dtm_format=6&cli_promo_id=2&brand=buick&optin=true&dealer_id=gmps-weeks&cdk_id=16323300774381...
https://login.dotomi.com/pixel.gif

43 B
129 B

26ms
26ms

Image
image/gif

89.207.16.201
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.dotomi.com/pixel.gif
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.207.16.201 Roydon, United Kingdom, ASN41041 (VCLK-EU-SE, US),
Reverse DNS: ams04-usadmm.dotomi.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:19 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:19 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://login.dotomi.com/pixel.gif
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H/1.1 200
OK iui3
s.amazon-adsystem.com/ 43 B
932 B 106ms
105ms Image
image/gif 52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/iui3?d=3p-hbg&ex-src=buick.com&ex-hargs=v%3D1.0%3Bc%3DBUICK%3Bp%3DBUICK_H

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Sep 2021 17:01:19 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: CYH0DJCSBRF1MA4M9K22
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK iui3
s.amazon-adsystem.com/ 43 B
932 B 108ms
108ms Image
image/gif 52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Sep 2021 17:01:19 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 4R2YC7NPVZ5M0MXH04FP
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK iui3
s.amazon-adsystem.com/ 43 B
932 B 104ms
104ms Image
image/gif 52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Sep 2021 17:01:19 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: A5CR44M6XBCSZZRB1EXW
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 DFPAudiencePixel;ord=288066179;dc_seg=543911685
pubads.g.doubleclick.net/activity;dc_iu=/18353239/ 42 B
63 B 38ms
35ms Image
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;dc_iu=/18353239/DFPAudiencePixel;ord=288066179;dc_seg=543911685?

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activity;src=1139716;dcnet=3880;boom=40149;sz=1x1;ord=288066179
ad.doubleclick.net/ 42 B
63 B 51ms
27ms Image
image/gif 142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;src=1139716;dcnet=3880;boom=40149;sz=1x1;ord=288066179?

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

pixel
ad.ipredictive.com/d/rt/
Redirect Chain

https://mpp.vindicosuite.com/conv/v=5;m=1;t=26220;ts=288066179
https://ad.ipredictive.com/d/rt/pixel?rtsite_id=44017&uuid=e0ce7954-5a71-4574-99b1-fcbc62fdcebf&rr=1632330086

631 B
1 KB

100ms
99ms

Image
image/jpeg

52.7.3.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.ipredictive.com/d/rt/pixel?rtsite_id=44017&uuid=e0ce7954-5a71-4574-99b1-fcbc62fdcebf&rr=1632330086
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.7.3.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-3-164.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 17:01:25 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 631
X-CI-RTID: b95c4818-1bc6-11ec-a1c4-61a9da7d9f9f
Content-Type: image/jpeg

Redirect headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:26 GMT
via: 1.1 google
server: ee2d5e08078cb640588ad60c1400dd319af22492be28c0a4480b033de6b3114a
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, POST, TRACE, OPTIONS
p3p: CP="NOI DSP COR DEVa TAIa OUR BUS UNI NAV"
location: https://ad.ipredictive.com/d/rt/pixel?rtsite_id=44017&uuid=e0ce7954-5a71-4574-99b1-fcbc62fdcebf&rr=1632330086
cache-control: no-store,no-cache,must-revalidate,post-check=0,pre-check=0
access-control-allow-headers: Content-Type
content-type: text/html;charset=ISO-8859-1
alt-svc: clear
content-length: 0
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1

200
OK

pixel
ad.ipredictive.com/d/rt/
Redirect Chain

https://mpp.vindicosuite.com/conv/v=5;m=1;t=26223;ts=288066179
https://ad.ipredictive.com/d/rt/pixel?rtsite_id=44007&uuid=2622b0d8-2a57-4e58-91b7-02052fcc79d2&rr=1632330079

631 B
1 KB

222ms
110ms

Image
image/jpeg

52.7.3.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.ipredictive.com/d/rt/pixel?rtsite_id=44007&uuid=2622b0d8-2a57-4e58-91b7-02052fcc79d2&rr=1632330079
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.7.3.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-3-164.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 17:01:18 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 631
X-CI-RTID: b4e6507d-1bc6-11ec-a1ed-31453adc6bb9
Content-Type: image/jpeg

Redirect headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:18 GMT
via: 1.1 google
server: 0d70256af83c819feb335fe456b94728eba51a50d8a21edf619e375d34ff3b9d
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, POST, TRACE, OPTIONS
p3p: CP="NOI DSP COR DEVa TAIa OUR BUS UNI NAV"
location: https://ad.ipredictive.com/d/rt/pixel?rtsite_id=44007&uuid=2622b0d8-2a57-4e58-91b7-02052fcc79d2&rr=1632330079
cache-control: no-store,no-cache,must-revalidate,post-check=0,pre-check=0
access-control-allow-headers: Content-Type
content-type: text/html;charset=ISO-8859-1
alt-svc: clear
content-length: 0
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3 200 cdkgmc;sect8=innetwork;ord=288066179
pubads.g.doubleclick.net/activity;dc_iu=/75548861/wired.audience.pixel/ 42 B
63 B 47ms
43ms Image
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;dc_iu=/75548861/wired.audience.pixel/cdkgmc;sect8=innetwork;ord=288066179?

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p-VXAtmdTPRUjUp.gif
pixel.quantserve.com/pixel/ 35 B
210 B 17ms
13ms Image
image/gif 91.228.74.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-VXAtmdTPRUjUp.gif?labels=_fp.event.GMC+IN&r=288066179

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.189 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:19 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

pixel
ad.ipredictive.com/d/rt/
Redirect Chain

https://mpp.vindicosuite.com/conv/v=5;m=1;t=26226;ts=288066179
https://ad.ipredictive.com/d/rt/pixel?rtsite_id=44012&uuid=a8da3ce5-3c8e-47a4-a556-1ce107557240&rr=1632330079

631 B
1 KB

112ms
111ms

Image
image/jpeg

52.7.3.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.ipredictive.com/d/rt/pixel?rtsite_id=44012&uuid=a8da3ce5-3c8e-47a4-a556-1ce107557240&rr=1632330079
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.7.3.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-3-164.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 17:01:19 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 631
X-CI-RTID: b4d5af12-1bc6-11ec-a55d-97b4b475e8e2
Content-Type: image/jpeg

Redirect headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:19 GMT
via: 1.1 google
server: 7c5e8a410f9751e5f6b0dbb8546eaa6a4daad487dfe1a0d22e3756a55d64160b
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, POST, TRACE, OPTIONS
p3p: CP="NOI DSP COR DEVa TAIa OUR BUS UNI NAV"
location: https://ad.ipredictive.com/d/rt/pixel?rtsite_id=44012&uuid=a8da3ce5-3c8e-47a4-a556-1ce107557240&rr=1632330079
cache-control: no-store,no-cache,must-revalidate,post-check=0,pre-check=0
access-control-allow-headers: Content-Type
content-type: text/html;charset=ISO-8859-1
alt-svc: clear
content-length: 0
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3 200 cdkbuick;sect8=innetwork;ord=288066179
pubads.g.doubleclick.net/activity;dc_iu=/75548861/wired.audience.pixel/ 42 B
63 B 74ms
71ms Image
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;dc_iu=/75548861/wired.audience.pixel/cdkbuick;sect8=innetwork;ord=288066179?

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p-gxazwcayu8BeY.gif
pixel.quantserve.com/pixel/ 35 B
210 B 16ms
12ms Image
image/gif 91.228.74.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-gxazwcayu8BeY.gif?labels=_fp.event.Buick+IN&r=288066179

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.189 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:19 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK iu3
s.amazon-adsystem.com/ 0
0 107ms
107ms Image
text/html 52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iu3?d=3pecm&ad=1509026001
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
BLOB 200
OK 1a7b5162-a8f3-4476-a89d-6ccaaa5cebb4
https://www.gregweeks.com/ 9 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.gregweeks.com/1a7b5162-a8f3-4476-a89d-6ccaaa5cebb4
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c48aeb5fd15a7c40c8e367d1ac76ffab5c51e2279b3e2a162c0181dd03f47586

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length: 9141

GET
H/1.1 200
OK open_ff_window_new.js Show response
media.flickfusion.net/videos/global/ 19 KB
5 KB 123ms
123ms Script
application/x-javascript 98.129.164.22
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://media.flickfusion.net/videos/global/open_ff_window_new.js
Requested by: Host: media.flickfusion.net
URL: https://media.flickfusion.net/widget/hp_wid_js.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 98.129.164.22 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 7961ab14b50630ab014fea03c34b929b95f710d50ae64983271ee9a59fd94a97

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 17:01:13 GMT
Content-Encoding: gzip
ETag: "802f85f272bfd61:0"
Last-Modified: Fri, 20 Nov 2020 19:25:47 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 4381

POST
H2 200 lead-form.php Show response
tm.smedia.ca/services/ 17 B
293 B 408ms
408ms XHR
application/json 65.9.71.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.smedia.ca/services/lead-form.php
Requested by: Host: tm.smedia.ca
URL: https://tm.smedia.ca/analytics/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache / PHP/7.2.34
Resource Hash: ab140244cd2fd2892fec183c503c0f9522f9935f5e6c5ace01e92924a7e2e90e

Request headers

Referer: https://www.gregweeks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 22 Sep 2021 17:01:19 GMT
via: 1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA56-C1
x-powered-by: PHP/7.2.34
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amz-cf-id: nAL3VNNG0b4MQab0snxqKjFdLKC9l7uoYIOFWl2gKO-P9bp67uvUtA==

GET
H3 200 750655978688266 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 140ms
140ms Script
application/x-javascript 31.13.92.14
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/750655978688266?v=2.9.46&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frt3.fbcdn.net

Software

Resource Hash

4443bc9079ef9c4a44a24faf4f45f562e1beca1bf265d2af96179d74b467a528

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: TVDzOKrOewtoQ5iXaIG0DWE5yIiKvbS75tNwJuuXCeePANZhxNuV8+470mgjiicA+DdhWp7xtM3bOXjMIyQaYQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 22 Sep 2021 17:01:19 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 tag_state_store.php Show response
tm.smedia.ca/api/ 16 B
291 B 289ms
289ms XHR
application/json 65.9.71.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.smedia.ca/api/tag_state_store.php
Requested by: Host: tm.smedia.ca
URL: https://tm.smedia.ca/analytics/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache / PHP/7.2.34
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer: https://www.gregweeks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 22 Sep 2021 17:01:19 GMT
via: 1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA56-C1
x-powered-by: PHP/7.2.34
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amz-cf-id: GnSJh8ip-oybWA-xHsJsvy_jIoGNXgsvRc038IdtA480w3CNSAM7NQ==

GET
H2 200 balls.svg
tm.smedia.ca/adwords3/templates/ 2 KB
714 B 100ms
100ms Image
image/svg+xml 65.9.71.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tm.smedia.ca/adwords3/templates/balls.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 1f13cd178f506f77e9214f2a424f0a4cf35d4757f167d1b40aaffde37261a555

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:19 GMT
via: 1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
last-modified: Fri, 26 Apr 2019 13:13:35 GMT
server: Apache
x-amz-cf-pop: FRA56-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
content-encoding: gzip
x-amz-cf-id: ie8Ls7Fr69B9EjhpkCGbodwcFwEmniVc7j1WQM-vSDOf_xZDUrJMiA==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 21ms
20ms XHR
text/plain 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=226948857&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gregweeks.com%2F&ul=en-us&de=UTF-8&dt=New%20%26%20Used%20Cars%20for%20Sale%20-%20Weeks%20Is%20Your%20Chevy%20Buick%20GMC%20Dealer%20In%20West%20Frankfort%2C%20Illinois.%20Right%20on%20the%20Price%2C%20Right%20Off%20I-57&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=854424981&gjid=1739738478&cid=786439804.1632330078&tid=UA-143782155-18&_gid=1609757215.1632330078&_r=1&_slc=1&z=2010962970

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gregweeks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gregweeks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 50ms
24ms XHR
text/plain 74.125.206.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-143782155-18&cid=786439804.1632330078&jid=854424981&gjid=1739738478&_gid=1609757215.1632330078&_u=aEDAAUABAAAAAC~&z=2013182532

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.206.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wk-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gregweeks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 22 Sep 2021 17:01:19 GMT
content-type: text/plain
access-control-allow-origin: https://www.gregweeks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK open_ff_modal.css
media.flickfusion.net/videos/css/ 1 KB
652 B 124ms
123ms Stylesheet
text/css 98.129.164.22
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://media.flickfusion.net/videos/css/open_ff_modal.css
Requested by: Host: media.flickfusion.net
URL: https://media.flickfusion.net/videos/global/open_ff_window_new.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 98.129.164.22 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: a2ef9e9b605abee53e649fa0fa7f357794c9fba6bebc542c04cf594866d18a91

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 17:01:13 GMT
Content-Encoding: gzip
ETag: "c0b26be1380d41:0"
Last-Modified: Mon, 19 Nov 2018 14:20:43 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 329

GET
H2 200 Gyro.min.js Show response
storage.googleapis.com/player_h5/ConcatJS/Gyro/2.0.0/ 69 KB
69 KB 164ms
128ms Script
text/javascript 216.58.212.176
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/player_h5/ConcatJS/Gyro/2.0.0/Gyro.min.js
Requested by: Host: media.flickfusion.net
URL: https://media.flickfusion.net/videos/global/open_ff_window_new.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.212.176 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s01-in-f16.1e100.net
Software: UploadServer /
Resource Hash: 24b625ec2b3132bc7d08230a5f201c2de5cd37081440dceedfecfd89edce5a5b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:19 GMT
age: 0
x-guploader-uploadid: ADPycdsba5A1iGVIAu9p8MzS0FPRA-lN2SHw7ZtyVkZVIljEWRkm5vGMwJkGb_2hr1K-1WWp_K4qijovX-aM-SzaWck
x-goog-storage-class: MULTI_REGIONAL
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70428
x-goog-meta-
last-modified: Wed, 18 Nov 2020 15:11:36 GMT
server: UploadServer
etag: "7467fdc74a19f973c71457df1478f924"
x-goog-hash: crc32c=5FzmiQ==, md5=dGf9x0oZ+XPHFFffFHj5JA==
x-goog-generation: 1605712296628592
access-control-allow-origin: *
cache-control: no-cache
x-goog-stored-content-length: 70428
accept-ranges: bytes
content-type: text/javascript
expires: Thu, 22 Sep 2022 17:01:19 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
94 B 8ms
7ms Image
image/gif 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=750655978688266&ev=PageView&dl=https%3A%2F%2Fwww.gregweeks.com%2F&rl=&if=false&ts=1632330079667&sw=1600&sh=1200&v=2.9.46&r=stable&ec=0&o=30&fbp=fb.1.1632330077746.726864890&it=1632330077376&coo=false&tm=1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:19 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 22 Sep 2021 17:01:19 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 4 KB
2 KB 280ms
280ms XHR
application/json 52.210.87.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=4.4.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=757A02BE532B22BA0A490D4C%40AdobeOrg&d_nsid=0&ts=1632330080055

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENa596b27c3ae9499e9217a9f181c0cb56.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.87.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-87-143.eu-west-1.compute.amazonaws.com

Software

Resource Hash

112617dc5e0e98334317880eaee109314c9adffb6b270e59915915f862914ea5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.gregweeks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-1-v017-0e1d63f91.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: apcQF++gTJU=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.gregweeks.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1452
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EP6580734006504e9facd682c439318b88/ 36 KB
13 KB 213ms
213ms Script
application/x-javascript 104.91.76.237
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP6580734006504e9facd682c439318b88/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENa596b27c3ae9499e9217a9f181c0cb56.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.91.76.237 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-91-76-237.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: b688b7d8c9a306ac5fc64ab06561ca04693e1c5d0ea9877a4c853581d04971ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:20 GMT
content-encoding: gzip
last-modified: Mon, 09 Sep 2019 22:19:26 GMT
server: AkamaiNetStorage
etag: "279821f231e2e055aa15fd6e6ae29d46:1568067566.281876"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.gregweeks.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 13336
expires: Wed, 22 Sep 2021 18:01:20 GMT

GET
H2 200 RCca63a177a1d64fe0aec3a1388bc3d9f5-source.min.js Show response
assets.adobedtm.com/ea8c57fea068/5ddce4be9ac2/b6ad2a87fd9f/ 647 B
692 B 208ms
208ms Script
application/x-javascript 104.91.76.237
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/ea8c57fea068/5ddce4be9ac2/b6ad2a87fd9f/RCca63a177a1d64fe0aec3a1388bc3d9f5-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENa596b27c3ae9499e9217a9f181c0cb56.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.91.76.237 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-91-76-237.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4415a92e2478a9fa45c84f12d1b7d1c0a011e6f7bc53ca52d5cde89b69ac5d07

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:20 GMT
content-encoding: gzip
last-modified: Thu, 05 Aug 2021 23:34:56 GMT
server: AkamaiNetStorage
etag: "333980060412e9d4ecc81efeb0f17a4f:1628206496.558315"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.gregweeks.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 425
expires: Wed, 22 Sep 2021 18:01:20 GMT

GET
H2 200 RC894f28d065874016ba629c2ff3ccfedc-source.min.js Show response
assets.adobedtm.com/ea8c57fea068/5ddce4be9ac2/b6ad2a87fd9f/ 1 KB
928 B 209ms
207ms Script
application/x-javascript 104.91.76.237
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/ea8c57fea068/5ddce4be9ac2/b6ad2a87fd9f/RC894f28d065874016ba629c2ff3ccfedc-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENa596b27c3ae9499e9217a9f181c0cb56.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.91.76.237 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-91-76-237.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c64cafe43d3208b81945ee51b231f94555024d8bedeb47437ec5b7010ff50e04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:20 GMT
content-encoding: gzip
last-modified: Thu, 05 Aug 2021 23:34:56 GMT
server: AkamaiNetStorage
etag: "333980060412e9d4ecc81efeb0f17a4f:1628206496.558315"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.gregweeks.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 661
expires: Wed, 22 Sep 2021 18:01:20 GMT

GET
H2 200 popup-bg.png
tm.smedia.ca/adwords3/templates/gregweeks/ 330 KB
331 KB 17ms
17ms Image
image/png 65.9.71.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tm.smedia.ca/adwords3/templates/gregweeks/popup-bg.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 50e5708e92dc836a6ae8ed4f82b10f5b8dd2f5956d9a4b0373ed300e97a9ad35

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 00:01:37 GMT
via: 1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
last-modified: Tue, 30 Jul 2019 23:03:28 GMT
server: Apache
age: 406783
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 338218
x-amz-cf-id: Wb_xzQ33RzSoYrroaImKlvvB0aaOO2v9BS9zQVlGAoaTveJ9ToS9hQ==

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 4CF9 0
22 B 14ms
12ms Document
text/plain 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: POST
:authority: www.facebook.com
:scheme: https
:path: /tr/
content-length: 31312
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://www.gregweeks.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gregweeks.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Origin: https://www.gregweeks.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.gregweeks.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
date: Wed, 22 Sep 2021 17:01:20 GMT

GET
BLOB 200
OK 83004694-f765-4ecf-9fd7-38881ca0e5ad
https://www.gregweeks.com/ 9 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.gregweeks.com/83004694-f765-4ecf-9fd7-38881ca0e5ad
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c48aeb5fd15a7c40c8e367d1ac76ffab5c51e2279b3e2a162c0181dd03f47586

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length: 9141

GET
H2 200 RC623b908d34864ec4afe7852f9906e611-source.min.js Show response
assets.adobedtm.com/ea8c57fea068/5ddce4be9ac2/b6ad2a87fd9f/ 647 B
696 B 197ms
197ms Script
application/x-javascript 104.91.76.237
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/ea8c57fea068/5ddce4be9ac2/b6ad2a87fd9f/RC623b908d34864ec4afe7852f9906e611-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENa596b27c3ae9499e9217a9f181c0cb56.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.91.76.237 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-91-76-237.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 161e00efbaad513d5052b7da4da60f2494e2dd85d0a9435153ce3a8e8744a290

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:20 GMT
content-encoding: gzip
last-modified: Thu, 05 Aug 2021 23:34:56 GMT
server: AkamaiNetStorage
etag: "333980060412e9d4ecc81efeb0f17a4f:1628206496.558315"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.gregweeks.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 429
expires: Wed, 22 Sep 2021 18:01:20 GMT

GET
H2 200 AppMeasurement_Module_AudienceManagement.min.js Show response
assets.adobedtm.com/extensions/EP6580734006504e9facd682c439318b88/ 25 KB
9 KB 210ms
210ms Script
application/x-javascript 104.91.76.237
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP6580734006504e9facd682c439318b88/AppMeasurement_Module_AudienceManagement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENa596b27c3ae9499e9217a9f181c0cb56.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.91.76.237 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-91-76-237.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: f8e5a1dc315af48015053b6cc6f372181f8a0d09f6a8b59c00a9c93faf2d36db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:20 GMT
content-encoding: gzip
last-modified: Mon, 09 Sep 2019 22:19:26 GMT
server: AkamaiNetStorage
etag: "8a76ed94897ca973fc6dce12bc3991d6:1568067566.567347"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.gregweeks.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 8771
expires: Wed, 22 Sep 2021 18:01:20 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 363 KB
61 KB 51ms
51ms Script
application/javascript 216.58.212.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NNTMHJ3

Requested by

Host: www.gregweeks.com
URL: https://www.gregweeks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.168 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f168.1e100.net

Software

Google Tag Manager /

Resource Hash

a2cefa8ab63a4009e6a0961c920ec86be7b901341dd8cc9adb6c3f8bf1d99284

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61942
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:32:57 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 22 Sep 2021 17:01:20 GMT

GET
H/1.1 200
OK dest5.html Show response
gm.demdex.net/ Frame 6C58 7 KB
3 KB 144ms
31ms Document
text/html 18.203.33.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gm.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENa596b27c3ae9499e9217a9f181c0cb56.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.203.33.226 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-203-33-226.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: gm.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.gregweeks.com/
Accept-Encoding: gzip, deflate, br
Cookie: demdex=39913003496188322513202855812034217016
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Wed, 22 Sep 2021 17:01:20 GMT
DCS: dcs-prod-irl1-1-v017-0eef18cda.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Wed, 22 Sep 2021 15:17:13 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: WGmeYSbST6M=
Content-Length: 2791
Connection: keep-alive

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YUthYAAAAGilMwO1
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=39913003496188322513202855812034217016
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YUthYAAAAGilMwO1

42 B
945 B

83ms
40ms

Image
image/gif

52.210.87.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YUthYAAAAGilMwO1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.87.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-87-143.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v017-0b1645713.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: IAgG/IpSQpE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YUthYAAAAGilMwO1
Date: Wed, 22 Sep 2021 17:01:20 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H3

200

activityi;dc_pre=CK7j6bSHk_MCFQV70wod2m0Azw;src=9317774;type=sv;cat=chevy0;ord=2A3038A569889B4B828552752126EDD8;gtm=2wg9k0;auiddc=740098797.1632330077;u10=116531;u2=HomePage;u3=en-US;u4=https%3A%2F... Show response
9317774.fls.doubleclick.net/ Frame 0A37
Redirect Chain

https://9317774.fls.doubleclick.net/activityi;src=9317774;type=sv;cat=chevy0;ord=2A3038A569889B4B828552752126EDD8;gtm=2wg9k0;auiddc=740098797.1632330077;u10=116531;u2=HomePage;u3=en-US;u4=https%3A%...
https://9317774.fls.doubleclick.net/activityi;dc_pre=CK7j6bSHk_MCFQV70wod2m0Azw;src=9317774;type=sv;cat=chevy0;ord=2A3038A569889B4B828552752126EDD8;gtm=2wg9k0;auiddc=740098797.1632330077;u10=116531...

2 KB
904 B

61ms
61ms

Document
text/html

142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9317774.fls.doubleclick.net/activityi;dc_pre=CK7j6bSHk_MCFQV70wod2m0Azw;src=9317774;type=sv;cat=chevy0;ord=2A3038A569889B4B828552752126EDD8;gtm=2wg9k0;auiddc=740098797.1632330077;u10=116531;u2=HomePage;u3=en-US;u4=https%3A%2F%2Fwww.gregweeks.com%2F;u5=;u6=1600;u7=2A3038A569889B4B828552752126EDD8;u8=2A3038A569889B4B828552752126EDD8;u9=Weeks%20Chevrolet%20Buick%20GMC;u1=www.gregweeks.com;u11=WEST%20FRANKFORT;u12=IL;u13=null;u14=null;u15=null;u16=null;u17=null;u18=null;u19=undefined;u20=undefined;~oref=https%3A%2F%2Fwww.gregweeks.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NNTMHJ3

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

f5b0063c7aacf96b527fc3be1871785772d9e247e9b6c0b5c6e4a1e9e0f78b83

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 9317774.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CK7j6bSHk_MCFQV70wod2m0Azw;src=9317774;type=sv;cat=chevy0;ord=2A3038A569889B4B828552752126EDD8;gtm=2wg9k0;auiddc=740098797.1632330077;u10=116531;u2=HomePage;u3=en-US;u4=https%3A%2F%2Fwww.gregweeks.com%2F;u5=;u6=1600;u7=2A3038A569889B4B828552752126EDD8;u8=2A3038A569889B4B828552752126EDD8;u9=Weeks%20Chevrolet%20Buick%20GMC;u1=www.gregweeks.com;u11=WEST%20FRANKFORT;u12=IL;u13=null;u14=null;u15=null;u16=null;u17=null;u18=null;u19=undefined;u20=undefined;~oref=https%3A%2F%2Fwww.gregweeks.com%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gregweeks.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUngyKyP4C07hNBJ2InBtgftXlTg-X_gH3fzG_lv9ZGGRlV_1sg_Kp0p0W2bA94
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 22 Sep 2021 17:01:20 GMT
expires: Wed, 22 Sep 2021 17:01:20 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 881
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 22 Sep 2021 17:01:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://9317774.fls.doubleclick.net/activityi;dc_pre=CK7j6bSHk_MCFQV70wod2m0Azw;src=9317774;type=sv;cat=chevy0;ord=2A3038A569889B4B828552752126EDD8;gtm=2wg9k0;auiddc=740098797.1632330077;u10=116531;u2=HomePage;u3=en-US;u4=https%3A%2F%2Fwww.gregweeks.com%2F;u5=;u6=1600;u7=2A3038A569889B4B828552752126EDD8;u8=2A3038A569889B4B828552752126EDD8;u9=Weeks%20Chevrolet%20Buick%20GMC;u1=www.gregweeks.com;u11=WEST%20FRANKFORT;u12=IL;u13=null;u14=null;u15=null;u16=null;u17=null;u18=null;u19=undefined;u20=undefined;~oref=https%3A%2F%2Fwww.gregweeks.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

activityi;dc_pre=CIux77SHk_MCFYts0wodoG8Jlg;src=9399534;type=t3sv;cat=t3sit0;ord=6751174135263;gtm=2wg9k0;auiddc=740098797.1632330077;u1=www.gregweeks.com;u2=HomePage;u3=en-US;u4=https%3A%2F%2Fwww.... Show response
9399534.fls.doubleclick.net/ Frame 8661
Redirect Chain

https://9399534.fls.doubleclick.net/activityi;src=9399534;type=t3sv;cat=t3sit0;ord=6751174135263;gtm=2wg9k0;auiddc=740098797.1632330077;u1=www.gregweeks.com;u2=HomePage;u3=en-US;u4=https%3A%2F%2Fww...
https://9399534.fls.doubleclick.net/activityi;dc_pre=CIux77SHk_MCFYts0wodoG8Jlg;src=9399534;type=t3sv;cat=t3sit0;ord=6751174135263;gtm=2wg9k0;auiddc=740098797.1632330077;u1=www.gregweeks.com;u2=Hom...

2 KB
865 B

53ms
51ms

Document
text/html

142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9399534.fls.doubleclick.net/activityi;dc_pre=CIux77SHk_MCFYts0wodoG8Jlg;src=9399534;type=t3sv;cat=t3sit0;ord=6751174135263;gtm=2wg9k0;auiddc=740098797.1632330077;u1=www.gregweeks.com;u2=HomePage;u3=en-US;u4=https%3A%2F%2Fwww.gregweeks.com%2F;u5=;u6=1600;u7=2A3038A569889B4B828552752126EDD8;u8=2A3038A569889B4B828552752126EDD8;u9=Weeks%20Chevrolet%20Buick%20GMC;u10=116531;u11=WEST%20FRANKFORT;u12=IL;u13=null;u14=null;u15=null;u16=null;u17=null;u18=null;u19=undefined;u20=undefined;u21=CDK;~oref=https%3A%2F%2Fwww.gregweeks.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NNTMHJ3

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

5c9ba3185a16f24993a558496de0d1da3df147a88539c86b516992dc8f0b4a0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 9399534.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CIux77SHk_MCFYts0wodoG8Jlg;src=9399534;type=t3sv;cat=t3sit0;ord=6751174135263;gtm=2wg9k0;auiddc=740098797.1632330077;u1=www.gregweeks.com;u2=HomePage;u3=en-US;u4=https%3A%2F%2Fwww.gregweeks.com%2F;u5=;u6=1600;u7=2A3038A569889B4B828552752126EDD8;u8=2A3038A569889B4B828552752126EDD8;u9=Weeks%20Chevrolet%20Buick%20GMC;u10=116531;u11=WEST%20FRANKFORT;u12=IL;u13=null;u14=null;u15=null;u16=null;u17=null;u18=null;u19=undefined;u20=undefined;u21=CDK;~oref=https%3A%2F%2Fwww.gregweeks.com%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gregweeks.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUngyKyP4C07hNBJ2InBtgftXlTg-X_gH3fzG_lv9ZGGRlV_1sg_Kp0p0W2bA94
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 22 Sep 2021 17:01:20 GMT
expires: Wed, 22 Sep 2021 17:01:20 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 842
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 22 Sep 2021 17:01:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://9399534.fls.doubleclick.net/activityi;dc_pre=CIux77SHk_MCFYts0wodoG8Jlg;src=9399534;type=t3sv;cat=t3sit0;ord=6751174135263;gtm=2wg9k0;auiddc=740098797.1632330077;u1=www.gregweeks.com;u2=HomePage;u3=en-US;u4=https%3A%2F%2Fwww.gregweeks.com%2F;u5=;u6=1600;u7=2A3038A569889B4B828552752126EDD8;u8=2A3038A569889B4B828552752126EDD8;u9=Weeks%20Chevrolet%20Buick%20GMC;u10=116531;u11=WEST%20FRANKFORT;u12=IL;u13=null;u14=null;u15=null;u16=null;u17=null;u18=null;u19=undefined;u20=undefined;u21=CDK;~oref=https%3A%2F%2Fwww.gregweeks.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H/1.1 204
No Content 116531
api.mrg.agency/api/creativePixel/facebook/ Frame 0
0 753ms
139ms Preflight 13.65.210.166
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mrg.agency/api/creativePixel/facebook/116531

Protocol

HTTP/1.1

Server

13.65.210.166 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-api-key
Origin: https://www.gregweeks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: Microsoft-IIS/10.0
Request-Context: appId=cid-v1:dc6d1085-8355-4219-9507-f15a28d56a35
Strict-Transport-Security: max-age=2592000
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: x-api-key
Access-Control-Allow-Methods: GET
X-Powered-By: ASP.NET
Date: Wed, 22 Sep 2021 17:01:20 GMT

OPTIONS
H/1.1 204
No Content 116531
api.mrg.agency/api/creativePixel/google/ Frame 0
0 783ms
155ms Preflight 13.65.210.166
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mrg.agency/api/creativePixel/google/116531

Protocol

HTTP/1.1

Server

13.65.210.166 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-api-key
Origin: https://www.gregweeks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: Microsoft-IIS/10.0
Request-Context: appId=cid-v1:dc6d1085-8355-4219-9507-f15a28d56a35
Strict-Transport-Security: max-age=2592000
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: x-api-key
Access-Control-Allow-Methods: GET
X-Powered-By: ASP.NET
Date: Wed, 22 Sep 2021 17:01:20 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 87ms
7ms Script
application/x-javascript 65.9.65.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NNTMHJ3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.65.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 02:51:47 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 50974
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Edge-Origin-Shield-Skipped: 0
Content-Type: application/x-javascript
Via: 1.1 58c21e16c9e093deb494fbb4de260efa.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: FRA56-C1
X-Amz-Cf-Id: kHPf-rHKXPVCWalEhZc2gO3K22v_OTUciWKE0ezUZsAcx50dw5eIVA==

GET
H/1.1 200
OK px Show response
secure.adnxs.com/ 0
987 B 74ms
11ms Script
application/javascript 37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/px?id=1292049&t=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NNTMHJ3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Sep 2021 17:01:20 GMT
X-Proxy-Origin: 216.131.114.115; 216.131.114.115; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: e2e5045a-7b33-418c-95e6-0c20d53e9223
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 55ms
55ms Script
application/javascript 216.58.212.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-undefined&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-780419323

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.168 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f168.1e100.net

Software

Google Tag Manager /

Resource Hash

1db10cd8a375547e656d4347eadd2f8f163688c8acc022956f16887499ba0fd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39052
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:32:57 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 22 Sep 2021 17:01:20 GMT

GET
H/1.1 200
OK 116531 Show response
api.mrg.agency/api/creativePixel/facebook/ 525 B
1015 B 150ms
148ms XHR
text/plain 13.65.210.166
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mrg.agency/api/creativePixel/facebook/116531

Requested by

Host: www.gregweeks.com
URL: https://www.gregweeks.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.65.210.166 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

35ed04fca86938f0089eab043ab46b38f5b23e41edc3633c8bbea7affc91a840

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.gregweeks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
X-Api-Key: f60e50d512a04e3b93bd7367387b69cd

Response headers

Strict-Transport-Security: max-age=2592000
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Api-Key
Transfer-Encoding: chunked
Date: Wed, 22 Sep 2021 17:01:20 GMT
Request-Context: appId=cid-v1:dc6d1085-8355-4219-9507-f15a28d56a35

GET
H/1.1 200
OK 116531 Show response
api.mrg.agency/api/creativePixel/google/ 256 B
953 B 150ms
150ms XHR
text/plain 13.65.210.166
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mrg.agency/api/creativePixel/google/116531

Requested by

Host: www.gregweeks.com
URL: https://www.gregweeks.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.65.210.166 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

9108d86345e139eb7e2eef39030ad0279bfe45a35dbc540c3848bf8f94ca21eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.gregweeks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
X-Api-Key: f60e50d512a04e3b93bd7367387b69cd

Response headers

Strict-Transport-Security: max-age=2592000
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Api-Key
Date: Wed, 22 Sep 2021 17:01:20 GMT
Content-Length: 259
Request-Context: appId=cid-v1:dc6d1085-8355-4219-9507-f15a28d56a35

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
9 KB 13ms
9ms Script
application/javascript 91.228.74.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.gregweeks.com
URL: https://www.gregweeks.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.189 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c9d50edae9ab89f8373214510b01eb50f60e16bd5e71328173962c0e13b31c07

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:20 GMT
content-encoding: gzip
etag: "dfAcRt65NMPvqdNgsZZi3w=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Wed, 29 Sep 2021 17:01:20 GMT

GET
H/1.1 200
OK px Show response
secure.adnxs.com/ 0
987 B 76ms
20ms Script
application/javascript 37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/px?id=1291946&t=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NNTMHJ3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Sep 2021 17:01:20 GMT
X-Proxy-Origin: 216.131.114.115; 216.131.114.115; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: f04d35cb-ec4b-4aef-bce1-f322e8013922
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 /
insight.adsrvr.org/track/evnt/ 70 B
260 B 42ms
41ms Image
image/gif 54.246.44.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/evnt/?adv=xh5jqn1&ct=0:pv6rznw&fmt=3&td1=116531&gtmcb=177697888
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.44.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-44-247.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:20 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

src=10687887;dc_pre=CL6m7LSHk_MCFcR70wodVZkG8A;type=lmagm0;cat=rt-al0;u1=Buick,Chevrolet,GMC;u2=116531;u3=Sincro;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_...
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=10687887;type=lmagm0;cat=rt-al0;u1=Buick,Chevrolet,GMC;u2=116531;u3=Sincro;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D...
https://ad.doubleclick.net/ddm/activity/src=10687887;dc_pre=CL6m7LSHk_MCFcR70wodVZkG8A;type=lmagm0;cat=rt-al0;u1=Buick,Chevrolet,GMC;u2=116531;u3=Sincro;dc_lat=;dc_rdid=;tag_for_child_directed_trea...
https://adservice.google.com/ddm/fls/z/src=10687887;dc_pre=CL6m7LSHk_MCFcR70wodVZkG8A;type=lmagm0;cat=rt-al0;u1=Buick,Chevrolet,GMC;u2=116531;u3=Sincro;dc_lat=;dc_rdid=;tag_for_child_directed_treat...

42 B
107 B

41ms
21ms

Image
image/gif

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=10687887;dc_pre=CL6m7LSHk_MCFcR70wodVZkG8A;type=lmagm0;cat=rt-al0;u1=Buick,Chevrolet,GMC;u2=116531;u3=Sincro;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=65317374?gtmcb=1011234004

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:20 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://adservice.google.com/ddm/fls/z/src=10687887;dc_pre=CL6m7LSHk_MCFcR70wodVZkG8A;type=lmagm0;cat=rt-al0;u1=Buick,Chevrolet,GMC;u2=116531;u3=Sincro;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=65317374?gtmcb=1011234004
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK seg
secure.adnxs.com/ 43 B
1 KB 66ms
11ms Image
image/gif 37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/seg?add=22758161&t=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Sep 2021 17:01:20 GMT
X-Proxy-Origin: 216.131.114.115; 216.131.114.115; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 9da43c75-631c-43b3-99a6-488e99a342f4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

src=10687887;dc_pre=CJup7LSHk_MCFYV70wodx0gEIA;type=lmagm0;cat=rt-al0;u1=Buick,Chevrolet,GMC;u2=116531;u3=Sincro;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_...
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=10687887;type=lmagm0;cat=rt-al0;u1=Buick,Chevrolet,GMC;u2=116531;u3=Sincro;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D...
https://ad.doubleclick.net/ddm/activity/src=10687887;dc_pre=CJup7LSHk_MCFYV70wodx0gEIA;type=lmagm0;cat=rt-al0;u1=Buick,Chevrolet,GMC;u2=116531;u3=Sincro;dc_lat=;dc_rdid=;tag_for_child_directed_trea...
https://adservice.google.com/ddm/fls/z/src=10687887;dc_pre=CJup7LSHk_MCFYV70wodx0gEIA;type=lmagm0;cat=rt-al0;u1=Buick,Chevrolet,GMC;u2=116531;u3=Sincro;dc_lat=;dc_rdid=;tag_for_child_directed_treat...

42 B
515 B

42ms
19ms

Image
image/gif

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=10687887;dc_pre=CJup7LSHk_MCFYV70wodx0gEIA;type=lmagm0;cat=rt-al0;u1=Buick,Chevrolet,GMC;u2=116531;u3=Sincro;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1047293086?gtmcb=1512523651

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:20 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://adservice.google.com/ddm/fls/z/src=10687887;dc_pre=CJup7LSHk_MCFYV70wodx0gEIA;type=lmagm0;cat=rt-al0;u1=Buick,Chevrolet,GMC;u2=116531;u3=Sincro;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1047293086?gtmcb=1512523651
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 s13616198990588
generalmotorscorporation.sc.omtrdc.net/b/ss/genmotcorgmust2t3dealersites,gmgeneralmotorsglobal/1/JS-2.17.0-LBSQ/ 43 B
394 B 89ms
17ms Image
image/gif 15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://generalmotorscorporation.sc.omtrdc.net/b/ss/genmotcorgmust2t3dealersites,gmgeneralmotorsglobal/1/JS-2.17.0-LBSQ/s13616198990588?AQB=1&ndh=1&pf=1&t=22%2F8%2F2021%2017%3A1%3A20%203%200&mid=39748794305558261413186504720537448606&aamlh=6&ce=UTF-8&pageName=bu%7Cch%7Cgm%3Ana%3Aus%3Aen%3At3%3Ahomepage&g=https%3A%2F%2Fwww.gregweeks.com%2F&cc=USD&ch=homepage&server=www.gregweeks.com&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&h1=homepage%2Cundefined%2Cundefined%2Cundefined&v4=en&v8=weeks%20chevrolet%20buick%20gmc&v9=1%3A00PM&v10=Wednesday&c11=undefined&v11=Weekday&c12=undefined&v12=New&c13=undefined&c14=homepage&c16=gmna&c17=tier3&v17=tier3&c18=buick%7Cchevrolet%7Cgmc&v18=buick%7Cchevrolet%7Cgmc&c19=116531&c21=bu%7Cch%7Cgm%3Ana%3Aus%3Aen%3At3%3Ahomepage&c22=2.17.0&c23=en&v31=us&v32=gmna&v37=bu%7Cch%7Cgm%3Ana%3Aus%3Aen%3At3%3Ahomepage&c41=bu%7Cch%7Cgm%3Ana%3Aus%3Aen%3At3%3Ahomepage&v55=New&c60=homepage&c61=homepage&c67=https%3A%2F%2Fwww.gregweeks.com%2F&c69=New%20%26%20Used%20Cars%20for%20Sale%20-%20Weeks%20Is%20Your%20Chevy%20Buick%20GMC%20Dealer%20In%20West%20Frankfort%2C%20Illinois.%20Right%20on%20the%20Price%2C%20Right%20Off%20I-57&c71=large&c74=1600x1200&c75=landscape&v76=homepage&v77=homepage&v83=https%3A%2F%2Fwww.gregweeks.com%2F&v85=New%20%26%20Used%20Cars%20for%20Sale%20-%20Weeks%20Is%20Your%20Chevy%20Buick%20GMC%20Dealer%20In%20West%20Frankfort%2C%20Illinois.%20Right%20on%20the%20Price%2C%20Right%20Off%20I-57&v96=large&v97=1600x1200&v98=landscape&v109=gmps-weeks&v120=cdk&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=757A02BE532B22BA0A490D4C%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:20 GMT
x-content-type-options: nosniff
x-c: main-1528.I023f3a.M0-518
p3p: CP="This is not a P3P policy"
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 23 Sep 2021 17:01:20 GMT
server: jag
xserver: anedge-5b6d64b9f-vw4cq
etag: 3505402156592168960-4619881240766381282
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Tue, 21 Sep 2021 17:01:20 GMT

GET
H2 200 rules-p-2XLn5BMqXtxy7.js Show response
rules.quantcount.com/ 741 B
1 KB 30ms
9ms Script
application/javascript 13.32.22.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-2XLn5BMqXtxy7.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.22.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-22-88.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 615f8227f700d8ec8b094cfb18dbe36305d69201a1a962fc7cefc8d389ae96ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 16:31:43 GMT
via: 1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
age: 1893
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 741
last-modified: Mon, 20 May 2019 16:34:29 GMT
server: AmazonS3
etag: "2bc98a10b4d1827a0e8c618e5584ceee"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-amz-cf-id: QcXGkmrFCBdrVKgIL-LYPgFUAA1nS7hMPbgCSamH5IY18zcWbTo_zg==

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 91 KB
35 KB 23ms
22ms Script
application/javascript 216.58.212.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WX9GQ8R

Requested by

Host: www.gregweeks.com
URL: https://www.gregweeks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.168 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f168.1e100.net

Software

Google Tag Manager /

Resource Hash

60477f5d8dc3cd553c3e7e134e6de3444e11f407a25cca7af5795ab3a68fb4b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35493
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:32:57 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 22 Sep 2021 17:01:20 GMT

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 27ms
26ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-undefined&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

0899c22c6b5ecb084f0746f194d82a887c52906770ff9b168eabdc775da7c728

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14069
x-xss-protection: 0
server: cafe
etag: 5051469215060845982
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 22 Sep 2021 17:01:20 GMT

GET
H/1.1 200
OK seg Show response
secure.adnxs.com/ 0
1 KB 7ms
7ms Script
application/javascript 37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/seg?add=22757325&t=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NNTMHJ3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Sep 2021 17:01:20 GMT
X-Proxy-Origin: 216.131.114.115; 216.131.114.115; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 2fe6c7ad-63bd-4a0c-ab5c-6e8bdc5fb02c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame 0A37 44 KB
17 KB 48ms
47ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: 9317774.fls.doubleclick.net
URL: https://9317774.fls.doubleclick.net/activityi;dc_pre=CK7j6bSHk_MCFQV70wod2m0Azw;src=9317774;type=sv;cat=chevy0;ord=2A3038A569889B4B828552752126EDD8;gtm=2wg9k0;auiddc=740098797.1632330077;u10=116531;u2=HomePage;u3=en-US;u4=https%3A%2F%2Fwww.gregweeks.com%2F;u5=;u6=1600;u7=2A3038A569889B4B828552752126EDD8;u8=2A3038A569889B4B828552752126EDD8;u9=Weeks%20Chevrolet%20Buick%20GMC;u1=www.gregweeks.com;u11=WEST%20FRANKFORT;u12=IL;u13=null;u14=null;u15=null;u16=null;u17=null;u18=null;u19=undefined;u20=undefined;~oref=https%3A%2F%2Fwww.gregweeks.com%2F?

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

b43f930091a523037570fc01859bf601aac31008b755c951eab5a4735bd379a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9317774.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17375
x-xss-protection: 0
server: cafe
etag: 1406233873247679053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 22 Sep 2021 17:01:20 GMT

GET
H2 200 dc_pre=CK7j6bSHk_MCFQV70wod2m0Azw;src=9317774;type=sv;cat=chevy0;ord=2A3038A569889B4B828552752126EDD8;gtm=2wg9k0;auiddc=*;u10=116531;u2=HomePage;u3=en-US;u4=https%3A%2F%2Fwww.gregweeks.com%2F;u5=;u...
adservice.google.com/ddm/fls/z/ Frame 0A37 42 B
107 B 19ms
19ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CK7j6bSHk_MCFQV70wod2m0Azw;src=9317774;type=sv;cat=chevy0;ord=2A3038A569889B4B828552752126EDD8;gtm=2wg9k0;auiddc=*;u10=116531;u2=HomePage;u3=en-US;u4=https%3A%2F%2Fwww.gregweeks.com%2F;u5=;u6=1600;u7=2A3038A569889B4B828552752126EDD8;u8=2A3038A569889B4B828552752126EDD8;u9=Weeks%20Chevrolet%20Buick%20GMC;u1=www.gregweeks.com;u11=WEST%20FRANKFORT;u12=IL;u13=null;u14=null;u15=null;u16=null;u17=null;u18=null;u19=undefined;u20=undefined;~oref=https%3A%2F%2Fwww.gregweeks.com%2F

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9317774.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=269&dpuuid=2a89614b-6160-4d00-920b-5f800d5c1665&ddsuuid=39913003496188322513202855812034217016
dpm.demdex.net/ Frame 6C58
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=39913003496188322513202855812034217016&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d39913003496188...
https://dpm.demdex.net/ibs:dpid=269&dpuuid=2a89614b-6160-4d00-920b-5f800d5c1665&ddsuuid=39913003496188322513202855812034217016

42 B
945 B

37ms
35ms

Image
image/gif

52.210.87.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=269&dpuuid=2a89614b-6160-4d00-920b-5f800d5c1665&ddsuuid=39913003496188322513202855812034217016

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.87.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-87-143.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gm.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v017-0b1645713.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: LJLSZQqsToY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date: Wed, 22 Sep 2021 17:01:20 GMT
Server: MT3 3984 0e3af3b master zrh-pixel-x2 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dpm.demdex.net/ibs:dpid=269&dpuuid=2a89614b-6160-4d00-920b-5f800d5c1665&ddsuuid=39913003496188322513202855812034217016
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 22 Sep 2021 17:01:19 GMT

GET
H2

200

/ Show response
match.adsrvr.org/track/upb/ Frame FD30
Redirect Chain

https://insight.adsrvr.org/track/up?adv=pmijyo9&ref=https%3A%2F%2Fwww.gregweeks.com%2F&upid=evpjlkj&upv=1.1.0&td1=116531&td2=https://www.gregweeks.com/&td3=www.gregweeks.com
https://match.adsrvr.org/track/upb/?adv=pmijyo9&ref=https%3A%2F%2Fwww.gregweeks.com%2F&upid=evpjlkj&upv=1.1.0&td1=116531&td2=https://www.gregweeks.com/&td3=www.gregweeks.com

0
182 B

134ms
32ms

Document
text/html

76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/upb/?adv=pmijyo9&ref=https%3A%2F%2Fwww.gregweeks.com%2F&upid=evpjlkj&upv=1.1.0&td1=116531&td2=https://www.gregweeks.com/&td3=www.gregweeks.com
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: match.adsrvr.org
:scheme: https
:path: /track/upb/?adv=pmijyo9&ref=https%3A%2F%2Fwww.gregweeks.com%2F&upid=evpjlkj&upv=1.1.0&td1=116531&td2=https://www.gregweeks.com/&td3=www.gregweeks.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gregweeks.com/
accept-encoding: gzip, deflate, br
cookie: TDID=92d42020-9fa8-4a5d-84ed-d81fb09e8b0a
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/

Response headers

date: Wed, 22 Sep 2021 17:01:20 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

date: Wed, 22 Sep 2021 17:01:20 GMT
content-type: text/html; charset=utf-8
location: https://match.adsrvr.org/track/upb/?adv=pmijyo9&ref=https%3A%2F%2Fwww.gregweeks.com%2F&upid=evpjlkj&upv=1.1.0&td1=116531&td2=https://www.gregweeks.com/&td3=www.gregweeks.com
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
set-cookie: TDID=92d42020-9fa8-4a5d-84ed-d81fb09e8b0a; domain=.adsrvr.org; expires=Thu, 22-Sep-2022 17:01:20 GMT; path=/; secure; SameSite=None
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 501B 0
181 B 31ms
31ms Document
text/html 54.246.44.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=ebpumhx&ref=https%3A%2F%2Fwww.gregweeks.com%2F&upid=wqk15ah&upv=1.1.0&td1=116531&td2=https://www.gregweeks.com/&td3=www.gregweeks.com
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.44.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-44-247.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: insight.adsrvr.org
:scheme: https
:path: /track/up?adv=ebpumhx&ref=https%3A%2F%2Fwww.gregweeks.com%2F&upid=wqk15ah&upv=1.1.0&td1=116531&td2=https://www.gregweeks.com/&td3=www.gregweeks.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gregweeks.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/

Response headers

date: Wed, 22 Sep 2021 17:01:20 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 9AA9 0
181 B 32ms
32ms Document
text/html 54.246.44.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=3j9g7a6&ref=https%3A%2F%2Fwww.gregweeks.com%2F&upid=2au1d93&upv=1.1.0&td1=116531&td2=https://www.gregweeks.com/&td3=www.gregweeks.com
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.44.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-44-247.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: insight.adsrvr.org
:scheme: https
:path: /track/up?adv=3j9g7a6&ref=https%3A%2F%2Fwww.gregweeks.com%2F&upid=2au1d93&upv=1.1.0&td1=116531&td2=https://www.gregweeks.com/&td3=www.gregweeks.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gregweeks.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/

Response headers

date: Wed, 22 Sep 2021 17:01:20 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 pixel;r=263919737;labels=_fp.event.Homepage;rf=0;a=p-2XLn5BMqXtxy7;url=https%3A%2F%2Fwww.gregweeks.com%2F;uht=2;fpan=1;fpa=P0-967004482-1632330080745;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=d1dcdf1b-2021092...
pixel.quantserve.com/ 35 B
210 B 27ms
12ms Image
image/gif 91.228.74.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=263919737;labels=_fp.event.Homepage;rf=0;a=p-2XLn5BMqXtxy7;url=https%3A%2F%2Fwww.gregweeks.com%2F;uht=2;fpan=1;fpa=P0-967004482-1632330080745;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=d1dcdf1b-20210921204814;cm=;gdpr=0;ref=;d=gregweeks.com;je=0;sr=1600x1200x24;dst=0;et=1632330080745;tzo=0;ogl=title.New%20%26%20Used%20Cars%20for%20Sale%20-%20Weeks%20Is%20Your%20Chevy%20Buick%20GMC%20Dealer%20In%20West%20Frankfor%2Ctype.Website%2Cdescription.Visit%20Weeks%20Chevrolet%20Buick%20GMC%20for%20a%20fantastic%20selection%20of%20new%20and%20used%20cars%20f%2Curl.https%3A%2F%2Fwww%252Egregweeks%252Ecom%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.189 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:20 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame 8661 44 KB
17 KB 20ms
19ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: 9399534.fls.doubleclick.net
URL: https://9399534.fls.doubleclick.net/activityi;dc_pre=CIux77SHk_MCFYts0wodoG8Jlg;src=9399534;type=t3sv;cat=t3sit0;ord=6751174135263;gtm=2wg9k0;auiddc=740098797.1632330077;u1=www.gregweeks.com;u2=HomePage;u3=en-US;u4=https%3A%2F%2Fwww.gregweeks.com%2F;u5=;u6=1600;u7=2A3038A569889B4B828552752126EDD8;u8=2A3038A569889B4B828552752126EDD8;u9=Weeks%20Chevrolet%20Buick%20GMC;u10=116531;u11=WEST%20FRANKFORT;u12=IL;u13=null;u14=null;u15=null;u16=null;u17=null;u18=null;u19=undefined;u20=undefined;u21=CDK;~oref=https%3A%2F%2Fwww.gregweeks.com%2F?

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

b43f930091a523037570fc01859bf601aac31008b755c951eab5a4735bd379a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9399534.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17375
x-xss-protection: 0
server: cafe
etag: 1406233873247679053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 22 Sep 2021 17:01:20 GMT

GET
H3 200 dc_pre=CIux77SHk_MCFYts0wodoG8Jlg;src=9399534;type=t3sv;cat=t3sit0;ord=6751174135263;gtm=2wg9k0;auiddc=*;u1=www.gregweeks.com;u2=HomePage;u3=en-US;u4=https%3A%2F%2Fwww.gregweeks.com%2F;u5=;u6=1600;...
adservice.google.com/ddm/fls/z/ Frame 8661 42 B
63 B 80ms
29ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CIux77SHk_MCFYts0wodoG8Jlg;src=9399534;type=t3sv;cat=t3sit0;ord=6751174135263;gtm=2wg9k0;auiddc=*;u1=www.gregweeks.com;u2=HomePage;u3=en-US;u4=https%3A%2F%2Fwww.gregweeks.com%2F;u5=;u6=1600;u7=2A3038A569889B4B828552752126EDD8;u8=2A3038A569889B4B828552752126EDD8;u9=Weeks%20Chevrolet%20Buick%20GMC;u10=116531;u11=WEST%20FRANKFORT;u12=IL;u13=null;u14=null;u15=null;u16=null;u17=null;u18=null;u19=undefined;u20=undefined;u21=CDK;~oref=https%3A%2F%2Fwww.gregweeks.com%2F

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9399534.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/undefined/ 2 KB
1 KB 48ms
32ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/undefined/?random=1632330080764&cv=9&fst=1632330080764&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9k0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.gregweeks.com%2F&tiba=New%20%26%20Used%20Cars%20for%20Sale%20-%20Weeks%20Is%20Your%20Chevy%20Buick%20GMC%20Dealer%20In%20West%20Frankfort%2C%20Illinois.%20Right%20on%20the%20Price%2C%20Right%20Off%20I-57&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

5b40d40ed610d38d88e055797a37ce09362a77c7c84594a2fd7673d8b1908f3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1103
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/609383104/ Frame 0A37 2 KB
1 KB 24ms
23ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/609383104/?random=1632330080782&cv=9&fst=1632330080782&num=1&npa=1&label=ws9qCPn7_9gBEMDlyaIC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9317774.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCK7j6bSHk_MCFQV70wod2m0Azw%3Bsrc%3D9317774%3Btype%3Dsv%3Bcat%3Dchevy0%3Bord%3D2A3038A569889B4B828552752126EDD8%3Bgtm%3D2wg9k0%3Bauiddc%3D740098797.1632330077%3Bu10%3D116531%3Bu2%3DHomePage%3Bu3%3Den-US%3Bu4%3Dhttps%253A%252F%252Fwww.gregweeks.com%252F%3Bu5%3D%3Bu6%3D1600%3Bu7%3D2A3038A569889B4B828552752126EDD8%3Bu8%3D2A3038A569889B4B828552752126EDD8%3Bu9%3DWeeks%2520Chevrolet%2520Buick%2520GMC%3Bu1%3Dwww.gregweeks.com%3Bu11%3DWEST%2520FRANKFORT%3Bu12%3DIL%3Bu13%3Dnull%3Bu14%3Dnull%3Bu15%3Dnull%3Bu16%3Dnull%3Bu17%3Dnull%3Bu18%3Dnull%3Bu19%3Dundefined%3Bu20%3Dundefined%3B~oref&ref=https%3A%2F%2Fwww.gregweeks.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

aae4064a01e8d7166011a9f27afda4d3f6b3803b8e76570b7fe2fe5d09716618

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9317774.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1399
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame 0A37 44 KB
17 KB 22ms
21ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

b43f930091a523037570fc01859bf601aac31008b755c951eab5a4735bd379a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9317774.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17375
x-xss-protection: 0
server: cafe
etag: 1406233873247679053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 22 Sep 2021 17:01:20 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/455407040/ Frame 8661 2 KB
1 KB 20ms
17ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/455407040/?random=1632330080828&cv=9&fst=1632330080828&num=1&npa=1&label=5Sa7CJPBwe4BEMDrk9kB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9399534.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCIux77SHk_MCFYts0wodoG8Jlg%3Bsrc%3D9399534%3Btype%3Dt3sv%3Bcat%3Dt3sit0%3Bord%3D6751174135263%3Bgtm%3D2wg9k0%3Bauiddc%3D740098797.1632330077%3Bu1%3Dwww.gregweeks.com%3Bu2%3DHomePage%3Bu3%3Den-US%3Bu4%3Dhttps%253A%252F%252Fwww.gregweeks.com%252F%3Bu5%3D%3Bu6%3D1600%3Bu7%3D2A3038A569889B4B828552752126EDD8%3Bu8%3D2A3038A569889B4B828552752126EDD8%3Bu9%3DWeeks%2520Chevrolet%2520Buick%2520GMC%3Bu10%3D116531%3Bu11%3DWEST%2520FRANKFORT%3Bu12%3DIL%3Bu13%3Dnull%3Bu14%3Dnull%3Bu15%3Dnull%3Bu16%3Dnull%3Bu17%3Dnull%3Bu18%3Dnull%3Bu19%3Dundefined%3Bu20%3Dundefined%3Bu21%3DCDK%3B~oref%3Dhttps%253A&ref=https%3A%2F%2Fwww.gregweeks.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

bc646126cf8011266fadda9b4a77dd050e0733cda1604cc8c55ce11dca39f4b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9399534.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1421
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame 8661 44 KB
17 KB 36ms
34ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

b43f930091a523037570fc01859bf601aac31008b755c951eab5a4735bd379a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9399534.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17375
x-xss-protection: 0
server: cafe
etag: 1406233873247679053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 22 Sep 2021 17:01:20 GMT

GET
H/1.1

200
OK

ibs:dpid=477&dpuuid=11eb67d94b8523ca6c793125b501c188a73f1115c2a11c9428c8aa7e1afcd784b0da87c991749652
dpm.demdex.net/ Frame 6C58
Redirect Chain

https://idsync.rlcdn.com/365868.gif?partner_uid=39913003496188322513202855812034217016
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomMzk5MTMwMDM0OTYxODgzMjI1MTMyMDI4NTU4MTIwMzQyMTcwMTYQABoNCODCrYoGEgUI6AcQAEIASgA
https://dpm.demdex.net/ibs:dpid=477&dpuuid=11eb67d94b8523ca6c793125b501c188a73f1115c2a11c9428c8aa7e1afcd784b0da87c991749652

42 B
945 B

42ms
41ms

Image
image/gif

52.210.87.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=477&dpuuid=11eb67d94b8523ca6c793125b501c188a73f1115c2a11c9428c8aa7e1afcd784b0da87c991749652

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.87.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-87-143.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gm.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v017-0388f1e92.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: RP9ZSeGVR/c=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Wed, 22 Sep 2021 17:01:20 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dpm.demdex.net/ibs:dpid=477&dpuuid=11eb67d94b8523ca6c793125b501c188a73f1115c2a11c9428c8aa7e1afcd784b0da87c991749652
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/459928202/ Frame 0A37 2 KB
1 KB 22ms
21ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/459928202/?random=1632330080839&cv=9&fst=1632330080782&num=2&npa=1&label=GZcgCIaY8u0BEIrlp9sB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9317774.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCK7j6bSHk_MCFQV70wod2m0Azw%3Bsrc%3D9317774%3Btype%3Dsv%3Bcat%3Dchevy0%3Bord%3D2A3038A569889B4B828552752126EDD8%3Bgtm%3D2wg9k0%3Bauiddc%3D740098797.1632330077%3Bu10%3D116531%3Bu2%3DHomePage%3Bu3%3Den-US%3Bu4%3Dhttps%253A%252F%252Fwww.gregweeks.com%252F%3Bu5%3D%3Bu6%3D1600%3Bu7%3D2A3038A569889B4B828552752126EDD8%3Bu8%3D2A3038A569889B4B828552752126EDD8%3Bu9%3DWeeks%2520Chevrolet%2520Buick%2520GMC%3Bu1%3Dwww.gregweeks.com%3Bu11%3DWEST%2520FRANKFORT%3Bu12%3DIL%3Bu13%3Dnull%3Bu14%3Dnull%3Bu15%3Dnull%3Bu16%3Dnull%3Bu17%3Dnull%3Bu18%3Dnull%3Bu19%3Dundefined%3Bu20%3Dundefined%3B~oref&ref=https%3A%2F%2Fwww.gregweeks.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

5fc274452826d60cbae82cff64e3c58256740b4168109d434d8b11a39d9a575a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9317774.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1404
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.com/pagead/1p-conversion/609383104/ Frame 0A37
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/609383104/?random=43438502&cv=9&fst=1632330080782&num=1&npa=1&label=ws9qCPn7_9gBEMDlyaIC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260...
https://www.google.com/pagead/1p-conversion/609383104/?random=43438502&cv=9&fst=1632330080782&num=1&npa=1&label=ws9qCPn7_9gBEMDlyaIC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_...

42 B
64 B

45ms
44ms

Image
image/gif

142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/609383104/?random=43438502&cv=9&fst=1632330080782&num=1&npa=1&label=ws9qCPn7_9gBEMDlyaIC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9317774.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCK7j6bSHk_MCFQV70wod2m0Azw%3Bsrc%3D9317774%3Btype%3Dsv%3Bcat%3Dchevy0%3Bord%3D2A3038A569889B4B828552752126EDD8%3Bgtm%3D2wg9k0%3Bauiddc%3D740098797.1632330077%3Bu10%3D116531%3Bu2%3DHomePage%3Bu3%3Den-US%3Bu4%3Dhttps%253A%252F%252Fwww.gregweeks.com%252F%3Bu5%3D%3Bu6%3D1600%3Bu7%3D2A3038A569889B4B828552752126EDD8%3Bu8%3D2A3038A569889B4B828552752126EDD8%3Bu9%3DWeeks%2520Chevrolet%2520Buick%2520GMC%3Bu1%3Dwww.gregweeks.com%3Bu11%3DWEST%2520FRANKFORT%3Bu12%3DIL%3Bu13%3Dnull%3Bu14%3Dnull%3Bu15%3Dnull%3Bu16%3Dnull%3Bu17%3Dnull%3Bu18%3Dnull%3Bu19%3Dundefined%3Bu20%3Dundefined%3B~oref&ref=https%3A%2F%2Fwww.gregweeks.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=YGFLYfzYMIXpgQfRyYzgAw&cid=CAQSKQCNIrLM6O0eCx_yvRtU6HqZ27QAkFHQ5wS118tZLqX-SnJM8iZ87j59&random=2119663401&resp=GooglemKTybQhCsO

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9317774.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:20 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
location: https://www.google.com/pagead/1p-conversion/609383104/?random=43438502&cv=9&fst=1632330080782&num=1&npa=1&label=ws9qCPn7_9gBEMDlyaIC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9317774.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCK7j6bSHk_MCFQV70wod2m0Azw%3Bsrc%3D9317774%3Btype%3Dsv%3Bcat%3Dchevy0%3Bord%3D2A3038A569889B4B828552752126EDD8%3Bgtm%3D2wg9k0%3Bauiddc%3D740098797.1632330077%3Bu10%3D116531%3Bu2%3DHomePage%3Bu3%3Den-US%3Bu4%3Dhttps%253A%252F%252Fwww.gregweeks.com%252F%3Bu5%3D%3Bu6%3D1600%3Bu7%3D2A3038A569889B4B828552752126EDD8%3Bu8%3D2A3038A569889B4B828552752126EDD8%3Bu9%3DWeeks%2520Chevrolet%2520Buick%2520GMC%3Bu1%3Dwww.gregweeks.com%3Bu11%3DWEST%2520FRANKFORT%3Bu12%3DIL%3Bu13%3Dnull%3Bu14%3Dnull%3Bu15%3Dnull%3Bu16%3Dnull%3Bu17%3Dnull%3Bu18%3Dnull%3Bu19%3Dundefined%3Bu20%3Dundefined%3B~oref&ref=https%3A%2F%2Fwww.gregweeks.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=YGFLYfzYMIXpgQfRyYzgAw&cid=CAQSKQCNIrLM6O0eCx_yvRtU6HqZ27QAkFHQ5wS118tZLqX-SnJM8iZ87j59&random=2119663401&resp=GooglemKTybQhCsO
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/undefined/ 42 B
64 B 41ms
21ms Image
image/gif 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/undefined/?random=1632330080764&cv=9&fst=1632330000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9k0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.gregweeks.com%2F&tiba=New%20%26%20Used%20Cars%20for%20Sale%20-%20Weeks%20Is%20Your%20Chevy%20Buick%20GMC%20Dealer%20In%20West%20Frankfort%2C%20Illinois.%20Right%20on%20the%20Price%2C%20Right%20Off%20I-57&async=1&fmt=3&is_vtc=1&random=2881945494&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.com/pagead/1p-conversion/455407040/ Frame 8661
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/455407040/?random=428901406&cv=9&fst=1632330080828&num=1&npa=1&label=5Sa7CJPBwe4BEMDrk9kB&guid=ON&resp=GooglemKTybQhCsO&eid=37560326...
https://www.google.com/pagead/1p-conversion/455407040/?random=428901406&cv=9&fst=1632330080828&num=1&npa=1&label=5Sa7CJPBwe4BEMDrk9kB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u...

42 B
64 B

25ms
24ms

Image
image/gif

142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/455407040/?random=428901406&cv=9&fst=1632330080828&num=1&npa=1&label=5Sa7CJPBwe4BEMDrk9kB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9399534.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCIux77SHk_MCFYts0wodoG8Jlg%3Bsrc%3D9399534%3Btype%3Dt3sv%3Bcat%3Dt3sit0%3Bord%3D6751174135263%3Bgtm%3D2wg9k0%3Bauiddc%3D740098797.1632330077%3Bu1%3Dwww.gregweeks.com%3Bu2%3DHomePage%3Bu3%3Den-US%3Bu4%3Dhttps%253A%252F%252Fwww.gregweeks.com%252F%3Bu5%3D%3Bu6%3D1600%3Bu7%3D2A3038A569889B4B828552752126EDD8%3Bu8%3D2A3038A569889B4B828552752126EDD8%3Bu9%3DWeeks%2520Chevrolet%2520Buick%2520GMC%3Bu10%3D116531%3Bu11%3DWEST%2520FRANKFORT%3Bu12%3DIL%3Bu13%3Dnull%3Bu14%3Dnull%3Bu15%3Dnull%3Bu16%3Dnull%3Bu17%3Dnull%3Bu18%3Dnull%3Bu19%3Dundefined%3Bu20%3Dundefined%3Bu21%3DCDK%3B~oref%3Dhttps%253A&ref=https%3A%2F%2Fwww.gregweeks.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=YGFLYYy2M8jngQffl5vgCw&cid=CAQSKQCNIrLMLgru2b2cxG-k8uL0qO2aj-gAfpBd68aF25jS3HyVwV_zPnfi&random=3562009157&resp=GooglemKTybQhCsO

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9399534.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:20 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
location: https://www.google.com/pagead/1p-conversion/455407040/?random=428901406&cv=9&fst=1632330080828&num=1&npa=1&label=5Sa7CJPBwe4BEMDrk9kB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9399534.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCIux77SHk_MCFYts0wodoG8Jlg%3Bsrc%3D9399534%3Btype%3Dt3sv%3Bcat%3Dt3sit0%3Bord%3D6751174135263%3Bgtm%3D2wg9k0%3Bauiddc%3D740098797.1632330077%3Bu1%3Dwww.gregweeks.com%3Bu2%3DHomePage%3Bu3%3Den-US%3Bu4%3Dhttps%253A%252F%252Fwww.gregweeks.com%252F%3Bu5%3D%3Bu6%3D1600%3Bu7%3D2A3038A569889B4B828552752126EDD8%3Bu8%3D2A3038A569889B4B828552752126EDD8%3Bu9%3DWeeks%2520Chevrolet%2520Buick%2520GMC%3Bu10%3D116531%3Bu11%3DWEST%2520FRANKFORT%3Bu12%3DIL%3Bu13%3Dnull%3Bu14%3Dnull%3Bu15%3Dnull%3Bu16%3Dnull%3Bu17%3Dnull%3Bu18%3Dnull%3Bu19%3Dundefined%3Bu20%3Dundefined%3Bu21%3DCDK%3B~oref%3Dhttps%253A&ref=https%3A%2F%2Fwww.gregweeks.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=YGFLYYy2M8jngQffl5vgCw&cid=CAQSKQCNIrLMLgru2b2cxG-k8uL0qO2aj-gAfpBd68aF25jS3HyVwV_zPnfi&random=3562009157&resp=GooglemKTybQhCsO
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.com/pagead/1p-conversion/459928202/ Frame 0A37
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/459928202/?random=1479229731&cv=9&fst=1632330080782&num=2&npa=1&label=GZcgCIaY8u0BEIrlp9sB&guid=ON&resp=GooglemKTybQhCsO&eid=3756032...
https://www.google.com/pagead/1p-conversion/459928202/?random=1479229731&cv=9&fst=1632330080782&num=2&npa=1&label=GZcgCIaY8u0BEIrlp9sB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&...

42 B
64 B

23ms
23ms

Image
image/gif

142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/459928202/?random=1479229731&cv=9&fst=1632330080782&num=2&npa=1&label=GZcgCIaY8u0BEIrlp9sB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9317774.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCK7j6bSHk_MCFQV70wod2m0Azw%3Bsrc%3D9317774%3Btype%3Dsv%3Bcat%3Dchevy0%3Bord%3D2A3038A569889B4B828552752126EDD8%3Bgtm%3D2wg9k0%3Bauiddc%3D740098797.1632330077%3Bu10%3D116531%3Bu2%3DHomePage%3Bu3%3Den-US%3Bu4%3Dhttps%253A%252F%252Fwww.gregweeks.com%252F%3Bu5%3D%3Bu6%3D1600%3Bu7%3D2A3038A569889B4B828552752126EDD8%3Bu8%3D2A3038A569889B4B828552752126EDD8%3Bu9%3DWeeks%2520Chevrolet%2520Buick%2520GMC%3Bu1%3Dwww.gregweeks.com%3Bu11%3DWEST%2520FRANKFORT%3Bu12%3DIL%3Bu13%3Dnull%3Bu14%3Dnull%3Bu15%3Dnull%3Bu16%3Dnull%3Bu17%3Dnull%3Bu18%3Dnull%3Bu19%3Dundefined%3Bu20%3Dundefined%3B~oref&ref=https%3A%2F%2Fwww.gregweeks.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=YGFLYZjnM5XpgQeJxLH4CQ&cid=CAQSKQCNIrLMw9u3fwsKdT4F5YMEPfOMhjUCParPGj2ek-yC6JEmHBrFbb6S&random=977225997&resp=GooglemKTybQhCsO

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9317774.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:20 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
location: https://www.google.com/pagead/1p-conversion/459928202/?random=1479229731&cv=9&fst=1632330080782&num=2&npa=1&label=GZcgCIaY8u0BEIrlp9sB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9317774.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCK7j6bSHk_MCFQV70wod2m0Azw%3Bsrc%3D9317774%3Btype%3Dsv%3Bcat%3Dchevy0%3Bord%3D2A3038A569889B4B828552752126EDD8%3Bgtm%3D2wg9k0%3Bauiddc%3D740098797.1632330077%3Bu10%3D116531%3Bu2%3DHomePage%3Bu3%3Den-US%3Bu4%3Dhttps%253A%252F%252Fwww.gregweeks.com%252F%3Bu5%3D%3Bu6%3D1600%3Bu7%3D2A3038A569889B4B828552752126EDD8%3Bu8%3D2A3038A569889B4B828552752126EDD8%3Bu9%3DWeeks%2520Chevrolet%2520Buick%2520GMC%3Bu1%3Dwww.gregweeks.com%3Bu11%3DWEST%2520FRANKFORT%3Bu12%3DIL%3Bu13%3Dnull%3Bu14%3Dnull%3Bu15%3Dnull%3Bu16%3Dnull%3Bu17%3Dnull%3Bu18%3Dnull%3Bu19%3Dundefined%3Bu20%3Dundefined%3B~oref&ref=https%3A%2F%2Fwww.gregweeks.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=YGFLYZjnM5XpgQeJxLH4CQ&cid=CAQSKQCNIrLMw9u3fwsKdT4F5YMEPfOMhjUCParPGj2ek-yC6JEmHBrFbb6S&random=977225997&resp=GooglemKTybQhCsO
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/589079120/ Frame 8661 2 KB
1 KB 18ms
17ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/589079120/?random=1632330080878&cv=9&fst=1632330080828&num=2&npa=1&label=f5kYCLjxhd8BENDE8pgC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9399534.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCIux77SHk_MCFYts0wodoG8Jlg%3Bsrc%3D9399534%3Btype%3Dt3sv%3Bcat%3Dt3sit0%3Bord%3D6751174135263%3Bgtm%3D2wg9k0%3Bauiddc%3D740098797.1632330077%3Bu1%3Dwww.gregweeks.com%3Bu2%3DHomePage%3Bu3%3Den-US%3Bu4%3Dhttps%253A%252F%252Fwww.gregweeks.com%252F%3Bu5%3D%3Bu6%3D1600%3Bu7%3D2A3038A569889B4B828552752126EDD8%3Bu8%3D2A3038A569889B4B828552752126EDD8%3Bu9%3DWeeks%2520Chevrolet%2520Buick%2520GMC%3Bu10%3D116531%3Bu11%3DWEST%2520FRANKFORT%3Bu12%3DIL%3Bu13%3Dnull%3Bu14%3Dnull%3Bu15%3Dnull%3Bu16%3Dnull%3Bu17%3Dnull%3Bu18%3Dnull%3Bu19%3Dundefined%3Bu20%3Dundefined%3Bu21%3DCDK%3B~oref%3Dhttps%253A&ref=https%3A%2F%2Fwww.gregweeks.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

05f2cc27e223af2d042eb94d5d353a3edf1b7e2f9de1c296ffad19c4334c535e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9399534.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1423
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.com/pagead/1p-conversion/589079120/ Frame 8661
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/589079120/?random=1554203882&cv=9&fst=1632330080828&num=2&npa=1&label=f5kYCLjxhd8BENDE8pgC&guid=ON&resp=GooglemKTybQhCsO&eid=3756032...
https://www.google.com/pagead/1p-conversion/589079120/?random=1554203882&cv=9&fst=1632330080828&num=2&npa=1&label=f5kYCLjxhd8BENDE8pgC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&...

42 B
64 B

23ms
22ms

Image
image/gif

142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/589079120/?random=1554203882&cv=9&fst=1632330080828&num=2&npa=1&label=f5kYCLjxhd8BENDE8pgC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9399534.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCIux77SHk_MCFYts0wodoG8Jlg%3Bsrc%3D9399534%3Btype%3Dt3sv%3Bcat%3Dt3sit0%3Bord%3D6751174135263%3Bgtm%3D2wg9k0%3Bauiddc%3D740098797.1632330077%3Bu1%3Dwww.gregweeks.com%3Bu2%3DHomePage%3Bu3%3Den-US%3Bu4%3Dhttps%253A%252F%252Fwww.gregweeks.com%252F%3Bu5%3D%3Bu6%3D1600%3Bu7%3D2A3038A569889B4B828552752126EDD8%3Bu8%3D2A3038A569889B4B828552752126EDD8%3Bu9%3DWeeks%2520Chevrolet%2520Buick%2520GMC%3Bu10%3D116531%3Bu11%3DWEST%2520FRANKFORT%3Bu12%3DIL%3Bu13%3Dnull%3Bu14%3Dnull%3Bu15%3Dnull%3Bu16%3Dnull%3Bu17%3Dnull%3Bu18%3Dnull%3Bu19%3Dundefined%3Bu20%3Dundefined%3Bu21%3DCDK%3B~oref%3Dhttps%253A&ref=https%3A%2F%2Fwww.gregweeks.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=YGFLYZu0NqOpx_AP3c6ruA8&cid=CAQSKQCNIrLMgwac92l6UHR3tNAF2vH1IAb-YT5NP9uoCQxJFVlvCqueNeSv&random=1813527408&resp=GooglemKTybQhCsO

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9399534.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:20 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
location: https://www.google.com/pagead/1p-conversion/589079120/?random=1554203882&cv=9&fst=1632330080828&num=2&npa=1&label=f5kYCLjxhd8BENDE8pgC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9399534.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCIux77SHk_MCFYts0wodoG8Jlg%3Bsrc%3D9399534%3Btype%3Dt3sv%3Bcat%3Dt3sit0%3Bord%3D6751174135263%3Bgtm%3D2wg9k0%3Bauiddc%3D740098797.1632330077%3Bu1%3Dwww.gregweeks.com%3Bu2%3DHomePage%3Bu3%3Den-US%3Bu4%3Dhttps%253A%252F%252Fwww.gregweeks.com%252F%3Bu5%3D%3Bu6%3D1600%3Bu7%3D2A3038A569889B4B828552752126EDD8%3Bu8%3D2A3038A569889B4B828552752126EDD8%3Bu9%3DWeeks%2520Chevrolet%2520Buick%2520GMC%3Bu10%3D116531%3Bu11%3DWEST%2520FRANKFORT%3Bu12%3DIL%3Bu13%3Dnull%3Bu14%3Dnull%3Bu15%3Dnull%3Bu16%3Dnull%3Bu17%3Dnull%3Bu18%3Dnull%3Bu19%3Dundefined%3Bu20%3Dundefined%3Bu21%3DCDK%3B~oref%3Dhttps%253A&ref=https%3A%2F%2Fwww.gregweeks.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=YGFLYZu0NqOpx_AP3c6ruA8&cid=CAQSKQCNIrLMgwac92l6UHR3tNAF2vH1IAb-YT5NP9uoCQxJFVlvCqueNeSv&random=1813527408&resp=GooglemKTybQhCsO
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=&google_error=15
dpm.demdex.net/ Frame 6C58
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=Mzk5MTMwMDM0OTYxODgzMjI1MTMyMDI4NTU4MTIwMzQyMTcwMTY=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=&google_error=15?gdpr=0&gdpr_consent=

42 B
959 B

35ms
35ms

Image
image/gif

52.210.87.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=&google_error=15?gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.87.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-87-143.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gm.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v017-0dec6a1b7.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-Error: 300
X-TID: YaOJcoGgTMU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:20 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=&google_error=15?gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

req
cdn.navdmp.com/ Frame 6C58
Redirect Chain

https://navdmp.com/req?adID=39913003496188322513202855812034217016
https://cdn.navdmp.com/req?adID=39913003496188322513202855812034217016

6 B
78 B

157ms
141ms

Image
application/x-javascript

104.16.11.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.navdmp.com/req?adID=39913003496188322513202855812034217016
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.11.243 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gm.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:21 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 692d183fdfd06909-FRA
content-length: 6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/x-javascript

Redirect headers

location: https://cdn.navdmp.com/req?adID=39913003496188322513202855812034217016
date: Wed, 22 Sep 2021 17:01:21 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 692d183edd726909-FRA
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html

GET
H2 200 adsct
analytics.twitter.com/i/ Frame 6C58 43 B
582 B 196ms
179ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_user_id=39913003496188322513202855812034217016&p_id=38594

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gm.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Wed, 22 Sep 2021 17:01:21 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: fb614887c4b14564af2e0b22039f558f7649afd5e3e293aac506845ee7b36d0a
x-transaction: 1f07e3f79dcf23c2
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=30432&dpuuid=CI-fc5fe10f437cb5121fcb184690c56b0f
dpm.demdex.net/ Frame 6C58
Redirect Chain

https://dt.scanscout.com/ssframework/uid?UIAA=39913003496188322513202855812034217016&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-fc5fe10f437cb5121fcb184690c56b0f

42 B
945 B

36ms
35ms

Image
image/gif

52.210.87.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-fc5fe10f437cb5121fcb184690c56b0f

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.87.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-87-143.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gm.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v017-090866507.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: sGtFN1bYRF8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-fc5fe10f437cb5121fcb184690c56b0f
Date: Wed, 22 Sep 2021 17:01:21 GMT
useSecure: true
Server: nginx/1.10.3
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 7
jadserve.postrelease.com/dmp/ Frame 6C58 43 B
427 B 352ms
95ms Image
image/gif 75.101.244.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/dmp/7?vk=39913003496188322513202855812034217016&ntv_r=https://dpm.demdex.net/ibs:dpid=38117&dpuuid=NTV_USER_ID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.101.244.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-75-101-244-20.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gm.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:21 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H3 200 963979643937004 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 142ms
141ms Script
application/x-javascript 31.13.92.14
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/963979643937004?v=2.9.46&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frt3.fbcdn.net

Software

Resource Hash

c71ccbfce9d7dbde2afb015756e5a374a758cd66fc775613392c8ea6ce1309a2

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 7EPdxbVJ4s90hEWeKyM2omd+23tO3+eBCEq/gVuZKyIZtjHVK8YyTz1mb31JdnMrhmQs0Zv3YAXBXkhDFB5MOw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 22 Sep 2021 17:01:21 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK / Show response
api.ipify.org/ 15 B
243 B 412ms
97ms XHR
text/plain 50.19.227.64
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/
Requested by: Host: www.gregweeks.com
URL: https://www.gregweeks.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.19.227.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-19-227-64.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: f13b30362fe8ce10cd058b23c392326451ef91bafb134b5b6c4ed80c56a2474b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 17:01:21 GMT
Via: 1.1 vegur
Server: Cowboy
Vary: Origin
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.gregweeks.com
Connection: keep-alive
Content-Length: 15

GET
H3

200

;u6=HomePage;u7=;u8=1600;u9=null;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1420650283
adservice.google.com/ddm/fls/z/src=10434923;dc_pre=CIubpbWHk_MCFUkZ0wodI3oGCQ;type=s_visits;cat=svisit;u1=CDK;u2=116531;u3=undefined;u4=www.gregweeks.com;u5=https://www.gregweeks.com/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=10434923;type=s_visits;cat=svisit;u1=CDK;u2=116531;u3=undefined;u4=www.gregweeks.com;u5=https://www.gregweeks.com/;u6=HomePage;u7=;u8=1600;u9=null;dc_lat...
https://ad.doubleclick.net/ddm/activity/src=10434923;dc_pre=CIubpbWHk_MCFUkZ0wodI3oGCQ;type=s_visits;cat=svisit;u1=CDK;u2=116531;u3=undefined;u4=www.gregweeks.com;u5=https://www.gregweeks.com/;u6=H...
https://adservice.google.com/ddm/fls/z/src=10434923;dc_pre=CIubpbWHk_MCFUkZ0wodI3oGCQ;type=s_visits;cat=svisit;u1=CDK;u2=116531;u3=undefined;u4=www.gregweeks.com;u5=https://www.gregweeks.com/;u6=Ho...

42 B
63 B

30ms
29ms

Image
image/gif

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=10434923;dc_pre=CIubpbWHk_MCFUkZ0wodI3oGCQ;type=s_visits;cat=svisit;u1=CDK;u2=116531;u3=undefined;u4=www.gregweeks.com;u5=https://www.gregweeks.com/;u6=HomePage;u7=;u8=1600;u9=null;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1420650283

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:21 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://adservice.google.com/ddm/fls/z/src=10434923;dc_pre=CIubpbWHk_MCFUkZ0wodI3oGCQ;type=s_visits;cat=svisit;u1=CDK;u2=116531;u3=undefined;u4=www.gregweeks.com;u5=https://www.gregweeks.com/;u6=HomePage;u7=;u8=1600;u9=null;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1420650283
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=2340&dpuuid=b489634d-1bc6-11ec-9980-b12fefe76091
dpm.demdex.net/ Frame 6C58
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?https://dpm.demdex.net/ibs:dpid=2340&dpuuid=${ADELPHIC_CUID}
https://dpm.demdex.net/ibs:dpid=2340&dpuuid=b489634d-1bc6-11ec-9980-b12fefe76091

42 B
945 B

36ms
35ms

Image
image/gif

52.210.87.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=2340&dpuuid=b489634d-1bc6-11ec-9980-b12fefe76091

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.87.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-87-143.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gm.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v017-06fa7f113.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: FCDn7dFTQmY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=2340&dpuuid=b489634d-1bc6-11ec-9980-b12fefe76091
Date: Wed, 22 Sep 2021 17:01:21 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0
X-CI-RTID: b654389e-1bc6-11ec-a6f0-fd58ff162b9b

GET
H/1.1

200
OK

ibs:dpid=121998&dpuuid=4a192dd73d3af78c785a0037a2399737
dpm.demdex.net/ Frame 6C58
Redirect Chain

https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=39913003496188322513202855812034217016?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/tpid=39913003496188322513202855812034217016?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=4a192dd73d3af78c785a0037a2399737

42 B
945 B

37ms
36ms

Image
image/gif

52.210.87.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=4a192dd73d3af78c785a0037a2399737

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.87.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-87-143.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gm.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v017-054a1a8cc.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: QI0JypwfQuE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:21 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://dpm.demdex.net/ibs:dpid=121998&dpuuid=4a192dd73d3af78c785a0037a2399737
cache-control: no-cache
x-server: 10.45.15.200
content-length: 0
expires: 0

GET
H3 200 441279903456063 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 149ms
144ms Script
application/x-javascript 31.13.92.14
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/441279903456063?v=2.9.46&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frt3.fbcdn.net

Software

Resource Hash

c69e8ed9007803f3fdfef2f6bee81f0b71b56bdca297254fecfcca79541ae9fa

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: rCyt+M17mGTXk5mjvV4Lkmme5J4XRL/FDAoZVQipMIyqCSvbyz9O/0V0praPqgJmW1kWQUEGeyNHsf4Eyxu6tA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 22 Sep 2021 17:01:21 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
94 B 12ms
8ms Image
image/gif 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=281451819025246&ev=CustomizeProduct&dl=https%3A%2F%2Fwww.gregweeks.com%2F&rl=&if=false&ts=1632330081650&sw=1600&sh=1200&v=2.9.46&r=stable&ec=2&o=30&fbp=fb.1.1632330077746.726864890&it=1632330077376&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=2104179589&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:21 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 22 Sep 2021 17:01:21 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
94 B 14ms
10ms Image
image/gif 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=644621039655564&ev=CustomizeProduct&dl=https%3A%2F%2Fwww.gregweeks.com%2F&rl=&if=false&ts=1632330081652&sw=1600&sh=1200&v=2.9.46&r=stable&ec=2&o=30&fbp=fb.1.1632330077746.726864890&it=1632330077376&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=2104179589&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:21 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 22 Sep 2021 17:01:21 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
94 B 14ms
11ms Image
image/gif 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=750655978688266&ev=CustomizeProduct&dl=https%3A%2F%2Fwww.gregweeks.com%2F&rl=&if=false&ts=1632330081653&sw=1600&sh=1200&v=2.9.46&r=stable&ec=2&o=30&fbp=fb.1.1632330077746.726864890&it=1632330077376&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=2104179589&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:21 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 22 Sep 2021 17:01:21 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
94 B 15ms
11ms Image
image/gif 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=963979643937004&ev=CustomizeProduct&dl=https%3A%2F%2Fwww.gregweeks.com%2F&rl=&if=false&ts=1632330081655&sw=1600&sh=1200&v=2.9.46&r=stable&ec=0&o=30&fbp=fb.1.1632330077746.726864890&it=1632330077376&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=2104179589&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:21 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 22 Sep 2021 17:01:21 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6C58
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVV0aFlBQUFBR2lsTXdPMQ==

170 B
188 B

18ms
17ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVV0aFlBQUFBR2lsTXdPMQ==

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gm.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:21 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1632330082.720217,VS0,VE0
x-served-by: cache-hhn4029-HHN
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVV0aFlBQUFBR2lsTXdPMQ==
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 6C58
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YUthYAAAAGilMwO1&expires=90

0
239 B

9ms
9ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YUthYAAAAGilMwO1&expires=90
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gm.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:21 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1632330082.771227,VS0,VE0
x-served-by: cache-hhn4029-HHN
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YUthYAAAAGilMwO1&expires=90
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3 200 /
www.facebook.com/tr/ 44 B
94 B 10ms
8ms Image
image/gif 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=281451819025246&ev=CustomizeProduct&dl=https%3A%2F%2Fwww.gregweeks.com%2F&rl=&if=false&ts=1632330081834&sw=1600&sh=1200&v=2.9.46&r=stable&ec=3&o=30&fbp=fb.1.1632330077746.726864890&it=1632330077376&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=2104179589&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:21 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 22 Sep 2021 17:01:21 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
94 B 10ms
9ms Image
image/gif 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=644621039655564&ev=CustomizeProduct&dl=https%3A%2F%2Fwww.gregweeks.com%2F&rl=&if=false&ts=1632330081835&sw=1600&sh=1200&v=2.9.46&r=stable&ec=3&o=30&fbp=fb.1.1632330077746.726864890&it=1632330077376&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=2104179589&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:21 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 22 Sep 2021 17:01:21 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
94 B 10ms
9ms Image
image/gif 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=750655978688266&ev=CustomizeProduct&dl=https%3A%2F%2Fwww.gregweeks.com%2F&rl=&if=false&ts=1632330081836&sw=1600&sh=1200&v=2.9.46&r=stable&ec=3&o=30&fbp=fb.1.1632330077746.726864890&it=1632330077376&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=2104179589&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:21 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 22 Sep 2021 17:01:21 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
94 B 10ms
9ms Image
image/gif 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=963979643937004&ev=CustomizeProduct&dl=https%3A%2F%2Fwww.gregweeks.com%2F&rl=&if=false&ts=1632330081838&sw=1600&sh=1200&v=2.9.46&r=stable&ec=1&o=30&fbp=fb.1.1632330077746.726864890&it=1632330077376&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=2104179589&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:21 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 22 Sep 2021 17:01:21 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
94 B 10ms
9ms Image
image/gif 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=441279903456063&ev=CustomizeProduct&dl=https%3A%2F%2Fwww.gregweeks.com%2F&rl=&if=false&ts=1632330081839&sw=1600&sh=1200&v=2.9.46&r=stable&ec=0&o=30&fbp=fb.1.1632330077746.726864890&it=1632330077376&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=2104179589&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:21 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 22 Sep 2021 17:01:21 GMT

OPTIONS
H/1.1 200
OK conversionapi
mrg-fb.azurewebsites.net/api/ Frame 0
0 686ms
140ms Preflight 168.61.217.214
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://mrg-fb.azurewebsites.net/api/conversionapi?events={%22pixelId%22:963979643937004,%22eventName%22:%22CustomizeProduct%22,%22eventId%22:2104179589,%22IP%22:%22216.131.114.115%22,%22_fbp%22:%22fb.1.1632330077746.726864890%22,%22_fbc%22:%22%22,%22allEventId%22:%22%22,%22searchEventId%22:%22%22,%22prettyName%22:%22%22,%22url%22:%22\%22https%3A%2F%2Fwww.gregweeks.com%2F\%22%22}
Protocol: HTTP/1.1
Server: 168.61.217.214 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-functions-key
Origin: https://www.gregweeks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: Kestrel
Access-Control-Allow-Headers: x-functions-key
Access-Control-Allow-Origin: *
Date: Wed, 22 Sep 2021 17:01:21 GMT
Content-Length: 0

OPTIONS
H/1.1 200
OK conversionapi
mrg-fb.azurewebsites.net/api/ Frame 0
0 701ms
144ms Preflight 168.61.217.214
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://mrg-fb.azurewebsites.net/api/conversionapi?events={%22pixelId%22:441279903456063,%22eventName%22:%22CustomizeProduct%22,%22eventId%22:2104179589,%22IP%22:%22216.131.114.115%22,%22_fbp%22:%22fb.1.1632330077746.726864890%22,%22_fbc%22:%22%22,%22allEventId%22:%22%22,%22searchEventId%22:%22%22,%22prettyName%22:%22%22,%22url%22:%22\%22https%3A%2F%2Fwww.gregweeks.com%2F\%22%22}
Protocol: HTTP/1.1
Server: 168.61.217.214 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-functions-key
Origin: https://www.gregweeks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: Kestrel
Access-Control-Allow-Headers: x-functions-key
Access-Control-Allow-Origin: *
Date: Wed, 22 Sep 2021 17:01:22 GMT
Content-Length: 0

POST
H/1.1 200
OK conversionapi Show response
mrg-fb.azurewebsites.net/api/ 0
233 B 299ms
299ms XHR
text/plain 168.61.217.214
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://mrg-fb.azurewebsites.net/api/conversionapi?events={%22pixelId%22:963979643937004,%22eventName%22:%22CustomizeProduct%22,%22eventId%22:2104179589,%22IP%22:%22216.131.114.115%22,%22_fbp%22:%22fb.1.1632330077746.726864890%22,%22_fbc%22:%22%22,%22allEventId%22:%22%22,%22searchEventId%22:%22%22,%22prettyName%22:%22%22,%22url%22:%22\%22https%3A%2F%2Fwww.gregweeks.com%2F\%22%22}
Requested by: Host: www.gregweeks.com
URL: https://www.gregweeks.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.61.217.214 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

x-functions-key: Ekzu7TO38Y8UmsKu3PDoDciTrJvZa2Mll3mKQp308StZxobqD8FFpg==
Referer: https://www.gregweeks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 22 Sep 2021 17:01:22 GMT
Server: Kestrel
Request-Context: appId=cid-v1:4ac10ea0-1893-446d-9341-a0e9715d2259
Content-Length: 0
Content-Type: text/plain; charset=utf-8

POST
H/1.1 200
OK conversionapi Show response
mrg-fb.azurewebsites.net/api/ 0
233 B 333ms
333ms XHR
text/plain 168.61.217.214
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://mrg-fb.azurewebsites.net/api/conversionapi?events={%22pixelId%22:441279903456063,%22eventName%22:%22CustomizeProduct%22,%22eventId%22:2104179589,%22IP%22:%22216.131.114.115%22,%22_fbp%22:%22fb.1.1632330077746.726864890%22,%22_fbc%22:%22%22,%22allEventId%22:%22%22,%22searchEventId%22:%22%22,%22prettyName%22:%22%22,%22url%22:%22\%22https%3A%2F%2Fwww.gregweeks.com%2F\%22%22}
Requested by: Host: www.gregweeks.com
URL: https://www.gregweeks.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.61.217.214 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

x-functions-key: Ekzu7TO38Y8UmsKu3PDoDciTrJvZa2Mll3mKQp308StZxobqD8FFpg==
Referer: https://www.gregweeks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 22 Sep 2021 17:01:22 GMT
Server: Kestrel
Request-Context: appId=cid-v1:4ac10ea0-1893-446d-9341-a0e9715d2259
Content-Length: 0
Content-Type: text/plain; charset=utf-8

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6C58
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YUthYAAAAGilMwO1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YUthYAAAAGilMwO1&C=1

43 B
1003 B

912ms
912ms

Image
image/gif

104.91.76.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YUthYAAAAGilMwO1&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.91.76.247 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-91-76-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gm.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Sep 2021 17:01:24 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 22 Sep 2021 17:01:24 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 22 Sep 2021 17:01:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YUthYAAAAGilMwO1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 279
Expires: Wed, 22 Sep 2021 17:01:23 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 6C58
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://ib.adnxs.com/setuid?entity=158&code=YUthYAAAAGilMwO1

43 B
1 KB

7ms
7ms

Image
image/gif

37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=158&code=YUthYAAAAGilMwO1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gm.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Sep 2021 17:01:21 GMT
X-Proxy-Origin: 216.131.114.115; 216.131.114.115; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: a6a2e1ac-3a60-40c8-a90d-575d02a20f1d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:21 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1632330082.978327,VS0,VE0
x-served-by: cache-hhn4029-HHN
x-cache: HIT
location: https://ib.adnxs.com/setuid?entity=158&code=YUthYAAAAGilMwO1
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 6C58
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YUthYAAAAGilMwO1

43 B
106 B

18ms
18ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537148856&val=YUthYAAAAGilMwO1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.216.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gm.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:22 GMT
via: 1.1 google
server: OXGW/16.216.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:22 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1632330082.079027,VS0,VE0
x-served-by: cache-hhn4029-HHN
x-cache: HIT
location: https://us-u.openx.net/w/1.0/sd?id=537148856&val=YUthYAAAAGilMwO1
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

POST
H3 200 / Show response
www.facebook.com/tr/ Frame E893 0
22 B 8ms
7ms Document
text/plain 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: POST
:authority: www.facebook.com
:scheme: https
:path: /tr/
content-length: 31336
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://www.gregweeks.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gregweeks.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Origin: https://www.gregweeks.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.gregweeks.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
date: Wed, 22 Sep 2021 17:01:22 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 6C58
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YUthYAAAAGilMwO1

1 B
543 B

41ms
13ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YUthYAAAAGilMwO1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gm.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:01:21 GMT
cache-control: no-store, no-cache, private
x-lat: amspug017:0:366
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:22 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1632330082.188743,VS0,VE0
x-served-by: cache-hhn4029-HHN
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YUthYAAAAGilMwO1
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 6C58
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YUthYAAAAGilMwO1&img=1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YUthYAAAAGilMwO1&img=1&__user_check__=1&sync_id=b6a628f9-1bc6-11ec-96f3-1b1ae21b0306

43 B
549 B

17ms
17ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YUthYAAAAGilMwO1&img=1&__user_check__=1&sync_id=b6a628f9-1bc6-11ec-96f3-1b1ae21b0306
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gm.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 17:01:22 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 134
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Wed, 22 Sep 2021 17:01:22 GMT
Server: nginx
Location: /partner?adv_id=6409&uid=YUthYAAAAGilMwO1&img=1&__user_check__=1&sync_id=b6a628f9-1bc6-11ec-96f3-1b1ae21b0306
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 67
Connection: keep-alive
Content-Length: 0

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 4297 0
22 B 8ms
7ms Document
text/plain 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: POST
:authority: www.facebook.com
:scheme: https
:path: /tr/
content-length: 31336
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://www.gregweeks.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gregweeks.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Origin: https://www.gregweeks.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gregweeks.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.gregweeks.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
date: Wed, 22 Sep 2021 17:01:22 GMT

GET
H3

200

b.php
www.facebook.com/fr/ Frame 6C58
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YUthYAAAAGilMwO1&t=2592000&o=0

43 B
73 B

113ms
113ms

Image
image/gif

31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=YUthYAAAAGilMwO1&t=2592000&o=0

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gm.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 10:01:22 PDT
content-encoding: br
x-content-type-options: nosniff
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.facebook.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: slUVYSlJ3EFUgABYLdCjMnO7MdqbHcfHmLJFuIfxqVApNbIwSWiTIHEi+YX7EWXcrT7U7XJlok+N+WC9NvDl3w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: image/gif
vary: Accept-Encoding
cache-control: public, max-age=0
priority: u=3,i
expires: Wed, 22 Sep 2021 10:01:22 PDT

Redirect headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:01:22 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1632330082.386683,VS0,VE0
x-served-by: cache-hhn4029-HHN
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=YUthYAAAAGilMwO1&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

restricted
mid.rkdms.com/ Frame 6C58
Redirect Chain

https://mid.rkdms.com/bct?pid=8bc436aa-e0fc-4baa-9c9a-06fbeca87826&puid=39913003496188322513202855812034217016&_ct=img
https://mid.rkdms.com/restricted

0
0

106ms
106ms

Image
text/html

3.209.254.227
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mid.rkdms.com/restricted
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.209.254.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-209-254-227.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gm.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Redirect headers

location: /restricted
date: Wed, 22 Sep 2021 17:01:22 GMT
server: nginx
content-length: 0

POST events
events.smedia.ca/ 0
0

OPTIONS events
events.smedia.ca/ Frame 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s.ixiaa.com
URL: https://s.ixiaa.com/a.gif?partner=1183949&client=1183949&campaign=1183989&source=gmps-weeks

Domain: www.facebook.com
URL: https://www.facebook.com/v10.0/plugins/customer_chat/bubble

Domain: events.smedia.ca
URL: https://events.smedia.ca/events

Domain: events.smedia.ca
URL: https://events.smedia.ca/events

Verdicts & Comments Add Verdict or Comment

221 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

98 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.gregweeks.com/route	1970-01-20 14:56:42	Name: visitorId Value: 2A3038A569889B4B828552752126EDD8
www.gregweeks.com/route	1970-01-19 21:25:31	Name: sId Value: 2A3038A569889B4B828552752126EDD8
www.gregweeks.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 2A3038A569889B4B828552752126EDD8
www.gregweeks.com/	1970-01-20 14:56:42	Name: visitorId Value: 2A3038A569889B4B828552752126EDD8
www.gregweeks.com/	1970-01-19 21:25:31	Name: sId Value: 2A3038A569889B4B828552752126EDD8
www.gregweeks.com/	1969-12-31 23:59:59	Name: x-hydra-version Value: UNSPECIFIED
www.gregweeks.com/	1970-01-19 22:08:42	Name: dtCorrelate Value: 1
.gregweeks.com/	1970-01-19 23:35:06	Name: _gcl_au Value: 1.1.740098797.1632330077
.marchex.io/	1970-01-20 06:11:06	Name: uid Value: 293b5848.5cc987668d387
.cobaltgroup.com/	1970-01-20 06:11:06	Name: dtuid Value: 1632330077438189061
.cobaltgroup.com/	1970-01-20 14:56:42	Name: click_tracker Value: 1632330077438189061
.cobaltgroup.com/	1970-01-19 22:08:42	Name: usrmpr Value: 1
.cobaltgroup.com/	1970-01-19 22:08:42	Name: neustarmpr Value: 1
.cobaltgroup.com/	1970-01-19 22:08:42	Name: marchex Value: 1
.cobaltgroup.com/	1970-01-19 22:08:42	Name: acxmpr Value: 1
.cobaltgroup.com/	1970-01-19 22:08:42	Name: eqxmpr Value: 1
.cobaltgroup.com/	1970-01-19 22:08:42	Name: rubmpr Value: 1
.cobaltgroup.com/	1970-01-19 22:08:42	Name: opxmpr2 Value: 1
.cobaltgroup.com/	1970-01-19 22:08:42	Name: goompr Value: 1
.cobaltgroup.com/	1970-01-19 22:08:42	Name: expmpr Value: 1
.cobaltgroup.com/	1970-01-19 21:26:56	Name: admset Value: 1
.gregweeks.com/	1970-01-20 14:56:42	Name: _ga Value: GA1.2.786439804.1632330078
.gregweeks.com/	1970-01-19 21:26:56	Name: _gid Value: GA1.2.1609757215.1632330078
.gregweeks.com/	1970-01-19 21:25:30	Name: _gat_gtag_UA_171844001_1 Value: 1
.gregweeks.com/	1970-01-19 21:25:30	Name: _gat_gtag_UA_130418598_1 Value: 1
.gregweeks.com/	1970-01-19 21:25:30	Name: _gat_UA-111806281-27 Value: 1
.gregweeks.com/	1970-01-19 21:25:30	Name: _gat_UA-111031593-1 Value: 1
.gregweeks.com/	1970-01-19 23:35:06	Name: _fbp Value: fb.1.1632330077746.726864890
.agkn.com/	1970-01-20 06:11:06	Name: ab Value: 0001%3A%2BXqmGlax18F3e%2BalTkxkV9s0Fm4%2FeAd1
.turn.com/	1970-01-20 01:44:42	Name: uid Value: 4416358496849940514
www.gregweeks.com/	1970-01-20 06:11:06	Name: smedia_uuid Value: a76da682f53bcb18227575f20fb1776b37c0d2b5a58d3182c22c0fc3bbe5dc83
www.gregweeks.com/	1969-12-31 23:59:59	Name: smedia_session_id Value: c5b03b2e130320f4d4da8bad70bd5a902e993fa41b9d7287443a6c80d0bfdfb5
.bing.com/	1970-01-20 06:47:06	Name: MUID Value: 0BB08B42A000674C22D19BF8A142663F
.gregweeks.com/	1970-01-19 21:26:56	Name: _uetsid Value: b42d89501bc611ecbd207b67b728b7bf
.gregweeks.com/	1970-01-20 06:47:06	Name: _uetvid Value: b42dbfc01bc611ecb6ce2f8e413b1942
.yahoo.com/	1970-01-20 06:11:27	Name: A3 Value: d=AQABBF5hS2ECECI8urorKJNItWaCc3jODhAFEgEBAQGyTGFVYQAAAAAA_SMAAA&S=AQAAApFAovlnCGQJWN6XwDySEsU
.quantserve.com/	1970-01-20 06:55:44	Name: mc Value: 614b615e-491de-c91b3-b7e0a
adservices.brandcdn.com/	1970-01-19 21:35:34	Name: AWSALBCORS Value: KPxGz0ikyTQYLujy54FZdw3t0AWKudYJeyituWZiv4io0RIsO3BhPwDRLCUI0iVozO4EbNmhh6JK+PKAgA+Jw8yMgSQJiEMZp6lP16hVQ7GZVq4wQZ9Vgtn4LVPs
.admission.net/	1970-01-20 06:11:06	Name: dtuid Value: 1632330077438189061
.amazon-adsystem.com/	1970-01-20 02:00:32	Name: ad-id Value: A0R3ocHX8kKlvIOOXmg1Z1w
.amazon-adsystem.com/	1970-01-21 17:27:54	Name: ad-privacy Value: 0
.doubleclick.net/	1970-01-20 14:56:42	Name: IDE Value: AHWqTUngyKyP4C07hNBJ2InBtgftXlTg-X_gH3fzG_lv9ZGGRlV_1sg_Kp0p0W2bA94
www.gregweeks.com/	1969-12-31 23:59:59	Name: ipe_s Value: c000cc8f-e089-b3c6-ab77-34b3e091607c
.quantserve.com/	1970-01-19 23:35:06	Name: d Value: EH0BBgGnJAKAAcnv8wP9vvwMXMhSjI38wgdoVe3YiRAgZPoE-r-CB2hV7d25j9UCBk-gS7-KECBk-gQwIGT6BCAgZPoEYCBk-gQ
traffic.prod.cobaltgroup.com/	1970-01-19 21:35:34	Name: AWSALBCORS Value: kUrlgA1QKeQhpOu2ztAOyy1zfEqTW8ZAdJxzS96yZL1hGrbybb3+j9gKlAwLdaYi8Rp0Y6OUgWiKfEOZW+NLMaqwTD2dGgZ4Zp+XoJ3ZYPu+S9xmkRdcRWRdcr0i
.adnxs.com/	1970-01-19 23:35:06	Name: uuid2 Value: 1118434049445511194
.demdex.net/	1970-01-20 01:44:42	Name: demdex Value: 39913003496188322513202855812034217016
.ipredictive.com/	1970-01-20 06:11:06	Name: cu Value: b489634d-1bc6-11ec-9980-b12fefe76091\|1632330078802
.dpm.demdex.net/	1970-01-20 01:44:42	Name: dpm Value: 39913003496188322513202855812034217016
www.gregweeks.com/	1969-12-31 23:59:59	Name: IPE_LandingTime Value: 1632330079045
www.gregweeks.com/	1969-12-31 23:59:59	Name: ipe.35282.pageViewedCount Value: 1
www.gregweeks.com/	1969-12-31 23:59:59	Name: ipe.35282.pageViewedDay Value: 265
www.gregweeks.com/	1970-01-19 22:08:42	Name: ipe_35282_fov Value: %7B%22numberOfVisits%22%3A1%2C%22sessionId%22%3A%22c000cc8f-e089-b3c6-ab77-34b3e091607c%22%2C%22expiry%22%3A%222021-10-22T17%3A01%3A19.056Z%22%2C%22lastVisit%22%3A%222021-09-22T17%3A01%3A19.056Z%22%7D
.cobaltgroup.com/	1970-01-19 21:26:56	Name: nw_tagged Value: 642\|642
app.carnow.com/	1969-12-31 23:59:59	Name: _cn_session Value: aEt4Sm1HRUhJaDJ3OHJoZ2N3YzJjeFZTc3lSWDlmbDVQV0xQR24vUmkrOEZZNWhlNStMTWFPUnkxdFlWdVpTbEpXOEhRY2NPcmVScWliVEQxblpzVCs2RC92MGJ4MzdpWU5BdEJicW93cGpabXFxRDRKUUZhQmwyN1phVEdmUUEvZllQc3dzUk9SRjBmenRoRXQvcHZWZ3d4M0pUZ1BUcHlVb2d3amhwWlE1TzdWN0cwSjIzL21aZm9DWEpHMFZpMTdsSVlQOUtMNWFSd0FvL3EvUFZ0MWlnczc2VFZwUjVjMHA4UTQvSmo1elB0VFU3VUFrd0FJcHRMN05vM3lZSG9VY2ZuWDhYek4wbHo0SFhLU1crd3BJejFBbGM5SlkyVWdLRC9Rdlk3cHBxaTM3cjhDWlJNM0hRZlNiVWtqelhBSjlaWk9Xa2haTkovNWJPNHNia1JOVU1NNDJKMjVjUkJXY2VleXJHK1MrMEQ3S0dXUkZtY0R5K2N1UExXaWdqa0ZiNTZmZURFL3RIbVNIclcvVzJuUT09LS1sdTNHL2ZuR0ViUE5ScVN1UUxoRHZnPT0%3D--4f9edf2523c6f974a6eca4fda251db6afe382077
.openx.net/	1970-01-20 06:11:06	Name: i Value: f99e4c7e-b881-4ffd-aab0-9d7da720374e\|1632330079
.tribalfusion.com/	1970-01-19 23:35:06	Name: ANON_ID Value: aQnuYpo0P88CmTN83NFZdQZbedMa0Koy7x9fqUIUk9gZbbEAKXa73YdAe1wdZcN6Nf7UZbhYaSjXRGFjkcZapxC1spgHUEPE47uFravqR9DvR4
.gregweeks.com/	1970-01-19 21:25:30	Name: _gat_smedia_analytics_tracker Value: 1
.gregweeks.com/	1969-12-31 23:59:59	Name: AMCVS_757A02BE532B22BA0A490D4C%40AdobeOrg Value: 1
.everesttech.net/	1970-01-20 06:11:06	Name: everest_g_v2 Value: g_surferid~YUthYAAAAGilMwO1
www.gregweeks.com/	1970-01-19 21:25:31	Name: FBSID Value: 2A3038A569889B4B828552752126EDD8
www.gregweeks.com/	1970-01-19 21:25:31	Name: CMsID Value: 635937560
.gregweeks.com/	1970-01-19 22:51:54	Name: s_nr Value: 1632330080575-New
.gregweeks.com/	1970-01-19 21:25:31	Name: gpv_pn Value: bu%7Cch%7Cgm%3Ana%3Aus%3Aen%3At3%3Ahomepage
.gregweeks.com/	1969-12-31 23:59:59	Name: s_tp Value: 6253
.gregweeks.com/	1969-12-31 23:59:59	Name: s_ppv Value: bu%257Cch%257Cgm%253Ana%253Aus%253Aen%253At3%253Ahomepage%2C19%2C19%2C1200
.gregweeks.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.gregweeks.com/	1970-01-19 21:26:56	Name: _dlt Value: 1
.gregweeks.com/	1970-01-20 14:56:42	Name: AMCV_757A02BE532B22BA0A490D4C%40AdobeOrg Value: 1075005958%7CMCIDTS%7C18893%7CMCMID%7C39748794305558261413186504720537448606%7CMCAAMLH-1632934880%7C6%7CMCAAMB-1632934880%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1632337280s%7CNONE%7CMCSYNCSOP%7C411-18900%7CvVersion%7C4.4.1
.adsrvr.org/	1970-01-20 06:11:06	Name: TDID Value: 92d42020-9fa8-4a5d-84ed-d81fb09e8b0a
.mathtag.com/	1970-01-20 06:51:25	Name: uuid Value: 2a89614b-6160-4d00-920b-5f800d5c1665
.gregweeks.com/	1970-01-20 06:49:58	Name: __qca Value: P0-967004482-1632330080745
.rlcdn.com/	1970-01-20 06:11:06	Name: rlas3 Value: KQoL2c+GNaTD611tAeUfQp7jzZ0rrd2HvbeiTZynUt0=
.rlcdn.com/	1970-01-19 22:51:54	Name: pxrc Value: CODCrYoGEgUI6AcQABIGCPHrARAA
.twitter.com/	1970-01-20 14:56:42	Name: personalization_id Value: "v1_hjfWLn2kY1YzYsC7qyZloA=="
.postrelease.com/	1970-01-20 06:11:06	Name: opt_out Value: 1
.crwdcntrl.net/	1970-01-20 03:54:18	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 03:54:18	Name: _cc_id Value: 4a192dd73d3af78c785a0037a2399737
.crwdcntrl.net/	1970-01-20 03:54:18	Name: _cc_cc Value: "ACZ4XmNQMEk0tDRKSTE3TjFOTDO3SDa3ME00MDA2TzQytrQ0NzZnAIJE78REEA0FAESyCco%3D"
.crwdcntrl.net/	1970-01-20 03:54:18	Name: _cc_aud Value: "ABR4XmNgYGBI9E5MBFJQAAAR5gFv"
.scanscout.com/	1970-01-20 06:11:06	Name: uid Value: CI-fc5fe10f437cb5121fcb184690c56b0f
.scanscout.com/	1970-01-20 06:11:06	Name: UIAA Value: 39913003496188322513202855812034217016
.scanscout.com/	1970-01-20 06:11:06	Name: UIXX_UPDT Value: "UIAA=1632330081756"
.adnxs.com/	1970-01-19 23:35:06	Name: anj Value: dTM7k!M40<D>6NRF']wIg2GUlu'FDNLM$rn]luU?[e8F.xp<YDZF4]HMiCpE<$GhCyxPhGm19l0C3#6l.K<n#ySy_7aWfSBUY'b/tQn-8nE9'o)4vn11DjF.JpZjXm)zyobcmx5FjEsMy!b3jy1642tv0!5pWxZ$YNv
.pubmatic.com/	1970-01-19 23:35:06	Name: KRTBCOOKIE_218 Value: 22978-YUthYAAAAGilMwO1&KRTB&23194-YUthYAAAAGilMwO1&KRTB&23209-YUthYAAAAGilMwO1&KRTB&23244-YUthYAAAAGilMwO1
.pubmatic.com/	1970-01-19 22:08:42	Name: PugT Value: 1632330081
.pubmatic.com/	1970-01-19 23:35:06	Name: PUBMDCID Value: 3
.spotxchange.com/	1970-01-20 06:11:10	Name: audience Value: b6a628c0-1bc6-11ec-96f3-1b1ae21b0306
.demdex.net/	1970-01-20 01:44:42	Name: dextp Value: 269-1-1632330080734\|477-1-1632330080838\|771-1-1632330080940\|822-1-1632330081049\|1123-1-1632330081151\|30432-1-1632330081252\|38117-1-1632330081353\|2340-1-1632330081454\|121998-1-1632330081556\|144230-1-1632330081664\|144231-1-1632330081767\|144232-1-1632330081868\|144233-1-1632330081971\|144234-1-1632330082072\|144235-1-1632330082181\|144236-1-1632330082282\|144237-1-1632330082383\|129099-1-1632330082484
.vindicosuite.com/	1970-01-20 14:56:42	Name: ct Value: 1632330082
.vindicosuite.com/	1970-01-20 14:56:42	Name: cup Value: CAEQvd7YAzJPIgwI%2B9oCEMSF25QMGAEiDAj22gIQxIXblAwYASIMCO%2FaAhDEhduUDBgBMAA4AEAB%0D%0AUhII8swBEMSF25QMGAEgACgAMABY%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FAToAUgBYAIgBAZABAA%3D%3D%0D%0A
.vindicosuite.com/	1970-01-20 14:56:42	Name: cug Value: NBQGUOKVQf_qZC
.ipredictive.com/	1970-01-19 22:51:54	Name: ci_rtc Value: "_uts=1632330083"
.casalemedia.com/	1970-01-20 06:11:06	Name: CMID Value: YUthYzRZf9HKCiuZ14lOawAA
.casalemedia.com/	1970-01-19 23:35:06	Name: CMPS Value: 3166
.casalemedia.com/	1970-01-19 23:35:06	Name: CMPRO Value: 1180
.casalemedia.com/	1970-01-20 06:11:06	Name: CMRUM3 Value: 58614b61642760YUthYAAAAGilMwO1
.casalemedia.com/	1970-01-19 21:26:56	Name: CMST Value: YUthZGFLYWQA

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://media.assets.sincrod.com/teams/repository/export/v/37/699/b55a895d010058fed0050568ba825/699b55a895d010058fed0050568ba825.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://s.ixiaa.com/a.gif?partner=1183949&client=1183949&campaign=1183989&source=gmps-weeks Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
worker	info	URL: blob:https://www.gregweeks.com/49f3fa2a-58c4-4e38-ba05-88a18fd8a808(Line 32) Message: pfs 200
network	error	URL: https://idsync.rlcdn.com/398676.gif?partner_uid=1632330077438189061 Message: Failed to load resource: the server responded with a status of 451 ()
worker	info	URL: blob:https://www.gregweeks.com/56a33ed9-8a0e-47a5-a803-0924f87030a8(Line 32) Message: pfs 200
network	error	URL: https://app.carnow.com/dealers/carnow_plugin.js?key=gmps-weeks Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://pageview.activengage.com/config/www.gregweeks.com?callback=__aecb_www_gregweeks_com Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=7776000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9317774.fls.doubleclick.net
9399534.fls.doubleclick.net
a.tribalfusion.com
aa.agkn.com
acsbapp.com
ad.doubleclick.net
ad.ipredictive.com
adservice.google.com
adservices.brandcdn.com
analytics.twitter.com
api.iperceptions.com
api.ipify.org
api.mrg.agency
app.carnow.com
assets.adobedtm.com
bat.bing.com
bid.g.doubleclick.net
c.betrad.com
c.evidon.com
cdn.acsbapp.com
cdn.navdmp.com
cdnjs.cloudflare.com
cm.everesttech.net
cm.g.doubleclick.net
connect.facebook.net
core.conversant.mgr.consensu.org
d.turn.com
d1eoo1tco6rr5e.cloudfront.net
dpm.demdex.net
dsum-sec.casalemedia.com
dt.admission.net
dt.cobaltgroup.com
dt.scanscout.com
events.smedia.ca
fo-static.assets-cdk.com
fonts.googleapis.com
generalmotorscorporation.sc.omtrdc.net
gm.demdex.net
go.activengage.com
googleads.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
insight.adsrvr.org
inv.assets.sincrod.com
jadserve.postrelease.com
js.adsrvr.org
l.betrad.com
login.dotomi.com
match.adsrvr.org
media.assets.sincrod.com
media.flickfusion.net
mid.rkdms.com
mpp.vindicosuite.com
mrg-fb.azurewebsites.net
navdmp.com
pageview.activengage.com
pixel.quantserve.com
pixel.rubiconproject.com
pubads.g.doubleclick.net
px.marchex.io
rules.quantcount.com
s.amazon-adsystem.com
s.ixiaa.com
s.tribalfusion.com
scontent.xx.fbcdn.net
sd.iperceptions.com
secure.adnxs.com
secure.quantserve.com
segment-pixel.invitemedia.com
sp.analytics.yahoo.com
static.xx.fbcdn.net
stats.g.doubleclick.net
storage.googleapis.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.ipredictive.com
sync.mathtag.com
sync.search.spotxchange.com
tag.brandcdn.com
tags.tiqcdn.com
tm.smedia.ca
traffic.prod.cobaltgroup.com
universal.iperceptions.com
us-u.openx.net
weekschevybuickgmc.com
wsassets.cobalt.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gregweeks.com
events.smedia.ca
s.ixiaa.com
www.facebook.com
104.16.11.243
104.16.18.94
104.18.12.120
104.18.13.5
104.244.42.131
104.91.76.237
104.91.76.247
104.97.20.211
108.177.15.155
13.32.22.64
13.32.22.88
13.65.210.166
142.250.181.226
142.250.184.194
142.250.185.110
142.250.185.132
142.250.185.142
142.250.185.166
142.250.185.66
142.250.185.74
142.250.185.98
143.204.207.117
143.204.209.113
15.188.95.229
151.101.2.49
168.61.217.214
172.217.18.98
18.168.102.56
18.203.33.226
184.168.131.241
185.29.132.245
185.64.189.110
185.94.180.125
199.127.207.191
204.79.197.200
206.189.187.108
208.68.39.149
212.82.100.181
216.58.212.168
216.58.212.176
23.42.166.8
23.50.25.8
3.209.254.227
3.92.250.172
31.13.92.14
31.13.92.36
34.248.191.66
34.98.64.218
35.169.11.179
35.169.206.198
35.186.236.204
35.244.174.68
37.252.173.38
37.252.173.62
46.228.164.13
50.19.227.64
52.138.200.61
52.209.129.133
52.21.104.248
52.210.87.143
52.46.154.242
52.52.232.60
52.7.3.164
54.176.104.101
54.246.44.247
65.9.65.116
65.9.71.105
65.9.71.114
65.9.71.55
65.9.71.74
69.173.144.165
74.125.206.155
75.101.244.20
76.223.111.131
89.207.16.201
91.228.74.189
98.129.164.22
99.86.4.101
99.86.4.11
99.86.4.115
99.86.4.70
01b671523cc1d728535d1cb35dcb41910faab9f51a50a4e6895d7dbf63159e92
0385ee74ecfb95851591d855ebe9ce33585c9e2521b333105b1177813700c300
04a693221c65bcda853b4ac1d5c381b2b47914985587560845d2665350fc1de4
05f2cc27e223af2d042eb94d5d353a3edf1b7e2f9de1c296ffad19c4334c535e
0899c22c6b5ecb084f0746f194d82a887c52906770ff9b168eabdc775da7c728
095eceabca5358699a8efc64f4e44b27576d45c2ab864f1f50c3401676f9a827
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dde7fcea7d82d932785f39535dabc190085acd44ca2ea54baa8ad9ec7464269
0ddeca77618cdec9e8e48ded07ec9407fe397587eeacfd2326fe69013cd9f06e
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
112617dc5e0e98334317880eaee109314c9adffb6b270e59915915f862914ea5
13696c6afc15b0e9b5d7a626e55561316cb6dae717346398b0c2df2cc9168c41
161e00efbaad513d5052b7da4da60f2494e2dd85d0a9435153ce3a8e8744a290
1689e8638601adba778799df743611d2e150007f4e86e71ebdf34945e2b2a6e7
180d36d388563c465f2b49e4ceacb50c3d0b67ba183e4593bab838c008d05544
1923805a44d1944281dfbbeb7cb956c1efe2f55f968bb61fd93ae1c9612d721f
1ae36f7023cfe2b1970ab41c8bb6de281358135c72275fff20ea27108d3c2b9f
1db10cd8a375547e656d4347eadd2f8f163688c8acc022956f16887499ba0fd1
1e2c21cd3e33a2279a7afa6a6188ff84f28fe37335f9c1b47ba1abe1b6680a3d
1f13cd178f506f77e9214f2a424f0a4cf35d4757f167d1b40aaffde37261a555
21149c0b8b57df1276cab793e38edc4f306acd380c85cfb2007013fbda9dbc30
2401ba04172df8d8d08948f32b9d7eeccd145eafa3888a24412a1f71981c37ba
243ee9d9bf3d31bf74d4bab58dc2b5f6a804a3bcbaf8b6391884038daf7f074c
24b625ec2b3132bc7d08230a5f201c2de5cd37081440dceedfecfd89edce5a5b
25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd
272b9ff60113bccbe6ae7a3bbfb5656ef98a1c0364639ed13e598c1cdaacb37c
28ce99edb4b8fe05944d7d3243ea07635726ba23adfc741d6b75a5fd21d8dab0
2c71745918d46e6af5586966f2f42d86f2941efd67fed12961b5d1cbb331d4bc
2d0dd3009cdf76da2ae68952b266facf5fec3fcac2f7493de2f5f544675c2af4
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e3aafbdd786760a994964ba1797d11a8d465e0e453881a911a8cd41dde691b4
31ae04e7bd8cd97a625e52e072bdbeac56f95536c58b32124deb08b07b5470a9
349735b8cb9eb961d7008ea2026ca9d8eac90ee373b7001dfdb875627da53fd8
352eeb469764e58c4b87d168bc9c9fe4fd33c3e2ce387e7aacfa4194ce214a95
35ed04fca86938f0089eab043ab46b38f5b23e41edc3633c8bbea7affc91a840
3659bd6ddd5bc0f3e4a325c1eff92779ed31244e3671ef584b35ff1fed7dd4aa
36d8c551ec4abc2c114688355ecea26e5ede190b776b2ba2fa75bd69d2da3dec
374d53f70466dd5b44567e335271c2a00e51dfde7797d70d593748db9cc4e170
37e2f171dfa990138aa13b6f22d3682604ef01254bdebf4324d2d9ce09df9daa
383033356734bad4ec8b876e168c593d91b0d9d05a1d3d6e9dea2879838e3a86
39685db80e880ec9e59c22115c5bcbf76586a95bf618a714d61fc0e5f271fe77
3bb7cb128f6fcfbe1c87e1db79c872dedf00909deaffe5b0cfa521e447326fb7
3d401301481c1da1ee56b7ca5c57ad969f0a9dd795f265efc7d492248684dd9c
3db11fa01d164ee166042d10fa1bd99f81f9d09f81c7917a5b9f81a4e36166b9
40d2dae0209b964e6ceb2607faafc02bb3d6efa0d73f47a4ab2a17279f642b91
42eddbe32d2c51de10d14296e19e6477756db7753d1fbb83fcfbb911fbe8e7f6
4415a92e2478a9fa45c84f12d1b7d1c0a011e6f7bc53ca52d5cde89b69ac5d07
4443bc9079ef9c4a44a24faf4f45f562e1beca1bf265d2af96179d74b467a528
4483a662e464af610124eaa798ecdcfdae015ba669e638c1e4cc7018268cd001
4566f9c0517c0eb1f7e979b11f4c7bb02fa150627ea4d334989a00a59ccf76c4
4654946b667603adc6813827f2d7476f65f6109004f5997ce01a27004e8ab87e
46787dd8637d6a3eb90accc10852bfbcec47e4509d0e8be42535e007d253c78b
477548f35111b804dbae065c1cb322199726613f224199b94bf44c31d048dca3
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49112c117865ae352bab61ac86026100b33a9b8d8fe83a69e4dc7a75262e664e
49cb91c4f1144347a19ee071b30fa8ca705d8ff05187984935c678bac2a9c546
4b091665879c59a7e15c7cf5f007efbbee790c5c5f843d9e4781c54f53d0e766
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e96a42492bf53f25ff9d2558ed3bae209f12d98a854504ca4e8b6b0a27eb292
4ec274161f692fb658c3b607017d4eac73b93646c7a43a12412b28bca0000683
50c479b06b3adac94144f38b75a54db5f5adea5bd5a346490653bafac26fa655
50e5708e92dc836a6ae8ed4f82b10f5b8dd2f5956d9a4b0373ed300e97a9ad35
510f7026d86d77f8ec7f68f8ec4949508d57a9c4f5ef60776ebb3c4349863fcb
5369f37fbe9e4dcc7d43b5a8a857fc6b52f2faf62fe6ec98afcd23848c20347e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56766a5ab3c7c2b1b12ab1cd197ef5a1f430af8138d1ca899e6fbba3d89b8523
56d5a9da863e0d1250c7d244fbf8b0f695c827fbaffabd17222f8aa968ae6f3c
59feb0e09ac127647aa564626b17838582073c84922dbaebe6b4317d09938990
5b40d40ed610d38d88e055797a37ce09362a77c7c84594a2fd7673d8b1908f3f
5c2ad1f081ccf1b46399eb8c4790aea00b1220a48c0797c96785699e5fc149e6
5c9ba3185a16f24993a558496de0d1da3df147a88539c86b516992dc8f0b4a0a
5df07d1f8498706d18b5bb255231aa4600eec5f426aad0931a4c99c8b8b66800
5e21cbac6db33e69b8eb0a41d666b0fb72a3d3e03395f2aa0f96ae7e4636cc4a
5f22c75ea3d26a7ca021bac74aa01a905506f8a9bd98cb3a0ea9b7c713ce4cf9
5fb06ac056f6483e6eee10713ba195fea67601939b100a9743ddde096fa9bd15
5fc274452826d60cbae82cff64e3c58256740b4168109d434d8b11a39d9a575a
602945730c77528e1f91c9d168eb2b680813b6dce0205abb0a77867e0ae7907d
60477f5d8dc3cd553c3e7e134e6de3444e11f407a25cca7af5795ab3a68fb4b8
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
60f83bbbdb3f285146464549e606ab79866a530408801d1262997e9a53d9bb65
61065452b9a409f83b95000fd546fd5d7b6b058ffb8113065e2224c755451a81
615f8227f700d8ec8b094cfb18dbe36305d69201a1a962fc7cefc8d389ae96ec
61f348e34c97dba76aa0844a360836d15f218ca4ff87bfddbb9ae2fe82f8bb3a
62c6651e95b797e7856e126c0e3db49e24f50431dc4c4880222b8adc3551b78f
62dc053c78b5830c18a40c039f163f7f9385dbc97a7c5ad675b7fd32c3243bd5
632acf755faa3f748bcfba22204efb2f5ec5bb7c545f899b23585580607f305b
636ab8e6ba87263dafc083512c38026738e2165be977710583afab3f1b12dc0c
6aa40d95ce6aec657a94a1a1cc96404308b573ce189a91f13266f304bdec484b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cb4570b28aba015b8a0335c3e163f1c7ded68b3524d18a8f92ab2edc3316e3d
6eba17755675efe597ed1d6b33a2a839fab64f54678d7ea73e747233d8492257
6fe258975122a4a66c8c0be05b6f9063803dbdfa17643a34e65078f950510664
70dc97a60ab824c4b4f362341733bde439ac6bd7534d2b5b193fbd37d9413ea6
7115070ed28ba69522d2dcdcb3c39fbb06cb8ec5781a1cdfcfe101b677fb4f83
7324f6ac9f2be2b74aa96e9b3a8288b93bd2ea5cbf00cfbf2847a85307701667
755cacbb57bc35fed7f8fbdc0cf01921d566f8883952c7aa49a028186fe97cec
75e6127c0be6c9226d146a8196ad36642a53e482499def878d6badfe8e74e0a0
75f0068daa3f943df21545a3e76f795288cf99c658dcaa14af785ed586838fac
774f9fbe7d97d109d82d48f252370b5646ce108ee730d4cde0eaa7b3596c4ef8
7961ab14b50630ab014fea03c34b929b95f710d50ae64983271ee9a59fd94a97
7a34bf88a27f7a34f40d827af21f0bcbfc3a1246973e3c98cc6d2dee59d551c4
7a6b9a7b00b55af8910a069ec31fb8215c00c0c5a0071374d715cc22530df196
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7d0bae598799d3c42ca5d7d7c8a8b79b67de62afe2e9d3dcee258328e40f39eb
7ecc9d8e6218a210d45fd400ec5ae0ba8e00bc02449ebb659ec657f54f2116f8
84ca8d2705b50ed46df316ee330f4598dc6c5b01e0b7255abb8b5fac0a2371fb
85f7b2ea166dd4ef02cf786a9bcccba5ba9f057d30e90b56fd6c07eaea580234
8600fb9b8c6b9e71c9ce3781f5ea45bf3847d9e13a0c4b6e2cca6fa79f9a081b
86463fd8092799a570ffb7ae829e01202f78da2fb102154f8ed4c43d5225421b
871bfc99434c2003630853c8ccb6e825aa34629c85181bc8a484ba85d425464b
875fc9e292b1e1b5ea02145900ab2dc3c079e6612f72e9c4d3d9d32d10af731b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ed811c9190d82a788240c166046d1457fc0ec7a2525461b80a8a2d20058d0bf
9108d86345e139eb7e2eef39030ad0279bfe45a35dbc540c3848bf8f94ca21eb
9253a69aeeb9c415d101c27669f1d1daf6be673d54aa3318c1dba05623bb4e54
9280b7cce969aca0ef1cb83103763716bfe080c80317c6dbcf85c972d132d349
962d83de183651c6c15d9dce622d311455a9e6bd8cf09dd1cbf9ec3a3892a1ab
97ab2a9813d1e0bc444380c5cb2bbb297d431f06c26adb728c7ad0a161e6cc25
984b4e1426e4537cc4ec4fe92faa1eeac51ed6605781e02022bc2dfb449ff4dc
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99ff1eb22dde2132e0b18a910d8941c6d1660adf92ec52dc6aa3734a185b8fb4
9c0f07cb72b8aed894612b92436a36102ce9114a40394dbfd07969204a8ebb7b
9c7fcb1fa705fa40278333a8b3834c06af49fa8cc2245051c6d6629b5e7a56a0
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0a5eaa72d4f4ad6d507aa2ab9fab84d6b88f86797bc570ba380c4aebd98bb1a
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1a79906192ebb9c92eb5d39eca3a20c03e488b0005627869481d7d19dbe5108
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2a24924de8430c1e2b8d4ea1fd64d5c9da6a99a492c42f4a38b0ac03a2b843c
a2cefa8ab63a4009e6a0961c920ec86be7b901341dd8cc9adb6c3f8bf1d99284
a2ef9e9b605abee53e649fa0fa7f357794c9fba6bebc542c04cf594866d18a91
a3344a48268ae189637f125b77a0917528f85712a29ff1017c900dd5f1f6cd60
a33a18d3ade364ae94fdc88f786c869ff8b45cae9bf98f2e2a16dd1459d98cdc
a440adc9d288087abe01a700ec479078c2cfde7b4d3f62e847a5da2ddafa3ae6
a447d8581b1e61dda53d0bc3cdbff941353b58ded8965ef6077e20440ebf47c6
a57834c9a7978711d3d27a53b13e2a46548deee1685fb2e4a5561f256a2fcd91
a5d7cd2ddb93d7f7467719cf7364dc3c2ed9ca35160286a2c529494af4d684d8
a5f58f6b3d0c3ffdc15315e5eb1309fe70cf97091e7dd619c2e67a477a32eb0a
a905a3d77920633e2e3c46a0a7bf07015922a4ccadaae230b55e2376255a8e83
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa7a4937520a3c55cf8fe7646b1c4d2298eb47f435c76937674f0ccf66bb6025
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aae4064a01e8d7166011a9f27afda4d3f6b3803b8e76570b7fe2fe5d09716618
ab140244cd2fd2892fec183c503c0f9522f9935f5e6c5ace01e92924a7e2e90e
ab43cf929d649dba8ce38c92dec4849c8049b678fec9942ae08df5ca57757280
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
adac1cd14a5df88bd0e3e39d5a372604fd37fbee529a142329d6659f0d72b3f6
aeb79106b2e11ba22cb8bc42024ee8ac2c2aebc710070990eecb2dbf03602a54
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af3903db50a67f20683404e58394179910de4cf09b4afb28daa5cfaf6d48769c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1de4a74a9bcc6b9e79c92d22db0eebf13d3a75ea8cb960a4cf6101730b3780b
b43f930091a523037570fc01859bf601aac31008b755c951eab5a4735bd379a1
b688b7d8c9a306ac5fc64ab06561ca04693e1c5d0ea9877a4c853581d04971ea
b6cb334272988052b287ab0af9b48c6cd1a53d2d685712a3941e90f4e8ba2e46
b7f4da99d87743d3d58e11d10133393b3aade2699d7dc1fb55ae8215485dd03e
b997f44a5657e55223f98b65729a1c9787ff85ee2c7d07a4de0ee3e84b5c17d9
ba93fa54ea1644681406d6c22e42252487b71ed78896c549948e2e23e1c8b6ca
bbb8a9ae5ce61d328c7904045c107506055c81333bd224b2244e2ff39ae882e6
bc530c3c75bb87677cb79d645697759ea411ab9ca7ba55cb28d5e040ff44f603
bc646126cf8011266fadda9b4a77dd050e0733cda1604cc8c55ce11dca39f4b0
bdbad02f3cd8b9a224a48f6fdf5b715adc53e82f79d3ded1897d72ea0abd5d3b
c074a4f072dec3b0fd2b0192943004e31b4f0923e2ff3ac8a2ea86d7b98dc60e
c186a8a426a5633cc480e4966f3c88619666890206c53631792e4bf9499d2aaa
c1c6c18e564c90badd969953bdbc7c5297fdca53dd3eff7f50a6ee69c24b042e
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c28b0961e5a0dc89d3d6d75d2dda96fbd855400fe55b077ddb04a4fde96ed175
c48aeb5fd15a7c40c8e367d1ac76ffab5c51e2279b3e2a162c0181dd03f47586
c5301030ace3eb6febb7968e8bd1954e7b0f34dcab66b2a08b493d9b6f900bfa
c64cafe43d3208b81945ee51b231f94555024d8bedeb47437ec5b7010ff50e04
c69e8ed9007803f3fdfef2f6bee81f0b71b56bdca297254fecfcca79541ae9fa
c71ccbfce9d7dbde2afb015756e5a374a758cd66fc775613392c8ea6ce1309a2
c7c86cab7f83f6aaaf68161c3b974957b44555d105e8ccbda0d779a62ae97888
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9d50edae9ab89f8373214510b01eb50f60e16bd5e71328173962c0e13b31c07
cb81499e430396e82806bdc56e05b0b3cdb2c75603c4ba5146d9a6127a4a77b9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1d2bd2cb1fa09f391c822f91df93e8b81815ea1f0068516d12488d1e21db934
d3313553cdaf1734f86ed279c4238dcfdfcc4378e17c29a29d38beb9f26ffbad
d57867e7414e43bf313e1c3a485ade1b13de56237fed34ce5f4553e5eeff43a6
dbab65929cb6541dbbe70cc31350a83500a62d961d8ff970bc5b3dd43bf058ff
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de3a3becfa282f9bad5babe2bff14510357db56f975955c28744a84689bd4450
e08a4d0be4f20b3fc5e1c59ae29731a3f2d03abac992e3be1b4a1bf1ae0ed4fd
e16ad3fdd8457a653bafae84d11bb3e0c023e7d7d43423842267232fba75946a
e1d605a253d179b591cae0bcbe99bba76761520e595e0234eed07e68d6d739f5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e89a70dd3c89ab90f2031c54c979519545e48c84de1a536dc6ecea69989edb
e50c5fa4413277c75b1b83e4ca87bf94a9e58cbb6c0937114735ec952fee93f0
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e716deded6e90424b2ba7c37bf29668d796892af11f0c09b81e42a036b732355
e7aa6b0f0e41040b29a7bbde77aa295d13be95ff684ed1040bb9e36b9e649d26
edc87068c09bef8879b68390f62984f343cbf1e3e1327a3c09601b0b02175126
edea11eb2bbfa4b3a92af94720dedc89a172aa75e8b2c192e62e32eda2c0af7f
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f13b30362fe8ce10cd058b23c392326451ef91bafb134b5b6c4ed80c56a2474b
f1b2248b37de501ddfb47b92fbb33f62ee92983306d7d632720078b45b29f9e6
f3cadec4d6c071a96bbcab0fbd4329ebddcf6a86d6fbe88a730ec3e544288a50
f4794cf7673eb8cfa769bea7abad324e13c48b03d3b5e6bb9106f1251a6254a0
f5b0063c7aacf96b527fc3be1871785772d9e247e9b6c0b5c6e4a1e9e0f78b83
f8e5a1dc315af48015053b6cc6f372181f8a0d09f6a8b59c00a9c93faf2d36db
fa87f219afd129892c595142de9ebc3d827ed310d23eb364420ee7dfd4d77bf5
fb8ba805dc281b018881a727961b9d112e7a76754e737865512dd65e68eb29d7
fcfb0f591afdff0c9967b93aa0684609689f2b5123e8dbee646aca11a625d700
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fe4348eaa2a357ccc3a9043c01635b6bd617044116d50d8fbc8c46e9ac57d2c2
fef7385022bf16a620bbebb8a295fffd1a5eaf2d996ee837133c21a6200dd724
ff6d0419e84868e94225aa92f79130854b6d2f17cd2a1fa14814ea434feff5a8

www.gregweeks.com Open in urlscan Pro 143.204.207.117 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

367 Requests

98 %HTTPS

0 %IPv6

65 Domains

93 Subdomains

73 IPs

9 Countries

8364 kBTransfer

18944 kBSize

98 Cookies

9 Outgoing links

Page URL History

Redirected requests

367 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.gregweeks.com Open in urlscan Pro
143.204.207.117 Public Scan

Screenshot
Live screenshot

Full Image

367
Requests

98 %
HTTPS

0 %
IPv6

65
Domains

93
Subdomains

73
IPs

9
Countries

8364 kB
Transfer

18944 kB
Size

98
Cookies

367 HTTP transactions
2 data transactions