www.worldtimebuddy.com Open in urlscan Pro
2606:4700:3035::ac43:c4de Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.worldtimebuddy.com/
Effective URL:
https://www.worldtimebuddy.com/
Submission: On March 29 via api (March 29th 2023, 10:30:29 am UTC) from US — Scanned from US

Summary HTTP 106 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 25 IPs in 3 countries across 16 domains to perform 106 HTTP transactions. The main IP is 2606:4700:3035::ac43:c4de, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.worldtimebuddy.com. The Cisco Umbrella rank of the primary domain is 84405.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 18th 2022. Valid for: a year.

This is the only time www.worldtimebuddy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3033::6815:449f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2606:4700:303... 2606:4700:3035::ac43:c4de	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4006:81d::2002	15169 (GOOGLE) (GOOGLE)
1 2	2607:f8b0:400... 2607:f8b0:4006:80c::2008	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:821::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c09::9b	15169 (GOOGLE) (GOOGLE)
1	63.251.114.137 63.251.114.137	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	2600:9000:251... 2600:9000:2510:6200:18:6930:8980:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:ae80:147... 2606:ae80:1471:1a::1460	25751 (VALUECLICK) (VALUECLICK)
1	198.148.27.133 198.148.27.133	19189 (PULSEPOINT) (PULSEPOINT)
1	104.18.24.185 104.18.24.185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	68.67.160.186 68.67.160.186	29990 (ASN-APPNEX) (ASN-APPNEX)
2	99.84.37.12 99.84.37.12	16509 (AMAZON-02) (AMAZON-02)
2 5	68.67.160.75 68.67.160.75	29990 (ASN-APPNEX) (ASN-APPNEX)
1	173.223.56.228 173.223.56.228	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2607:f8b0:400... 2607:f8b0:4006:80d::2002	15169 (GOOGLE) (GOOGLE)
26	2607:f8b0:400... 2607:f8b0:4006:820::2002	15169 (GOOGLE) (GOOGLE)
14	2607:f8b0:400... 2607:f8b0:4006:820::2001	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:816::2004	15169 (GOOGLE) (GOOGLE)
6 8	142.250.65.162 142.250.65.162	15169 (GOOGLE) (GOOGLE)
4 8	192.40.39.223 192.40.39.223	27381 (CASALE-MEDIA) (CASALE-MEDIA)
8	2607:f8b0:400... 2607:f8b0:4006:821::2006	15169 (GOOGLE) (GOOGLE)
4	142.251.40.162 142.251.40.162	15169 (GOOGLE) (GOOGLE)
2	2600:141b:13:... 2600:141b:13::17d7:829b	() ()
106	25

1 2606:4700:3033::6815:449f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.worldtimebuddy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:3035::ac43:c4de (United States)

ASN13335 (CLOUDFLARENET, US)

www.worldtimebuddy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81d::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80c::2008 (Nutley, United States) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:821::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::9b (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.114.137 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2510:6200:18:6930:8980:93a1 (United States)

ASN16509 (AMAZON-02, US)

prebid.districtm.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:ae80:1471:1a::1460 (United States)

ASN25751 (VALUECLICK, US)

media.msg.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.133 (New York, United States)

ASN19189 (PULSEPOINT, US)

tag-st.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.24.185 (None, )

ASN13335 (CLOUDFLARENET, US)

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 68.67.160.186 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.84.37.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-37-12.ewr52.r.cloudfront.net

cdn.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 68.67.160.75 (New York, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.223.56.228 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a173-223-56-228.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80d::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2607:f8b0:4006:820::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2607:f8b0:4006:820::2001 (Nutley, United States)

ASN15169 (GOOGLE, US)

bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80f::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::2004 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.65.162 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 192.40.39.223 (Canada) 4 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:821::2006 (Nutley, United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.40.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:141b:13::17d7:829b (None, )

ASN- ()

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 111 bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 145	224 KB
20	doubleclick.net 6 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 201 stats.g.doubleclick.net — Cisco Umbrella Rank: 100 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 cm.g.doubleclick.net — Cisco Umbrella Rank: 228 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 335	209 KB
12	worldtimebuddy.com 1 redirects www.worldtimebuddy.com — Cisco Umbrella Rank: 84405	139 KB
11	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 429 ib.adnxs.com — Cisco Umbrella Rank: 230 acdn.adnxs.com — Cisco Umbrella Rank: 581	21 KB
9	casalemedia.com 4 redirects as-sec.casalemedia.com — Cisco Umbrella Rank: 1786 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 569	12 KB
8	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 299	273 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 198	123 KB
2	createjs.com code.createjs.com	125 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 90 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	districtm.io cdn.districtm.io — Cisco Umbrella Rank: 14832 rtb.districtm.io Failed dmx.districtm.io Failed	4 KB
2	google-analytics.com 1 redirects ssl.google-analytics.com — Cisco Umbrella Rank: 428	17 KB
1	contextweb.com tag-st.contextweb.com — Cisco Umbrella Rank: 134448	10 KB
1	dotomi.com media.msg.dotomi.com — Cisco Umbrella Rank: 67196	507 B
1	districtm.ca prebid.districtm.ca — Cisco Umbrella Rank: 162151	7 KB
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 646	638 B
0	advertising.com Failed adserver-us.adtech.advertising.com Failed
106	16

	Domain	Requested by
26	pagead2.googlesyndication.com	securepubads.g.doubleclick.net bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
12	www.worldtimebuddy.com	1 redirects www.worldtimebuddy.com
11	tpc.googlesyndication.com	securepubads.g.doubleclick.net bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com tpc.googlesyndication.com
8	s0.2mdn.net	www.worldtimebuddy.com s0.2mdn.net bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
5	ib.adnxs.com	2 redirects prebid.districtm.ca googleads.g.doubleclick.net
5	secure.adnxs.com	www.worldtimebuddy.com acdn.adnxs.com
4	googleads4.g.doubleclick.net	www.worldtimebuddy.com
4	googleads.g.doubleclick.net	bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com pagead2.googlesyndication.com
3	bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
3	www.googletagservices.com	www.worldtimebuddy.com bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com
2	code.createjs.com	s0.2mdn.net
2	cdn.districtm.io	prebid.districtm.ca cdn.districtm.io
2	ssl.google-analytics.com	1 redirects www.worldtimebuddy.com
1	www.google.com	tpc.googlesyndication.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	acdn.adnxs.com	www.worldtimebuddy.com
1	as-sec.casalemedia.com	www.worldtimebuddy.com
1	tag-st.contextweb.com	www.worldtimebuddy.com
1	media.msg.dotomi.com	www.worldtimebuddy.com
1	prebid.districtm.ca	www.worldtimebuddy.com
1	ap.lijit.com	www.worldtimebuddy.com
1	stats.g.doubleclick.net	www.worldtimebuddy.com
0	dmx.districtm.io Failed	cdn.districtm.io
0	rtb.districtm.io Failed	prebid.districtm.ca
0	adserver-us.adtech.advertising.com Failed	www.worldtimebuddy.com
106	28

This site contains links to these domains. Also see Links.

Domain
accounts.google.com
www.facebook.com
twitter.com
chrome.google.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-18` - `2023-05-18`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
prebid.districtm.ca Amazon RSA 2048 M01	`2023-02-28` - `2023-07-05`	4 months	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-05-31` - `2023-07-02`	a year	crt.sh
*.contextweb.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-07` - `2023-05-08`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
cdn.districtm.io Amazon RSA 2048 M02	`2023-02-27` - `2023-09-06`	6 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2022-10-21` - `2023-10-22`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
tls.adobe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-29` - `2023-05-30`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://www.worldtimebuddy.com/
Frame ID: 2B3D8AC56C82C4C6CB8155FC0C8B6C4D
Requests: 36 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 65CEA552508298CAC9192589F2B43AF8
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 20552FC43E28DEAD1ED6E89FB5AAA8A4
Requests: 2 HTTP requests in this frame

Frame: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9B1ECB61743CC4F3F2D61A55DCBCC626
Requests: 1 HTTP requests in this frame

Frame: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E57EFF33FA9F65616D5C97A9B0462B04
Requests: 19 HTTP requests in this frame

Frame: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B3664B3C6D19465CDB20C604EA6386CE
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCYwOyiAxj4x_zbATAB&v=APEucNV4guJBvt1n9aLunSpDwEB7kJSYH5Xjzj3q8WhqHHHUGP51OHV_2UkTc2e89Fm-2KHY22U7pnbkmCRmtPq-yJmjjWOyTQ
Frame ID: 53C9B3C3CCEEC6BAA26294650C3AAF19
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCYwOyiAxj4x_zbATAB&v=APEucNVKVShRmdHH-Ivh8NdGhWy1WtRE1b3AMYBke8aCNEDeAZUatQzdLAOow1ROokWdlf9SIqMlCKrpLeL9vG3Y-4MhwiOk4g
Frame ID: A4B99D8C912EE03DBB0DFB01F240D713
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D35EB44607D003E77055FD45F915969E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6D59518F5BD837D65E02536977263A06
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 11BE43A5A4FECA5F76F6A3B6B62E7EE4
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1659077592175736303/300x250.html
Frame ID: BC62D5AFC6C7EEB02A15B5667E27754E
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E94F767382F13ABD03A0FBF721122FAE
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2798562674816683106/_20off_branded_BookNow_HTML5_728x90/728x90.html
Frame ID: 30BAA6ADA4AE42D62ACB2BF3A0997451
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Time Converter and World Clock - Conversion at a Glance - Pick best time to schedule conference calls, webinars, online meetings and phone calls.

Page URL History Show full URLs

http://www.worldtimebuddy.com/ HTTP 301
https://www.worldtimebuddy.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

106
Requests

87 %
HTTPS

60 %
IPv6

16
Domains

28
Subdomains

25
IPs

3
Countries

1161 kB
Transfer

3016 kB
Size

27
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://accounts.google.com/o/oauth2/auth?client_id=689925517363.apps.googleusercontent.com&redirect_uri=https%3A%2F%2Fwww.worldtimebuddy.com%2Fprovider%2Fcallback_r%2Fgoogle&response_type=token&display=page&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/oauth?client_id=103756879702286&redirect_uri=https%3A%2F%2Fwww.worldtimebuddy.com%2Fprovider%2Fcallback_r%2Ffacebook&response_type=token&display=page&scope=email
Title: Sign in with Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/#!/worldtimebuddy
Title: News

Search URL Search Domain Scan URL

URL: https://chrome.google.com/webstore/detail/world-time-buddy/jdhpjomiingppeefgnohkiapmnaeakoj
Title: Chrome App

Search URL Search Domain Scan URL

URL: https://chrome.google.com/webstore/detail/jdhpjomiingppeefgnohkiapmnaeakoj

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.worldtimebuddy.com/ HTTP 301
https://www.worldtimebuddy.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=465292523&utmhn=www.worldtimebuddy.com&utme=8(t42*lc*ut*dc*p4)9(link1*3*rnl*dnm*control)11(1*3!2*2*1)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Time%20Converter%20and%20World%20Clock%20-%20Conversion%20at%20a%20Glance%20-%20Pick%20best%20time%20to%20schedule%20conference%20calls%2C%20webinars%2C%20online%20meetings%20and%20phone%20calls.&utmhid=1585155100&utmr=-&utmp=%2F&utmht=1680085821528&utmac=UA-4019582-5&utmcc=__utma%3D174881572.1526713548.1680085821.1680085821.1680085821.1%3B%2B__utmz%3D174881572.1680085821.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=812989548&utmredir=1&utmu=6QAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-4019582-5&cid=1526713548.1680085821&jid=812989548&_v=5.7.2&z=465292523

Request Chain 59

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECtAgKKPTg-M94cZ2cD8Z2M&google_cver=1

Request Chain 60

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZCQTQfS1pZ694..uD5rjuAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECtAgKKPTg-M94cZ2cD8Z2M&google_cver=1&google_hm=2

Request Chain 61

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEDLJqG0fDEBpvgD1MLItmr0&google_cver=1

Request Chain 62

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk0Nzg0NzYxMzE4MTkwMTM5OQ%3D%3D

Request Chain 63

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECtAgKKPTg-M94cZ2cD8Z2M&google_cver=1

Request Chain 64

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZCQTQfS1pZ694..uD5rjuAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECtAgKKPTg-M94cZ2cD8Z2M&google_cver=1&google_hm=2

Request Chain 65

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEDLJqG0fDEBpvgD1MLItmr0&google_cver=1

Request Chain 66

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk0Nzg0NzYxMzE4MTkwMTM5OQ%3D%3D

106 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.worldtimebuddy.com/
Redirect Chain

http://www.worldtimebuddy.com/
https://www.worldtimebuddy.com/

85 KB
22 KB

147ms
75ms

Document
text/html

2606:4700:3035::ac43:c4de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.worldtimebuddy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:c4de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4df4c9830bc98444771afe4160146b1973152298bc10f10f6f819ce1c9f84236

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 7af76fdadee01831-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 29 Mar 2023 10:30:20 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K3wlzOg%2BE9EstopLQAnxuwkqCVS60hRPAtTGAXBCIcTfT5E%2BAare6OlO9pjXim%2Ff1fMtGvObxm9kCoGu91yPLcM6bTNIR8B0V4z%2BHAv1d7dPUxJOX4H1CLhhLkoemb2WJdgAQD7nuudNsrInM8tpoAlj5wS2"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7af76fda1dff42c1-EWR
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Date: Wed, 29 Mar 2023 10:30:20 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g03qUNO9s9iK7n0kY2fMc%2BZcDZve%2BUlKoFBk0uZA%2B2%2BfNrp6LBREUUBp4WYVlBshqfhwRVcLk1skMLowrc%2BctPPNlvdquljM4UR8ymUl%2BroiXRLfPCb83xp7t9nUIirBSggT0rhnasoIFy7zUSr4hZESCJ7q"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
location: https://www.worldtimebuddy.com/

GET
H2 200 prebid.js Show response
www.worldtimebuddy.com/media/js/ 79 KB
27 KB 41ms
39ms Script
application/javascript 2606:4700:3035::ac43:c4de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.worldtimebuddy.com/media/js/prebid.js?7
Requested by: Host: www.worldtimebuddy.com
URL: https://www.worldtimebuddy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:c4de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a2a5b1d729afc1252365189c7c3954f097c358eca114c1cc7e239bfd339015d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.worldtimebuddy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 10:30:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Dec 2022 21:05:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1103984
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AbpBewNAyi57W4R%2FmuOalh9%2BB%2Fa9cZGTxvqJoCxtef17IvjBLyt8fonY24%2F0Znhge%2FeA%2FRGfi1%2Bue8XWLWorHkZz4DKbbSXbOVpwKmmejjT56QOuW1PHjpFqCWjjVOvjEI5VN3spFCOieoArQCuYTvyDbyIX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 7af76fdb6f321831-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 logo@2x.png
www.worldtimebuddy.com/media/img/ 11 KB
12 KB 51ms
51ms Image
image/png 2606:4700:3035::ac43:c4de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.worldtimebuddy.com/media/img/logo@2x.png?144
Requested by: Host: www.worldtimebuddy.com
URL: https://www.worldtimebuddy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:c4de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c11c99cadcd847b12907f95c1675b6f0c0207757dd0c01cbf160e1060a7d1656

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.worldtimebuddy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 10:30:20 GMT
cf-cache-status: HIT
last-modified: Wed, 29 Mar 2023 06:11:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 12951
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OTpyvhJm9oOCqiXt4FWn7ZAOqSzk7CHH3cwI7HhzjLsKsM9yC7Vndf%2Bu%2F34u1FAMoqQAxcM5zFvgdWWBNeQI0add63MfaAjfuRF%2Bu5dW%2BJZJ%2BIidG8suV8ss1zreiKwIDjdZAj9w4%2Feq3ZAiJ4cYsrvKv9I%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
cf-ray: 7af76fdb6f331831-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 btn_google_signin_light_normal_web.png
www.worldtimebuddy.com/media/img/ 4 KB
4 KB 46ms
37ms Image
image/png 2606:4700:3035::ac43:c4de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.worldtimebuddy.com/media/img/btn_google_signin_light_normal_web.png
Requested by: Host: www.worldtimebuddy.com
URL: https://www.worldtimebuddy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c4de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba0db343c9484bc46b6a39c990169ee880c204b0d3209d20fcefd855af6deb49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.worldtimebuddy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 10:30:20 GMT
cf-cache-status: HIT
last-modified: Mon, 19 Dec 2022 21:04:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2154041
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ljeYulgLueNaLvTCrFa138nm7aWqZOMJ7yf%2F1cIiA4GjhqTXn%2FXO%2FyQLVkOIf8VPHywmAmijnDva1n2Of3DsKdEpySm0Iyno7RGVFrSZO%2FqZVtetzXPSRVuC3E%2F7OfEgxRqG8bt7eydUcH27uK8cPa%2FpHTpi"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
cf-ray: 7af76fdbdf8a0c9e-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 show_ads.js Show response
www.worldtimebuddy.com/media/js/ 18 B
537 B 46ms
38ms Script
application/javascript 2606:4700:3035::ac43:c4de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.worldtimebuddy.com/media/js/show_ads.js?144
Requested by: Host: www.worldtimebuddy.com
URL: https://www.worldtimebuddy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c4de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 493dcde313af8b914271e74c12a74f13fcd3ae2d8a600901841751cf395045f8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.worldtimebuddy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 10:30:20 GMT
cf-cache-status: HIT
last-modified: Wed, 29 Mar 2023 06:45:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 12552
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MYhAU9iclpyZ%2BTHSFveo2cY7GDGjSWSaI7%2B4yDG2VXGX0pmMc9zrnh5ARgfDaEcrJJNBd7bBY8zr9bV64AS%2FlcaKdRjHaxuW1Ma3Oa4M0K7k42ddMAMjJwjMFbMpsb%2FFlNMk%2FSE8HxlbqPs0mt0OtNr%2FuTWx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7af76fdbdf860c9e-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18

GET
H3 200 jquery-1.4.2.min.js Show response
www.worldtimebuddy.com/media/js/ 71 KB
25 KB 80ms
72ms Script
application/javascript 2606:4700:3035::ac43:c4de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.worldtimebuddy.com/media/js/jquery-1.4.2.min.js
Requested by: Host: www.worldtimebuddy.com
URL: https://www.worldtimebuddy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c4de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4130adbd5ef8ed158e854f209f16e8024e38cb1a5cd085a8ecfeff4a78566218

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.worldtimebuddy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 10:30:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Dec 2022 21:04:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 604157
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=opj8ciIHCYaBLPL71uU88QEtRsmWXElIUSZ%2BPL8ZPJLOJdlDNlVCsCSRwcCaJ7Z6mUYYZDl5JN9AQT6Phe3sVFuj%2Fp8aFv8JtIHfU2Go3NQLZUa0DvDpSLSYKaVDbAzk2DzT798k%2F8SZIoYweDnaEmXyhJty"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 7af76fdbdf870c9e-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 scripts.js Show response
www.worldtimebuddy.com/media/js/ 89 KB
29 KB 84ms
75ms Script
application/javascript 2606:4700:3035::ac43:c4de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.worldtimebuddy.com/media/js/scripts.js?144
Requested by: Host: www.worldtimebuddy.com
URL: https://www.worldtimebuddy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c4de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d48554ed0d1835017ff50ebb4de15c7008e03cbc25ca2c460c5e2ea2e86f5c6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.worldtimebuddy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 10:30:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Mar 2023 06:45:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 12552
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2FSS14qV1X9Ei%2FHm5fo20LU8DnF2wi7AqcCiQLC8%2FTcp8tKpRsVE9i2YwwjmH6LhoFttsPN8q023BOLWjS8lgx9RAHQQEDcj7WbSIlW9Haqa10slGik13CJv2JSHvIzA3StloDX82%2FLU1fsfOUmj8O7GxAxT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 7af76fdbdf880c9e-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 77 KB
26 KB 276ms
66ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.worldtimebuddy.com
URL: https://www.worldtimebuddy.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8faa95c3b3213486a29856bfc485806ea519a34f1119e765025e920585ecd26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.worldtimebuddy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 10:30:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25671
x-xss-protection: 0
server: cafe
etag: 410 / 19445 / m202303230101 / config-hash: 351506509252592136
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 29 Mar 2023 10:30:21 GMT

GET
DATA 200
OK truncated
/ 149 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e146be9af77cd2335fd697cc012f72d227222eb6dafbda2a2ef6509f3e656e1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 social-bttns.png
www.worldtimebuddy.com/media/img/ 1 KB
1 KB 44ms
38ms Image
image/png 2606:4700:3035::ac43:c4de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.worldtimebuddy.com/media/img/social-bttns.png?144
Requested by: Host: www.worldtimebuddy.com
URL: https://www.worldtimebuddy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c4de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a4ad289e819aa107f0d0c6d9b53af77ddf02b79f92ecb3cee1b15f1fa460ba1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.worldtimebuddy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 10:30:20 GMT
cf-cache-status: HIT
last-modified: Wed, 29 Mar 2023 06:11:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 12552
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eJA67lSg7OJNJPcUVBZNuEhg4MvXNjKt3dZn9uviY0WrBCQ7ofRvI7YfqNOQ120XXc%2FLRiW3%2FYhmHB4YeYBeGtFwcdMoAeqb5So4x70TL9F5wnfzrNijVwrIPTTOolK4HZPHdYZEtbtfUgjDAUJMtN3CNtMj"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
cf-ray: 7af76fdbdf8b0c9e-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 sprite.png
www.worldtimebuddy.com/media/img/ 13 KB
13 KB 45ms
38ms Image
image/png 2606:4700:3035::ac43:c4de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.worldtimebuddy.com/media/img/sprite.png?144
Requested by: Host: www.worldtimebuddy.com
URL: https://www.worldtimebuddy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c4de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3af63b6a9830da7a1602d27ac97fa88078c9af8801f779b09bc4333ebf22e079

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.worldtimebuddy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 10:30:20 GMT
cf-cache-status: HIT
last-modified: Wed, 29 Mar 2023 06:11:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 12552
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e05nOIuijMyVRAE135Bxt8q7nZ2MZcXzo6CsYbIoZDI5%2F%2BxlQ1KTxk0riquR8P42pdrKZA59dyi8KSOlPXkROmayokdfXjdOFg5WvLeLjGYeVpcJ2fPifzsrHcs1QQ9fmu03iGV%2Fy6pUDHewkSq7YZ4fouul"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
cf-ray: 7af76fdbdf8c0c9e-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 ornaments3.png
www.worldtimebuddy.com/media/img/ 2 KB
2 KB 136ms
132ms Image
image/png 2606:4700:3035::ac43:c4de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.worldtimebuddy.com/media/img/ornaments3.png?144
Requested by: Host: www.worldtimebuddy.com
URL: https://www.worldtimebuddy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c4de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70507c422337e5fc00d49000041c67f0adfea14cba801e2e5fca40971aa90f5f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.worldtimebuddy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 10:30:20 GMT
cf-cache-status: HIT
last-modified: Wed, 29 Mar 2023 06:11:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 12896
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kAsqwB01e98u418GLtM1Tl2YfY%2B9TWSbY2QtdNUOm19dY5XRcxulh4rp0YiEqobYVFOMbILiW7TreNk9KLxz41uBW8HhURUHRzCsUmbGkEBPamujbyQjsoK9hYMY6EEvuhQuJesrO1Kgs1LFrQ7ag940WJyj"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
cf-ray: 7af76fdbdf8d0c9e-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 next-day.png
www.worldtimebuddy.com/media/img/ 327 B
810 B 138ms
134ms Image
image/png 2606:4700:3035::ac43:c4de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.worldtimebuddy.com/media/img/next-day.png?144
Requested by: Host: www.worldtimebuddy.com
URL: https://www.worldtimebuddy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c4de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36c938c67af0789ca4cf6373d18c70b400de367d8cf649de9d60f019944be8da

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.worldtimebuddy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 10:30:20 GMT
cf-cache-status: HIT
last-modified: Wed, 29 Mar 2023 06:11:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 12552
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hv2Fbfif%2Bofn%2BdEK13GUAXt94EB%2FK9P9%2FQYIL2wEbNQ7f%2BPGMiqmuo0erQsdgt5RLVJbYz6xOuehGglTfgsCeaZ2E%2F19dgy%2BqoBR9dtW5hCP8J23z2GLFHHSoz1J1oKmG0HWZ9%2Bu8Tu1Swy4iIoO0Ejcu2fh"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
cf-ray: 7af76fdbdf8e0c9e-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 294ms
26ms Script
text/javascript 2607:f8b0:4006:80c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.worldtimebuddy.com
URL: https://www.worldtimebuddy.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.worldtimebuddy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 29 Mar 2023 10:05:11 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 1510
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Wed, 29 Mar 2023 12:05:11 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303230101/ 400 KB
125 KB 287ms
27ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303230101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2e3715305bd5425639d63572dc1682bf820e68cc3991d19eda99755ddd5f34d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.worldtimebuddy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:52:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2277
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126968
x-xss-protection: 0
server: cafe
etag: 15124557694433444799
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 28 Mar 2024 09:52:24 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 98 B
609 B 292ms
40ms XHR
application/json 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.worldtimebuddy.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d3599b5fd3f1aeb1f49c54f980ff3a223dc5b321fa278128e803194d955d0bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.worldtimebuddy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 10:30:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67
x-xss-protection: 0
expires: Wed, 29 Mar 2023 10:30:21 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=465292523&utmhn=www.worldtimebuddy.com&utme=8(t42*lc*ut*dc*p4)9(link1*3*rnl*dnm*control)11(1*3!2*2*1)&utmcs=UTF-8&utmsr=1600x120...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-4019582-5&cid=1526713548.1680085821&jid=812989548&_v=5.7.2&z=465292523

35 B
337 B

113ms
39ms

Image
image/gif

2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-4019582-5&cid=1526713548.1680085821&jid=812989548&_v=5.7.2&z=465292523

Requested by

Host: www.worldtimebuddy.com
URL: https://www.worldtimebuddy.com/

Protocol

Server

2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.worldtimebuddy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 29 Mar 2023 10:30:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 29 Mar 2023 10:30:21 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/html; charset=UTF-8
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-4019582-5&cid=1526713548.1680085821&jid=812989548&_v=5.7.2&z=465292523
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 368
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ADTECH;v=2;cmd=bid;cors=yes;alias=48f44b0afa9893;misc=1680085821597
adserver-us.adtech.advertising.com/pubapi/3.0/11070.1/4562099/0/0/ 0
0

GET ADTECH;v=2;cmd=bid;cors=yes;alias=5402caf1d7d7b9;misc=1680085821599
adserver-us.adtech.advertising.com/pubapi/3.0/11070.1/4562098/0/0/ 0
0

GET
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 120 B
638 B 210ms
130ms Script
application/x-javascript 63.251.114.137
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?callback=window.pbjs.sovrnResponse&src=prebid_prebid_0.23.0&br=%7B%22id%22%3A%2290e7b50c030cff%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22721e97843160cc%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%22tagid%22%3A%22467741%22%2C%22bidfloor%22%3A%22%22%7D%2C%7B%22id%22%3A%2284f8a785c5bc3b%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%22tagid%22%3A%22467742%22%2C%22bidfloor%22%3A%22%22%7D%5D%2C%22site%22%3A%7B%22domain%22%3A%22www.worldtimebuddy.com%22%2C%22page%22%3A%22%2F%22%7D%7D
Requested by: Host: www.worldtimebuddy.com
URL: https://www.worldtimebuddy.com/media/js/prebid.js?7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.114.137 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: a77dfa2d09faa7b12c2e813af0023b0b524ea2e941a7c916eac0e278948f73cd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.worldtimebuddy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 29 Mar 2023 10:30:21 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ewr1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 125

GET
H2 200 lib.js Show response
prebid.districtm.ca/ 21 KB
7 KB 151ms
27ms Script
text/javascript 2600:9000:2510:6200:18:6930:8980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.districtm.ca/lib.js
Requested by: Host: www.worldtimebuddy.com
URL: https://www.worldtimebuddy.com/media/js/prebid.js?7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2510:6200:18:6930:8980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 462c2eeb6f96d7c87bd7110f6bbc259e050f7cb88a7bbe60ea81008f5299dae5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.worldtimebuddy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: cM3dV80CheyzqgZXMHQIgfZYDHZP6MnL
content-encoding: gzip
via: 1.1 3b0649a8bee506c1d7498462d39e6c44.cloudfront.net (CloudFront)
date: Wed, 29 Mar 2023 05:50:41 GMT
last-modified: Fri, 11 Jan 2019 18:45:28 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P5
age: 16781
etag: W/"b36a34f98e1b365478ef91626290a350"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: kVy30QPcqM4dacAP1_3aDOfu4unLxGLofy80DQdnYnQpr8gqOiLhPg==

POST
H2 200 header Show response
media.msg.dotomi.com/s2s/ 311 B
507 B 465ms
58ms XHR
application/javascript 2606:ae80:1471:1a::1460
VALUECLICK

General

Check archive.org

Show headers Download Go to

Full URL: https://media.msg.dotomi.com/s2s/header?callback=pbjs.conversantResponse
Requested by: Host: www.worldtimebuddy.com
URL: https://www.worldtimebuddy.com/media/js/prebid.js?7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:ae80:1471:1a::1460 , United States, ASN25751 (VALUECLICK, US),
Reverse DNS
Software: nginx /
Resource Hash: 5a31c8f63ba7f1ba684528fc7b951df27f2a095226b83e4fc302c83a04a18861

Request headers

Referer: https://www.worldtimebuddy.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 10:30:22 GMT
server: nginx
content-type: application/javascript
access-control-allow-origin: https://www.worldtimebuddy.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 311
expires: 0

GET
H2 200 getjs.static.js Show response
tag-st.contextweb.com/ 30 KB
10 KB 160ms
33ms Script
application/x-javascript 198.148.27.133
PULSEPOINT

General

Check archive.org

Show headers Download Go to

Full URL: https://tag-st.contextweb.com/getjs.static.js
Requested by: Host: www.worldtimebuddy.com
URL: https://www.worldtimebuddy.com/media/js/prebid.js?7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.148.27.133 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software: envoy /
Resource Hash: a4296ecc7e11cf003d9e726af4ef19a1536774431d0816584737c3cd2c71b11f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.worldtimebuddy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 10:30:21 GMT
content-encoding: gzip
x-envoy-upstream-service-time: 3
server: envoy
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
content-length: 10317
content-type: application/x-javascript; charset=utf-8

GET
H2 200 cygnus Show response
as-sec.casalemedia.com/ 14 KB
6 KB 281ms
224ms Script
text/javascript 104.18.24.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?v=7&fn=cygnus_index_parse_res&s=209262&r=%7B%22id%22%3A%22171422467%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.worldtimebuddy.com%2F%22%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221%22%2C%20%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%20%7B%22sid%22%3A%221_1%22%2C%22siteID%22%3A209262%7D%7D%2C%7B%22id%22%3A%222%22%2C%20%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%20%7B%22sid%22%3A%222_1%22%2C%22siteID%22%3A209263%7D%7D%5D%7D&pid=pb0.23.0
Requested by: Host: www.worldtimebuddy.com
URL: https://www.worldtimebuddy.com/media/js/prebid.js?7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52675c77909a3ba93157254f04d8b6dd13164ebbc7178e3a9de6dcdfe3c7eccb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.worldtimebuddy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 10:30:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zfan%2FTY0R%2F1AKNmLF4t5onreHvh7vkfewOtIYH9d%2BNHYRXvTGStwxWC2gL1De6aQnO893AaQt10Xr3W9KRHnao5Sm9AIhTnLMsK56ReHdPzI9gq12cYr%2FiLq8z%2FqTmz9XMPYsVxfRC4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: no-cache
cf-ray: 7af76fe19db5a1ff-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

GET
H/1.1 200
OK jpt Show response
secure.adnxs.com/ 0
774 B 117ms
37ms Script
text/html 68.67.160.186
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?callback=pbjs.handleAnCB&callback_uid=24612b72c70af95&psa=0&id=11691038&size=728x90&referrer=https%3A%2F%2Fwww.worldtimebuddy.com%2F

Requested by

Host: www.worldtimebuddy.com
URL: https://www.worldtimebuddy.com/media/js/prebid.js?7

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.186 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.worldtimebuddy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 29 Mar 2023 10:30:21 GMT
AN-X-Request-Uuid: 47298eb5-b74d-4202-bdfe-5fcd80a6cab8
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 96.9.246.196; 96.9.246.196; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK jpt Show response
secure.adnxs.com/ 0
774 B 138ms
59ms Script
text/html 68.67.160.186
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?callback=pbjs.handleAnCB&callback_uid=25d8dd5770eaa07&psa=0&id=11691145&size=300x250&referrer=https%3A%2F%2Fwww.worldtimebuddy.com%2F

Requested by

Host: www.worldtimebuddy.com
URL: https://www.worldtimebuddy.com/media/js/prebid.js?7

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.186 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.worldtimebuddy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 29 Mar 2023 10:30:21 GMT
AN-X-Request-Uuid: e59df7f7-3221-4389-af60-2d4bcdcf2866
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 96.9.246.196; 96.9.246.196; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK jpt Show response
secure.adnxs.com/ 7 KB
6 KB 264ms
185ms Script
application/javascript 68.67.160.186
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?callback=pbjs.handleAnCB&callback_uid=278d486e657a8e9&psa=0&id=13215904&size=728x90&referrer=https%3A%2F%2Fwww.worldtimebuddy.com%2F

Requested by

Host: www.worldtimebuddy.com
URL: https://www.worldtimebuddy.com/media/js/prebid.js?7

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.186 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

6fe1482c8c10e5d2b38d3be91e5e05b563200bbdcd8700e42b43b444d82bc673

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.worldtimebuddy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 29 Mar 2023 10:30:21 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 96.9.246.196; 96.9.246.196; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: ffa54e7f-4763-4871-b1bd-1626d7130d33
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK jpt Show response
secure.adnxs.com/ 7 KB
6 KB 266ms
188ms Script
application/javascript 68.67.160.186
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?callback=pbjs.handleAnCB&callback_uid=28dec99a6953414&psa=0&id=13215905&size=300x250&referrer=https%3A%2F%2Fwww.worldtimebuddy.com%2F

Requested by

Host: www.worldtimebuddy.com
URL: https://www.worldtimebuddy.com/media/js/prebid.js?7

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.186 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

7834a93c83199e3b0a38bfa601067e5b7e000e4cda4b5d046505ca42380a70be

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.worldtimebuddy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 29 Mar 2023 10:30:21 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 96.9.246.196; 96.9.246.196; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 32a5a9c1-c4e1-4864-a564-2573df85ab71
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 index.html Show response
cdn.districtm.io/ids/ Frame 65CE 116 B
433 B 140ms
28ms Document
text/html 99.84.37.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: prebid.districtm.ca
URL: https://prebid.districtm.ca/lib.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.37.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-37-12.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e

Request headers

Referer: https://www.worldtimebuddy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 4819
content-length: 116
content-type: text/html
date: Wed, 29 Mar 2023 09:10:03 GMT
etag: "517f2062d883c0ee35479a2da0c50b8c"
last-modified: Thu, 20 May 2021 02:18:27 GMT
server: AmazonS3
via: 1.1 49830f6fdfb2c3519e81248d6d19f450.cloudfront.net (CloudFront)
x-amz-cf-id: of9OEw4H0K-LvTfKxwxR-mLWoH6PF1V7V1vq9QLBi3vUUbpXTUh9ig==
x-amz-cf-pop: EWR52-C4
x-cache: Hit from cloudfront

GET bid
rtb.districtm.io/ 0
0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 48 B
859 B 112ms
36ms XHR
application/json 68.67.160.75
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: prebid.districtm.ca
URL: https://prebid.districtm.ca/lib.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.75 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

983775b438c242df7cb0ceb87bd2582f96ff0d4e8043f822adf3a3e93261b9a8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.worldtimebuddy.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 29 Mar 2023 10:30:21 GMT
AN-X-Request-Uuid: 7f63d246-19db-40cb-be2d-b1558744c992
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.worldtimebuddy.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 96.9.246.196; 96.9.246.196; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 48
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/ib/static/usersync/v3/ Frame 2055 995 B
883 B 203ms
58ms Document
text/html 173.223.56.228
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: www.worldtimebuddy.com
URL: https://www.worldtimebuddy.com/media/js/prebid.js?7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.223.56.228 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a173-223-56-228.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Referer: https://www.worldtimebuddy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 506
Content-Type: text/html
Date: Wed, 29 Mar 2023 10:30:22 GMT
ETag: "573e714d-3e3"
Expires: Thu, 28 Mar 2024 10:30:22 GMT
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H2 200 idsync.d5cb6b96.js Show response
cdn.districtm.io/ids/ Frame 65CE 3 KB
4 KB 32ms
31ms Script
application/javascript 99.84.37.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Requested by: Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.37.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-37-12.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 196b425485c119046eada45bc1a473e6c35f7f8c5a94824873535de823af517f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.districtm.io/ids/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 08:07:56 GMT
via: 1.1 49830f6fdfb2c3519e81248d6d19f450.cloudfront.net (CloudFront)
last-modified: Thu, 20 May 2021 02:18:27 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C4
age: 8547
etag: "74ede07ef946dc2316f86b2661cf2dd3"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3302
x-amz-cf-id: BXyFnBnKG7dnLDPSDyXyj4hTYG27st8MDIh58pQ24XOq5NeQLylkMA==

GET buyers
dmx.districtm.io/s/v1/ Frame 65CE 0
0

GET
H/1.1 200
OK async_usersync Show response
secure.adnxs.com/ Frame 2055 0
857 B 33ms
32ms Script
text/html 68.67.160.186
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/async_usersync?cbfn=AN_async_load

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.186 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 29 Mar 2023 10:30:22 GMT
AN-X-Request-Uuid: 94e4afa2-a5a6-4722-ba19-cae927fb54e9
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 96.9.246.196; 96.9.246.196; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 164ms
40ms Script
application/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.worldtimebuddy.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.worldtimebuddy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 10:30:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
11 KB 302ms
301ms XHR
text/plain 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1551864668883561&correlator=3108893530014404&eid=31073289%2C31070232&output=ldjh&gdfp_req=1&vrg=202303230101&ptt=17&impl=fifs&iu_parts=212218034%2Cprebid_banner_adx_refresh%2Cprebid_mrect_adx_refresh&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=728x90%2C300x250&ifi=1&adks=2188460671%2C2851241313&sfv=1-0-40&prev_scp=hb_bidder%3DindexExchange%26hb_adid%3D30292ec9c5acaa%26hb_pb%3D0.05%26hb_size%3D728x90%7Chb_bidder%3Dappnexus%26hb_adid%3D28dec99a6953414%26hb_pb%3D0.10%26hb_size%3D300x250&eri=1&cust_params=hb_adseq%3D1%26hb_bidder%3Dtimeout%26hb_pb%3D0.00%26hb_timeout%3D2500%26hb_exp%3Dlink1&sc=1&cookie_enabled=1&abxe=1&dt=1680085824150&lmt=1680085824&dlt=1680085820690&idt=891&adxs=577%2C637&adys=322%2C460&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.worldtimebuddy.com%2F&frm=20&vis=1&psz=728x-1%7C300x250&msz=728x-1%7C300x-1&fws=0%2C0&ohw=0%2C0&ga_vid=1526713548.1680085821&ga_sid=1680085821&ga_hid=1585155100&ga_fc=true&ga_wpids=UA-4019582-5

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61b1e605b2b0d0a78c6bda99f9c5b35b805cd744d422ddef0357995bbdfde579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.worldtimebuddy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 10:30:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10654
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.worldtimebuddy.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 138ms
47ms XHR
application/json 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202303230101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f61bf7b223899d73a18d28822c2fa44e061241084ecbfa4226cc00ed92c6ea27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.worldtimebuddy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 10:30:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11241
x-xss-protection: 0

GET
H2 200 container.html Show response
bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9B1E 6 KB
3 KB 148ms
40ms Document
text/html 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.worldtimebuddy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 29 Mar 2023 10:30:24 GMT
expires: Thu, 28 Mar 2024 10:30:24 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 315ms
49ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.worldtimebuddy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 10:30:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 29 Mar 2023 10:30:24 GMT

GET
H2 200 container.html Show response
bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E57E 6 KB
3 KB 29ms
24ms Document
text/html 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.worldtimebuddy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 29 Mar 2023 10:30:24 GMT
expires: Thu, 28 Mar 2024 10:30:24 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B366 6 KB
3 KB 30ms
26ms Document
text/html 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.worldtimebuddy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 29 Mar 2023 10:30:24 GMT
expires: Thu, 28 Mar 2024 10:30:24 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 53C9 624 B
827 B 114ms
43ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCYwOyiAxj4x_zbATAB&v=APEucNV4guJBvt1n9aLunSpDwEB7kJSYH5Xjzj3q8WhqHHHUGP51OHV_2UkTc2e89Fm-2KHY22U7pnbkmCRmtPq-yJmjjWOyTQ

Requested by

Host: bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com
URL: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Mar 2023 10:30:24 GMT
expires: Wed, 29 Mar 2023 10:30:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame E57E 78 KB
27 KB 152ms
97ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com
URL: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 10:30:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28043
x-xss-protection: 0
server: cafe
etag: 15270303690107644053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 29 Mar 2023 10:30:24 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E57E 42 B
63 B 105ms
53ms Image
image/gif 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DBoM98hfl9sA_d6Lsb-iWCmIi_IzdF6FW3dgaOLHPxGjyrbmWfSyZ0mTFZaOB9_1JJ9stoSPpw3C_q_R6hBdy3EyEhKGSIkcaaVpHTUtbttvY6bUk

Requested by

Host: bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com
URL: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 10:30:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E57E 0
20 B 106ms
53ms Image
image/gif 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8319951997998849080&x=1&ct=76

Requested by

Host: bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com
URL: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 10:30:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230327/r20110914/client/ Frame E57E 3 KB
1 KB 30ms
25ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230327/r20110914/client/window_focus_fy2021.js

Requested by

Host: bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com
URL: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:30:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3580
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 09:30:44 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230327/r20110914/client/ Frame E57E 20 KB
8 KB 29ms
26ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230327/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com
URL: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c65c175488a9e52e5ba6a5a510a368d307adb704f74cf8694450e882de26aec3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:30:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3581
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8674
x-xss-protection: 0
server: cafe
etag: 3460810559063626959
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 09:30:43 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E57E 158 KB
49 KB 59ms
56ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com
URL: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

211b508f51e67897ed88fa49901e1ccbe5e1ddacdc43a391f699f757ce1c0a9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 10:30:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49596
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1679917726319514"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Mar 2023 10:30:24 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A4B9 624 B
505 B 107ms
45ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCYwOyiAxj4x_zbATAB&v=APEucNVKVShRmdHH-Ivh8NdGhWy1WtRE1b3AMYBke8aCNEDeAZUatQzdLAOow1ROokWdlf9SIqMlCKrpLeL9vG3Y-4MhwiOk4g

Requested by

Host: bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com
URL: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Mar 2023 10:30:24 GMT
expires: Wed, 29 Mar 2023 10:30:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame B366 78 KB
27 KB 97ms
57ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com
URL: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 10:30:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28043
x-xss-protection: 0
server: cafe
etag: 15270303690107644053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 29 Mar 2023 10:30:24 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B366 42 B
63 B 93ms
54ms Image
image/gif 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D3wRh4Nql3uXjg_XipvBd_Q791coFNfheSQQdtEs91ddCxoApAWRbdIq8pHmTnkY8AtLh_QWoRufkaB7eVOZPGibnX8sy7njEcCLubEI6qajQnyFY

Requested by

Host: bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com
URL: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 10:30:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B366 0
20 B 93ms
54ms Image
image/gif 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=6059189751741213745&x=1&ct=76

Requested by

Host: bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com
URL: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 10:30:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230327/r20110914/client/ Frame B366 3 KB
1 KB 39ms
28ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230327/r20110914/client/window_focus_fy2021.js

Requested by

Host: bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com
URL: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:30:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3580
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 09:30:44 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230327/r20110914/client/ Frame B366 20 KB
8 KB 79ms
69ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230327/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com
URL: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c65c175488a9e52e5ba6a5a510a368d307adb704f74cf8694450e882de26aec3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:30:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3581
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8674
x-xss-protection: 0
server: cafe
etag: 3460810559063626959
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 09:30:43 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B366 158 KB
49 KB 63ms
53ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com
URL: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

211b508f51e67897ed88fa49901e1ccbe5e1ddacdc43a391f699f757ce1c0a9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 10:30:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49596
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1679917726319514"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Mar 2023 10:30:24 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D35E 13 KB
5 KB 63ms
58ms Document
text/html 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.worldtimebuddy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 1632
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 29 Mar 2023 10:03:12 GMT
expires: Thu, 28 Mar 2024 10:03:12 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6D59 783 B
1 KB 136ms
47ms Document
text/html 2607:f8b0:4006:816::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d3422df89453d7f718f570e9e9143f6aeb2a5deedeab644729fa02e625f958f6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Mupw3ZDOZXMJH1H684-bog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.worldtimebuddy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-Mupw3ZDOZXMJH1H684-bog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 29 Mar 2023 10:30:24 GMT
expires: Wed, 29 Mar 2023 10:30:24 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 3b1Q3-2ktxseIVt-HK-LDpEKRyl8KDIxhU6os0UJEUg.js Show response
pagead2.googlesyndication.com/bg/ Frame D35E 36 KB
14 KB 29ms
28ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3b1Q3-2ktxseIVt-HK-LDpEKRyl8KDIxhU6os0UJEUg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddbd50dfeda4b71b1e215b7e1caf8b0e910a47297c283231854ea8b345091148

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:40:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2979
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14404
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Mar 2024 09:40:45 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 53C9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECtAgKKPTg-M94cZ2cD8Z2M&google_cver=1

43 B
764 B

50ms
25ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECtAgKKPTg-M94cZ2cD8Z2M&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCYwOyiAxj4x_zbATAB&v=APEucNV4guJBvt1n9aLunSpDwEB7kJSYH5Xjzj3q8WhqHHHUGP51OHV_2UkTc2e89Fm-2KHY22U7pnbkmCRmtPq-yJmjjWOyTQ
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 29 Mar 2023 10:30:25 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 29 Mar 2023 10:30:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECtAgKKPTg-M94cZ2cD8Z2M&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 53C9
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZCQTQfS1pZ694..uD5rjuAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECtAgKKPTg-M94cZ2cD8Z2M&google_cver=1&google_hm=2

43 B
764 B

26ms
25ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECtAgKKPTg-M94cZ2cD8Z2M&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCYwOyiAxj4x_zbATAB&v=APEucNV4guJBvt1n9aLunSpDwEB7kJSYH5Xjzj3q8WhqHHHUGP51OHV_2UkTc2e89Fm-2KHY22U7pnbkmCRmtPq-yJmjjWOyTQ
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 29 Mar 2023 10:30:25 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 29 Mar 2023 10:30:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECtAgKKPTg-M94cZ2cD8Z2M&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 53C9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEDLJqG0fDEBpvgD1MLItmr0&google_cver=1

43 B
1 KB

32ms
32ms

Image
image/gif

68.67.160.75
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEDLJqG0fDEBpvgD1MLItmr0&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCYwOyiAxj4x_zbATAB&v=APEucNV4guJBvt1n9aLunSpDwEB7kJSYH5Xjzj3q8WhqHHHUGP51OHV_2UkTc2e89Fm-2KHY22U7pnbkmCRmtPq-yJmjjWOyTQ

Protocol

HTTP/1.1

Server

68.67.160.75 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 29 Mar 2023 10:30:25 GMT
AN-X-Request-Uuid: 14d4e7d4-90ce-47ee-b102-83513e2e9b31
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 96.9.246.196; 96.9.246.196; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 29 Mar 2023 10:30:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEDLJqG0fDEBpvgD1MLItmr0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 53C9
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk0Nzg0NzYxMzE4MTkwMTM5OQ%3D%3D

170 B
243 B

134ms
45ms

Image
image/png

142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk0Nzg0NzYxMzE4MTkwMTM5OQ%3D%3D

Requested by

Protocol

Server

142.250.65.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 10:30:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 29 Mar 2023 10:30:24 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 96.9.246.196; 96.9.246.196; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 47a66f5b-27b9-4f7e-96f3-15e71b599bc8
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk0Nzg0NzYxMzE4MTkwMTM5OQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A4B9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECtAgKKPTg-M94cZ2cD8Z2M&google_cver=1

43 B
631 B

54ms
29ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECtAgKKPTg-M94cZ2cD8Z2M&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCYwOyiAxj4x_zbATAB&v=APEucNVKVShRmdHH-Ivh8NdGhWy1WtRE1b3AMYBke8aCNEDeAZUatQzdLAOow1ROokWdlf9SIqMlCKrpLeL9vG3Y-4MhwiOk4g
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 29 Mar 2023 10:30:25 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 29 Mar 2023 10:30:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECtAgKKPTg-M94cZ2cD8Z2M&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A4B9
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZCQTQfS1pZ694..uD5rjuAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECtAgKKPTg-M94cZ2cD8Z2M&google_cver=1&google_hm=2

43 B
631 B

33ms
32ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECtAgKKPTg-M94cZ2cD8Z2M&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCYwOyiAxj4x_zbATAB&v=APEucNVKVShRmdHH-Ivh8NdGhWy1WtRE1b3AMYBke8aCNEDeAZUatQzdLAOow1ROokWdlf9SIqMlCKrpLeL9vG3Y-4MhwiOk4g
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 29 Mar 2023 10:30:25 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 29 Mar 2023 10:30:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECtAgKKPTg-M94cZ2cD8Z2M&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame A4B9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEDLJqG0fDEBpvgD1MLItmr0&google_cver=1

43 B
1 KB

34ms
33ms

Image
image/gif

68.67.160.75
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEDLJqG0fDEBpvgD1MLItmr0&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCYwOyiAxj4x_zbATAB&v=APEucNVKVShRmdHH-Ivh8NdGhWy1WtRE1b3AMYBke8aCNEDeAZUatQzdLAOow1ROokWdlf9SIqMlCKrpLeL9vG3Y-4MhwiOk4g

Protocol

HTTP/1.1

Server

68.67.160.75 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 29 Mar 2023 10:30:25 GMT
AN-X-Request-Uuid: 1883b0c4-13bd-4868-93e4-e28c1d76332d
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 96.9.246.196; 96.9.246.196; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 29 Mar 2023 10:30:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEDLJqG0fDEBpvgD1MLItmr0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A4B9
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk0Nzg0NzYxMzE4MTkwMTM5OQ%3D%3D

170 B
232 B

79ms
46ms

Image
image/png

142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk0Nzg0NzYxMzE4MTkwMTM5OQ%3D%3D

Requested by

Protocol

Server

142.250.65.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 10:30:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 29 Mar 2023 10:30:24 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 96.9.246.196; 96.9.246.196; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 1267c172-d1d4-4a89-b7b9-e486384bbe0a
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk0Nzg0NzYxMzE4MTkwMTM5OQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B366 0
20 B 43ms
43ms Ping
image/gif 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2500233112207&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 10:30:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B366 0
20 B 47ms
47ms Ping
image/gif 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2500233112207&version=m202301230201&ct=76&x=1&cor=6059189751741214000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 10:30:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame B366 83 KB
35 KB 74ms
71ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DYC3f9HVNsqVQBEX9evd8QD-x3I3GGNJbDHrHJrrlAk3bQPN4SSHDIUdmtyKVBhzrLF1Po3D8L5C_c-YKDn_0PLATLwQ&cry=1&dbm_d=AKAmf-Ch7_-Z1nEjlaZRJiN-k1gvSxYtrLKbKZTqTRD5ZwFuQtCg3DpP_iD5J1IwiSdvlcCeFvz41FuDaIejGlwN5QofBc3tItnL_lh2xiT-XnPIMRuDCCHSu2LIqORoUZq2Eo9O_bTJqg-Kyr-DpqGD1xLcsGJt2UdvAviubVh3u042qowzOOUlzlsVKJroCgNBrfK7il8lIQi1mHBocWtsHH48Ci_E1ddsYvUqi1_t8b0O5YcIFCPNdtSOO-o7-k1YcIXLaCEy7PG3OCLsGbtE5XY18pSrXYZhL17nvgemsw-fUCKDSWXmMLS3zqv6-mkW8Ze_b9B9uEGckAOMEvFwyEt9ZQA0DtSnYXXKuZv7CQr9lMxqEFYzgbnkk5tQZV9QCbHE8dLQnRkKbMAtKtH04SAVRiLs_EIC7OQ_NU5oWYvt-Npza8OBnT9rE64jItIZc-hitjIKBb29PXISTT6k99HjmnM0DTruNQF6qZdEEUzxyMF26JNE0lx1WL8p-5vHJbtEm0svJV86yeWY98_cTaXkeoCuuJ2vsv-4Wn8gIUOe4dOrF4-_WNOpNgBO8p5mknH4YIpOSSeC4V0vZ9GgVyUlg0Poxe1v5_U5e5dFVZcNt-5YrUAPr7q1V0oMlnYdsdZG891bHdS3VCLrtWSkGLdF8Le6ihZVAheAUhcHLFCnzJqcFJXVU8TD8uMIJ8zQNqdxL7v8Lti_cImFzrYnSxcsAe13FfFuFuech4QL-smy-TinzM1fUMMq54U4ntUefcbpXe1gyzu0Nz6YF25v1l-GMrgi8YsyOgQCmK_Dm2fFbbFMGiA1bJGV28HmlhAvmI3mgVdU366r5Ose8tcrU6QNHRqJYtuSC__SsazZIcjs92AtMcxdQ8p6EJTQLG-3jZz4eMhI84lfY29LAog7SJof0yZBnpEIf6bxJtZbLoCanMSfAocKwWEPI4U9RSddB8jC-lY8SVkaZv27WyB2NXHQVfLHJ-1gowLQb_oLOOFZArRfPQQ8KTNc_Jq3xVPIHfLnJvpakjFUhOlRwwdGIqSTk6rzT66dZVsjotypWiFvooxez5E2fKA8OF0vn_yVWho_FrEDz9JKJKiPr59DwsDTrlR02wcWNt_pKDSW4qlNsJiudXXFWkH8NsqXPisNej0qmW2JNUKGBKbpM90rnFUroPdPD9hVKpWOzsVEosGlxABAVSlpI0eaVGqs00X22gJrvFaIInrzC8DF66T5rvDfWmflm6PQacDqsnUTvQpgX2KvbNfN2SDQ7V7SrCvLIxlCqRtpHjf5UnzbQzrzfWfu1wstpQWCMgm58tJBZdBlCB-2QusOZ-h3SyV0GT3tkozy4MJVKlzWUlRN40CoUwUflfLpGRAYezDzhO2qAfxe_GWGqaDGGMic8rIwV1sy8CNutRxpbz03DHknBbErhqL0ZU-dtzmMdt_dMT2aEL3ylNbvYLzhuiYzyZesSaNyZhDZyiV7daGTlQPuRmCFXGAx5TuBNMg1QJPLStYWyFcNDoAtIGEnB0oeMLjOSV1MvfY0_qcW_gsfG4cLzrUJ6_Qa_p_8E8bleydOTKHAkuIfuCzISMYqDl12unYmTAXxLZeYOmEgwqMYvMTgDkXHTkUtBd3F42YIJhwBtYL8eFHvEsuIN8P8EGRfzhHKjlfVi77-Z0K-fpW8ExUwYijiL1mX9xWVAlCCUScotHGORkdizAhk5dQfjc7q2G9cKyFZjdF7fQpDQeTOq4nn3qzFhcGwDy1IgrqK6USH29VnDRg5OmMCyoSFlueWDSoMG1WswqfzLKZxYGDajrIBgZqNG59Fy4X7sSuLTEh4QyxB16LvUHw1TxZpW0KOtgjUP6JeIBHS7NKN1yFnuHI1BKV9ABuKsffOqHQfj3YN5f-GLjp4iqpp0PqYuPJqdZ8P1vQlwkKkzacKDyMWs1a38w-1c-NBKEBUXXxQOobytd2F9gial5epWbzaOesCI5ETncNLMcsBFze_TonuaS5OijaBKB02Nj2Ke5YxXzUtn_e8x3IQxJIqSGGWu82ygnZwAacSbBXjlw-Sdv38kaWAkeIufZhqN2L-E8mmNN9xkLnjmppqAou1fYS7paOLhGeACMYu7BHeFqQWEgVUTb7dzXZRNcJ5o4eusVYlg-kpJuAp9s09R3FzoSdLriCaevKoyqJF2ucHRZQAenNcV0YgqG3jH4zUbHnoTYZhrpgjJRONHdp_RhjQB1mAS2MqXmLBFRLYNTXILDIiPmKaNrmjPEYIqC1ccvkH3py7erGxmaphay4Hc-KuCKYZ1sNfARY_4XnS5D-fUrDm3FLtOrXgXarJ1PS_BHSqEjNMTIh1n2aj3nXIP72CMkk2DIasj_e6NzwKhWEINKHONo_qLAfbQKhJQsCC0D2o49kwbaUekfegzZdgMMd3anLvahcWATgMnIMnohkcaOvD3rw7ix2BZimqGzLIiF67dg1IA3X0GdtZ9O3ETX6_N0K-ft-bQEPyveXJY7LnD8RPvckG2Em_WwyqRlr62cZ7w5q72MiW8fK_y45pwwA2MHDpPJa_5OHUNUm5WQmLSfCw9LM9B-MsVBhp-Xx_Cf34_Tr7BwEeT-073HWM7AN2xzELrsF_U6Og6QZdaSahHq5pYMfIX1aLHxKlg8joa2_i6j8sVfdQGuRP2JbdmVqz7jbw0YOticot8UktpyAEj6oCTlxaJFAxTzu70n54cO0hTpTXZLPKWWC1OxJPSf1_67BGdjHgHBsO3Q5qE7Ohic_bV7Q9b4x-YmvvZV68KSz1tNHICOUg2mygH-_DXv2Fl2XsIEtyjScHb8F3Ck5smwyBqpnysPU31QoiFypdTXUf32ljkcFdZLPOj7i89typXcJRJbQ8q_55AngN6crfuDaWUbnfxjxVnHYV0g9flP7YYomcKHsU-AnTfFQb3tGvmnPwGXMRy6mQhtDJZIvdUZexkAmK-rnueoQW3du4Yo9rxK7cZQmraIprhNL4qFLsA8z8CLhHNTARs0ZjqG_Jh3XkaM5n1Ojvik7ZE4ffpO_trENgEIc7qAjXK1e1kV6b5BuinestcDQpKpq9Hh0m7OKH31xDsnWF4xOeoshYdsABOaFYOc4hSOBGU3YKBzrin8_jQ5McuBL0AIfgaZ2rqljroY9hmwcWu3AaaHsXt9uu9fHcOfLlS-iEjnNZRjzBsm1PbXRDUyT6IrDrGu0aM0Z29mJfQkFQYsQBNfwqE3xSRgPM75oUFHk18HVP9GexBlbLw317gt1nfRcpOP2k1i85opY7e6L1FasAp-MSS2_iuqsDSfJZdP5_TuA2rUUStg43eTUPfNbBvhzaOHgYGxdoj_ef5z24hTeZoXx-FJlnbHyYi8QbKQc9YLVyH6qAoQcLx_CE7zC29hx7NGxc8bH4rFalkQ-bDmoPDlY0irH_jgQFgr1Ea8-2rjh4qDIyqmkRfJ5wgek0nI5x5573C3OVglqyDXBnm32Zr92hcfrUAL6P-UAUFARonxIXb8lGfb_IOjVwKJeKCGjLnsjjGUtDCTzlEPNnsm4AMLe_jBLqPg&cid=CAQSTADUE5ymmFzh9pn9HSmFs0TtOE6lPYUp5Ahm6BvMgjb2a2IGSPb09v6qDdLI3jHnW580wzIS-8kVeXRDEa7kOAaa8E7uJ5hWiqEHziQYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.worldtimebuddy.com%2F&ds=l&xdt=1&iif=1&cor=6059189751741214000&adk=1964084972&idt=113&cac=0&dtd=12

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c526bbc4b6140983eb3d0743340ccef8d0de351d2418421763ee6c4f3f0cfc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 10:30:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35960
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E57E 0
20 B 47ms
46ms Ping
image/gif 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8580470152153&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 10:30:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E57E 0
20 B 48ms
47ms Ping
image/gif 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8580470152153&version=m202301230201&ct=76&x=1&cor=8319951997998849000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 10:30:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E57E 83 KB
35 KB 89ms
88ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A5QN9Ps-KbhgLpA1ABDP_nmVlAb2SHA7FdeJexsbF0pQ4fCuBT45myTfVTK9K3lmjYJ5HjHY-9PYHM_qe1w2Rl-B_vsw&cry=1&dbm_d=AKAmf-AC1FRt_brnY1dDy6NrkrUbQ5U2X6Vhk3Ghph0hoT0qCF-zk90smP6rzv3FC9_YHFX0E4vT8Jer9V-SM0jZ7dyc4GAmYfXAR0KQG9kk0H_58BnE8qR2Wp3XlUyMt-Qq5YsoKuBt_F9YXHoTCrVILx5AYiTsnKjnjk0WIYBxxkgyutcX7kXiJJ_GnMucyVuGwPGNnLy4Bok_xyIVdJB6GJpk9_k0XVPY7ynIRSu4iu2tr_belecz0oqVKt7usmidITAFC4zSWe_Zj9fY50z0aRre8Dj5MyvykoagBbTucRFqfIL5rxbYciczFKtKpgZi84saJ-8kEZqQDoDotZ2-YFEecwBIHryrDkS1t3LzlSus7meg0TfPxFT5GJ8EPK2YhlRz8qYKs-j6BH80yOtGzFQ2kEKWXwtEqlWEav10AQN4ES7Y2vAzAZO16YP-jL5lASU99Zk8mSeQ_dElXtqChBF-z1lmda2oncjbI_mZ8jNga30yq8hz7YJyEtWBEY9E5P6cXxcFgaG1kW8J3WtQi1AjF1FM7rQ5iIcxW3mrcXRhvqJ2ErRQWES7wyUwou5gBlV3tITqhuoXtO02JuFteG7tA-6zJ3t3M_8kESVQGmsH_mUY7eo89VZpC3BNl0B4L0taU0ynh-UA_kt-YqV6g47zXxKz4Ymgq3_jLaEwv2ePYNTEuu_jbjCOAykBWPcyWpJMrdvgMD3SWkiSsdaWSAqWPK0Y2HjTO2S9MG1tQDSF7YiO3PnDvNpPmyNdFQA8JTriIBKR9RloOqntJriYhr6YUNxqMDjA3ejP-lV33RbkyJCwxswTw39Z56KZOE_T6Uic6DLGByK9EtRUNaV_PqHfutMWkhWVE5mBo21u3qY02c_oZrNGk0wvbQLEJreMk5j0rI6P74ty_WUnCfm0InE6Ok6gX4tVsW09gAyGWCNnk6dVr-hJIrFjMrAvCgTZmsbNnRGMvKpk9eKCWQ2XY3ZKPS4XVrA-17GjSqetomxSCz5FV3UBkSjuCNLn9CqLbVZ3_EN7jVICqPl1SrzHk4KPNN5GNs92TLg4plB7XeUTXXXnXVYZYCCkiaq3609qvlU9KbTDmnAP6YvfrF2VSBwl2PPxLyUgIY6offHkRnmA954kEGiKtk0otPWfcEqo59pBpwTnVbUigXndGPkj-kkUNHrQMglTDNLjeTEksBIStTlqVBvJfV6wpzifQLocot2qITAP40p912AgfofrQFfT7Ew7tGbp4Z3-rh4qu80sqtnWYdoQWYE2CdaG2U8mawQQaSo7PaaWoj4zh_Eeqc0dR-IPiKx9YKZPh8xrPL8VEs14iVl-FycHbuHyszObtwCy8bInkU5Z0SAG0aLp9b9J-9dJ-NBpjdTd3W7UwhL774RTJzD8FxfCur-JS_pRDbjLLIl2RkiqRPPegYwz2XgEPeaW2m8dRZJlkkKD1uHxxeeSFzBkoUne1GCl03C6NnfWvTb_d5pzT5raEokcFxuauNbzeZ2TjbS1EE4EJTkEZEQEH3JnByHa2F8pSWV4A7rGBnwptLUqborsqfkouWkbOAaeHbXQKEX3RmoCwNcTR8cc_ljRw312eh73oFKGBfWgHMnODp0ZK8XZuw9tnwLinPLOyqEvq197HWqqdbjQyfJhzx5I8znCOX31dADEN24TwSIMpjcAng8kzegavweyGA0dD3ML7JNiM6Tg6YL8r8PIlZ5ByoU9NCiGmFImPgKpEksfrYq36QKtn2xkUbNnPTs_14Zc8b9jbejH6PRIJFIx_R5n0lz887WeDkkD_s0MBlUsnQ2oQTaLXBNxIFh1YjZXNlQfWpQz7xeGSgVtnKROJkagXXsKy6CPdytpTdgfEmLaDFmC1emNjrC6rKzYye6PmhWup7lPu6u_-7BFe53Ivu4gUOScfbRnzKsODT1aOc2_EpMshCsWPn0RCHi8sCAaFNbj7NaFNvkZepUhWYDyk33kkKtCs94viYDH281-CVYXfPpQdeSmi99FGkhSN-wWDW6rTqYyazLXppKk7ZQtNoKrQwEtyyFpl4EkvAmfqB_RyIwZ6hsqvJZ6-XTiCDqmsn9EsCn2RjiYMxeVEBbYOllqzEaL1Tgsch4Jt7tJpbzVStMAnsNpZLriCL6_rfMpemGonejcA8_rlgSJB_luo6HomPjMGWCb2aCK9D-1PGy2vV7ORsmw--oTaxleBdNjjvOeylWSOL5YCrXqCNM3MlOTJfzBZedGTACBrdCJXHb4twfB7estndMcwEtL_kxtKcCwEL12VH55O5driPXUIgHyrFRd0lnW7_mYMqNe_ekDroMZxZNjIxLDKz-VMkWGrIG7DkHIeNAcZO4CIcC6YCs18q1S060g3ESBtUpV7G_x4O0_sBlrkQV3ws2NE7g5Kk4WR5aoqo8CYUc2p21ZUWetK0qsXnvf8TmwfeLf7hKpHJy-liS7YFoJuLvnBcr9LhD8RBdmL27lL65IrfslqcRZwmCoZzEjCEFKbD0cvg_OXA-rKpVLr1geNeBWgOlihR_EFqeI1gwYwusvwmEi4GOFbHJi2-yV_WbreS5QrA95-0qzW1Wvau-9HoG6bWIu019--eNWIx-NGRkJGUz4c-GEqgO8qKUhjCdBhFpvzXybKrb1HzX4MCKLatulmILES4UlvFlZHVoXO5AsyeYjTSyDakuBcVZgP_w_zt2k2KMkwfIJig87orhoymrWCG62cXA4GDddnPWNjVOlQVL4Y1ZAK6vHAvvYI64m1IuVpqIj7iwalMsBkdYS3QFRi0JDprnZhkEzKKNuVPabLDrE02Ny85dzyTylUvFgQvlTEKZRiixkYvRvxm17JgLmC3eQ5gz4kSqfZMOyB3qXwi4_y_a39s5SfO0T2RRiBYEx9_FABIEc6ocNTUZSrZGN3bVG5O4A-CCS2oMTwbIw7iAwVhLtkxDgnH4tUdOgB3PJXMxtOwKpLP-M_pttD6R3_jHYEKdC95Fo6KYyRq0hRyonzo3K4mwKAWLYbLK0ypoaIVHeAiR0sVfCKOTarVRWQUqcaQMFm4AI1NnoL0zkWizanw-os78CN9RnSoSOUh8v2CU_xC27QU4y7CtCOgsj5_p0mpCXzKtEaKFDrkIMrAHCvjlDbU2BmkDHAIc7qh2PieEvZQSDKfoj0iwoI2m8R_4vC7YmH8XdZOYup4rZlorRtrpRS7nuLISZR5ZWwmhiapd3whAUePtGK-AnNZCYtNBgFmALwBqH83KPk4Pr5Q0l37mWUOo9bTAKkMYMD3iEjmp3DxEx9vjCUZYAemvbzg8QhVZz1VCeLsX8cBujCJs4JvSHyow4cn5R_VktL4_C2YsSUHZypnYSlqy4D11ELLSSm6W_oop4tqxGESSDvtgbt29kTxWei_1szN1UiUaXYDJ7qLYXNCC9_AWpguWqPiC3cP8MMwYaFBBSRCRboFoJfhpMjefG8tiFi4ptwqcf13KbqRhQmlJ955aj04HObE2A00fFzIXMfE0MOjEIzxJGBtU9uwJ1LIy0IwH-NlsJ5pfZ&cid=CAQSTADUE5ymmFzh9pn9HSmFs0TtOE6lPYUp5Ahm6BvMgjb2a2IGSPb09v6qDdLI3jHnW580wzIS-8kVeXRDEa7kOAaa8E7uJ5hWiqEHziQYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.worldtimebuddy.com%2F&ds=l&xdt=1&iif=1&cor=8319951997998849000&adk=250412560&idt=169&cac=0&dtd=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

095581b0fb74acbf1c59bc1babf79299b324fcb198945a6f289ddc7777645a9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 10:30:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36051
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D35E 0
10 B 32ms
31ms Image
text/plain 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ZjezxA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:820::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 10:30:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6D59 0
0 44ms
43ms Image
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202303230101&jk=1551864668883561&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame B366 106 KB
37 KB 105ms
24ms Script
text/javascript 2607:f8b0:4006:821::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.worldtimebuddy.com
URL: https://www.worldtimebuddy.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2006 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/
Origin: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 00:29:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36030
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Mar 2023 00:29:55 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230327/r20110914/elements/html/ Frame B366 11 KB
4 KB 35ms
35ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230327/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DYC3f9HVNsqVQBEX9evd8QD-x3I3GGNJbDHrHJrrlAk3bQPN4SSHDIUdmtyKVBhzrLF1Po3D8L5C_c-YKDn_0PLATLwQ&cry=1&dbm_d=AKAmf-Ch7_-Z1nEjlaZRJiN-k1gvSxYtrLKbKZTqTRD5ZwFuQtCg3DpP_iD5J1IwiSdvlcCeFvz41FuDaIejGlwN5QofBc3tItnL_lh2xiT-XnPIMRuDCCHSu2LIqORoUZq2Eo9O_bTJqg-Kyr-DpqGD1xLcsGJt2UdvAviubVh3u042qowzOOUlzlsVKJroCgNBrfK7il8lIQi1mHBocWtsHH48Ci_E1ddsYvUqi1_t8b0O5YcIFCPNdtSOO-o7-k1YcIXLaCEy7PG3OCLsGbtE5XY18pSrXYZhL17nvgemsw-fUCKDSWXmMLS3zqv6-mkW8Ze_b9B9uEGckAOMEvFwyEt9ZQA0DtSnYXXKuZv7CQr9lMxqEFYzgbnkk5tQZV9QCbHE8dLQnRkKbMAtKtH04SAVRiLs_EIC7OQ_NU5oWYvt-Npza8OBnT9rE64jItIZc-hitjIKBb29PXISTT6k99HjmnM0DTruNQF6qZdEEUzxyMF26JNE0lx1WL8p-5vHJbtEm0svJV86yeWY98_cTaXkeoCuuJ2vsv-4Wn8gIUOe4dOrF4-_WNOpNgBO8p5mknH4YIpOSSeC4V0vZ9GgVyUlg0Poxe1v5_U5e5dFVZcNt-5YrUAPr7q1V0oMlnYdsdZG891bHdS3VCLrtWSkGLdF8Le6ihZVAheAUhcHLFCnzJqcFJXVU8TD8uMIJ8zQNqdxL7v8Lti_cImFzrYnSxcsAe13FfFuFuech4QL-smy-TinzM1fUMMq54U4ntUefcbpXe1gyzu0Nz6YF25v1l-GMrgi8YsyOgQCmK_Dm2fFbbFMGiA1bJGV28HmlhAvmI3mgVdU366r5Ose8tcrU6QNHRqJYtuSC__SsazZIcjs92AtMcxdQ8p6EJTQLG-3jZz4eMhI84lfY29LAog7SJof0yZBnpEIf6bxJtZbLoCanMSfAocKwWEPI4U9RSddB8jC-lY8SVkaZv27WyB2NXHQVfLHJ-1gowLQb_oLOOFZArRfPQQ8KTNc_Jq3xVPIHfLnJvpakjFUhOlRwwdGIqSTk6rzT66dZVsjotypWiFvooxez5E2fKA8OF0vn_yVWho_FrEDz9JKJKiPr59DwsDTrlR02wcWNt_pKDSW4qlNsJiudXXFWkH8NsqXPisNej0qmW2JNUKGBKbpM90rnFUroPdPD9hVKpWOzsVEosGlxABAVSlpI0eaVGqs00X22gJrvFaIInrzC8DF66T5rvDfWmflm6PQacDqsnUTvQpgX2KvbNfN2SDQ7V7SrCvLIxlCqRtpHjf5UnzbQzrzfWfu1wstpQWCMgm58tJBZdBlCB-2QusOZ-h3SyV0GT3tkozy4MJVKlzWUlRN40CoUwUflfLpGRAYezDzhO2qAfxe_GWGqaDGGMic8rIwV1sy8CNutRxpbz03DHknBbErhqL0ZU-dtzmMdt_dMT2aEL3ylNbvYLzhuiYzyZesSaNyZhDZyiV7daGTlQPuRmCFXGAx5TuBNMg1QJPLStYWyFcNDoAtIGEnB0oeMLjOSV1MvfY0_qcW_gsfG4cLzrUJ6_Qa_p_8E8bleydOTKHAkuIfuCzISMYqDl12unYmTAXxLZeYOmEgwqMYvMTgDkXHTkUtBd3F42YIJhwBtYL8eFHvEsuIN8P8EGRfzhHKjlfVi77-Z0K-fpW8ExUwYijiL1mX9xWVAlCCUScotHGORkdizAhk5dQfjc7q2G9cKyFZjdF7fQpDQeTOq4nn3qzFhcGwDy1IgrqK6USH29VnDRg5OmMCyoSFlueWDSoMG1WswqfzLKZxYGDajrIBgZqNG59Fy4X7sSuLTEh4QyxB16LvUHw1TxZpW0KOtgjUP6JeIBHS7NKN1yFnuHI1BKV9ABuKsffOqHQfj3YN5f-GLjp4iqpp0PqYuPJqdZ8P1vQlwkKkzacKDyMWs1a38w-1c-NBKEBUXXxQOobytd2F9gial5epWbzaOesCI5ETncNLMcsBFze_TonuaS5OijaBKB02Nj2Ke5YxXzUtn_e8x3IQxJIqSGGWu82ygnZwAacSbBXjlw-Sdv38kaWAkeIufZhqN2L-E8mmNN9xkLnjmppqAou1fYS7paOLhGeACMYu7BHeFqQWEgVUTb7dzXZRNcJ5o4eusVYlg-kpJuAp9s09R3FzoSdLriCaevKoyqJF2ucHRZQAenNcV0YgqG3jH4zUbHnoTYZhrpgjJRONHdp_RhjQB1mAS2MqXmLBFRLYNTXILDIiPmKaNrmjPEYIqC1ccvkH3py7erGxmaphay4Hc-KuCKYZ1sNfARY_4XnS5D-fUrDm3FLtOrXgXarJ1PS_BHSqEjNMTIh1n2aj3nXIP72CMkk2DIasj_e6NzwKhWEINKHONo_qLAfbQKhJQsCC0D2o49kwbaUekfegzZdgMMd3anLvahcWATgMnIMnohkcaOvD3rw7ix2BZimqGzLIiF67dg1IA3X0GdtZ9O3ETX6_N0K-ft-bQEPyveXJY7LnD8RPvckG2Em_WwyqRlr62cZ7w5q72MiW8fK_y45pwwA2MHDpPJa_5OHUNUm5WQmLSfCw9LM9B-MsVBhp-Xx_Cf34_Tr7BwEeT-073HWM7AN2xzELrsF_U6Og6QZdaSahHq5pYMfIX1aLHxKlg8joa2_i6j8sVfdQGuRP2JbdmVqz7jbw0YOticot8UktpyAEj6oCTlxaJFAxTzu70n54cO0hTpTXZLPKWWC1OxJPSf1_67BGdjHgHBsO3Q5qE7Ohic_bV7Q9b4x-YmvvZV68KSz1tNHICOUg2mygH-_DXv2Fl2XsIEtyjScHb8F3Ck5smwyBqpnysPU31QoiFypdTXUf32ljkcFdZLPOj7i89typXcJRJbQ8q_55AngN6crfuDaWUbnfxjxVnHYV0g9flP7YYomcKHsU-AnTfFQb3tGvmnPwGXMRy6mQhtDJZIvdUZexkAmK-rnueoQW3du4Yo9rxK7cZQmraIprhNL4qFLsA8z8CLhHNTARs0ZjqG_Jh3XkaM5n1Ojvik7ZE4ffpO_trENgEIc7qAjXK1e1kV6b5BuinestcDQpKpq9Hh0m7OKH31xDsnWF4xOeoshYdsABOaFYOc4hSOBGU3YKBzrin8_jQ5McuBL0AIfgaZ2rqljroY9hmwcWu3AaaHsXt9uu9fHcOfLlS-iEjnNZRjzBsm1PbXRDUyT6IrDrGu0aM0Z29mJfQkFQYsQBNfwqE3xSRgPM75oUFHk18HVP9GexBlbLw317gt1nfRcpOP2k1i85opY7e6L1FasAp-MSS2_iuqsDSfJZdP5_TuA2rUUStg43eTUPfNbBvhzaOHgYGxdoj_ef5z24hTeZoXx-FJlnbHyYi8QbKQc9YLVyH6qAoQcLx_CE7zC29hx7NGxc8bH4rFalkQ-bDmoPDlY0irH_jgQFgr1Ea8-2rjh4qDIyqmkRfJ5wgek0nI5x5573C3OVglqyDXBnm32Zr92hcfrUAL6P-UAUFARonxIXb8lGfb_IOjVwKJeKCGjLnsjjGUtDCTzlEPNnsm4AMLe_jBLqPg&cid=CAQSTADUE5ymmFzh9pn9HSmFs0TtOE6lPYUp5Ahm6BvMgjb2a2IGSPb09v6qDdLI3jHnW580wzIS-8kVeXRDEa7kOAaa8E7uJ5hWiqEHziQYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.worldtimebuddy.com%2F&ds=l&xdt=1&iif=1&cor=6059189751741214000&adk=1964084972&idt=113&cac=0&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:03:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5188
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4123
x-xss-protection: 0
server: cafe
etag: 4541610132340792384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 09:03:57 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230327/r20110914/ Frame B366 28 KB
11 KB 29ms
27ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230327/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f98abf653536e6f0439fa159a3b559df2a3ac0129d49cffd218f99da93a531bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:03:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5188
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10999
x-xss-protection: 0
server: cafe
etag: 15539162433171823394
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 09:03:57 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame E57E 106 KB
37 KB 122ms
56ms Script
text/javascript 2607:f8b0:4006:821::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.worldtimebuddy.com
URL: https://www.worldtimebuddy.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2006 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/
Origin: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 00:29:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36030
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Mar 2023 00:29:55 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230327/r20110914/elements/html/ Frame E57E 11 KB
4 KB 26ms
25ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230327/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A5QN9Ps-KbhgLpA1ABDP_nmVlAb2SHA7FdeJexsbF0pQ4fCuBT45myTfVTK9K3lmjYJ5HjHY-9PYHM_qe1w2Rl-B_vsw&cry=1&dbm_d=AKAmf-AC1FRt_brnY1dDy6NrkrUbQ5U2X6Vhk3Ghph0hoT0qCF-zk90smP6rzv3FC9_YHFX0E4vT8Jer9V-SM0jZ7dyc4GAmYfXAR0KQG9kk0H_58BnE8qR2Wp3XlUyMt-Qq5YsoKuBt_F9YXHoTCrVILx5AYiTsnKjnjk0WIYBxxkgyutcX7kXiJJ_GnMucyVuGwPGNnLy4Bok_xyIVdJB6GJpk9_k0XVPY7ynIRSu4iu2tr_belecz0oqVKt7usmidITAFC4zSWe_Zj9fY50z0aRre8Dj5MyvykoagBbTucRFqfIL5rxbYciczFKtKpgZi84saJ-8kEZqQDoDotZ2-YFEecwBIHryrDkS1t3LzlSus7meg0TfPxFT5GJ8EPK2YhlRz8qYKs-j6BH80yOtGzFQ2kEKWXwtEqlWEav10AQN4ES7Y2vAzAZO16YP-jL5lASU99Zk8mSeQ_dElXtqChBF-z1lmda2oncjbI_mZ8jNga30yq8hz7YJyEtWBEY9E5P6cXxcFgaG1kW8J3WtQi1AjF1FM7rQ5iIcxW3mrcXRhvqJ2ErRQWES7wyUwou5gBlV3tITqhuoXtO02JuFteG7tA-6zJ3t3M_8kESVQGmsH_mUY7eo89VZpC3BNl0B4L0taU0ynh-UA_kt-YqV6g47zXxKz4Ymgq3_jLaEwv2ePYNTEuu_jbjCOAykBWPcyWpJMrdvgMD3SWkiSsdaWSAqWPK0Y2HjTO2S9MG1tQDSF7YiO3PnDvNpPmyNdFQA8JTriIBKR9RloOqntJriYhr6YUNxqMDjA3ejP-lV33RbkyJCwxswTw39Z56KZOE_T6Uic6DLGByK9EtRUNaV_PqHfutMWkhWVE5mBo21u3qY02c_oZrNGk0wvbQLEJreMk5j0rI6P74ty_WUnCfm0InE6Ok6gX4tVsW09gAyGWCNnk6dVr-hJIrFjMrAvCgTZmsbNnRGMvKpk9eKCWQ2XY3ZKPS4XVrA-17GjSqetomxSCz5FV3UBkSjuCNLn9CqLbVZ3_EN7jVICqPl1SrzHk4KPNN5GNs92TLg4plB7XeUTXXXnXVYZYCCkiaq3609qvlU9KbTDmnAP6YvfrF2VSBwl2PPxLyUgIY6offHkRnmA954kEGiKtk0otPWfcEqo59pBpwTnVbUigXndGPkj-kkUNHrQMglTDNLjeTEksBIStTlqVBvJfV6wpzifQLocot2qITAP40p912AgfofrQFfT7Ew7tGbp4Z3-rh4qu80sqtnWYdoQWYE2CdaG2U8mawQQaSo7PaaWoj4zh_Eeqc0dR-IPiKx9YKZPh8xrPL8VEs14iVl-FycHbuHyszObtwCy8bInkU5Z0SAG0aLp9b9J-9dJ-NBpjdTd3W7UwhL774RTJzD8FxfCur-JS_pRDbjLLIl2RkiqRPPegYwz2XgEPeaW2m8dRZJlkkKD1uHxxeeSFzBkoUne1GCl03C6NnfWvTb_d5pzT5raEokcFxuauNbzeZ2TjbS1EE4EJTkEZEQEH3JnByHa2F8pSWV4A7rGBnwptLUqborsqfkouWkbOAaeHbXQKEX3RmoCwNcTR8cc_ljRw312eh73oFKGBfWgHMnODp0ZK8XZuw9tnwLinPLOyqEvq197HWqqdbjQyfJhzx5I8znCOX31dADEN24TwSIMpjcAng8kzegavweyGA0dD3ML7JNiM6Tg6YL8r8PIlZ5ByoU9NCiGmFImPgKpEksfrYq36QKtn2xkUbNnPTs_14Zc8b9jbejH6PRIJFIx_R5n0lz887WeDkkD_s0MBlUsnQ2oQTaLXBNxIFh1YjZXNlQfWpQz7xeGSgVtnKROJkagXXsKy6CPdytpTdgfEmLaDFmC1emNjrC6rKzYye6PmhWup7lPu6u_-7BFe53Ivu4gUOScfbRnzKsODT1aOc2_EpMshCsWPn0RCHi8sCAaFNbj7NaFNvkZepUhWYDyk33kkKtCs94viYDH281-CVYXfPpQdeSmi99FGkhSN-wWDW6rTqYyazLXppKk7ZQtNoKrQwEtyyFpl4EkvAmfqB_RyIwZ6hsqvJZ6-XTiCDqmsn9EsCn2RjiYMxeVEBbYOllqzEaL1Tgsch4Jt7tJpbzVStMAnsNpZLriCL6_rfMpemGonejcA8_rlgSJB_luo6HomPjMGWCb2aCK9D-1PGy2vV7ORsmw--oTaxleBdNjjvOeylWSOL5YCrXqCNM3MlOTJfzBZedGTACBrdCJXHb4twfB7estndMcwEtL_kxtKcCwEL12VH55O5driPXUIgHyrFRd0lnW7_mYMqNe_ekDroMZxZNjIxLDKz-VMkWGrIG7DkHIeNAcZO4CIcC6YCs18q1S060g3ESBtUpV7G_x4O0_sBlrkQV3ws2NE7g5Kk4WR5aoqo8CYUc2p21ZUWetK0qsXnvf8TmwfeLf7hKpHJy-liS7YFoJuLvnBcr9LhD8RBdmL27lL65IrfslqcRZwmCoZzEjCEFKbD0cvg_OXA-rKpVLr1geNeBWgOlihR_EFqeI1gwYwusvwmEi4GOFbHJi2-yV_WbreS5QrA95-0qzW1Wvau-9HoG6bWIu019--eNWIx-NGRkJGUz4c-GEqgO8qKUhjCdBhFpvzXybKrb1HzX4MCKLatulmILES4UlvFlZHVoXO5AsyeYjTSyDakuBcVZgP_w_zt2k2KMkwfIJig87orhoymrWCG62cXA4GDddnPWNjVOlQVL4Y1ZAK6vHAvvYI64m1IuVpqIj7iwalMsBkdYS3QFRi0JDprnZhkEzKKNuVPabLDrE02Ny85dzyTylUvFgQvlTEKZRiixkYvRvxm17JgLmC3eQ5gz4kSqfZMOyB3qXwi4_y_a39s5SfO0T2RRiBYEx9_FABIEc6ocNTUZSrZGN3bVG5O4A-CCS2oMTwbIw7iAwVhLtkxDgnH4tUdOgB3PJXMxtOwKpLP-M_pttD6R3_jHYEKdC95Fo6KYyRq0hRyonzo3K4mwKAWLYbLK0ypoaIVHeAiR0sVfCKOTarVRWQUqcaQMFm4AI1NnoL0zkWizanw-os78CN9RnSoSOUh8v2CU_xC27QU4y7CtCOgsj5_p0mpCXzKtEaKFDrkIMrAHCvjlDbU2BmkDHAIc7qh2PieEvZQSDKfoj0iwoI2m8R_4vC7YmH8XdZOYup4rZlorRtrpRS7nuLISZR5ZWwmhiapd3whAUePtGK-AnNZCYtNBgFmALwBqH83KPk4Pr5Q0l37mWUOo9bTAKkMYMD3iEjmp3DxEx9vjCUZYAemvbzg8QhVZz1VCeLsX8cBujCJs4JvSHyow4cn5R_VktL4_C2YsSUHZypnYSlqy4D11ELLSSm6W_oop4tqxGESSDvtgbt29kTxWei_1szN1UiUaXYDJ7qLYXNCC9_AWpguWqPiC3cP8MMwYaFBBSRCRboFoJfhpMjefG8tiFi4ptwqcf13KbqRhQmlJ955aj04HObE2A00fFzIXMfE0MOjEIzxJGBtU9uwJ1LIy0IwH-NlsJ5pfZ&cid=CAQSTADUE5ymmFzh9pn9HSmFs0TtOE6lPYUp5Ahm6BvMgjb2a2IGSPb09v6qDdLI3jHnW580wzIS-8kVeXRDEa7kOAaa8E7uJ5hWiqEHziQYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.worldtimebuddy.com%2F&ds=l&xdt=1&iif=1&cor=8319951997998849000&adk=250412560&idt=169&cac=0&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:03:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5188
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4123
x-xss-protection: 0
server: cafe
etag: 4541610132340792384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 09:03:57 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230327/r20110914/ Frame E57E 28 KB
11 KB 28ms
25ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230327/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f98abf653536e6f0439fa159a3b559df2a3ac0129d49cffd218f99da93a531bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:03:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5188
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10999
x-xss-protection: 0
server: cafe
etag: 15539162433171823394
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 09:03:57 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B366 41 KB
15 KB 26ms
26ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com
URL: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:30:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3582
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Mar 2024 09:30:43 GMT

GET
DATA 200
OK truncated
/ Frame B366 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5065fba5cfd7cbcc2afde6a8995ba6fb5d46baaeddce3b681b32a7c4c6306327

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E57E 41 KB
15 KB 25ms
24ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com
URL: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:30:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3582
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Mar 2024 09:30:43 GMT

GET
DATA 200
OK truncated
/ Frame E57E 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c3a08e11c871e7b7a888d7292e5d740fd397e887d404b83caa37aefaabcbe89e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 11BE 22 KB
8 KB 25ms
24ms Document
text/html 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 3581
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 29 Mar 2023 09:30:44 GMT
expires: Thu, 28 Mar 2024 09:30:44 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 300x250.html Show response
s0.2mdn.net/sadbundle/1659077592175736303/ Frame BC62 6 KB
2 KB 86ms
26ms Document
text/html 2607:f8b0:4006:821::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1659077592175736303/300x250.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2006 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd89f38ee4ded6826376e8c6adc2217418ae55c15c0368842f91444e06ca1d43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 577514
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2288
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Mar 2023 18:05:11 GMT
expires: Thu, 21 Mar 2024 18:05:11 GMT
last-modified: Fri, 09 Dec 2022 16:06:18 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B366 0
0 345ms
133ms Fetch
image/gif 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstpeQQonZAwgt4TLp8dF_9APSUfyvxIo5HbMFPcOBpUE7lsz38oq6IqzhZg49FstooYkqj6F0jtpCLfmErzlPErwAK2dNoFHQ-sMBtMgYWWsxUljVOMK63nk3AjyiNdJoevmv0g7BCT7b9gtkNLEAiijrmMYw2LJM0iqKJDGT0Lnc0j5STOCAhk6QRYSm82gSsgSQEzcSVxEOAKXCjdniQ4zOSOYLLJqvbU5wQ9bdpWJbt32BGoipbs1BgSV-00F68BhRFISiVVfwEvk3Q4vTywcCPHMDF0AWEMgRpflhsv8lfalpsh7P-gCcgBvcKjJZiorWRr8tktnu4UtUKtFFuhG07hw8XEyn7ro7K51BFkSQkjSzROsG9naiXTi-giwtlreKrpBDCMeGojnS5XHte5Tynlx7tXCXhRHfh9IfCNTcFjnsnpE_UYCbfaQA5zFfM3WOq9jjzHp1WjfWoQkUsjIFo3aKSF7MshBsPhVS-ichqmW4LJmge0-LDlHxRPENKPfZfmswyNQGvVvQy2NRbJ_-IPELG2SV0wg6VwihAy4pZ6icWKC_KnfLCbf-f-DsTUVulUa0UKROuW5LhisheAM7m7hg5_Fr751lAkjaGAWzCs3EuVOjsWGQKSvMI4hsPM1156pKtes6Vz4jibbdPg-zUTenI8UH3o86KX2GFPg4ioljP6505GWviqMyfLcq92XZTH1OYYnwKnLAsWDhNdYdEimUQGzd8nnEWa8h7I8cPqdBnhd-ZB_svDbNzNz-1_9ck7QHhhbKdRhzQsWT1Ul4YYpPBc5d8EV-aNJHpGq71Hq_KlhRrbH08t0Kcpc0BAkokY0X9GQypTVrHO53PaKyIaADE5YniKYZnl16wj4H3_4XmVwQdTpFpKGTCeSWgTzMeKZw2z91jdaGvLK_WaWhE05FdM5gTb4TxHpIlIwjcsH_V3GNfW7UAjezli6oZVAYrKkZ3LjIApiS2OGpGr1GGV7ZsB0Pwf35ELou7IxL9BSZKeuTtJLnFX3wwZT7rqbV9tLKwRb6GHC5X52xtQ88jstZ5LEGa219qSeJ7XPWaX5F-VsxFwjd9QYn11SlRqU4tb1QMCRs8vcvBqK5udDGAOo9D0GjMQ-6DrcahPTnnohXEkCTu8PTxbwhrKA9PFiq1V6o4QtpHwKRdVljETSY34b2xeoqRF1Wu3ag5gP3uOdFxNH5PP7Ns7NZ4L2n3r4TSj1C7WlZ29pBAEbdwcltoVM4dO8gXLOyYtNHC527yKNG_9XG7ZJDvue_5gfs5I5rLXKhAX7Ps_U043BjWE7ySJ_YxxBLGG__Df9SMeMiyPdTbp95hDzKxHvNccSg&sai=AMfl-YR8_VAr87zS5TJGBL6fNxnIcLW9rwLzRiBbG9n7T9szBJaxiNJCroezL66GxXrjNYcJLYYYmY0sTmGzFwYq-4lFssjxRL9yPBGF39ULy7rofFd8toy6DpSB8dQSbktyu2pXcQLruDnbQAGQ-QeHtwYR4SSs63S8Q4z5UxvSrtgZP5Kcd3FA5LgGydPjOEKtnnI3YYaDE3Ycr2pk8hbyvljoU7WOD-7wKRuoOma0hpbFYBq-lvgebw7hyHQIzEVV2XwNEjvHRiT0_CnVe8JGNnPKWyGxCxp8Iv-T&sig=Cg0ArKJSzBlewvr3m57mEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=216&cbvp=1&cstd=210&cisv=r20230327.38862&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.worldtimebuddy.com
URL: https://www.worldtimebuddy.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 29 Mar 2023 10:30:25 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 29 Mar 2023 10:30:25 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E94F 22 KB
8 KB 26ms
26ms Document
text/html 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 3581
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 29 Mar 2023 09:30:44 GMT
expires: Thu, 28 Mar 2024 09:30:44 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 728x90.html Show response
s0.2mdn.net/sadbundle/2798562674816683106/_20off_branded_BookNow_HTML5_728x90/ Frame 30BA 6 KB
2 KB 90ms
32ms Document
text/html 2607:f8b0:4006:821::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2798562674816683106/_20off_branded_BookNow_HTML5_728x90/728x90.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2006 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ac1da84462c0b400847a2ce9ed3ccbe189c2732b71f4aa9a8f1b8937317bf68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 577514
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2324
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Mar 2023 18:05:11 GMT
expires: Thu, 21 Mar 2024 18:05:11 GMT
last-modified: Tue, 13 Dec 2022 17:22:27 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame E57E 0
0 258ms
56ms Fetch
image/gif 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstkoYX-ajxWsobFZwdNHUjCJmVj1aRgV3niwvenD1CbFdaNq-wzEX0wor7_-JaYSV0hIDTzhLMOeNYanLrDHDlNzgBpzDYLdNK7jk4KESW-4DyXxtF7IoHfu95IUb0OedauTATTbxh3CNqItgpp01T7-KUii9WGbuqkCaUqq4hLkP6UWZs9Mv5AQWlW4H9-J-1o0ToDdQzIz3WSYzbVTZTHd5pKC-gQbpoq5hx-7BqF5XPjN0kMccODM_9ZxjjmqpA7exZWta8Crqb_1DfHwkuW6OlLJL3Pd7gvoo5oGcpPOubAbhAy-VwGEnage-q6ON0arMV32i1l0YSImQ1lK1ZPQrNWRfRPdZdmsBjxVlFsryL8YXqUTuLGK-ReVXqB6jZjc6evbpen3Bs2IhuMDt4JbeIoUTvDo6Ug2O50sWdO5D38WwTH1SDev152D5RANbksHsvqNAfEDP6COyJN7X36SNxxhy63-SOHNPP06m3MIJKpuaKJY0YB05g5OAn8R9IEioPw4PE0RCtzsG9kjsPn6IxhTpIshp-07maYDNe_1rJz5Pr8z8pN9Gc5HsuWC5i_0Po0SP6tq1vttNK1NNtSMxFDK7rRM2DUv3rcZHg0dsw4TmG3OXcpeo89vqaxvvtjprxha25zrbqTpxMQVLKBBIkjuxkmd9KpgGC7pQl7SJJaFc8N99nJ_3VL98NPmSZF3RWkmpklTitu144q9zuQvJFGpv-Xn6zNfNPhlVynbkNOLwGuPf-hN4Em-mXuICfxKenXxF4fB4NGx-xSLmBWPxXL1jPc8yJBWpr9t-EUQcTAQAcNkwLQo-buRCmAC1NH59abh7jTtdSx_gyU5cMAW4mP-jZevS2vfNIichXuXyV1ixCTcftII3cptn74Q7WhbkHEe-arX9IVpN8L4yCuV_RuxcINd8QdOd4Gs_5oaz3DXIGcrwq-XS3XNmbnShpVVs4-up0mQOJdNHt0DYHO3gXRHNL_HMajJSrUGAWDji3Uoh1teGJPogBr4vBNS5yUvGQf-5EWnLTVdOBBSGTa13C54GVTUBYbU7lgRO_3eko7bVPMiB4ho6j7uKRahla-sqIRtlEcq56fZJczrnzitrPrDLor8wi7eIkjYgZnKgn794HaPVvd-_OjIAQXnv-wcmCEn6QkvI_pMwlEEnxMCnnqXTyV11NB_H8FVgovMmoKK0FJOph4RdemuBYxlC-piBR-c3r5huS27RLCag21DDuEIYR6nKxWyMT2DnQe3PMVY5TLXHrZcY61k3Cx78PaH8iOiwJ67J00grJo0J-Ml-u1T1KGH9zYaCQxI9iZbmjT87Ey&sai=AMfl-YRCef5VUmrmqHGawcl3llAd_mri2K75dKVGQx5EOPis3MciTEl0xnh9VHNeGITpHPSDFiNgEzIGkC4zSRvpN0nclm08U4zxeta6VznGO1e-qGRbrG8ZJ0Dq55Rbm1NXix89EgNN6BCBDWSF0oR44eCNiUCntsuSG6R-jvg23uvTtLhg217K2yrsYEwpQsGDftqkDQnGwG7NuD-OFklYSLxc-mSIkKZ2FJeWpfv7mLkdJhPvYLIugFMuZ1jYeFC1zUtteyr5X_KvVGYcNGwaTf3N3bheNHk03SEM&sig=Cg0ArKJSzJ-W-55tiydXEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=211&cbvp=1&cstd=208&cisv=r20230327.00553&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.worldtimebuddy.com
URL: https://www.worldtimebuddy.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 29 Mar 2023 10:30:25 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 29 Mar 2023 10:30:25 GMT

GET
H3 200 3b1Q3-2ktxseIVt-HK-LDpEKRyl8KDIxhU6os0UJEUg.js Show response
pagead2.googlesyndication.com/bg/ Frame 11BE 36 KB
14 KB 29ms
28ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3b1Q3-2ktxseIVt-HK-LDpEKRyl8KDIxhU6os0UJEUg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddbd50dfeda4b71b1e215b7e1caf8b0e910a47297c283231854ea8b345091148

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:40:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2980
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14404
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Mar 2024 09:40:45 GMT

GET
H3 200 3b1Q3-2ktxseIVt-HK-LDpEKRyl8KDIxhU6os0UJEUg.js Show response
pagead2.googlesyndication.com/bg/ Frame E94F 36 KB
14 KB 32ms
31ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3b1Q3-2ktxseIVt-HK-LDpEKRyl8KDIxhU6os0UJEUg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddbd50dfeda4b71b1e215b7e1caf8b0e910a47297c283231854ea8b345091148

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 09:40:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2980
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14404
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Mar 2024 09:40:45 GMT

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame BC62 236 KB
63 KB 159ms
39ms Script
text/javascript 2600:141b:13::17d7:829b

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1659077592175736303/300x250.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2600:141b:13::17d7:829b -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 10:30:25 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Wed, 29 Mar 2023 10:45:25 GMT

GET
H3 200 300x250.js Show response
s0.2mdn.net/sadbundle/1659077592175736303/ Frame BC62 50 KB
10 KB 26ms
26ms Script
application/x-javascript 2607:f8b0:4006:821::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1659077592175736303/300x250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1659077592175736303/300x250.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2006 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

021197fd998481d8d1efd3bc089fe0d2bf620c42846cbaef0dbcfbbddd3899b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1659077592175736303/300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 18:05:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 577514
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10145
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 16:06:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Mar 2024 18:05:11 GMT

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 30BA 236 KB
63 KB 134ms
34ms Script
text/javascript 2600:141b:13::17d7:829b

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2798562674816683106/_20off_branded_BookNow_HTML5_728x90/728x90.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2600:141b:13::17d7:829b -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 10:30:25 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Wed, 29 Mar 2023 10:45:25 GMT

GET
H3 200 728x90.js Show response
s0.2mdn.net/sadbundle/2798562674816683106/_20off_branded_BookNow_HTML5_728x90/ Frame 30BA 40 KB
9 KB 25ms
25ms Script
application/x-javascript 2607:f8b0:4006:821::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2798562674816683106/_20off_branded_BookNow_HTML5_728x90/728x90.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2798562674816683106/_20off_branded_BookNow_HTML5_728x90/728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2006 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fb0ef1eb0add6824812a0b2c84b0a9967bebee107ad3298e5cab9aaad99e5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2798562674816683106/_20off_branded_BookNow_HTML5_728x90/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 18:05:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 577514
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9259
x-xss-protection: 0
last-modified: Tue, 13 Dec 2022 17:22:27 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Mar 2024 18:05:11 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 45ms
44ms Image
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202303230101&jk=1551864668883561&bg=!4uGl4bXNAAbO2UOH7tk7ADkAdvg8Wndxmh8Ptodw7veHkBywh_sCNpe9J3AAZv-AVHUjkdjT9OJmEFfJ__1is8xDwteN7E9PZ4sCAAAA1lIAAAAFaAEHmQKp7rBZxNF3YE7whbj98M5TUf5II9nlygK80P3gM7Tx5YSfpcTw18TTv2HSxpCIq-1Y31P6JrWrQdhhIXAXFxQpz0PiGlGsAEsBnzfDEugEOHWA7zgs65T93AkxLy7sOIV6GM985piMkt-mmuQViAVIJkX5QswuzNIa5kHbl2SQHWVRg3lYCEajy5qOK4oi2ypgUGnaMQypYcY7Y387n7USMuMy97o_xjoy84AkMSThDt7N0B0XYecPYxsLfpzJZHU9b5qgJtShG85qWfRP8m1-EJsi2fSrAQi1_eH0edAs1V8mM5C3xdPREOnmxwzqWfRkaVOjwSn8pgbpcplGd8Xpz7LRyZ6Uy-nDammS2J4XToxqHwP2RU0upT60lJrv2ItSXo8gHYzpPmATtRwym9h-52jHS1r0rd2g4VLZNEduE0rE9FOQ0Xyp85qwsT4A0FPnwuWB0lBkk2Fk852wedy28a6oj_MoL7fodpY3QQh5s_FYIDjaJPGvCjcsOEHgvX2YSTKSw1Izj6RnR2QklYr3B71IitR1LqMZm-2WMWPO7SM7IRlnKKtalCa8-k92pWyE3VALNXPQLXemxqgIr2GvNNNU8eJ4F2O8dKGJ6G0EP3jW5LY1MS-jP556CMv7mtGt01adeS1xom_k2wrt-0Ss1ub1I7HKY7DBqEp7ZfCfgwFXwa6YtchVpgGF5ZK5EQDNth8R16gpN0BPD7gAVbpvpqKu4vKAHQAIqZKJfsTK9V_2xaUUPjMBk2b_59nM3XpU6IMoIL2y4cK_Lh2_kNZI6o2hUi3jQa7I43yna-ZmLZy-_sJ2C_M1wr_-y480nsxLBpfOZf8IEatIrgFnNYnw_nOtiOD7Mc9khUdjnF_uKQWdGvqeQmRlZT684YpEP9SqTW5TbS8VJfaa
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.worldtimebuddy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 200 728x90_atlas_1.png
s0.2mdn.net/sadbundle/2798562674816683106/_20off_branded_BookNow_HTML5_728x90/images/ Frame 30BA 54 KB
54 KB 26ms
25ms Image
image/png 2607:f8b0:4006:821::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2798562674816683106/_20off_branded_BookNow_HTML5_728x90/images/728x90_atlas_1.png

Requested by

Host: bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com
URL: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2006 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c1daed07cf5cd5022457d43632a67c3c21cbe86a9f9852d031b04c2a2c1be15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2798562674816683106/_20off_branded_BookNow_HTML5_728x90/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 18:05:11 GMT
x-content-type-options: nosniff
age: 577514
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55685
x-xss-protection: 0
last-modified: Tue, 13 Dec 2022 17:22:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Mar 2024 18:05:11 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame E57E 0
0 48ms
48ms Fetch
image/gif 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstkoYX-ajxWsobFZwdNHUjCJmVj1aRgV3niwvenD1CbFdaNq-wzEX0wor7_-JaYSV0hIDTzhLMOeNYanLrDHDlNzgBpzDYLdNK7jk4KESW-4DyXxtF7IoHfu95IUb0OedauTATTbxh3CNqItgpp01T7-KUii9WGbuqkCaUqq4hLkP6UWZs9Mv5AQWlW4H9-J-1o0ToDdQzIz3WSYzbVTZTHd5pKC-gQbpoq5hx-7BqF5XPjN0kMccODM_9ZxjjmqpA7exZWta8Crqb_1DfHwkuW6OlLJL3Pd7gvoo5oGcpPOubAbhAy-VwGEnage-q6ON0arMV32i1l0YSImQ1lK1ZPQrNWRfRPdZdmsBjxVlFsryL8YXqUTuLGK-ReVXqB6jZjc6evbpen3Bs2IhuMDt4JbeIoUTvDo6Ug2O50sWdO5D38WwTH1SDev152D5RANbksHsvqNAfEDP6COyJN7X36SNxxhy63-SOHNPP06m3MIJKpuaKJY0YB05g5OAn8R9IEioPw4PE0RCtzsG9kjsPn6IxhTpIshp-07maYDNe_1rJz5Pr8z8pN9Gc5HsuWC5i_0Po0SP6tq1vttNK1NNtSMxFDK7rRM2DUv3rcZHg0dsw4TmG3OXcpeo89vqaxvvtjprxha25zrbqTpxMQVLKBBIkjuxkmd9KpgGC7pQl7SJJaFc8N99nJ_3VL98NPmSZF3RWkmpklTitu144q9zuQvJFGpv-Xn6zNfNPhlVynbkNOLwGuPf-hN4Em-mXuICfxKenXxF4fB4NGx-xSLmBWPxXL1jPc8yJBWpr9t-EUQcTAQAcNkwLQo-buRCmAC1NH59abh7jTtdSx_gyU5cMAW4mP-jZevS2vfNIichXuXyV1ixCTcftII3cptn74Q7WhbkHEe-arX9IVpN8L4yCuV_RuxcINd8QdOd4Gs_5oaz3DXIGcrwq-XS3XNmbnShpVVs4-up0mQOJdNHt0DYHO3gXRHNL_HMajJSrUGAWDji3Uoh1teGJPogBr4vBNS5yUvGQf-5EWnLTVdOBBSGTa13C54GVTUBYbU7lgRO_3eko7bVPMiB4ho6j7uKRahla-sqIRtlEcq56fZJczrnzitrPrDLor8wi7eIkjYgZnKgn794HaPVvd-_OjIAQXnv-wcmCEn6QkvI_pMwlEEnxMCnnqXTyV11NB_H8FVgovMmoKK0FJOph4RdemuBYxlC-piBR-c3r5huS27RLCag21DDuEIYR6nKxWyMT2DnQe3PMVY5TLXHrZcY61k3Cx78PaH8iOiwJ67J00grJo0J-Ml-u1T1KGH9zYaCQxI9iZbmjT87Ey&sai=AMfl-YRCef5VUmrmqHGawcl3llAd_mri2K75dKVGQx5EOPis3MciTEl0xnh9VHNeGITpHPSDFiNgEzIGkC4zSRvpN0nclm08U4zxeta6VznGO1e-qGRbrG8ZJ0Dq55Rbm1NXix89EgNN6BCBDWSF0oR44eCNiUCntsuSG6R-jvg23uvTtLhg217K2yrsYEwpQsGDftqkDQnGwG7NuD-OFklYSLxc-mSIkKZ2FJeWpfv7mLkdJhPvYLIugFMuZ1jYeFC1zUtteyr5X_KvVGYcNGwaTf3N3bheNHk03SEM&sig=Cg0ArKJSzJ-W-55tiydXEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=753&vt=11&dtpt=542&dett=3&cstd=208&cisv=r20230327.00553&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.worldtimebuddy.com
URL: https://www.worldtimebuddy.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 10:30:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 29 Mar 2023 10:30:25 GMT

GET
H3 200 300x250_atlas_1.png
s0.2mdn.net/sadbundle/1659077592175736303/images/ Frame BC62 120 KB
120 KB 46ms
46ms Image
image/png 2607:f8b0:4006:821::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1659077592175736303/images/300x250_atlas_1.png

Requested by

Host: bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com
URL: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2006 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5aeaf7a8a767a16acdf7d2895c7f706ceadab550ddf6236ac513508f7ba3a02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1659077592175736303/300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 18:05:12 GMT
x-content-type-options: nosniff
age: 577513
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123186
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 16:06:18 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Mar 2024 18:05:12 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B366 0
0 49ms
48ms Fetch
image/gif 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstpeQQonZAwgt4TLp8dF_9APSUfyvxIo5HbMFPcOBpUE7lsz38oq6IqzhZg49FstooYkqj6F0jtpCLfmErzlPErwAK2dNoFHQ-sMBtMgYWWsxUljVOMK63nk3AjyiNdJoevmv0g7BCT7b9gtkNLEAiijrmMYw2LJM0iqKJDGT0Lnc0j5STOCAhk6QRYSm82gSsgSQEzcSVxEOAKXCjdniQ4zOSOYLLJqvbU5wQ9bdpWJbt32BGoipbs1BgSV-00F68BhRFISiVVfwEvk3Q4vTywcCPHMDF0AWEMgRpflhsv8lfalpsh7P-gCcgBvcKjJZiorWRr8tktnu4UtUKtFFuhG07hw8XEyn7ro7K51BFkSQkjSzROsG9naiXTi-giwtlreKrpBDCMeGojnS5XHte5Tynlx7tXCXhRHfh9IfCNTcFjnsnpE_UYCbfaQA5zFfM3WOq9jjzHp1WjfWoQkUsjIFo3aKSF7MshBsPhVS-ichqmW4LJmge0-LDlHxRPENKPfZfmswyNQGvVvQy2NRbJ_-IPELG2SV0wg6VwihAy4pZ6icWKC_KnfLCbf-f-DsTUVulUa0UKROuW5LhisheAM7m7hg5_Fr751lAkjaGAWzCs3EuVOjsWGQKSvMI4hsPM1156pKtes6Vz4jibbdPg-zUTenI8UH3o86KX2GFPg4ioljP6505GWviqMyfLcq92XZTH1OYYnwKnLAsWDhNdYdEimUQGzd8nnEWa8h7I8cPqdBnhd-ZB_svDbNzNz-1_9ck7QHhhbKdRhzQsWT1Ul4YYpPBc5d8EV-aNJHpGq71Hq_KlhRrbH08t0Kcpc0BAkokY0X9GQypTVrHO53PaKyIaADE5YniKYZnl16wj4H3_4XmVwQdTpFpKGTCeSWgTzMeKZw2z91jdaGvLK_WaWhE05FdM5gTb4TxHpIlIwjcsH_V3GNfW7UAjezli6oZVAYrKkZ3LjIApiS2OGpGr1GGV7ZsB0Pwf35ELou7IxL9BSZKeuTtJLnFX3wwZT7rqbV9tLKwRb6GHC5X52xtQ88jstZ5LEGa219qSeJ7XPWaX5F-VsxFwjd9QYn11SlRqU4tb1QMCRs8vcvBqK5udDGAOo9D0GjMQ-6DrcahPTnnohXEkCTu8PTxbwhrKA9PFiq1V6o4QtpHwKRdVljETSY34b2xeoqRF1Wu3ag5gP3uOdFxNH5PP7Ns7NZ4L2n3r4TSj1C7WlZ29pBAEbdwcltoVM4dO8gXLOyYtNHC527yKNG_9XG7ZJDvue_5gfs5I5rLXKhAX7Ps_U043BjWE7ySJ_YxxBLGG__Df9SMeMiyPdTbp95hDzKxHvNccSg&sai=AMfl-YR8_VAr87zS5TJGBL6fNxnIcLW9rwLzRiBbG9n7T9szBJaxiNJCroezL66GxXrjNYcJLYYYmY0sTmGzFwYq-4lFssjxRL9yPBGF39ULy7rofFd8toy6DpSB8dQSbktyu2pXcQLruDnbQAGQ-QeHtwYR4SSs63S8Q4z5UxvSrtgZP5Kcd3FA5LgGydPjOEKtnnI3YYaDE3Ycr2pk8hbyvljoU7WOD-7wKRuoOma0hpbFYBq-lvgebw7hyHQIzEVV2XwNEjvHRiT0_CnVe8JGNnPKWyGxCxp8Iv-T&sig=Cg0ArKJSzBlewvr3m57mEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=777&vt=11&dtpt=561&dett=3&cstd=210&cisv=r20230327.38862&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.worldtimebuddy.com
URL: https://www.worldtimebuddy.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 10:30:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 29 Mar 2023 10:30:25 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 11BE 0
20 B 45ms
45ms Image
image/gif 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BpDGkQBMkZNqDNpSboPMPlai_mA8AAAAAOAHgBAI&bg=!1tWl1YHNAAbO2UOH7tk7ADkAdvg8WsIupIG1e8ANsUt8hfEC8AwLsVikmWZ0xIXJ3yGaVE4HS64sbTMrQKTgjD3aPGUHGml7yM8CAAABNFIAAAAEaAEHmQL5Be4blCrpCED7amwdMpl1b_1-S2w3kjoGf2DAul-rTkqhp1HJjZMsDQIBQ24eLtzvu7CTm8D-GaUvxlZa7aUQNMoYyJP8CWriEORkac2EHvLLQNiaBF5Tz0sVE3Ez1A_TKfJJOoA-_ykQn0GZOmmdBcNbTtXU_wKVd-X1DMmYmXRuOp3tPIISCohxh_FP8GsvEcJ0QgcFFsAbFXurGOIGS3Kilb0YIwUj4ofkhRBkbUe2hGtUFwfTNAWianefK-c_rsmW3HOysj4KCkdyRGtLsaSqlXNiV_j_I5iR1LegIKBQ4zcE18CqqdKZCehDKDQW4t7Vqf2mu7N_nxJtYH-TwFij7uEFptysW1SzP4bCNYgU_f8nVZA7IXxRqT-FOyCY2SUZecR-OnFS5GKTZXQKQC06XkwExfFvHXIMd934JbtBKOaVfTV7DqHKysBHcCxJs0NKhs971Su4BLd3rMO8sDicQqz1K71c3qhfqdaQnQDQMwhHtMdSRCu8ZGD7JlfLy-h5L-hEBNUaVBL2RkPCfH1jLxtO_99eViLKHoi-9A5M23DCBW_dvj84ek-9A6T0cGHuGNHWOlWUOZgOMdyFS7mbIdHYq5lhCxlmTdoSfZMPwO0K_G9lOct3uwtNriPPfTv7M_Tju1zy52hao6DiCiPjFf0F2SO2SZknkSPCcd-o22yXsZ9FeKVDapdwC7Rzi-8bIOPK9CocfiY9QnN9JAcLNgvJ6HI_X-IZ4qsKjnjATTqeHtCrAmVn2cChLutkvZfdtQLlPdkP07iL76BAb_myUSTFQilNdSs6xLVXM_lzOyre0AF6FJ1pOwDNwBl8glENYlbfTozmxJb3I0TYDAcPNKB7rfTvjxCPfANkhrOBRIze9OO3dd817_L-53lA1km_kDZbQcm2Jl-zXDPkTw0AQu-rY0MU_BOZc9IZHgoaNDDMFTIbeWO3LynFC9vNsnCrxI69t-6QUgq3saUyyyfq7dBnzzUPKpu0qgm_RqZ6gj9P20WZQOI

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 10:30:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E94F 0
20 B 46ms
45ms Image
image/gif 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BKliyQBMkZM68NpmYoPMP9J6S4AcAAAAAOAHgBAI&bg=!BgWlBVHNAAbO2UOH7tk7ADkAdvg8WgyboS6bmUkIxdvSipH1XaWC7FxgqUHN5DMJ-pPouUSef9WM52t09K3SS4s7nxeD8qK18XACAAABTFIAAAAJaAEHCgBMeT9IqWyur_W-D-heUKHL7E6bMfGsvCpXL2M9VKRxxFbexJ8MuIBFRvFJqzSxIjcXhDX5XgnMMmWZ3pM7eLw3Sf75h1J4l36e4CyIbZkC74Rzv4ULyW1ZnxfEw4Ppw9gjilI43OpuaiV0iQiiMi09sTQrMgbODvfTkIUQ2bmUUrSSTJUjZA1qdM-vn5YHJiWmXyFUs1F7yUvEjieAw3APHBrxv84LcCzVYyIX3Yfz1c1yz9aRDss7tlzjxAdsAE2dH2hjhXlrMDpr_n2sPlWIi0yWgSm1wKkpTxw_xTvt7kzEeZH1wuf10W0DjJwtKZjm4mOSBZ2N77XmWRNZecVRrLusTo3PwB6nwrj4wxbHwU9opds0XX4oV1eIOhlFpGnanAEsiJAmt5ynR6wzv-9TyYvorCbQjcenMjjRfAJ9-9wTwq3W-PAWqQx8pLHgCL8ZuzQhLG-f4vE3ELG50pi07vEpwJO9vl4emIWFqQv19c7ePvZO1VO6rQ-7qAcuU2h8QV5BUsz55WJfoFNrO-pTA9uUy4rDfve21YvsO_5KJscblqD2ArAxQgiovsoYRid3X34nqgMyI9nil9SWeh0P5FmFHUqYREBjRC24_JLa6d8223Qi9WPIhjnRi33N5JxgjYPSbcE2nm6DZKA1AeJhwP4PjsEB37-Qmw04u1_TGnl20z-mE4DC36jwa_zsjFZ-kZ1NzAWkHlXT9gHceJ3B1TMmkeaF0kKherTxuaQRzRG9M8UhqhAh4aCnhLULbyGNQ67MUTL2F_WR2Zonie9MQYdeGyWIlOaapOy85wovv0vDqhfT5JX_9KLr9yvZNGAgGSIwVg_MylFI1cudRA6oQRgIBfuYZSfiKB3VJap_cQu4v7Mw-SR9ondc4Y5PfpWEYv92XU_1YltfBZuZHtLDM4bLWqgrIGXfRpvJWldZSC8qF8R0V53kRxlHqJltAeKmn8q4WUmGC1jbb_rjuaN3ACCaQVEy-3PLmJEOp-Os-CiQOjtolAxGwfTNiaCfB4WQO9Z8xNV0N9CZiudnLJ1ptnUUI3b0jZOC3jp-p2WkEjEPvtNa6gUrkb3FHYio2_GbZDFCiApyGKqqrBrhUGg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 10:30:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B366 42 B
174 B 46ms
45ms Fetch
image/gif 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv7WBKrpDq23T7GZcelSe73uD4xusR9vUTsIA7CZo9iqfnA6XN5uLaWXWKYwZBT6-uyUcR_izGmciaCu25Rbe-rLXZbeamphYlGSJzAddK_1bqUz-3FzA-1N17lEJ_RPeHZ9ms&sai=AMfl-YQdVevFxSrg2OWyBLyhdt6M9R7mo8VuA3I8T0ALlPcLyrukALPZ-IUW1iPJ5kgBgHmMJK_RxxyM5ZEByzotc8NHfBrhWrIwwZB71gYxI98BjCk2gb9AQKoG-ODLI4Y3lm2--Hl1FSzrHJRW5Q&sig=Cg0ArKJSzPc_t3JzCYOrEAE&cid=CAQSTADUE5ymmFzh9pn9HSmFs0TtOE6lPYUp5Ahm6BvMgjb2a2IGSPb09v6qDdLI3jHnW580wzIS-8kVeXRDEa7kOAaa8E7uJ5hWiqEHziQYAQ&id=lidar2&mcvt=1000&p=460,637,710,937&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230327&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2851241313&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1680085824496&rpt=690&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 10:30:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E57E 42 B
108 B 45ms
44ms Fetch
image/gif 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstEKfM3AmWrAMiNNU4cViCF5SorxOsJmtXNUksBEwR63Fbcg2jXdB0mA3STR5B8gQTopPbd4MAqk_C0ArhX-pdUQMgwuWJTo6YP24DdWVAHOMdAQM4RaGDMMhSYoL5-t8BSEKk&sai=AMfl-YRIMh5lQi-93m3mUeJ_2jB35DhkBoSP9vgOxfHdpeVoORpYnlW0Jf1hktqj4t1ajXb0_Jw0-tS8ZDA2ZtEGw2LU3jbv5rruA55EnMuJhbErrQvpd0ByMW6x2ye9393UV90pi2AbA29aqGZSww&sig=Cg0ArKJSzDAhAZyKT18DEAE&cid=CAQSTADUE5ymmFzh9pn9HSmFs0TtOE6lPYUp5Ahm6BvMgjb2a2IGSPb09v6qDdLI3jHnW580wzIS-8kVeXRDEa7kOAaa8E7uJ5hWiqEHziQYAQ&id=lidar2&mcvt=1005&p=322,577,412,1305&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20230327&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2188460671&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1680085824489&rpt=734&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 10:30:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E57E 0
20 B 43ms
42ms Ping
image/gif 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8580470152153&version=m202301230201&ct=76&x=1&cor=8319951997998849000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 10:30:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B366 0
20 B 42ms
42ms Ping
image/gif 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2500233112207&version=m202301230201&ct=76&x=1&cor=6059189751741214000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 10:30:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11070.1/4562099/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=48f44b0afa9893;misc=1680085821597

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11070.1/4562098/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=5402caf1d7d7b9;misc=1680085821599

Domain: rtb.districtm.io
URL: https://rtb.districtm.io/bid?callback_function=window.hb_dmx_res.auction.receptionDmx&id=153190&size=728x90&impid=V2AhrakrlpMKKAd6&reqid=sdd3bbYuSwZL6hrZ&me=

Domain: rtb.districtm.io
URL: https://rtb.districtm.io/bid?callback_function=window.hb_dmx_res.auction.receptionDmx&id=153191&size=300x250&impid=GokmUHN97zzsumSp&reqid=FazD88nWmnAXsRsb&me=

Domain: dmx.districtm.io
URL: https://dmx.districtm.io/s/v1/buyers

Verdicts & Comments Add Verdict or Comment

125 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.worldtimebuddy.com/	1970-01-20 19:14:04	Name: wtbsess Value: pihrpca2jjpgbl77rstdj02722
www.worldtimebuddy.com/	1970-01-20 20:17:25	Name: hka_ap Value: 1
www.worldtimebuddy.com/	1970-01-20 20:17:25	Name: hka_tzn Value: 1
www.worldtimebuddy.com/	1970-01-20 20:17:25	Name: hka_uid Value: 143bcc47-2b6d-7184-a501-c28811c8b8cc
www.worldtimebuddy.com/	1970-01-20 20:17:25	Name: hka_lid Value: 2643743%2C360630%2C524901
www.worldtimebuddy.com/	1970-01-20 20:17:25	Name: hka_home Value: 2643743
www.worldtimebuddy.com/	1970-01-20 19:27:01	Name: wap-p4 Value: control
www.worldtimebuddy.com/	1970-01-20 19:27:01	Name: wab-t42 Value: link1
www.worldtimebuddy.com/	1970-01-20 19:14:04	Name: wtbsess_data Value: vTR8ajP99v%2FlVqC5%2F%2FiKu4EELJG91591gTBxPyuDV2weEKpnde3c8ch49Hs9LC9PY1Wgci8QUIA3jDDvtpU8mkpO%2FP6htwlLK4X0M3%2B%2Frhh%2B17PYiVJ6Ifw2xhQY3AhDXkwjO6rNJgHD7iZQTNi%2Bp7JGdDboV3pu0kWAG6%2FPekvo56s%2ByUZcH9mTNx1IcZGD8AGkvOAmZqaR1OMKf5k%2BJD8W2OqBJ77l8m9yCys4ftPxDlipOg%2BHoDxle8TPaw%3D%3D
www.worldtimebuddy.com/	1970-01-20 20:17:25	Name: hka_fx Value: 0
www.worldtimebuddy.com/	1970-01-20 20:17:25	Name: hka_gc Value: 0
.worldtimebuddy.com/	1970-01-20 20:17:25	Name: __utma Value: 174881572.1526713548.1680085821.1680085821.1680085821.1
.worldtimebuddy.com/	1969-12-31 23:59:59	Name: __utmc Value: 174881572
.worldtimebuddy.com/	1970-01-20 15:04:13	Name: __utmz Value: 174881572.1680085821.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.worldtimebuddy.com/	1970-01-20 20:17:25	Name: __utmv Value: 174881572.\|1=t42=link1=1^5=p4=control=1
.worldtimebuddy.com/	1970-01-20 10:41:26	Name: __utmt Value: 1
.worldtimebuddy.com/	1970-01-20 10:41:27	Name: __utmb Value: 174881572.1.10.1680085821
.lijit.com/	1970-01-20 19:27:01	Name: ljt_reader Value: GZBWeBZHFk72mLNTQYG4pvun
.adnxs.com/	1970-01-20 12:51:01	Name: icu Value: ChgIkJlIEAoYASABKAEwvaaQoQY4AUABSAEQvaaQoQYYAA..
.adnxs.com/	1970-01-20 12:51:01	Name: uuid2 Value: 1947847613181901399
.worldtimebuddy.com/	1970-01-20 20:03:01	Name: __gads Value: ID=da4d778171721df5:T=1680085824:S=ALNI_MZaJ_6jq667TJQcfoP3HqXjAdI6Zg
.worldtimebuddy.com/	1970-01-20 20:03:01	Name: __gpi Value: UID=00000579d28cf81b:T=1680085824:RT=1680085824:S=ALNI_Ma2yuHhCKz8s76oVUpONvlFzo9fuA
.doubleclick.net/	1970-01-20 20:17:25	Name: IDE Value: AHWqTUmURLnIMQmPbY612As56X3tF0r0kUEc-Ms4dmQnHElrIG5bEUK0MddJNSDG
.casalemedia.com/	1970-01-20 19:27:01	Name: CMID Value: ZCQTQfS1pZ694..uD5rjuAAA
.casalemedia.com/	1970-01-20 12:51:01	Name: CMPS Value: 559
.casalemedia.com/	1970-01-20 12:51:01	Name: CMPRO Value: 559
.adnxs.com/	1970-01-20 12:51:01	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In=gcw5I!]tb=F:`JX@:os1=2!:F4PUb@z5xc9Cj(AO`Qi_C0rQCU`Y[lehnSOCKWrE@YG/D$25ADb6_:!(Dit[?qsz

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://rtb.districtm.io/bid?callback_function=window.hb_dmx_res.auction.receptionDmx&id=153190&size=728x90&impid=V2AhrakrlpMKKAd6&reqid=sdd3bbYuSwZL6hrZ&me= Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://rtb.districtm.io/bid?callback_function=window.hb_dmx_res.auction.receptionDmx&id=153191&size=300x250&impid=GokmUHN97zzsumSp&reqid=FazD88nWmnAXsRsb&me= Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript	error	URL: https://www.worldtimebuddy.com/ Message: Access to XMLHttpRequest at 'https://adserver-us.adtech.advertising.com/pubapi/3.0/11070.1/4562098/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=5402caf1d7d7b9;misc=1680085821599' from origin 'https://www.worldtimebuddy.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11070.1/4562098/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=5402caf1d7d7b9;misc=1680085821599 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.worldtimebuddy.com/ Message: Access to XMLHttpRequest at 'https://adserver-us.adtech.advertising.com/pubapi/3.0/11070.1/4562099/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=48f44b0afa9893;misc=1680085821597' from origin 'https://www.worldtimebuddy.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11070.1/4562099/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=48f44b0afa9893;misc=1680085821597 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://dmx.districtm.io/s/v1/buyers Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
adserver-us.adtech.advertising.com
adservice.google.com
ap.lijit.com
as-sec.casalemedia.com
bc6fd8fb92d8c36365bffe2262034f8b.safeframe.googlesyndication.com
cdn.districtm.io
cm.g.doubleclick.net
code.createjs.com
dmx.districtm.io
dsum-sec.casalemedia.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
media.msg.dotomi.com
pagead2.googlesyndication.com
prebid.districtm.ca
rtb.districtm.io
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
ssl.google-analytics.com
stats.g.doubleclick.net
tag-st.contextweb.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.worldtimebuddy.com
adserver-us.adtech.advertising.com
dmx.districtm.io
rtb.districtm.io
104.18.24.185
142.250.65.162
142.251.40.162
173.223.56.228
192.40.39.223
198.148.27.133
2600:141b:13::17d7:829b
2600:9000:2510:6200:18:6930:8980:93a1
2606:4700:3033::6815:449f
2606:4700:3035::ac43:c4de
2606:ae80:1471:1a::1460
2607:f8b0:4004:c09::9b
2607:f8b0:4006:80c::2008
2607:f8b0:4006:80d::2002
2607:f8b0:4006:80f::2002
2607:f8b0:4006:816::2004
2607:f8b0:4006:81d::2002
2607:f8b0:4006:820::2001
2607:f8b0:4006:820::2002
2607:f8b0:4006:821::2002
2607:f8b0:4006:821::2006
63.251.114.137
68.67.160.186
68.67.160.75
99.84.37.12
021197fd998481d8d1efd3bc089fe0d2bf620c42846cbaef0dbcfbbddd3899b7
095581b0fb74acbf1c59bc1babf79299b324fcb198945a6f289ddc7777645a9e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
196b425485c119046eada45bc1a473e6c35f7f8c5a94824873535de823af517f
1c1daed07cf5cd5022457d43632a67c3c21cbe86a9f9852d031b04c2a2c1be15
1c526bbc4b6140983eb3d0743340ccef8d0de351d2418421763ee6c4f3f0cfc4
211b508f51e67897ed88fa49901e1ccbe5e1ddacdc43a391f699f757ce1c0a9c
2a4ad289e819aa107f0d0c6d9b53af77ddf02b79f92ecb3cee1b15f1fa460ba1
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
36c938c67af0789ca4cf6373d18c70b400de367d8cf649de9d60f019944be8da
3ac1da84462c0b400847a2ce9ed3ccbe189c2732b71f4aa9a8f1b8937317bf68
3af63b6a9830da7a1602d27ac97fa88078c9af8801f779b09bc4333ebf22e079
4130adbd5ef8ed158e854f209f16e8024e38cb1a5cd085a8ecfeff4a78566218
462c2eeb6f96d7c87bd7110f6bbc259e050f7cb88a7bbe60ea81008f5299dae5
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
493dcde313af8b914271e74c12a74f13fcd3ae2d8a600901841751cf395045f8
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4df4c9830bc98444771afe4160146b1973152298bc10f10f6f819ce1c9f84236
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5065fba5cfd7cbcc2afde6a8995ba6fb5d46baaeddce3b681b32a7c4c6306327
52675c77909a3ba93157254f04d8b6dd13164ebbc7178e3a9de6dcdfe3c7eccb
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a31c8f63ba7f1ba684528fc7b951df27f2a095226b83e4fc302c83a04a18861
5d48554ed0d1835017ff50ebb4de15c7008e03cbc25ca2c460c5e2ea2e86f5c6
61b1e605b2b0d0a78c6bda99f9c5b35b805cd744d422ddef0357995bbdfde579
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6a2a5b1d729afc1252365189c7c3954f097c358eca114c1cc7e239bfd339015d
6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2
6fe1482c8c10e5d2b38d3be91e5e05b563200bbdcd8700e42b43b444d82bc673
70507c422337e5fc00d49000041c67f0adfea14cba801e2e5fca40971aa90f5f
7834a93c83199e3b0a38bfa601067e5b7e000e4cda4b5d046505ca42380a70be
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39
8d3599b5fd3f1aeb1f49c54f980ff3a223dc5b321fa278128e803194d955d0bd
92fb0ef1eb0add6824812a0b2c84b0a9967bebee107ad3298e5cab9aaad99e5f
983775b438c242df7cb0ceb87bd2582f96ff0d4e8043f822adf3a3e93261b9a8
9e146be9af77cd2335fd697cc012f72d227222eb6dafbda2a2ef6509f3e656e1
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a4296ecc7e11cf003d9e726af4ef19a1536774431d0816584737c3cd2c71b11f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a77dfa2d09faa7b12c2e813af0023b0b524ea2e941a7c916eac0e278948f73cd
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
ba0db343c9484bc46b6a39c990169ee880c204b0d3209d20fcefd855af6deb49
c11c99cadcd847b12907f95c1675b6f0c0207757dd0c01cbf160e1060a7d1656
c3a08e11c871e7b7a888d7292e5d740fd397e887d404b83caa37aefaabcbe89e
c5aeaf7a8a767a16acdf7d2895c7f706ceadab550ddf6236ac513508f7ba3a02
c65c175488a9e52e5ba6a5a510a368d307adb704f74cf8694450e882de26aec3
c8faa95c3b3213486a29856bfc485806ea519a34f1119e765025e920585ecd26
d3422df89453d7f718f570e9e9143f6aeb2a5deedeab644729fa02e625f958f6
ddbd50dfeda4b71b1e215b7e1caf8b0e910a47297c283231854ea8b345091148
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2e3715305bd5425639d63572dc1682bf820e68cc3991d19eda99755ddd5f34d
f61bf7b223899d73a18d28822c2fa44e061241084ecbfa4226cc00ed92c6ea27
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e
f98abf653536e6f0439fa159a3b559df2a3ac0129d49cffd218f99da93a531bc
fd89f38ee4ded6826376e8c6adc2217418ae55c15c0368842f91444e06ca1d43

www.worldtimebuddy.com Open in urlscan Pro 2606:4700:3035::ac43:c4de Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

106 Requests

87 %HTTPS

60 %IPv6

16 Domains

28 Subdomains

25 IPs

3 Countries

1161 kBTransfer

3016 kBSize

27 Cookies

5 Outgoing links

Page URL History

Redirected requests

106 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.worldtimebuddy.com Open in urlscan Pro
2606:4700:3035::ac43:c4de Public Scan

Screenshot
Live screenshot

Full Image

106
Requests

87 %
HTTPS

60 %
IPv6

16
Domains

28
Subdomains

25
IPs

3
Countries

1161 kB
Transfer

3016 kB
Size

27
Cookies

106 HTTP transactions
3 data transactions