urlscan.io logo urlscan.io
SecurityTrails logo

blogma.co.uk Open in urlscan Pro
87.124.70.66  Public Scan

Go To Rescan Add Verdict Report
URL: http://blogma.co.uk/
Submission: On March 02 via api from US — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 26 IPs in 5 countries across 15 domains to perform 65 HTTP transactions. The main IP is 87.124.70.66, located in United Kingdom and belongs to FUBRA-AS, GB. The main domain is blogma.co.uk.
This is the only time blogma.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 87.124.70.66 35456 (FUBRA-AS)
4 2a05:d018:5f8... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
3 142.250.74.194 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 52.19.214.88 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
3 3 142.250.186.130 15169 (GOOGLE)
1 2001:678:cb4:... 56396 (AMOBEE)
3 5 2.18.234.21 16625 (AKAMAI-AS)
1 74.125.133.154 15169 (GOOGLE)
1 2600:9000:214... 16509 (AMAZON-02)
7 107.23.138.170 14618 (AMAZON-AES)
1 54.75.231.227 16509 (AMAZON-02)
2 142.250.185.98 15169 (GOOGLE)
3 3.217.23.166 14618 (AMAZON-AES)
1 151.101.66.49 54113 (FASTLY)
7 104.111.229.87 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:26f0:60:... 20940 (AKAMAI-ASN1)
1 204.79.197.204 8068 (MICROSOFT...)
65 26
1    87.124.70.66 (United Kingdom)

ASN35456 (FUBRA-AS, GB)
PTR: livetodot.fubra.com
blogma.co.uk
4    2a05:d018:5f8:5906:261f:8f1a:e46e:73f2 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
www.livetodot.com
2    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.co.uk
1    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com
10    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
7    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    52.19.214.88 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-214-88.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
2    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
cm.g.doubleclick.net
1    2001:678:cb4:bbbb::13 (United Kingdom)

ASN56396 (AMOBEE, GB)
d.turn.com
5    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
1    74.125.133.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f154.1e100.net
bid.g.doubleclick.net
1    2600:9000:214f:f600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
7    107.23.138.170 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-138-170.compute-1.amazonaws.com
dt.adsafeprotected.com
1    54.75.231.227 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-231-227.eu-west-1.compute.amazonaws.com
cmp-as-tm.everesttech.net
2    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
googleads4.g.doubleclick.net
3    3.217.23.166 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-23-166.compute-1.amazonaws.com
ads.everesttech.net
1    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
statsf-tm.everesttech.net
7    104.111.229.87 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-229-87.deploy.static.akamaitechnologies.com
dco-assets.everestads.net
1    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a02:26f0:60::173e:6213 (Schiphol, Netherlands)

ASN20940 (AKAMAI-ASN1, NL)
code.createjs.com
1    204.79.197.204 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0005.a-msedge.net
analyticspixel.microsoft.com
Apex Domain
Subdomains		 Transfer
19 googlesyndication.com
130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 90
tpc.googlesyndication.com — Cisco Umbrella Rank: 122
99 KB
11 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
cm.g.doubleclick.net — Cisco Umbrella Rank: 176
bid.g.doubleclick.net — Cisco Umbrella Rank: 468
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276
164 KB
10 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 660
static.adsafeprotected.com — Cisco Umbrella Rank: 500
dt.adsafeprotected.com — Cisco Umbrella Rank: 458
98 KB
7 everestads.net
dco-assets.everestads.net — Cisco Umbrella Rank: 5022
124 KB
5 everesttech.net
cmp-as-tm.everesttech.net — Cisco Umbrella Rank: 11850
ads.everesttech.net — Cisco Umbrella Rank: 4871
statsf-tm.everesttech.net — Cisco Umbrella Rank: 2973
33 KB
5 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 496
4 KB
4 livetodot.com
www.livetodot.com
18 KB
3 google.com
adservice.google.com — Cisco Umbrella Rank: 57
www.google.com — Cisco Umbrella Rank: 2
2 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 147
66 KB
1 microsoft.com
analyticspixel.microsoft.com — Cisco Umbrella Rank: 4289
566 B
1 createjs.com
code.createjs.com — Cisco Umbrella Rank: 1243
63 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 194
34 KB
1 turn.com
d.turn.com — Cisco Umbrella Rank: 652
398 B
1 google.co.uk
adservice.google.co.uk — Cisco Umbrella Rank: 5368
792 B
1 blogma.co.uk
blogma.co.uk
10 KB
65 15
Domain Requested by
10 pagead2.googlesyndication.com securepubads.g.doubleclick.net
130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com
tpc.googlesyndication.com
fw.adsafeprotected.com
www.googletagservices.com
7 dco-assets.everestads.net ads.everesttech.net
dco-assets.everestads.net
7 dt.adsafeprotected.com 130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com
7 tpc.googlesyndication.com securepubads.g.doubleclick.net
130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
4 www.livetodot.com blogma.co.uk
www.livetodot.com
3 ads.everesttech.net cmp-as-tm.everesttech.net
ads.everesttech.net
dco-assets.everestads.net
3 cm.g.doubleclick.net 3 redirects
3 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
2 googleads4.g.doubleclick.net fw.adsafeprotected.com
2 www.google.com 130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com
tpc.googlesyndication.com
2 fw.adsafeprotected.com 1 redirects 130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com
2 googleads.g.doubleclick.net 130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com
blogma.co.uk
2 130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 www.googletagservices.com blogma.co.uk
130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com
1 analyticspixel.microsoft.com
1 code.createjs.com dco-assets.everestads.net
1 cdnjs.cloudflare.com dco-assets.everestads.net
1 statsf-tm.everesttech.net 130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com
1 cmp-as-tm.everesttech.net fw.adsafeprotected.com
1 static.adsafeprotected.com 130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com
1 bid.g.doubleclick.net 130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com
1 d.turn.com googleads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.co.uk securepubads.g.doubleclick.net
1 blogma.co.uk
65 26

This site contains links to these domains. Also see Links.

Domain
www.livetodot.com
Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.google.co.uk
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
fw.adsafeprotected.com
Amazon		 2021-08-11 -
2022-09-09		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2021-04-22 -
2022-05-21		 a year crt.sh
*.tmogul.com
DigiCert SHA2 Secure Server CA		 2020-07-14 -
2022-07-19		 2 years crt.sh
*.everesttech.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-17 -
2023-03-20		 a year crt.sh
www.adobetag.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-05 -
2023-01-05		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
tls.adobe.com
DigiCert SHA2 Secure Server CA		 2020-06-01 -
2022-06-06		 2 years crt.sh
g.msn.com
Microsoft RSA TLS CA 02		 2021-12-22 -
2022-06-22		 6 months crt.sh

This page contains 12 frames:

Primary Page: http://blogma.co.uk/
Frame ID: 493006A2B4A6A1D4A21368F4E03B4E98
Requests: 14 HTTP requests in this frame

Frame: https://130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A3ED7AA152048EAE7E663803F220506D
Requests: 1 HTTP requests in this frame

Frame: https://130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8C77A76A4535DA47B494D38C7B9790D3
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEMfclwEYg4z8rgEwAQ&v=APEucNVjVbb2PUUrezwEZyRmTuzI2_CxPQMOxx1xe_RhzRCnF0VCe8LfPsPjy7StOctnPjhv0stLEWF4O65DpTDrn4kdIoEwyQ
Frame ID: 749F788E93B3B601F258AD34F2733C12
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 20B61753B5F3C5DDF0579AB1F760A9B8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9ED9A8BB97107C0874C6BDC44B4A3A8D
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: E89D34A9C86C519792FAD7837075D048
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FCB59C2C07EBC448EB0EE2B5D96B3291
Requests: 3 HTTP requests in this frame

Frame: https://ads.everesttech.net/ads/mti/20742/4249?CLK_TR=%2F%2Fstatsf-tm.everesttech.net%2Fstats%2F1%2Fct%3Fcmpo%3Dt%26cmpe%3DH4sIAAAAAAAAAAHAAD__DVcE_He_v-T9OLc_sQXoVERyVjb5J8aGdxuU9KJkalixOgZpWKO1cWX3XxorcMoy2SrrYKz8-zzOnpkOcd0RP-2mzsG0P6WMB5t8W91SU9HA7JJYrbKfN8IQb4YCEOZVMJcQhMF0N_cxhZVFejP2f2O9_6OjrTHKjGwmpQ1kMJDlF2GoMHZJff8RyIgxUmxp7P9GyMHmT9AbX_EcTNlh9v0F0Ht8rU2z7FZHFe8SFjpNqQhieoymfs5puNwNSA63U2bjnMAAAAA%26redir%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Fpcs%252Fclick%253Fxai%253DAKAOjsvym_DGezIk5bLCdGbjvOWnSnojLybmlSS-58zWq0cJnmoNVhn4hfwegLCFQDUW3ARbbegHzJ7L4e-9CQQSz7m3zcBojb8UMRAU6Ro5uuLgQ5tREsocWoNZKH2pBZyfNdcz0Tyl4nlCo-TMmrSaHm4AlqJSrKA8WY0JxDjNIUSMTTXcJjGnJIkor-Kt2tXgOcHEGV3XQAwYA1BrM_z_eWqNqpXuFxYzt4bhwR5Q47NPYvh6InihwD5x16y8ejfphNaacJkJUYGXXOh7Sby0ij0suZj5rwniniFS52JrVVm60ny0_EtQc2mhzgiSg-a_r81jpfGV7n-nHP6UjWkaOOpiof--Wb6DjEmPhwTULQQR6Bn4EQxo0N9tPui23eXZdx_m-NNmJPdutPg6blzlCMAf1vESAdqM_Ir75M4nlzAWCdH906-eD8AHjp2y-MFaBDfdnPClCwgGTpL2SK7CfPxZ6UCAsndgPzEf3svEOouzT-qMNtI8b3ufeWuVuEjVIdzV32bQd1dobgmmyHIo3OMsXpbgCbLfNlM-5XK_Ib-826ZKFk2K7IUWx3DCfaDokMcFv32PDNdPgbTngPwJZ6ckpoJQ_zrtecLpaVGkScYtQ9TIoSHrleB9VKj7cdilhTBzXTCMDJDYdplm_Do0ymqY8Znrh5OTf-wb2ydcpoHrDgZcSUYj8KavUeoViJVQecRQ41ns4JG6L6bE_kKogC2-kh1GxH6thJhRb7wLJrNICTk6wOuLXQ_x9zYslzBIkyEazVGWyrET_JzEwRh2Yd22NhBNO4QDvM9PPnfD55QX9c80st1kV-_ZbPieD66zfjqBAz-xwixXePKF3GOtSAlxfQlaPG5j6jzlTVZ_4i8MaFThB506jsd1WMY2xlpT2cA3gbN_wDXwBU3iV77qT6wmLtRhMWAs-ILl3sTMXLuVELuGsbFD2u_GqVRChXIpJwEicrUoVk1E25VufGd9EHJ4qY1TSGTQRpseWWshvMwpshbvxmlJ1DWoqpwrMOGMCoXosOiYH3oJEbRqVBB3nKktMeEpWAOQHJ2gvvYbXc6Uf8mmBefi1GXgn94I2ziCrc9l5o2WuQU%2526sai%253DAMfl-YQbwmH20S6BFGEseJGiIUvU__Yq0ndOsBqtjpytO0vQs_f9r9dBmyL-ybHkgTYObrr6qIaCRlyuEc8QrlApucUepzV_SZkyDmliuQdlq_4xp1rQz8_EvivG_uAGre6nZf9zwz3FPBhJQtf3RstOnxsuSid6qwJXA9LK0iDaqcrjV8GJ7Q%2526sig%253DCg0ArKJSzKagGlHal75CEAE%2526cry%253D1%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&CMP_ID=25947223&PLCMT_ID=305706233&AD_ID=498879351&FEED_ID=${TM_FEED_ID_NUM}&Placement_ID=305706233&cachebuster=1646245248&TC_1=2200008&TC_2=25947223&TC_3=305706233&TC_4=137843133&TC_5=dcmadvertiserid|8404942$dcmcampaignid|25947223$dcmadid|498879351$dcmrenderingid|137678428$dcmsiteid|6958819$dcmplacementid|305706233$customer|Microsoft$dv360auctionid|&nr=0.9339319445173098&edge=y&html5=y&loc=https%3A%2F%2F130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com%2F
Frame ID: BBB8093A3878E7DA1DE58BB3B2BA2EB5
Requests: 2 HTTP requests in this frame

Frame: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=Yh_1rwAAA58WbA_r
Frame ID: DCDF958936CDB9657068DD50FED08CB9
Requests: 2 HTTP requests in this frame

Frame: https://dco-assets.everestads.net/ics-campaign//5031/t/7878/5/z728x90.html
Frame ID: 7EAEC32EED9415D2E26F9F2A709BF9F4
Requests: 2 HTTP requests in this frame

Frame: https://dco-assets.everestads.net/ics-campaign//5031/t/7878/5/AllUpAI/O365_FY20Q4_SMB_USA_728x90_BAN_AllUp_AI_English_NA_NA_ANI_BN_NA_1.htm
Frame ID: 3F91162D693AA0F82DF8D2D5FF5A2A61
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

blogma.co.uk has been registered for a client of Livetodot.com

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • TweenMax(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

65
Requests

86 %
HTTPS

50 %
IPv6

15
Domains

26
Subdomains

26
IPs

5
Countries

710 kB
Transfer

1855 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • https://cm.g.doubleclick.net/pixel?google_nid=turn_dmp&google_cm HTTP 302
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?mpuid=CAESECiZJTSEGWWemo6KUZWhbwY&google_cver=1
Request Chain 26
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2mkw-WXrUmLj4VlfRCXpw&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2mkw-WXrUmLj4VlfRCXpw&google_cver=1&C=1
Request Chain 27
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yh.1rq8tG0w4Lf.B2wSg3AAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO1N8E4x72y1WqhlqN7wyyY&google_cver=1&google_hm=2
Request Chain 30
  • https://fw.adsafeprotected.com/rfw/bgd/743429/55635901/xbbe/creative/adj?p=APEucNURmVPAjgiqWI_eDv1ad_CBT0GiIpOknAd4xW-fj31bKgkVbiY&d=CnkAoCZ_4F7jphbUdF8MNI759V9xS7KIlEfMCEXY3UB4o6KF0Il1SX2652EggtMn2Di047eCwqwoQoMDBzL7EzkpQu-K7RCKmgu0XPk9hF2IBHLlfgr0Mg0siO-R8dDs7QxAj3Rh4PmaJ6ENM3Ic53YBadCpTeImFWlhEukRAKAmf-Bm_7-TrHYzD3838q_dmwOWMEmaJoWjSjRZm5QlVM44q68B3xNc_SZiZ1MbnWgpfdEnZ9hQ4cxX_xROfPYIeozqEkk2JEz8au4Y-yzxqjb5CviJzvn5tLsilmYGWT0mpr2USLIUTS-7sxqEiIf8FlYUkbI3wY7PpXIYHRLvUB2U9jyTvV_2OS8PWu5aOt2rfcaOSgM30bSiir6ZYHUADKV_fvjlkV8aq8wwCRATM8HXNfU9iyZFoqqPv33MicpZygjkoEpx9D_qrFHvaDuhLU2Av184UXf9m9wHOGfMnTsACeEdEK3INssZz3YQ_oEjZdDG0cdD1dkSjLcca1pCrPW0TayokX83kPlEiKlYkvVQJQGTGOVo-yANkc3v0OFa2RLx2EJipIN6w2asNgd5nvd-pyUwB6uX4wb0gFlFytqwpOy_6kCx9CEKGiXf3M8VY1fZgFa4eLNG2CJlY02JEa69k4Q_SPoja-_NqbiWSeRjYcBN-ZGmxod97_i7h3aKwx_7VjJLqmGjSdZdjLDQZaSwWi7-RZ_hgHFz3I61_3ygMTxaPDm1cdKqCXuSsprbE_NRHdoUaUhTy8TaX-LhUfLB43gfbZ82GJo4JZ7tya1IR_2BQUQV6gBoRfS90qLkFlqpe77sRsxikaacZOOanHRBfYmy38mNbNqOCnZAMNpWRGomd5DE0Ev49K2HP197jAqmV397h5i7Jh6jInzk5Cae9UTehNvQ3wMH8VNkJkNAhp10mIJyz8F1aohpq9m3CrTgoJy68x3nAELkaDXB1pZa8ywRoE8VueZewcKD7uXETheUGvCsuBqa0cyWr-3MSl6hd_PJuOEwWfgYCylSV5e01EAblemZlr57K8bYrjI-L7KQOXHp2DPABnXNhosaHIRESofqOxd-b9grdVi_7_rbfnSK5lcRH_By_k82BgnKnvEsT-IgdxcgwyC5JdODn_RZife3h5-cZl9euy-Lpaj-SiXrJzfoKJ1u6oblaZFYMHB_tM3OlVG0WqksvoPnNYo_pc06Gn4WD16MQOHamb6pu1fBW4jLeFhNJkrP0D7reTJmWQ7VRaRHxXFpKo-wnTnsH0j2ytCYV0xVwwHX6jeV9h7r7lFy818mfTapUQu8H_4LDffT_80PROVTkvlb-5xMhZgJJUBnarYMkcoK3Ztz1BX2DiRPDO-b4q79sa6sJFzqDjfTR3Q217AXClz7bdTxxXwriV4OyyREiK8Liq19cYEayhXn4DnJQuNFSFK3ATutYm3kq4mhQ1wgS6mp7YzjA2hHpKeE7HEITpX7LNmy4lwjPgTMAG2cjeu6mne1qYPXgl_RCNB8wmUPxGNesuJTpe3_tF4VFN5DxZkB_R4N5tTtyR10Ckz1p1GhueI2Z0VjB9O2OUdUIUWO3g924TxZqh5kTUGXj1AF93tnFclYqm55hFRkL_xthV8Zih2Vzo2y5jHpXM52UTapU-jBL36K1HivsMUx8wE-TuUcWGJ84SenSo5lX1t9Ql9WE8Sr6o5E7p7ngsnc_EyxrxWEzBMjKuPAins_ebgF08x-gelEYDtQBX3VSZfE9oE90Ebn4j8d-UNlMJcTnISaPUDn-V1X2ch2QX6l8DcA8GrYVTNhINV13WXdjs1pvDfysq_lqqYfHaksxjlwAzxlk6ogOJ62mlfK_8wJ5bCXGyqTshzL6YGD0x9yxH5KO7j3sS02XfYYfDz8lGK0xlyHwtsEmK-YF3CwNMl0NSlMK4QbDv9A2vSYqgi2IOPSU0tWL6Cm5lK7meLdWgLcxJotYIMtzvZnt6CxF2BPWAWWWiNqdTnHZ0pu2pmaaoMxIpuRegf21ZcG3l2btaIjXb8z7OWSAgCe95pP6J3xySm582jGdKVDNbdIwN_L_HuG0o6mjssktlRzB-cc6tcK92W4buhxqoEWMdye7MfNDAvKher-zWoJv5frd4ecPKuJF3neQu7Y19hgm2-MmaOfp9vMl0hgk9RurL1COQ4DHA-mbtTg7yfbFWZmZXBZnneo5l65dyXvBcvxmiqGfPdSbICvxW5K_X1S42wAY41tcDqq1Mc9zp4nhg-zlufOcNx3_L8qGNk0MJYmiYam6ONEtD4Df2n19SBHtWrR7qRtzlxlvwj3GGSB-gCQawAsehqqRuHrV3SxHszw0WR8K_QPrFZ1shv20CPww5B5QyfenT2r9DXRGDAP4MqX2aKy2O6Is7NtWzKFuhBmJtT4rnF7JamazOaf7UuJiA9EuWBYSuv7E1nzZ5himv1ZmGicOLUEQEGH9Dy9xmEw6Kf0ir1BBIOayP8uOXQpd87LXgq4KlsHpuFbybDq_yd-CEuYlOjs9Ped4QSPJ7g8g-xj8mAmeNDE5ekTPL9UVfiwJIX6gUHarRqugVO3WqLSNdclfjxWUpD3DXBMw7pX6RNhghC3nLw_mrNDjHBajL1l6TS-KjyrBYubG5SH8t_bObnWV1xOsi_5pqXlthJmde_2mqQX-Lly6YXoZFxmdPtLluqCt0wq9F7SSD937eINmGHLLtdqXt2X8cFBgTS1mSCjm1MGwIWQbiY-dpY6KxULfQFFMMWMxloGU0w-IaO2ai1Y2R0x_9YMF1fd0T-CmmVvbQBsU6rweLkY3RG6XJWmrIUnrLHub0PRAbhSiIy5pISF5baM0TIvqtBTZ0QMN8mcRanZuZA-HKDNyDcfTDop5YPoMWAwiq9lbcfsYBP_aP7X4VkGGC0hen__X1-OoYawhPgKPQVcIO6yHfcBrgzLhMUHcPUBwhctzP2NL5RKwz9wr7Ba1fOa4aljDwdMopCQSkBS6XzoI_Eel8yRYLk6I2v0eqHtKSsf-Fyj1lQWuA3wnUrVVtq1pisORqTu5RW6eqOzLNGVNRMpcexrtlZZwVMrNssMloCjo3mvM0iPYv9vHbw5mQZ8awRBYhWSKjgbcEVG6CcEpHvMJkpDLliDEKtK47tNpBYSq9LGrKVsv1DRJqnm-MRLX86o4rfZRb0D80zf9LTpPxPBYb5Z9J2U39cal1bo9m8lzCRD7LQL0xoZCAASFeRoNSq_vytxTbzrP_5AvFaYaNDKEWAB&adsafe_url=http%3A%2F%2Fblogma.co.uk%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:d2b8aaa8-cbf0-38fc-ed70-9ec09a2198a9,c:5JiRnH,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-894b99788-kgvc2,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:2,fm:sYWVu9B+11*.743429-55635901%7C111%7C121%7C13,idMap:11*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:15,oid:9747428a-9a55-11ec-89e5-5e6fda6dba36,v:19.8.289,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNURmVPAjgiqWI_eDv1ad_CBT0GiIpOknAd4xW-fj31bKgkVbiY&d=CnkAoCZ_4F7jphbUdF8MNI759V9xS7KIlEfMCEXY3UB4o6KF0Il1SX2652EggtMn2Di047eCwqwoQoMDBzL7EzkpQu-K7RCKmgu0XPk9hF2IBHLlfgr0Mg0siO-R8dDs7QxAj3Rh4PmaJ6ENM3Ic53YBadCpTeImFWlhEukRAKAmf-Bm_7-TrHYzD3838q_dmwOWMEmaJoWjSjRZm5QlVM44q68B3xNc_SZiZ1MbnWgpfdEnZ9hQ4cxX_xROfPYIeozqEkk2JEz8au4Y-yzxqjb5CviJzvn5tLsilmYGWT0mpr2USLIUTS-7sxqEiIf8FlYUkbI3wY7PpXIYHRLvUB2U9jyTvV_2OS8PWu5aOt2rfcaOSgM30bSiir6ZYHUADKV_fvjlkV8aq8wwCRATM8HXNfU9iyZFoqqPv33MicpZygjkoEpx9D_qrFHvaDuhLU2Av184UXf9m9wHOGfMnTsACeEdEK3INssZz3YQ_oEjZdDG0cdD1dkSjLcca1pCrPW0TayokX83kPlEiKlYkvVQJQGTGOVo-yANkc3v0OFa2RLx2EJipIN6w2asNgd5nvd-pyUwB6uX4wb0gFlFytqwpOy_6kCx9CEKGiXf3M8VY1fZgFa4eLNG2CJlY02JEa69k4Q_SPoja-_NqbiWSeRjYcBN-ZGmxod97_i7h3aKwx_7VjJLqmGjSdZdjLDQZaSwWi7-RZ_hgHFz3I61_3ygMTxaPDm1cdKqCXuSsprbE_NRHdoUaUhTy8TaX-LhUfLB43gfbZ82GJo4JZ7tya1IR_2BQUQV6gBoRfS90qLkFlqpe77sRsxikaacZOOanHRBfYmy38mNbNqOCnZAMNpWRGomd5DE0Ev49K2HP197jAqmV397h5i7Jh6jInzk5Cae9UTehNvQ3wMH8VNkJkNAhp10mIJyz8F1aohpq9m3CrTgoJy68x3nAELkaDXB1pZa8ywRoE8VueZewcKD7uXETheUGvCsuBqa0cyWr-3MSl6hd_PJuOEwWfgYCylSV5e01EAblemZlr57K8bYrjI-L7KQOXHp2DPABnXNhosaHIRESofqOxd-b9grdVi_7_rbfnSK5lcRH_By_k82BgnKnvEsT-IgdxcgwyC5JdODn_RZife3h5-cZl9euy-Lpaj-SiXrJzfoKJ1u6oblaZFYMHB_tM3OlVG0WqksvoPnNYo_pc06Gn4WD16MQOHamb6pu1fBW4jLeFhNJkrP0D7reTJmWQ7VRaRHxXFpKo-wnTnsH0j2ytCYV0xVwwHX6jeV9h7r7lFy818mfTapUQu8H_4LDffT_80PROVTkvlb-5xMhZgJJUBnarYMkcoK3Ztz1BX2DiRPDO-b4q79sa6sJFzqDjfTR3Q217AXClz7bdTxxXwriV4OyyREiK8Liq19cYEayhXn4DnJQuNFSFK3ATutYm3kq4mhQ1wgS6mp7YzjA2hHpKeE7HEITpX7LNmy4lwjPgTMAG2cjeu6mne1qYPXgl_RCNB8wmUPxGNesuJTpe3_tF4VFN5DxZkB_R4N5tTtyR10Ckz1p1GhueI2Z0VjB9O2OUdUIUWO3g924TxZqh5kTUGXj1AF93tnFclYqm55hFRkL_xthV8Zih2Vzo2y5jHpXM52UTapU-jBL36K1HivsMUx8wE-TuUcWGJ84SenSo5lX1t9Ql9WE8Sr6o5E7p7ngsnc_EyxrxWEzBMjKuPAins_ebgF08x-gelEYDtQBX3VSZfE9oE90Ebn4j8d-UNlMJcTnISaPUDn-V1X2ch2QX6l8DcA8GrYVTNhINV13WXdjs1pvDfysq_lqqYfHaksxjlwAzxlk6ogOJ62mlfK_8wJ5bCXGyqTshzL6YGD0x9yxH5KO7j3sS02XfYYfDz8lGK0xlyHwtsEmK-YF3CwNMl0NSlMK4QbDv9A2vSYqgi2IOPSU0tWL6Cm5lK7meLdWgLcxJotYIMtzvZnt6CxF2BPWAWWWiNqdTnHZ0pu2pmaaoMxIpuRegf21ZcG3l2btaIjXb8z7OWSAgCe95pP6J3xySm582jGdKVDNbdIwN_L_HuG0o6mjssktlRzB-cc6tcK92W4buhxqoEWMdye7MfNDAvKher-zWoJv5frd4ecPKuJF3neQu7Y19hgm2-MmaOfp9vMl0hgk9RurL1COQ4DHA-mbtTg7yfbFWZmZXBZnneo5l65dyXvBcvxmiqGfPdSbICvxW5K_X1S42wAY41tcDqq1Mc9zp4nhg-zlufOcNx3_L8qGNk0MJYmiYam6ONEtD4Df2n19SBHtWrR7qRtzlxlvwj3GGSB-gCQawAsehqqRuHrV3SxHszw0WR8K_QPrFZ1shv20CPww5B5QyfenT2r9DXRGDAP4MqX2aKy2O6Is7NtWzKFuhBmJtT4rnF7JamazOaf7UuJiA9EuWBYSuv7E1nzZ5himv1ZmGicOLUEQEGH9Dy9xmEw6Kf0ir1BBIOayP8uOXQpd87LXgq4KlsHpuFbybDq_yd-CEuYlOjs9Ped4QSPJ7g8g-xj8mAmeNDE5ekTPL9UVfiwJIX6gUHarRqugVO3WqLSNdclfjxWUpD3DXBMw7pX6RNhghC3nLw_mrNDjHBajL1l6TS-KjyrBYubG5SH8t_bObnWV1xOsi_5pqXlthJmde_2mqQX-Lly6YXoZFxmdPtLluqCt0wq9F7SSD937eINmGHLLtdqXt2X8cFBgTS1mSCjm1MGwIWQbiY-dpY6KxULfQFFMMWMxloGU0w-IaO2ai1Y2R0x_9YMF1fd0T-CmmVvbQBsU6rweLkY3RG6XJWmrIUnrLHub0PRAbhSiIy5pISF5baM0TIvqtBTZ0QMN8mcRanZuZA-HKDNyDcfTDop5YPoMWAwiq9lbcfsYBP_aP7X4VkGGC0hen__X1-OoYawhPgKPQVcIO6yHfcBrgzLhMUHcPUBwhctzP2NL5RKwz9wr7Ba1fOa4aljDwdMopCQSkBS6XzoI_Eel8yRYLk6I2v0eqHtKSsf-Fyj1lQWuA3wnUrVVtq1pisORqTu5RW6eqOzLNGVNRMpcexrtlZZwVMrNssMloCjo3mvM0iPYv9vHbw5mQZ8awRBYhWSKjgbcEVG6CcEpHvMJkpDLliDEKtK47tNpBYSq9LGrKVsv1DRJqnm-MRLX86o4rfZRb0D80zf9LTpPxPBYb5Z9J2U39cal1bo9m8lzCRD7LQL0xoZCAASFeRoNSq_vytxTbzrP_5AvFaYaNDKEWAB

65 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
blogma.co.uk/ 		9 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://blogma.co.uk/
Protocol
HTTP/1.1
Server
87.124.70.66 , United Kingdom, ASN35456 (FUBRA-AS, GB),
Reverse DNS
livetodot.fubra.com
Software
Apache /
Resource Hash
67d2cd64b5d91616352db846f3e51a215e5438180fd3cee3ab20cd5b220989a0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9

Response headers

Date
Wed, 02 Mar 2022 18:21:33 GMT
Server
Apache
Registered-by
livetodot.com
Connection
close
Transfer-Encoding
chunked
Content-Type
text/html; charset=ISO-8859-1
style.css
www.livetodot.com/wp-content/themes/livetodot/ 		50 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.livetodot.com/wp-content/themes/livetodot/style.css
Requested by
Host: blogma.co.uk
URL: http://blogma.co.uk/
Protocol
HTTP/1.1
Server
2a05:d018:5f8:5906:261f:8f1a:e46e:73f2 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
43b47c40685880070991a06b239d1766ac070f4a5f85e54f805916852eec0691

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://blogma.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 02 Mar 2022 18:21:33 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Oct 2021 10:54:18 GMT
Server
nginx/1.12.2
ETag
W/"616ff55a-c72c"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=3600
Connection
keep-alive
Expires
Wed, 02 Mar 2022 19:21:33 GMT
gpt.js
www.googletagservices.com/tag/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: blogma.co.uk
URL: http://blogma.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90d6e8aa7d3916b21b60c2faf462f63569d012a8d4484a3c65686cd64c7255db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://blogma.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:21:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27894
x-xss-protection
0
server
sffe
etag
"1147 / 694 of 1000 / last-modified: 1646243394"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 02 Mar 2022 18:21:33 GMT
logo-smaller.png
www.livetodot.com/wp-content/themes/livetodot/img/logo/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.livetodot.com/wp-content/themes/livetodot/img/logo/logo-smaller.png
Requested by
Host: blogma.co.uk
URL: http://blogma.co.uk/
Protocol
HTTP/1.1
Server
2a05:d018:5f8:5906:261f:8f1a:e46e:73f2 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
b934f61b801a95c78575e1f0812967b3c47834e40763ec9146c1093a2f274277

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://blogma.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 02 Mar 2022 18:21:33 GMT
Last-Modified
Wed, 20 Oct 2021 10:54:18 GMT
Server
nginx/1.12.2
ETag
"616ff55a-1618"
Content-Type
image/png
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5656
Expires
Wed, 02 Mar 2022 19:21:33 GMT
f-sel-reflect.gif
www.livetodot.com/wp-content/themes/livetodot/img/tab/ 		144 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.livetodot.com/wp-content/themes/livetodot/img/tab/f-sel-reflect.gif
Requested by
Host: www.livetodot.com
URL: http://www.livetodot.com/wp-content/themes/livetodot/style.css
Protocol
HTTP/1.1
Server
2a05:d018:5f8:5906:261f:8f1a:e46e:73f2 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
746134874373cc5568db6ab88501d278f7901b65928a85aaf14512148d1413ce

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://www.livetodot.com/wp-content/themes/livetodot/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 02 Mar 2022 18:21:33 GMT
Last-Modified
Wed, 20 Oct 2021 10:54:18 GMT
Server
nginx/1.12.2
ETag
"616ff55a-90"
Content-Type
image/gif
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
144
Expires
Wed, 02 Mar 2022 19:21:33 GMT
f-sel.gif
www.livetodot.com/wp-content/themes/livetodot/img/tab/ 		152 B
458 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.livetodot.com/wp-content/themes/livetodot/img/tab/f-sel.gif
Requested by
Host: www.livetodot.com
URL: http://www.livetodot.com/wp-content/themes/livetodot/style.css
Protocol
HTTP/1.1
Server
2a05:d018:5f8:5906:261f:8f1a:e46e:73f2 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
9bfe4e5adbd15a46b08a23e01f91f0a655ca544fa7f004c404af68a76e5fe52b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://www.livetodot.com/wp-content/themes/livetodot/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 02 Mar 2022 18:21:33 GMT
Last-Modified
Wed, 20 Oct 2021 10:54:18 GMT
Server
nginx/1.12.2
ETag
"616ff55a-98"
Content-Type
image/gif
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
152
Expires
Wed, 02 Mar 2022 19:21:33 GMT
pubads_impl_2022022401.js
securepubads.g.doubleclick.net/gpt/ 		363 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022401.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
sffe /
Resource Hash
eb17a933f0977509c796b9055e3c140746326ecd3ec343dfa3614e8bdb1ac2f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://blogma.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 17:54:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1652
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124299
x-xss-protection
0
last-modified
Thu, 24 Feb 2022 09:41:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 02 Mar 2023 17:54:01 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		34 B
684 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=blogma.co.uk
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
cb824270c3f76a6ac2d8d3172ac14c600a8ac5e73e4398cc1a7d2dc86a66657f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://blogma.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Mar 2022 18:21:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48
x-xss-protection
0
expires
Wed, 02 Mar 2022 18:21:33 GMT
integrator.js
adservice.google.co.uk/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=blogma.co.uk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://blogma.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Mar 2022 18:21:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=blogma.co.uk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://blogma.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Mar 2022 18:21:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		24 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3050511087925957&correlator=3071981487148497&output=ldjh&impl=fifs&eid=31065294&vrg=2022022401&ptt=17&sc=0&sfv=1-0-38&ecs=20220302&iu_parts=1015160%2CLive_to_Dot_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie_enabled=1&bc=23&abxe=1&dt=1646245293614&lmt=1646245293&dlt=1646245293121&idt=471&biw=1600&bih=1200&oid=2&adxs=435&adys=409&ucis=1&adks=2598950254&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fblogma.co.uk%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=730x464&msz=728x-1&ga_vid=830860886.1646245294&ga_sid=1646245294&ga_hid=60318046&ga_fc=false&fws=0&ohw=0&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
a64116456336da12e9032239b579a4389aba2162512ddfb8cbcb1a14d11a5627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://blogma.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:21:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10401
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://blogma.co.uk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A3ED 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
http://blogma.co.uk/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 02 Mar 2022 18:21:33 GMT
expires
Thu, 02 Mar 2023 18:21:33 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022022401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bae5162ba73cd03a948c552c350f6e1b78fdd06025d6ad9dd687f53d584b4538
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://blogma.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Mar 2022 18:21:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10737
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://blogma.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:21:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 02 Mar 2022 18:21:34 GMT
container.html
130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8C77 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
http://blogma.co.uk/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 02 Mar 2022 18:21:33 GMT
expires
Thu, 02 Mar 2023 18:21:33 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
googleads.g.doubleclick.net/xbbe/ Frame 749F 		468 B
932 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEMfclwEYg4z8rgEwAQ&v=APEucNVjVbb2PUUrezwEZyRmTuzI2_CxPQMOxx1xe_RhzRCnF0VCe8LfPsPjy7StOctnPjhv0stLEWF4O65DpTDrn4kdIoEwyQ
Requested by
Host: 130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com
URL: https://130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1a81c00b02e9a797e6e8cfce706577e8eb14c66fc4ab38ed71f09508d9222c72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 02 Mar 2022 18:21:34 GMT
server
cafe
cache-control
private
content-length
233
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 02 Mar 2022 18:21:34 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 8C77 		14 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D5iJ1TIsTmcBrA6t9g-WZGYtURo8OLICepDeYhLXrtuiZ8u2mMwKshBj-u0wYHG0IAm2AL_H76YUkiL4Bzgamb5BkG_QgxrHa4Vac0aAsYRDAuPeKWb7UmxBdOJeIy99UC_EJ48ZSQB6U-fQ7gfHmFaqUjwA&dbm_d=AKAmf-De-5Y1nYBt_dmcG9tc5ipc347FJmBCjUt2UJ8K6RUpaHAD5b1twXBWuU9U2HZgJSbmDXWHWAcD4ofA_WHCLhBkk3R_ET8TB5pt4-x2OgbyDHqowz0I1AlmG6mONJKhiofmvQmDF2kF2knqHzO3fvMSUu44DcWUwxYERv6cNma62tvgF16bUssz2CocDDYbYXlBIOrifoY7n-N1lMhYxc6AOXUY7XEnObIEVFkOac0Xkl-ZboQVrNcp-9xcHW0LXT-KbIm4foDvmlR7pAK1pJdlYIHi1_P_GxuUsP3qWPCw_IZEkp_KPPqVs6_nCtPP1AD58uJbqQwvruINijhOxdV3P9GGD0_M6j-08IfdWnMSpEdsyd-ZkOncSAycQDeLwnrqAs_uZzVN-sHN55qkwVIgsDFg5DVBj2bse3l1Y5TilmmYIE1ByzV1q6LwchcJnm5JIV9-2uIC6t2M7XBDjuTWyEuQTYJhgVN8RL_fx7ahYHE5xsVt6N5qpzmtDQMracsTAY577wX0YTofy0eYdq2BTCg9suxBc2gSJFmOLcDnp4jRs9YnfORnotzIpLLlheWNUIRx6y7W0S6sGykeH2H66RmqX0NUmjZumckiKrv8kRiqTk6PYHOGmD5neZAckNVDyxrBzvWtU61v-2i-KLjBL1rZ56xJJY-2Dhd6kufq0Mg9IwxvtcXC1h7HdKBamVGxrvoZOdTYFyzf2qdD050flgHbzfdoLpa55AqXeyNkzmtDngR9bi6xupPBNz2MEKUz5t9cVJgxfpFka8N8Ue3_3l1Ta9nW0RgUqRWd1jVsaXkQ7eOf1skiF4h7WPCJo3agRlzyFYEThu6JRkUDq1nujt_AkLDfHQnpA6-EmHlGCwq9ONmnENqXxuEa36sF3nVH0jiL1bNvDQInD171NYU9QDTBpAK1kUx7G2VN1ZzJXo3tdz0VNEUo1wymererkXiRWFrvZ_K5j8nlT0EtHKqnYwIXHe-KRHdcgDCLruCmMi3jWci7bKQcfgDfOGQTgAXO_Z8T15pKmNqv1vJjNuLiZyps1cckbWaGWJcpNkDlSY0-I4MLSx2nC-X4UrHxvsAPuAhZSzS2mCWx6AFSuJ9K9RdblejDm8JslhUPDi1ujVUp17eZEUECzVEQZZErFPvhcG7HZ3W701X13nEmjHcaxmCOvZv_JOqUqZuvq1i4qOMYckNmCF15O18dghZ0hoDlPSuha30FmZtni4MVToJ5ho3WoobCW_4qe2wpOeJrPPZX2HJ7jdYp2Gf45LTzseeUD7LDmirEIRz-WcuGolHCN1LVSO79EsML026f7H28jQRM6cudl6j4CFCPeb2z3Kok3TORVpFiEZeLs61DQkFt_gnpXFZlNVI4wooo_3NHEmsaqL1drWWaSTN1lDLCskpeZa4P5p-o05wpujjJAWU2pYYoqFczhBRpWOMmeeMwUEafYxNXYW-X_9WuF6_O3lKVB8B6qmUFnGWO6aDORFAcIe4ARmvrRPGPR49n2dT6ZC2CuVLcwvD8oVKxaQ6CAwuk6SRWsLag_nUEXMooq_YQPOgkXNUiMTLDWkgRmkD-LV2UWK8mse9SvB5_si4UJzdvPNNntAO2iC4cS-kPXA_T13N3rNp-XzvQzljYxkqBmWVT26clHxMRVF8Z7HlqQT0yBSiiKvwcHmrIE_VXhti9cXjMLpiFjpytnvfsWwBAC3T9-0wGKmBMEZw0qQNg84US6s-CPGIVESMolSse7qFBVJx_8fAxYMjlGTOhGm6nQ6jMdZP9e3c2dfd1MF1bA2JaxRekd1qmXyXeoeI2UBcZY9hHDNEqjmgSliMlvdeA5U-l3aZjCQCX1J2peKrkhe-ANSngyrde02fsEkPq-2hlNlzrWDvhBrSnmW00hSQSUexVk1BbxwlLYLbfdgvO1DYGjYtBn214bTgBCiy0f-wNwcGuxDOvzNRt4DGEIxfYToZvGbdV8LJZlLvBJklhdSlgTw8qeJjCTqLdA379_8Be5t0G3taGAE-Au2bIWx1yfir2qbdNlCwFzj2Hc4XmhDQnF5YYppuRwQ4GMaYgbR0AMBaW2gA5iSQIpj0KqS5lOgBrYlKs4KaqywSOE63N2shJykOCCVpU7TE_3bojm1l6Jwip4_RM-jBtPQH2m84DrjgqWasYwI_cnOTrV_huA_NHYdt1tUEEUiwlh2LDrugjvl-pamkkOP7Qn-XpTOOSxyQJ44fGEpty6dsvptQfuc4zJQyAvaf4XN0i9N9RmBQRFQ8M7h59rxtft9nNVZZMJRaPRWeZ-4oa6_l3H0we1d5P-uCMbuVTZP4X_FXae2y8AjL2tLKlxTtTCNfONTG_vXqC5CVDnpj4Hc-1dhIz0r4pRYFIaBB82Z1qVivCdR56Igi1i9a9rq156mNnNP6mO70-sXHr_VQSx4ALtnzvNFbCBh2ip9tbyX6SaiMMTzGRYKLdoaDpV7pfhgXZRpxDOWEpN7VzWVjdyt8_oWxgRzMOlN3M&cid=CAASFeRoNSq_vytxTbzrP_5AvFaYaNDKEQ&rfl=1%2Chttp%253A%252F%252Fblogma.co.uk%252F%240
Requested by
Host: blogma.co.uk
URL: http://blogma.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
80b0d2382426b2d291d4a385a80f8fc36ad6edbcd2349c88952afaaa2fae3306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:21:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10799
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8C77 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AtP4Ryih9caYPHzFPxsPzYUECsV_7Sd0_pZZHm6t971qxSGUayLN7zWQO6E1wQLi0ek6YiKyU7tn1gVHfapFfotDKsM6AkRPFSRT2vE4TzSr66pco
Requested by
Host: 130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com
URL: https://130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:21:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adj
fw.adsafeprotected.com/rjss/bgd/743429/55635901/xbbe/creative/ Frame 8C77 		237 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/bgd/743429/55635901/xbbe/creative/adj?p=APEucNURmVPAjgiqWI_eDv1ad_CBT0GiIpOknAd4xW-fj31bKgkVbiY&d=CnkAoCZ_4F7jphbUdF8MNI759V9xS7KIlEfMCEXY3UB4o6KF0Il1SX2652EggtMn2Di047eCwqwoQoMDBzL7EzkpQu-K7RCKmgu0XPk9hF2IBHLlfgr0Mg0siO-R8dDs7QxAj3Rh4PmaJ6ENM3Ic53YBadCpTeImFWlhEukRAKAmf-Bm_7-TrHYzD3838q_dmwOWMEmaJoWjSjRZm5QlVM44q68B3xNc_SZiZ1MbnWgpfdEnZ9hQ4cxX_xROfPYIeozqEkk2JEz8au4Y-yzxqjb5CviJzvn5tLsilmYGWT0mpr2USLIUTS-7sxqEiIf8FlYUkbI3wY7PpXIYHRLvUB2U9jyTvV_2OS8PWu5aOt2rfcaOSgM30bSiir6ZYHUADKV_fvjlkV8aq8wwCRATM8HXNfU9iyZFoqqPv33MicpZygjkoEpx9D_qrFHvaDuhLU2Av184UXf9m9wHOGfMnTsACeEdEK3INssZz3YQ_oEjZdDG0cdD1dkSjLcca1pCrPW0TayokX83kPlEiKlYkvVQJQGTGOVo-yANkc3v0OFa2RLx2EJipIN6w2asNgd5nvd-pyUwB6uX4wb0gFlFytqwpOy_6kCx9CEKGiXf3M8VY1fZgFa4eLNG2CJlY02JEa69k4Q_SPoja-_NqbiWSeRjYcBN-ZGmxod97_i7h3aKwx_7VjJLqmGjSdZdjLDQZaSwWi7-RZ_hgHFz3I61_3ygMTxaPDm1cdKqCXuSsprbE_NRHdoUaUhTy8TaX-LhUfLB43gfbZ82GJo4JZ7tya1IR_2BQUQV6gBoRfS90qLkFlqpe77sRsxikaacZOOanHRBfYmy38mNbNqOCnZAMNpWRGomd5DE0Ev49K2HP197jAqmV397h5i7Jh6jInzk5Cae9UTehNvQ3wMH8VNkJkNAhp10mIJyz8F1aohpq9m3CrTgoJy68x3nAELkaDXB1pZa8ywRoE8VueZewcKD7uXETheUGvCsuBqa0cyWr-3MSl6hd_PJuOEwWfgYCylSV5e01EAblemZlr57K8bYrjI-L7KQOXHp2DPABnXNhosaHIRESofqOxd-b9grdVi_7_rbfnSK5lcRH_By_k82BgnKnvEsT-IgdxcgwyC5JdODn_RZife3h5-cZl9euy-Lpaj-SiXrJzfoKJ1u6oblaZFYMHB_tM3OlVG0WqksvoPnNYo_pc06Gn4WD16MQOHamb6pu1fBW4jLeFhNJkrP0D7reTJmWQ7VRaRHxXFpKo-wnTnsH0j2ytCYV0xVwwHX6jeV9h7r7lFy818mfTapUQu8H_4LDffT_80PROVTkvlb-5xMhZgJJUBnarYMkcoK3Ztz1BX2DiRPDO-b4q79sa6sJFzqDjfTR3Q217AXClz7bdTxxXwriV4OyyREiK8Liq19cYEayhXn4DnJQuNFSFK3ATutYm3kq4mhQ1wgS6mp7YzjA2hHpKeE7HEITpX7LNmy4lwjPgTMAG2cjeu6mne1qYPXgl_RCNB8wmUPxGNesuJTpe3_tF4VFN5DxZkB_R4N5tTtyR10Ckz1p1GhueI2Z0VjB9O2OUdUIUWO3g924TxZqh5kTUGXj1AF93tnFclYqm55hFRkL_xthV8Zih2Vzo2y5jHpXM52UTapU-jBL36K1HivsMUx8wE-TuUcWGJ84SenSo5lX1t9Ql9WE8Sr6o5E7p7ngsnc_EyxrxWEzBMjKuPAins_ebgF08x-gelEYDtQBX3VSZfE9oE90Ebn4j8d-UNlMJcTnISaPUDn-V1X2ch2QX6l8DcA8GrYVTNhINV13WXdjs1pvDfysq_lqqYfHaksxjlwAzxlk6ogOJ62mlfK_8wJ5bCXGyqTshzL6YGD0x9yxH5KO7j3sS02XfYYfDz8lGK0xlyHwtsEmK-YF3CwNMl0NSlMK4QbDv9A2vSYqgi2IOPSU0tWL6Cm5lK7meLdWgLcxJotYIMtzvZnt6CxF2BPWAWWWiNqdTnHZ0pu2pmaaoMxIpuRegf21ZcG3l2btaIjXb8z7OWSAgCe95pP6J3xySm582jGdKVDNbdIwN_L_HuG0o6mjssktlRzB-cc6tcK92W4buhxqoEWMdye7MfNDAvKher-zWoJv5frd4ecPKuJF3neQu7Y19hgm2-MmaOfp9vMl0hgk9RurL1COQ4DHA-mbtTg7yfbFWZmZXBZnneo5l65dyXvBcvxmiqGfPdSbICvxW5K_X1S42wAY41tcDqq1Mc9zp4nhg-zlufOcNx3_L8qGNk0MJYmiYam6ONEtD4Df2n19SBHtWrR7qRtzlxlvwj3GGSB-gCQawAsehqqRuHrV3SxHszw0WR8K_QPrFZ1shv20CPww5B5QyfenT2r9DXRGDAP4MqX2aKy2O6Is7NtWzKFuhBmJtT4rnF7JamazOaf7UuJiA9EuWBYSuv7E1nzZ5himv1ZmGicOLUEQEGH9Dy9xmEw6Kf0ir1BBIOayP8uOXQpd87LXgq4KlsHpuFbybDq_yd-CEuYlOjs9Ped4QSPJ7g8g-xj8mAmeNDE5ekTPL9UVfiwJIX6gUHarRqugVO3WqLSNdclfjxWUpD3DXBMw7pX6RNhghC3nLw_mrNDjHBajL1l6TS-KjyrBYubG5SH8t_bObnWV1xOsi_5pqXlthJmde_2mqQX-Lly6YXoZFxmdPtLluqCt0wq9F7SSD937eINmGHLLtdqXt2X8cFBgTS1mSCjm1MGwIWQbiY-dpY6KxULfQFFMMWMxloGU0w-IaO2ai1Y2R0x_9YMF1fd0T-CmmVvbQBsU6rweLkY3RG6XJWmrIUnrLHub0PRAbhSiIy5pISF5baM0TIvqtBTZ0QMN8mcRanZuZA-HKDNyDcfTDop5YPoMWAwiq9lbcfsYBP_aP7X4VkGGC0hen__X1-OoYawhPgKPQVcIO6yHfcBrgzLhMUHcPUBwhctzP2NL5RKwz9wr7Ba1fOa4aljDwdMopCQSkBS6XzoI_Eel8yRYLk6I2v0eqHtKSsf-Fyj1lQWuA3wnUrVVtq1pisORqTu5RW6eqOzLNGVNRMpcexrtlZZwVMrNssMloCjo3mvM0iPYv9vHbw5mQZ8awRBYhWSKjgbcEVG6CcEpHvMJkpDLliDEKtK47tNpBYSq9LGrKVsv1DRJqnm-MRLX86o4rfZRb0D80zf9LTpPxPBYb5Z9J2U39cal1bo9m8lzCRD7LQL0xoZCAASFeRoNSq_vytxTbzrP_5AvFaYaNDKEWAB
Requested by
Host: 130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com
URL: https://130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.214.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-214-88.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d806a97e6d6dd86eeaf4b92b43618dd5b4e48a6b991aa5af365e4f970746ca3d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:21:34 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220228/r20110914/client/ Frame 8C77 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220228/r20110914/client/window_focus_fy2019.js
Requested by
Host: 130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com
URL: https://130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:17:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
226
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Mar 2022 18:17:48 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8C77 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com
URL: https://130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
421826ba172a54d9fd676a0a6ec9d635c3f2210aba81b270d1505c8c653ae4ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:21:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38862
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1646052075697155"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 02 Mar 2022 18:21:34 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220228/r20110914/client/ Frame 8C77 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220228/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com
URL: https://130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
383f95a75b02bb1370e93c9c3c6b9f060a98dbe492b16d8e1da3f653a800e435
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 17:37:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2628
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6433
x-xss-protection
0
server
cafe
etag
3306657128042699500
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Mar 2022 17:37:46 GMT
l
www.google.com/ads/measurement/ Frame 8C77 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQHgtn3jn-2dJl_dBZNf2rxHqlp0CnhvgFGaSNAIquusjYXmxBCcHZ4d2mUPLvEiOQSAjLOs4aC5m9cYvA8byIzCjg3TQ
Requested by
Host: 130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com
URL: https://130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 20B6 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
http://blogma.co.uk/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 02 Mar 2022 18:07:28 GMT
expires
Thu, 02 Mar 2023 18:07:28 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
846
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 9ED9 		783 B
1003 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5780d8896c8016dc9fe6985c7fb727958c9f78fb1a4cfed404a701efec2b002c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-j/6M+wvxMvZPYRvvlgYYww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
http://blogma.co.uk/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 02 Mar 2022 18:21:34 GMT
date
Wed, 02 Mar 2022 18:21:34 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-j/6M+wvxMvZPYRvvlgYYww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
j7hE3yxA75Jh70ErwfbAXbZ96cK9V2UfbDPjrUCF35o.js
pagead2.googlesyndication.com/bg/ Frame 20B6 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/j7hE3yxA75Jh70ErwfbAXbZ96cK9V2UfbDPjrUCF35o.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8fb844df2c40ef9261ef412bc1f6c05db67de9c2bd57651f6c33e3ad4085df9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 14:44:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
13052
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13490
x-xss-protection
0
last-modified
Thu, 24 Feb 2022 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 Mar 2023 14:44:02 GMT
/
d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/ Frame 749F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=turn_dmp&google_cm
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?mpuid=CAESECiZJTSEGWWemo6KUZWhbwY&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?mpuid=CAESECiZJTSEGWWemo6KUZWhbwY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEMfclwEYg4z8rgEwAQ&v=APEucNVjVbb2PUUrezwEZyRmTuzI2_CxPQMOxx1xe_RhzRCnF0VCe8LfPsPjy7StOctnPjhv0stLEWF4O65DpTDrn4kdIoEwyQ
Protocol
H2
Server
2001:678:cb4:bbbb::13 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:21:33 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:21:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?mpuid=CAESECiZJTSEGWWemo6KUZWhbwY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
309
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 749F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2mkw-WXrUmLj4VlfRCXpw&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2mkw-WXrUmLj4VlfRCXpw&google_cver=1&C=1
43 B
1012 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2mkw-WXrUmLj4VlfRCXpw&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEMfclwEYg4z8rgEwAQ&v=APEucNVjVbb2PUUrezwEZyRmTuzI2_CxPQMOxx1xe_RhzRCnF0VCe8LfPsPjy7StOctnPjhv0stLEWF4O65DpTDrn4kdIoEwyQ
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Mar 2022 18:21:35 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 02 Mar 2022 18:21:35 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 02 Mar 2022 18:21:34 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2mkw-WXrUmLj4VlfRCXpw&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Wed, 02 Mar 2022 18:21:34 GMT
rum
dsum-sec.casalemedia.com/ Frame 749F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yh.1rq8tG0w4Lf.B2wSg3AAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO1N8E4x72y1WqhlqN7wyyY&google_cver=1&google_hm=2
43 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO1N8E4x72y1WqhlqN7wyyY&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEMfclwEYg4z8rgEwAQ&v=APEucNVjVbb2PUUrezwEZyRmTuzI2_CxPQMOxx1xe_RhzRCnF0VCe8LfPsPjy7StOctnPjhv0stLEWF4O65DpTDrn4kdIoEwyQ
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Mar 2022 18:21:35 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 02 Mar 2022 18:21:35 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:21:35 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO1N8E4x72y1WqhlqN7wyyY&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9ED9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022022401&jk=3050511087925957&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 8C77 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D5iJ1TIsTmcBrA6t9g-WZGYtURo8OLICepDeYhLXrtuiZ8u2mMwKshBj-u0wYHG0IAm2AL_H76YUkiL4Bzgamb5BkG_QgxrHa4Vac0aAsYRDAuPeKWb7UmxBdOJeIy99UC_EJ48ZSQB6U-fQ7gfHmFaqUjwA&dbm_d=AKAmf-De-5Y1nYBt_dmcG9tc5ipc347FJmBCjUt2UJ8K6RUpaHAD5b1twXBWuU9U2HZgJSbmDXWHWAcD4ofA_WHCLhBkk3R_ET8TB5pt4-x2OgbyDHqowz0I1AlmG6mONJKhiofmvQmDF2kF2knqHzO3fvMSUu44DcWUwxYERv6cNma62tvgF16bUssz2CocDDYbYXlBIOrifoY7n-N1lMhYxc6AOXUY7XEnObIEVFkOac0Xkl-ZboQVrNcp-9xcHW0LXT-KbIm4foDvmlR7pAK1pJdlYIHi1_P_GxuUsP3qWPCw_IZEkp_KPPqVs6_nCtPP1AD58uJbqQwvruINijhOxdV3P9GGD0_M6j-08IfdWnMSpEdsyd-ZkOncSAycQDeLwnrqAs_uZzVN-sHN55qkwVIgsDFg5DVBj2bse3l1Y5TilmmYIE1ByzV1q6LwchcJnm5JIV9-2uIC6t2M7XBDjuTWyEuQTYJhgVN8RL_fx7ahYHE5xsVt6N5qpzmtDQMracsTAY577wX0YTofy0eYdq2BTCg9suxBc2gSJFmOLcDnp4jRs9YnfORnotzIpLLlheWNUIRx6y7W0S6sGykeH2H66RmqX0NUmjZumckiKrv8kRiqTk6PYHOGmD5neZAckNVDyxrBzvWtU61v-2i-KLjBL1rZ56xJJY-2Dhd6kufq0Mg9IwxvtcXC1h7HdKBamVGxrvoZOdTYFyzf2qdD050flgHbzfdoLpa55AqXeyNkzmtDngR9bi6xupPBNz2MEKUz5t9cVJgxfpFka8N8Ue3_3l1Ta9nW0RgUqRWd1jVsaXkQ7eOf1skiF4h7WPCJo3agRlzyFYEThu6JRkUDq1nujt_AkLDfHQnpA6-EmHlGCwq9ONmnENqXxuEa36sF3nVH0jiL1bNvDQInD171NYU9QDTBpAK1kUx7G2VN1ZzJXo3tdz0VNEUo1wymererkXiRWFrvZ_K5j8nlT0EtHKqnYwIXHe-KRHdcgDCLruCmMi3jWci7bKQcfgDfOGQTgAXO_Z8T15pKmNqv1vJjNuLiZyps1cckbWaGWJcpNkDlSY0-I4MLSx2nC-X4UrHxvsAPuAhZSzS2mCWx6AFSuJ9K9RdblejDm8JslhUPDi1ujVUp17eZEUECzVEQZZErFPvhcG7HZ3W701X13nEmjHcaxmCOvZv_JOqUqZuvq1i4qOMYckNmCF15O18dghZ0hoDlPSuha30FmZtni4MVToJ5ho3WoobCW_4qe2wpOeJrPPZX2HJ7jdYp2Gf45LTzseeUD7LDmirEIRz-WcuGolHCN1LVSO79EsML026f7H28jQRM6cudl6j4CFCPeb2z3Kok3TORVpFiEZeLs61DQkFt_gnpXFZlNVI4wooo_3NHEmsaqL1drWWaSTN1lDLCskpeZa4P5p-o05wpujjJAWU2pYYoqFczhBRpWOMmeeMwUEafYxNXYW-X_9WuF6_O3lKVB8B6qmUFnGWO6aDORFAcIe4ARmvrRPGPR49n2dT6ZC2CuVLcwvD8oVKxaQ6CAwuk6SRWsLag_nUEXMooq_YQPOgkXNUiMTLDWkgRmkD-LV2UWK8mse9SvB5_si4UJzdvPNNntAO2iC4cS-kPXA_T13N3rNp-XzvQzljYxkqBmWVT26clHxMRVF8Z7HlqQT0yBSiiKvwcHmrIE_VXhti9cXjMLpiFjpytnvfsWwBAC3T9-0wGKmBMEZw0qQNg84US6s-CPGIVESMolSse7qFBVJx_8fAxYMjlGTOhGm6nQ6jMdZP9e3c2dfd1MF1bA2JaxRekd1qmXyXeoeI2UBcZY9hHDNEqjmgSliMlvdeA5U-l3aZjCQCX1J2peKrkhe-ANSngyrde02fsEkPq-2hlNlzrWDvhBrSnmW00hSQSUexVk1BbxwlLYLbfdgvO1DYGjYtBn214bTgBCiy0f-wNwcGuxDOvzNRt4DGEIxfYToZvGbdV8LJZlLvBJklhdSlgTw8qeJjCTqLdA379_8Be5t0G3taGAE-Au2bIWx1yfir2qbdNlCwFzj2Hc4XmhDQnF5YYppuRwQ4GMaYgbR0AMBaW2gA5iSQIpj0KqS5lOgBrYlKs4KaqywSOE63N2shJykOCCVpU7TE_3bojm1l6Jwip4_RM-jBtPQH2m84DrjgqWasYwI_cnOTrV_huA_NHYdt1tUEEUiwlh2LDrugjvl-pamkkOP7Qn-XpTOOSxyQJ44fGEpty6dsvptQfuc4zJQyAvaf4XN0i9N9RmBQRFQ8M7h59rxtft9nNVZZMJRaPRWeZ-4oa6_l3H0we1d5P-uCMbuVTZP4X_FXae2y8AjL2tLKlxTtTCNfONTG_vXqC5CVDnpj4Hc-1dhIz0r4pRYFIaBB82Z1qVivCdR56Igi1i9a9rq156mNnNP6mO70-sXHr_VQSx4ALtnzvNFbCBh2ip9tbyX6SaiMMTzGRYKLdoaDpV7pfhgXZRpxDOWEpN7VzWVjdyt8_oWxgRzMOlN3M&cid=CAASFeRoNSq_vytxTbzrP_5AvFaYaNDKEQ&rfl=1%2Chttp%253A%252F%252Fblogma.co.uk%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 13:52:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
102516
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Mar 2023 13:52:58 GMT
adj
bid.g.doubleclick.net/xbbe/creative/ Frame 8C77
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/bgd/743429/55635901/xbbe/creative/adj?p=APEucNURmVPAjgiqWI_eDv1ad_CBT0GiIpOknAd4xW-fj31bKgkVbiY&d=CnkAoCZ_4F7jphbUdF8MNI759V9xS7KIlEfMCEXY3UB4o6KF0Il1SX2652EggtMn...
  • https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNURmVPAjgiqWI_eDv1ad_CBT0GiIpOknAd4xW-fj31bKgkVbiY&d=CnkAoCZ_4F7jphbUdF8MNI759V9xS7KIlEfMCEXY3UB4o6KF0Il1SX2652EggtMn2Di047eCwqwoQoMDBzL7EzkpQ...
40 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNURmVPAjgiqWI_eDv1ad_CBT0GiIpOknAd4xW-fj31bKgkVbiY&d=CnkAoCZ_4F7jphbUdF8MNI759V9xS7KIlEfMCEXY3UB4o6KF0Il1SX2652EggtMn2Di047eCwqwoQoMDBzL7EzkpQu-K7RCKmgu0XPk9hF2IBHLlfgr0Mg0siO-R8dDs7QxAj3Rh4PmaJ6ENM3Ic53YBadCpTeImFWlhEukRAKAmf-Bm_7-TrHYzD3838q_dmwOWMEmaJoWjSjRZm5QlVM44q68B3xNc_SZiZ1MbnWgpfdEnZ9hQ4cxX_xROfPYIeozqEkk2JEz8au4Y-yzxqjb5CviJzvn5tLsilmYGWT0mpr2USLIUTS-7sxqEiIf8FlYUkbI3wY7PpXIYHRLvUB2U9jyTvV_2OS8PWu5aOt2rfcaOSgM30bSiir6ZYHUADKV_fvjlkV8aq8wwCRATM8HXNfU9iyZFoqqPv33MicpZygjkoEpx9D_qrFHvaDuhLU2Av184UXf9m9wHOGfMnTsACeEdEK3INssZz3YQ_oEjZdDG0cdD1dkSjLcca1pCrPW0TayokX83kPlEiKlYkvVQJQGTGOVo-yANkc3v0OFa2RLx2EJipIN6w2asNgd5nvd-pyUwB6uX4wb0gFlFytqwpOy_6kCx9CEKGiXf3M8VY1fZgFa4eLNG2CJlY02JEa69k4Q_SPoja-_NqbiWSeRjYcBN-ZGmxod97_i7h3aKwx_7VjJLqmGjSdZdjLDQZaSwWi7-RZ_hgHFz3I61_3ygMTxaPDm1cdKqCXuSsprbE_NRHdoUaUhTy8TaX-LhUfLB43gfbZ82GJo4JZ7tya1IR_2BQUQV6gBoRfS90qLkFlqpe77sRsxikaacZOOanHRBfYmy38mNbNqOCnZAMNpWRGomd5DE0Ev49K2HP197jAqmV397h5i7Jh6jInzk5Cae9UTehNvQ3wMH8VNkJkNAhp10mIJyz8F1aohpq9m3CrTgoJy68x3nAELkaDXB1pZa8ywRoE8VueZewcKD7uXETheUGvCsuBqa0cyWr-3MSl6hd_PJuOEwWfgYCylSV5e01EAblemZlr57K8bYrjI-L7KQOXHp2DPABnXNhosaHIRESofqOxd-b9grdVi_7_rbfnSK5lcRH_By_k82BgnKnvEsT-IgdxcgwyC5JdODn_RZife3h5-cZl9euy-Lpaj-SiXrJzfoKJ1u6oblaZFYMHB_tM3OlVG0WqksvoPnNYo_pc06Gn4WD16MQOHamb6pu1fBW4jLeFhNJkrP0D7reTJmWQ7VRaRHxXFpKo-wnTnsH0j2ytCYV0xVwwHX6jeV9h7r7lFy818mfTapUQu8H_4LDffT_80PROVTkvlb-5xMhZgJJUBnarYMkcoK3Ztz1BX2DiRPDO-b4q79sa6sJFzqDjfTR3Q217AXClz7bdTxxXwriV4OyyREiK8Liq19cYEayhXn4DnJQuNFSFK3ATutYm3kq4mhQ1wgS6mp7YzjA2hHpKeE7HEITpX7LNmy4lwjPgTMAG2cjeu6mne1qYPXgl_RCNB8wmUPxGNesuJTpe3_tF4VFN5DxZkB_R4N5tTtyR10Ckz1p1GhueI2Z0VjB9O2OUdUIUWO3g924TxZqh5kTUGXj1AF93tnFclYqm55hFRkL_xthV8Zih2Vzo2y5jHpXM52UTapU-jBL36K1HivsMUx8wE-TuUcWGJ84SenSo5lX1t9Ql9WE8Sr6o5E7p7ngsnc_EyxrxWEzBMjKuPAins_ebgF08x-gelEYDtQBX3VSZfE9oE90Ebn4j8d-UNlMJcTnISaPUDn-V1X2ch2QX6l8DcA8GrYVTNhINV13WXdjs1pvDfysq_lqqYfHaksxjlwAzxlk6ogOJ62mlfK_8wJ5bCXGyqTshzL6YGD0x9yxH5KO7j3sS02XfYYfDz8lGK0xlyHwtsEmK-YF3CwNMl0NSlMK4QbDv9A2vSYqgi2IOPSU0tWL6Cm5lK7meLdWgLcxJotYIMtzvZnt6CxF2BPWAWWWiNqdTnHZ0pu2pmaaoMxIpuRegf21ZcG3l2btaIjXb8z7OWSAgCe95pP6J3xySm582jGdKVDNbdIwN_L_HuG0o6mjssktlRzB-cc6tcK92W4buhxqoEWMdye7MfNDAvKher-zWoJv5frd4ecPKuJF3neQu7Y19hgm2-MmaOfp9vMl0hgk9RurL1COQ4DHA-mbtTg7yfbFWZmZXBZnneo5l65dyXvBcvxmiqGfPdSbICvxW5K_X1S42wAY41tcDqq1Mc9zp4nhg-zlufOcNx3_L8qGNk0MJYmiYam6ONEtD4Df2n19SBHtWrR7qRtzlxlvwj3GGSB-gCQawAsehqqRuHrV3SxHszw0WR8K_QPrFZ1shv20CPww5B5QyfenT2r9DXRGDAP4MqX2aKy2O6Is7NtWzKFuhBmJtT4rnF7JamazOaf7UuJiA9EuWBYSuv7E1nzZ5himv1ZmGicOLUEQEGH9Dy9xmEw6Kf0ir1BBIOayP8uOXQpd87LXgq4KlsHpuFbybDq_yd-CEuYlOjs9Ped4QSPJ7g8g-xj8mAmeNDE5ekTPL9UVfiwJIX6gUHarRqugVO3WqLSNdclfjxWUpD3DXBMw7pX6RNhghC3nLw_mrNDjHBajL1l6TS-KjyrBYubG5SH8t_bObnWV1xOsi_5pqXlthJmde_2mqQX-Lly6YXoZFxmdPtLluqCt0wq9F7SSD937eINmGHLLtdqXt2X8cFBgTS1mSCjm1MGwIWQbiY-dpY6KxULfQFFMMWMxloGU0w-IaO2ai1Y2R0x_9YMF1fd0T-CmmVvbQBsU6rweLkY3RG6XJWmrIUnrLHub0PRAbhSiIy5pISF5baM0TIvqtBTZ0QMN8mcRanZuZA-HKDNyDcfTDop5YPoMWAwiq9lbcfsYBP_aP7X4VkGGC0hen__X1-OoYawhPgKPQVcIO6yHfcBrgzLhMUHcPUBwhctzP2NL5RKwz9wr7Ba1fOa4aljDwdMopCQSkBS6XzoI_Eel8yRYLk6I2v0eqHtKSsf-Fyj1lQWuA3wnUrVVtq1pisORqTu5RW6eqOzLNGVNRMpcexrtlZZwVMrNssMloCjo3mvM0iPYv9vHbw5mQZ8awRBYhWSKjgbcEVG6CcEpHvMJkpDLliDEKtK47tNpBYSq9LGrKVsv1DRJqnm-MRLX86o4rfZRb0D80zf9LTpPxPBYb5Z9J2U39cal1bo9m8lzCRD7LQL0xoZCAASFeRoNSq_vytxTbzrP_5AvFaYaNDKEWAB
Requested by
Host: 130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com
URL: https://130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
74.125.133.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f154.1e100.net
Software
cafe /
Resource Hash
ac9132afe7728cb1c03c6d0b47160bff3fd0580f90a1086bcf015fce1ce237d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:21:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17067
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:21:34 GMT
x-server-name
app01.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNURmVPAjgiqWI_eDv1ad_CBT0GiIpOknAd4xW-fj31bKgkVbiY&d=CnkAoCZ_4F7jphbUdF8MNI759V9xS7KIlEfMCEXY3UB4o6KF0Il1SX2652EggtMn2Di047eCwqwoQoMDBzL7EzkpQu-K7RCKmgu0XPk9hF2IBHLlfgr0Mg0siO-R8dDs7QxAj3Rh4PmaJ6ENM3Ic53YBadCpTeImFWlhEukRAKAmf-Bm_7-TrHYzD3838q_dmwOWMEmaJoWjSjRZm5QlVM44q68B3xNc_SZiZ1MbnWgpfdEnZ9hQ4cxX_xROfPYIeozqEkk2JEz8au4Y-yzxqjb5CviJzvn5tLsilmYGWT0mpr2USLIUTS-7sxqEiIf8FlYUkbI3wY7PpXIYHRLvUB2U9jyTvV_2OS8PWu5aOt2rfcaOSgM30bSiir6ZYHUADKV_fvjlkV8aq8wwCRATM8HXNfU9iyZFoqqPv33MicpZygjkoEpx9D_qrFHvaDuhLU2Av184UXf9m9wHOGfMnTsACeEdEK3INssZz3YQ_oEjZdDG0cdD1dkSjLcca1pCrPW0TayokX83kPlEiKlYkvVQJQGTGOVo-yANkc3v0OFa2RLx2EJipIN6w2asNgd5nvd-pyUwB6uX4wb0gFlFytqwpOy_6kCx9CEKGiXf3M8VY1fZgFa4eLNG2CJlY02JEa69k4Q_SPoja-_NqbiWSeRjYcBN-ZGmxod97_i7h3aKwx_7VjJLqmGjSdZdjLDQZaSwWi7-RZ_hgHFz3I61_3ygMTxaPDm1cdKqCXuSsprbE_NRHdoUaUhTy8TaX-LhUfLB43gfbZ82GJo4JZ7tya1IR_2BQUQV6gBoRfS90qLkFlqpe77sRsxikaacZOOanHRBfYmy38mNbNqOCnZAMNpWRGomd5DE0Ev49K2HP197jAqmV397h5i7Jh6jInzk5Cae9UTehNvQ3wMH8VNkJkNAhp10mIJyz8F1aohpq9m3CrTgoJy68x3nAELkaDXB1pZa8ywRoE8VueZewcKD7uXETheUGvCsuBqa0cyWr-3MSl6hd_PJuOEwWfgYCylSV5e01EAblemZlr57K8bYrjI-L7KQOXHp2DPABnXNhosaHIRESofqOxd-b9grdVi_7_rbfnSK5lcRH_By_k82BgnKnvEsT-IgdxcgwyC5JdODn_RZife3h5-cZl9euy-Lpaj-SiXrJzfoKJ1u6oblaZFYMHB_tM3OlVG0WqksvoPnNYo_pc06Gn4WD16MQOHamb6pu1fBW4jLeFhNJkrP0D7reTJmWQ7VRaRHxXFpKo-wnTnsH0j2ytCYV0xVwwHX6jeV9h7r7lFy818mfTapUQu8H_4LDffT_80PROVTkvlb-5xMhZgJJUBnarYMkcoK3Ztz1BX2DiRPDO-b4q79sa6sJFzqDjfTR3Q217AXClz7bdTxxXwriV4OyyREiK8Liq19cYEayhXn4DnJQuNFSFK3ATutYm3kq4mhQ1wgS6mp7YzjA2hHpKeE7HEITpX7LNmy4lwjPgTMAG2cjeu6mne1qYPXgl_RCNB8wmUPxGNesuJTpe3_tF4VFN5DxZkB_R4N5tTtyR10Ckz1p1GhueI2Z0VjB9O2OUdUIUWO3g924TxZqh5kTUGXj1AF93tnFclYqm55hFRkL_xthV8Zih2Vzo2y5jHpXM52UTapU-jBL36K1HivsMUx8wE-TuUcWGJ84SenSo5lX1t9Ql9WE8Sr6o5E7p7ngsnc_EyxrxWEzBMjKuPAins_ebgF08x-gelEYDtQBX3VSZfE9oE90Ebn4j8d-UNlMJcTnISaPUDn-V1X2ch2QX6l8DcA8GrYVTNhINV13WXdjs1pvDfysq_lqqYfHaksxjlwAzxlk6ogOJ62mlfK_8wJ5bCXGyqTshzL6YGD0x9yxH5KO7j3sS02XfYYfDz8lGK0xlyHwtsEmK-YF3CwNMl0NSlMK4QbDv9A2vSYqgi2IOPSU0tWL6Cm5lK7meLdWgLcxJotYIMtzvZnt6CxF2BPWAWWWiNqdTnHZ0pu2pmaaoMxIpuRegf21ZcG3l2btaIjXb8z7OWSAgCe95pP6J3xySm582jGdKVDNbdIwN_L_HuG0o6mjssktlRzB-cc6tcK92W4buhxqoEWMdye7MfNDAvKher-zWoJv5frd4ecPKuJF3neQu7Y19hgm2-MmaOfp9vMl0hgk9RurL1COQ4DHA-mbtTg7yfbFWZmZXBZnneo5l65dyXvBcvxmiqGfPdSbICvxW5K_X1S42wAY41tcDqq1Mc9zp4nhg-zlufOcNx3_L8qGNk0MJYmiYam6ONEtD4Df2n19SBHtWrR7qRtzlxlvwj3GGSB-gCQawAsehqqRuHrV3SxHszw0WR8K_QPrFZ1shv20CPww5B5QyfenT2r9DXRGDAP4MqX2aKy2O6Is7NtWzKFuhBmJtT4rnF7JamazOaf7UuJiA9EuWBYSuv7E1nzZ5himv1ZmGicOLUEQEGH9Dy9xmEw6Kf0ir1BBIOayP8uOXQpd87LXgq4KlsHpuFbybDq_yd-CEuYlOjs9Ped4QSPJ7g8g-xj8mAmeNDE5ekTPL9UVfiwJIX6gUHarRqugVO3WqLSNdclfjxWUpD3DXBMw7pX6RNhghC3nLw_mrNDjHBajL1l6TS-KjyrBYubG5SH8t_bObnWV1xOsi_5pqXlthJmde_2mqQX-Lly6YXoZFxmdPtLluqCt0wq9F7SSD937eINmGHLLtdqXt2X8cFBgTS1mSCjm1MGwIWQbiY-dpY6KxULfQFFMMWMxloGU0w-IaO2ai1Y2R0x_9YMF1fd0T-CmmVvbQBsU6rweLkY3RG6XJWmrIUnrLHub0PRAbhSiIy5pISF5baM0TIvqtBTZ0QMN8mcRanZuZA-HKDNyDcfTDop5YPoMWAwiq9lbcfsYBP_aP7X4VkGGC0hen__X1-OoYawhPgKPQVcIO6yHfcBrgzLhMUHcPUBwhctzP2NL5RKwz9wr7Ba1fOa4aljDwdMopCQSkBS6XzoI_Eel8yRYLk6I2v0eqHtKSsf-Fyj1lQWuA3wnUrVVtq1pisORqTu5RW6eqOzLNGVNRMpcexrtlZZwVMrNssMloCjo3mvM0iPYv9vHbw5mQZ8awRBYhWSKjgbcEVG6CcEpHvMJkpDLliDEKtK47tNpBYSq9LGrKVsv1DRJqnm-MRLX86o4rfZRb0D80zf9LTpPxPBYb5Z9J2U39cal1bo9m8lzCRD7LQL0xoZCAASFeRoNSq_vytxTbzrP_5AvFaYaNDKEWAB
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame E89D 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: 130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com
URL: https://130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:f600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 10:01:19 GMT
content-encoding
gzip
age
8497216
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA53-C1
content-type
application/javascript
x-amz-cf-id
enHIwESmBgFYwtjgAFhs-5VJcYOqHseYhxbMlpGHEo_c349okdPLcA==
dt
dt.adsafeprotected.com/ Frame 8C77 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=743429&asId=d2b8aaa8-cbf0-38fc-ed70-9ec09a2198a9&tv=%7Bc:5JiRo1,pingTime:-3,time:34,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:14%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:34,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B29~0%5D,as:%5B29~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sYWVu9B+11*.743429-55635901%7C111%7C121%7C13,idMap:11*,rmeas:1,rend:0,renddet:IMG.us%7D&br=c
Requested by
Host: 130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com
URL: https://130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.138.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-138-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:21:34 GMT
x-server-name
dt09.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 8C77 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=743429&asId=d2b8aaa8-cbf0-38fc-ed70-9ec09a2198a9&tv=%7Bc:5JiRo2,pingTime:-6,time:35,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:35,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B30~0%5D,as:%5B30~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sYWVu9B+11*.743429-55635901%7C111%7C121%7C13,idMap:11*,rmeas:1,rend:0,renddet:IMG.us%7D&tpiLookup=ao:blogma.co.uk&br=c
Requested by
Host: 130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com
URL: https://130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.138.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-138-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:21:34 GMT
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame FCB5 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 01 Mar 2022 13:54:22 GMT
expires
Wed, 01 Mar 2023 13:54:22 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
102432
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
dt
dt.adsafeprotected.com/ Frame 8C77 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=743429&asId=d2b8aaa8-cbf0-38fc-ed70-9ec09a2198a9&tv=%7Bc:5JiRoi,pingTime:-2,time:51,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:306,beZ:307,mfA:308,cmA:309,inA:309,inZ:312,prA:312,prZ:316,si:320,poA:321,poZ:336,cmZ:336,mfZ:336,loA:340,loZ:342,ltA:356,ltZ:357%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:14%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:51,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B46~0%5D,as:%5B46~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sYWVu9B+11*.743429-55635901%7C111%7C121%7C13,idMap:11*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.us,sinceFw:35,readyFired:false%7D&br=c
Requested by
Host: 130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com
URL: https://130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.138.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-138-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:21:34 GMT
x-server-name
dt11.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
generate_204
tpc.googlesyndication.com/ Frame 20B6 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?r1_yvg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:21:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
j7hE3yxA75Jh70ErwfbAXbZ96cK9V2UfbDPjrUCF35o.js
pagead2.googlesyndication.com/bg/ Frame FCB5 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/j7hE3yxA75Jh70ErwfbAXbZ96cK9V2UfbDPjrUCF35o.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8fb844df2c40ef9261ef412bc1f6c05db67de9c2bd57651f6c33e3ad4085df9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 14:44:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
13052
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13490
x-xss-protection
0
last-modified
Thu, 24 Feb 2022 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 Mar 2023 14:44:02 GMT
457933
cmp-as-tm.everesttech.net/ads/cmp/s/2021/ Frame 8C77 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp-as-tm.everesttech.net/ads/cmp/s/2021/457933?w=728&h=90&s=5&dsp=Google+DCM&clk=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsvym_DGezIk5bLCdGbjvOWnSnojLybmlSS-58zWq0cJnmoNVhn4hfwegLCFQDUW3ARbbegHzJ7L4e-9CQQSz7m3zcBojb8UMRAU6Ro5uuLgQ5tREsocWoNZKH2pBZyfNdcz0Tyl4nlCo-TMmrSaHm4AlqJSrKA8WY0JxDjNIUSMTTXcJjGnJIkor-Kt2tXgOcHEGV3XQAwYA1BrM_z_eWqNqpXuFxYzt4bhwR5Q47NPYvh6InihwD5x16y8ejfphNaacJkJUYGXXOh7Sby0ij0suZj5rwniniFS52JrVVm60ny0_EtQc2mhzgiSg-a_r81jpfGV7n-nHP6UjWkaOOpiof--Wb6DjEmPhwTULQQR6Bn4EQxo0N9tPui23eXZdx_m-NNmJPdutPg6blzlCMAf1vESAdqM_Ir75M4nlzAWCdH906-eD8AHjp2y-MFaBDfdnPClCwgGTpL2SK7CfPxZ6UCAsndgPzEf3svEOouzT-qMNtI8b3ufeWuVuEjVIdzV32bQd1dobgmmyHIo3OMsXpbgCbLfNlM-5XK_Ib-826ZKFk2K7IUWx3DCfaDokMcFv32PDNdPgbTngPwJZ6ckpoJQ_zrtecLpaVGkScYtQ9TIoSHrleB9VKj7cdilhTBzXTCMDJDYdplm_Do0ymqY8Znrh5OTf-wb2ydcpoHrDgZcSUYj8KavUeoViJVQecRQ41ns4JG6L6bE_kKogC2-kh1GxH6thJhRb7wLJrNICTk6wOuLXQ_x9zYslzBIkyEazVGWyrET_JzEwRh2Yd22NhBNO4QDvM9PPnfD55QX9c80st1kV-_ZbPieD66zfjqBAz-xwixXePKF3GOtSAlxfQlaPG5j6jzlTVZ_4i8MaFThB506jsd1WMY2xlpT2cA3gbN_wDXwBU3iV77qT6wmLtRhMWAs-ILl3sTMXLuVELuGsbFD2u_GqVRChXIpJwEicrUoVk1E25VufGd9EHJ4qY1TSGTQRpseWWshvMwpshbvxmlJ1DWoqpwrMOGMCoXosOiYH3oJEbRqVBB3nKktMeEpWAOQHJ2gvvYbXc6Uf8mmBefi1GXgn94I2ziCrc9l5o2WuQU%26sai%3DAMfl-YQbwmH20S6BFGEseJGiIUvU__Yq0ndOsBqtjpytO0vQs_f9r9dBmyL-ybHkgTYObrr6qIaCRlyuEc8QrlApucUepzV_SZkyDmliuQdlq_4xp1rQz8_EvivG_uAGre6nZf9zwz3FPBhJQtf3RstOnxsuSid6qwJXA9LK0iDaqcrjV8GJ7Q%26sig%3DCg0ArKJSzKagGlHal75CEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&dsp_bu_id=25947223&dsp_pa_id=305706233&dsp_si_id=6958819&dsp_ad_id=498879351&dsp_cr_id=137843133&dp1=305706233&tc_1=2200008&tc_2=25947223&tc_3=305706233&tc_4=137843133&tc_5=dcmadvertiserid|8404942$dcmcampaignid|25947223$dcmadid|498879351$dcmrenderingid|137678428$dcmsiteid|6958819$dcmplacementid|305706233$customer|Microsoft$dv360auctionid|
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/743429/55635901/xbbe/creative/adj?p=APEucNURmVPAjgiqWI_eDv1ad_CBT0GiIpOknAd4xW-fj31bKgkVbiY&d=CnkAoCZ_4F7jphbUdF8MNI759V9xS7KIlEfMCEXY3UB4o6KF0Il1SX2652EggtMn2Di047eCwqwoQoMDBzL7EzkpQu-K7RCKmgu0XPk9hF2IBHLlfgr0Mg0siO-R8dDs7QxAj3Rh4PmaJ6ENM3Ic53YBadCpTeImFWlhEukRAKAmf-Bm_7-TrHYzD3838q_dmwOWMEmaJoWjSjRZm5QlVM44q68B3xNc_SZiZ1MbnWgpfdEnZ9hQ4cxX_xROfPYIeozqEkk2JEz8au4Y-yzxqjb5CviJzvn5tLsilmYGWT0mpr2USLIUTS-7sxqEiIf8FlYUkbI3wY7PpXIYHRLvUB2U9jyTvV_2OS8PWu5aOt2rfcaOSgM30bSiir6ZYHUADKV_fvjlkV8aq8wwCRATM8HXNfU9iyZFoqqPv33MicpZygjkoEpx9D_qrFHvaDuhLU2Av184UXf9m9wHOGfMnTsACeEdEK3INssZz3YQ_oEjZdDG0cdD1dkSjLcca1pCrPW0TayokX83kPlEiKlYkvVQJQGTGOVo-yANkc3v0OFa2RLx2EJipIN6w2asNgd5nvd-pyUwB6uX4wb0gFlFytqwpOy_6kCx9CEKGiXf3M8VY1fZgFa4eLNG2CJlY02JEa69k4Q_SPoja-_NqbiWSeRjYcBN-ZGmxod97_i7h3aKwx_7VjJLqmGjSdZdjLDQZaSwWi7-RZ_hgHFz3I61_3ygMTxaPDm1cdKqCXuSsprbE_NRHdoUaUhTy8TaX-LhUfLB43gfbZ82GJo4JZ7tya1IR_2BQUQV6gBoRfS90qLkFlqpe77sRsxikaacZOOanHRBfYmy38mNbNqOCnZAMNpWRGomd5DE0Ev49K2HP197jAqmV397h5i7Jh6jInzk5Cae9UTehNvQ3wMH8VNkJkNAhp10mIJyz8F1aohpq9m3CrTgoJy68x3nAELkaDXB1pZa8ywRoE8VueZewcKD7uXETheUGvCsuBqa0cyWr-3MSl6hd_PJuOEwWfgYCylSV5e01EAblemZlr57K8bYrjI-L7KQOXHp2DPABnXNhosaHIRESofqOxd-b9grdVi_7_rbfnSK5lcRH_By_k82BgnKnvEsT-IgdxcgwyC5JdODn_RZife3h5-cZl9euy-Lpaj-SiXrJzfoKJ1u6oblaZFYMHB_tM3OlVG0WqksvoPnNYo_pc06Gn4WD16MQOHamb6pu1fBW4jLeFhNJkrP0D7reTJmWQ7VRaRHxXFpKo-wnTnsH0j2ytCYV0xVwwHX6jeV9h7r7lFy818mfTapUQu8H_4LDffT_80PROVTkvlb-5xMhZgJJUBnarYMkcoK3Ztz1BX2DiRPDO-b4q79sa6sJFzqDjfTR3Q217AXClz7bdTxxXwriV4OyyREiK8Liq19cYEayhXn4DnJQuNFSFK3ATutYm3kq4mhQ1wgS6mp7YzjA2hHpKeE7HEITpX7LNmy4lwjPgTMAG2cjeu6mne1qYPXgl_RCNB8wmUPxGNesuJTpe3_tF4VFN5DxZkB_R4N5tTtyR10Ckz1p1GhueI2Z0VjB9O2OUdUIUWO3g924TxZqh5kTUGXj1AF93tnFclYqm55hFRkL_xthV8Zih2Vzo2y5jHpXM52UTapU-jBL36K1HivsMUx8wE-TuUcWGJ84SenSo5lX1t9Ql9WE8Sr6o5E7p7ngsnc_EyxrxWEzBMjKuPAins_ebgF08x-gelEYDtQBX3VSZfE9oE90Ebn4j8d-UNlMJcTnISaPUDn-V1X2ch2QX6l8DcA8GrYVTNhINV13WXdjs1pvDfysq_lqqYfHaksxjlwAzxlk6ogOJ62mlfK_8wJ5bCXGyqTshzL6YGD0x9yxH5KO7j3sS02XfYYfDz8lGK0xlyHwtsEmK-YF3CwNMl0NSlMK4QbDv9A2vSYqgi2IOPSU0tWL6Cm5lK7meLdWgLcxJotYIMtzvZnt6CxF2BPWAWWWiNqdTnHZ0pu2pmaaoMxIpuRegf21ZcG3l2btaIjXb8z7OWSAgCe95pP6J3xySm582jGdKVDNbdIwN_L_HuG0o6mjssktlRzB-cc6tcK92W4buhxqoEWMdye7MfNDAvKher-zWoJv5frd4ecPKuJF3neQu7Y19hgm2-MmaOfp9vMl0hgk9RurL1COQ4DHA-mbtTg7yfbFWZmZXBZnneo5l65dyXvBcvxmiqGfPdSbICvxW5K_X1S42wAY41tcDqq1Mc9zp4nhg-zlufOcNx3_L8qGNk0MJYmiYam6ONEtD4Df2n19SBHtWrR7qRtzlxlvwj3GGSB-gCQawAsehqqRuHrV3SxHszw0WR8K_QPrFZ1shv20CPww5B5QyfenT2r9DXRGDAP4MqX2aKy2O6Is7NtWzKFuhBmJtT4rnF7JamazOaf7UuJiA9EuWBYSuv7E1nzZ5himv1ZmGicOLUEQEGH9Dy9xmEw6Kf0ir1BBIOayP8uOXQpd87LXgq4KlsHpuFbybDq_yd-CEuYlOjs9Ped4QSPJ7g8g-xj8mAmeNDE5ekTPL9UVfiwJIX6gUHarRqugVO3WqLSNdclfjxWUpD3DXBMw7pX6RNhghC3nLw_mrNDjHBajL1l6TS-KjyrBYubG5SH8t_bObnWV1xOsi_5pqXlthJmde_2mqQX-Lly6YXoZFxmdPtLluqCt0wq9F7SSD937eINmGHLLtdqXt2X8cFBgTS1mSCjm1MGwIWQbiY-dpY6KxULfQFFMMWMxloGU0w-IaO2ai1Y2R0x_9YMF1fd0T-CmmVvbQBsU6rweLkY3RG6XJWmrIUnrLHub0PRAbhSiIy5pISF5baM0TIvqtBTZ0QMN8mcRanZuZA-HKDNyDcfTDop5YPoMWAwiq9lbcfsYBP_aP7X4VkGGC0hen__X1-OoYawhPgKPQVcIO6yHfcBrgzLhMUHcPUBwhctzP2NL5RKwz9wr7Ba1fOa4aljDwdMopCQSkBS6XzoI_Eel8yRYLk6I2v0eqHtKSsf-Fyj1lQWuA3wnUrVVtq1pisORqTu5RW6eqOzLNGVNRMpcexrtlZZwVMrNssMloCjo3mvM0iPYv9vHbw5mQZ8awRBYhWSKjgbcEVG6CcEpHvMJkpDLliDEKtK47tNpBYSq9LGrKVsv1DRJqnm-MRLX86o4rfZRb0D80zf9LTpPxPBYb5Z9J2U39cal1bo9m8lzCRD7LQL0xoZCAASFeRoNSq_vytxTbzrP_5AvFaYaNDKEWAB&adsafe_url=http%3A%2F%2Fblogma.co.uk%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:d2b8aaa8-cbf0-38fc-ed70-9ec09a2198a9,c:5JiRnH,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-894b99788-kgvc2,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:2,fm:sYWVu9B+11*.743429-55635901%7C111%7C121%7C13,idMap:11*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:15,oid:9747428a-9a55-11ec-89e5-5e6fda6dba36,v:19.8.289,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.75.231.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-231-227.eu-west-1.compute.amazonaws.com
Software
AMO-jAds/1.1 /
Resource Hash
9c0e12504afc35438281ce3387294fad7573c3bab9d8205977da91aedc95812d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:21:34 GMT
content-encoding
gzip
server
AMO-jAds/1.1
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
transfer-encoding
chunked
x-h
cmp-adserver03.adcloud-prod.eu-west-1.private
expires
Wed Mar 02 18:21:34 UTC 2022
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220228/r20110914/ Frame 8C77 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220228/r20110914/abg_lite.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/743429/55635901/xbbe/creative/adj?p=APEucNURmVPAjgiqWI_eDv1ad_CBT0GiIpOknAd4xW-fj31bKgkVbiY&d=CnkAoCZ_4F7jphbUdF8MNI759V9xS7KIlEfMCEXY3UB4o6KF0Il1SX2652EggtMn2Di047eCwqwoQoMDBzL7EzkpQu-K7RCKmgu0XPk9hF2IBHLlfgr0Mg0siO-R8dDs7QxAj3Rh4PmaJ6ENM3Ic53YBadCpTeImFWlhEukRAKAmf-Bm_7-TrHYzD3838q_dmwOWMEmaJoWjSjRZm5QlVM44q68B3xNc_SZiZ1MbnWgpfdEnZ9hQ4cxX_xROfPYIeozqEkk2JEz8au4Y-yzxqjb5CviJzvn5tLsilmYGWT0mpr2USLIUTS-7sxqEiIf8FlYUkbI3wY7PpXIYHRLvUB2U9jyTvV_2OS8PWu5aOt2rfcaOSgM30bSiir6ZYHUADKV_fvjlkV8aq8wwCRATM8HXNfU9iyZFoqqPv33MicpZygjkoEpx9D_qrFHvaDuhLU2Av184UXf9m9wHOGfMnTsACeEdEK3INssZz3YQ_oEjZdDG0cdD1dkSjLcca1pCrPW0TayokX83kPlEiKlYkvVQJQGTGOVo-yANkc3v0OFa2RLx2EJipIN6w2asNgd5nvd-pyUwB6uX4wb0gFlFytqwpOy_6kCx9CEKGiXf3M8VY1fZgFa4eLNG2CJlY02JEa69k4Q_SPoja-_NqbiWSeRjYcBN-ZGmxod97_i7h3aKwx_7VjJLqmGjSdZdjLDQZaSwWi7-RZ_hgHFz3I61_3ygMTxaPDm1cdKqCXuSsprbE_NRHdoUaUhTy8TaX-LhUfLB43gfbZ82GJo4JZ7tya1IR_2BQUQV6gBoRfS90qLkFlqpe77sRsxikaacZOOanHRBfYmy38mNbNqOCnZAMNpWRGomd5DE0Ev49K2HP197jAqmV397h5i7Jh6jInzk5Cae9UTehNvQ3wMH8VNkJkNAhp10mIJyz8F1aohpq9m3CrTgoJy68x3nAELkaDXB1pZa8ywRoE8VueZewcKD7uXETheUGvCsuBqa0cyWr-3MSl6hd_PJuOEwWfgYCylSV5e01EAblemZlr57K8bYrjI-L7KQOXHp2DPABnXNhosaHIRESofqOxd-b9grdVi_7_rbfnSK5lcRH_By_k82BgnKnvEsT-IgdxcgwyC5JdODn_RZife3h5-cZl9euy-Lpaj-SiXrJzfoKJ1u6oblaZFYMHB_tM3OlVG0WqksvoPnNYo_pc06Gn4WD16MQOHamb6pu1fBW4jLeFhNJkrP0D7reTJmWQ7VRaRHxXFpKo-wnTnsH0j2ytCYV0xVwwHX6jeV9h7r7lFy818mfTapUQu8H_4LDffT_80PROVTkvlb-5xMhZgJJUBnarYMkcoK3Ztz1BX2DiRPDO-b4q79sa6sJFzqDjfTR3Q217AXClz7bdTxxXwriV4OyyREiK8Liq19cYEayhXn4DnJQuNFSFK3ATutYm3kq4mhQ1wgS6mp7YzjA2hHpKeE7HEITpX7LNmy4lwjPgTMAG2cjeu6mne1qYPXgl_RCNB8wmUPxGNesuJTpe3_tF4VFN5DxZkB_R4N5tTtyR10Ckz1p1GhueI2Z0VjB9O2OUdUIUWO3g924TxZqh5kTUGXj1AF93tnFclYqm55hFRkL_xthV8Zih2Vzo2y5jHpXM52UTapU-jBL36K1HivsMUx8wE-TuUcWGJ84SenSo5lX1t9Ql9WE8Sr6o5E7p7ngsnc_EyxrxWEzBMjKuPAins_ebgF08x-gelEYDtQBX3VSZfE9oE90Ebn4j8d-UNlMJcTnISaPUDn-V1X2ch2QX6l8DcA8GrYVTNhINV13WXdjs1pvDfysq_lqqYfHaksxjlwAzxlk6ogOJ62mlfK_8wJ5bCXGyqTshzL6YGD0x9yxH5KO7j3sS02XfYYfDz8lGK0xlyHwtsEmK-YF3CwNMl0NSlMK4QbDv9A2vSYqgi2IOPSU0tWL6Cm5lK7meLdWgLcxJotYIMtzvZnt6CxF2BPWAWWWiNqdTnHZ0pu2pmaaoMxIpuRegf21ZcG3l2btaIjXb8z7OWSAgCe95pP6J3xySm582jGdKVDNbdIwN_L_HuG0o6mjssktlRzB-cc6tcK92W4buhxqoEWMdye7MfNDAvKher-zWoJv5frd4ecPKuJF3neQu7Y19hgm2-MmaOfp9vMl0hgk9RurL1COQ4DHA-mbtTg7yfbFWZmZXBZnneo5l65dyXvBcvxmiqGfPdSbICvxW5K_X1S42wAY41tcDqq1Mc9zp4nhg-zlufOcNx3_L8qGNk0MJYmiYam6ONEtD4Df2n19SBHtWrR7qRtzlxlvwj3GGSB-gCQawAsehqqRuHrV3SxHszw0WR8K_QPrFZ1shv20CPww5B5QyfenT2r9DXRGDAP4MqX2aKy2O6Is7NtWzKFuhBmJtT4rnF7JamazOaf7UuJiA9EuWBYSuv7E1nzZ5himv1ZmGicOLUEQEGH9Dy9xmEw6Kf0ir1BBIOayP8uOXQpd87LXgq4KlsHpuFbybDq_yd-CEuYlOjs9Ped4QSPJ7g8g-xj8mAmeNDE5ekTPL9UVfiwJIX6gUHarRqugVO3WqLSNdclfjxWUpD3DXBMw7pX6RNhghC3nLw_mrNDjHBajL1l6TS-KjyrBYubG5SH8t_bObnWV1xOsi_5pqXlthJmde_2mqQX-Lly6YXoZFxmdPtLluqCt0wq9F7SSD937eINmGHLLtdqXt2X8cFBgTS1mSCjm1MGwIWQbiY-dpY6KxULfQFFMMWMxloGU0w-IaO2ai1Y2R0x_9YMF1fd0T-CmmVvbQBsU6rweLkY3RG6XJWmrIUnrLHub0PRAbhSiIy5pISF5baM0TIvqtBTZ0QMN8mcRanZuZA-HKDNyDcfTDop5YPoMWAwiq9lbcfsYBP_aP7X4VkGGC0hen__X1-OoYawhPgKPQVcIO6yHfcBrgzLhMUHcPUBwhctzP2NL5RKwz9wr7Ba1fOa4aljDwdMopCQSkBS6XzoI_Eel8yRYLk6I2v0eqHtKSsf-Fyj1lQWuA3wnUrVVtq1pisORqTu5RW6eqOzLNGVNRMpcexrtlZZwVMrNssMloCjo3mvM0iPYv9vHbw5mQZ8awRBYhWSKjgbcEVG6CcEpHvMJkpDLliDEKtK47tNpBYSq9LGrKVsv1DRJqnm-MRLX86o4rfZRb0D80zf9LTpPxPBYb5Z9J2U39cal1bo9m8lzCRD7LQL0xoZCAASFeRoNSq_vytxTbzrP_5AvFaYaNDKEWAB&adsafe_url=http%3A%2F%2Fblogma.co.uk%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:d2b8aaa8-cbf0-38fc-ed70-9ec09a2198a9,c:5JiRnH,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-894b99788-kgvc2,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:2,fm:sYWVu9B+11*.743429-55635901%7C111%7C121%7C13,idMap:11*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:15,oid:9747428a-9a55-11ec-89e5-5e6fda6dba36,v:19.8.289,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4869d34286cf7e51f09f762190d338474a1489c7afa78a873b6eb05eba5cad0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:19:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
145
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9662
x-xss-protection
0
server
cafe
etag
8494214007462833898
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Mar 2022 18:19:09 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220228/r20110914/elements/html/ Frame 8C77 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220228/r20110914/elements/html/omrhp.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/743429/55635901/xbbe/creative/adj?p=APEucNURmVPAjgiqWI_eDv1ad_CBT0GiIpOknAd4xW-fj31bKgkVbiY&d=CnkAoCZ_4F7jphbUdF8MNI759V9xS7KIlEfMCEXY3UB4o6KF0Il1SX2652EggtMn2Di047eCwqwoQoMDBzL7EzkpQu-K7RCKmgu0XPk9hF2IBHLlfgr0Mg0siO-R8dDs7QxAj3Rh4PmaJ6ENM3Ic53YBadCpTeImFWlhEukRAKAmf-Bm_7-TrHYzD3838q_dmwOWMEmaJoWjSjRZm5QlVM44q68B3xNc_SZiZ1MbnWgpfdEnZ9hQ4cxX_xROfPYIeozqEkk2JEz8au4Y-yzxqjb5CviJzvn5tLsilmYGWT0mpr2USLIUTS-7sxqEiIf8FlYUkbI3wY7PpXIYHRLvUB2U9jyTvV_2OS8PWu5aOt2rfcaOSgM30bSiir6ZYHUADKV_fvjlkV8aq8wwCRATM8HXNfU9iyZFoqqPv33MicpZygjkoEpx9D_qrFHvaDuhLU2Av184UXf9m9wHOGfMnTsACeEdEK3INssZz3YQ_oEjZdDG0cdD1dkSjLcca1pCrPW0TayokX83kPlEiKlYkvVQJQGTGOVo-yANkc3v0OFa2RLx2EJipIN6w2asNgd5nvd-pyUwB6uX4wb0gFlFytqwpOy_6kCx9CEKGiXf3M8VY1fZgFa4eLNG2CJlY02JEa69k4Q_SPoja-_NqbiWSeRjYcBN-ZGmxod97_i7h3aKwx_7VjJLqmGjSdZdjLDQZaSwWi7-RZ_hgHFz3I61_3ygMTxaPDm1cdKqCXuSsprbE_NRHdoUaUhTy8TaX-LhUfLB43gfbZ82GJo4JZ7tya1IR_2BQUQV6gBoRfS90qLkFlqpe77sRsxikaacZOOanHRBfYmy38mNbNqOCnZAMNpWRGomd5DE0Ev49K2HP197jAqmV397h5i7Jh6jInzk5Cae9UTehNvQ3wMH8VNkJkNAhp10mIJyz8F1aohpq9m3CrTgoJy68x3nAELkaDXB1pZa8ywRoE8VueZewcKD7uXETheUGvCsuBqa0cyWr-3MSl6hd_PJuOEwWfgYCylSV5e01EAblemZlr57K8bYrjI-L7KQOXHp2DPABnXNhosaHIRESofqOxd-b9grdVi_7_rbfnSK5lcRH_By_k82BgnKnvEsT-IgdxcgwyC5JdODn_RZife3h5-cZl9euy-Lpaj-SiXrJzfoKJ1u6oblaZFYMHB_tM3OlVG0WqksvoPnNYo_pc06Gn4WD16MQOHamb6pu1fBW4jLeFhNJkrP0D7reTJmWQ7VRaRHxXFpKo-wnTnsH0j2ytCYV0xVwwHX6jeV9h7r7lFy818mfTapUQu8H_4LDffT_80PROVTkvlb-5xMhZgJJUBnarYMkcoK3Ztz1BX2DiRPDO-b4q79sa6sJFzqDjfTR3Q217AXClz7bdTxxXwriV4OyyREiK8Liq19cYEayhXn4DnJQuNFSFK3ATutYm3kq4mhQ1wgS6mp7YzjA2hHpKeE7HEITpX7LNmy4lwjPgTMAG2cjeu6mne1qYPXgl_RCNB8wmUPxGNesuJTpe3_tF4VFN5DxZkB_R4N5tTtyR10Ckz1p1GhueI2Z0VjB9O2OUdUIUWO3g924TxZqh5kTUGXj1AF93tnFclYqm55hFRkL_xthV8Zih2Vzo2y5jHpXM52UTapU-jBL36K1HivsMUx8wE-TuUcWGJ84SenSo5lX1t9Ql9WE8Sr6o5E7p7ngsnc_EyxrxWEzBMjKuPAins_ebgF08x-gelEYDtQBX3VSZfE9oE90Ebn4j8d-UNlMJcTnISaPUDn-V1X2ch2QX6l8DcA8GrYVTNhINV13WXdjs1pvDfysq_lqqYfHaksxjlwAzxlk6ogOJ62mlfK_8wJ5bCXGyqTshzL6YGD0x9yxH5KO7j3sS02XfYYfDz8lGK0xlyHwtsEmK-YF3CwNMl0NSlMK4QbDv9A2vSYqgi2IOPSU0tWL6Cm5lK7meLdWgLcxJotYIMtzvZnt6CxF2BPWAWWWiNqdTnHZ0pu2pmaaoMxIpuRegf21ZcG3l2btaIjXb8z7OWSAgCe95pP6J3xySm582jGdKVDNbdIwN_L_HuG0o6mjssktlRzB-cc6tcK92W4buhxqoEWMdye7MfNDAvKher-zWoJv5frd4ecPKuJF3neQu7Y19hgm2-MmaOfp9vMl0hgk9RurL1COQ4DHA-mbtTg7yfbFWZmZXBZnneo5l65dyXvBcvxmiqGfPdSbICvxW5K_X1S42wAY41tcDqq1Mc9zp4nhg-zlufOcNx3_L8qGNk0MJYmiYam6ONEtD4Df2n19SBHtWrR7qRtzlxlvwj3GGSB-gCQawAsehqqRuHrV3SxHszw0WR8K_QPrFZ1shv20CPww5B5QyfenT2r9DXRGDAP4MqX2aKy2O6Is7NtWzKFuhBmJtT4rnF7JamazOaf7UuJiA9EuWBYSuv7E1nzZ5himv1ZmGicOLUEQEGH9Dy9xmEw6Kf0ir1BBIOayP8uOXQpd87LXgq4KlsHpuFbybDq_yd-CEuYlOjs9Ped4QSPJ7g8g-xj8mAmeNDE5ekTPL9UVfiwJIX6gUHarRqugVO3WqLSNdclfjxWUpD3DXBMw7pX6RNhghC3nLw_mrNDjHBajL1l6TS-KjyrBYubG5SH8t_bObnWV1xOsi_5pqXlthJmde_2mqQX-Lly6YXoZFxmdPtLluqCt0wq9F7SSD937eINmGHLLtdqXt2X8cFBgTS1mSCjm1MGwIWQbiY-dpY6KxULfQFFMMWMxloGU0w-IaO2ai1Y2R0x_9YMF1fd0T-CmmVvbQBsU6rweLkY3RG6XJWmrIUnrLHub0PRAbhSiIy5pISF5baM0TIvqtBTZ0QMN8mcRanZuZA-HKDNyDcfTDop5YPoMWAwiq9lbcfsYBP_aP7X4VkGGC0hen__X1-OoYawhPgKPQVcIO6yHfcBrgzLhMUHcPUBwhctzP2NL5RKwz9wr7Ba1fOa4aljDwdMopCQSkBS6XzoI_Eel8yRYLk6I2v0eqHtKSsf-Fyj1lQWuA3wnUrVVtq1pisORqTu5RW6eqOzLNGVNRMpcexrtlZZwVMrNssMloCjo3mvM0iPYv9vHbw5mQZ8awRBYhWSKjgbcEVG6CcEpHvMJkpDLliDEKtK47tNpBYSq9LGrKVsv1DRJqnm-MRLX86o4rfZRb0D80zf9LTpPxPBYb5Z9J2U39cal1bo9m8lzCRD7LQL0xoZCAASFeRoNSq_vytxTbzrP_5AvFaYaNDKEWAB&adsafe_url=http%3A%2F%2Fblogma.co.uk%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:d2b8aaa8-cbf0-38fc-ed70-9ec09a2198a9,c:5JiRnH,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-894b99788-kgvc2,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:2,fm:sYWVu9B+11*.743429-55635901%7C111%7C121%7C13,idMap:11*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:15,oid:9747428a-9a55-11ec-89e5-5e6fda6dba36,v:19.8.289,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:14:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
422
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Mar 2022 18:14:32 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 8C77 		0
524 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv_WK7wZjqLBIhwN0ufniOse0DptqSmiJbfEJlJHAGa28zLISYC0bmUt8SdLfelEjGc_T4kEgwBpLPJFmSo_7EqiVSPQvuWQW0o1FH55sUUwOsu8E5KA4OoJqoCnKk&sai=AMfl-YTRs3FGN8N1NvB2t1Z8T2Y-gSxNEA4MkewMwWz91wefg0VC4P3MBzXnOXzAZDAG83ILAXj5KCpfR_OJ7OLvgNaHvK7yvTruPXK6u28&sig=Cg0ArKJSzEGWImSYU0ErEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220228.44674&adurl=
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/743429/55635901/xbbe/creative/adj?p=APEucNURmVPAjgiqWI_eDv1ad_CBT0GiIpOknAd4xW-fj31bKgkVbiY&d=CnkAoCZ_4F7jphbUdF8MNI759V9xS7KIlEfMCEXY3UB4o6KF0Il1SX2652EggtMn2Di047eCwqwoQoMDBzL7EzkpQu-K7RCKmgu0XPk9hF2IBHLlfgr0Mg0siO-R8dDs7QxAj3Rh4PmaJ6ENM3Ic53YBadCpTeImFWlhEukRAKAmf-Bm_7-TrHYzD3838q_dmwOWMEmaJoWjSjRZm5QlVM44q68B3xNc_SZiZ1MbnWgpfdEnZ9hQ4cxX_xROfPYIeozqEkk2JEz8au4Y-yzxqjb5CviJzvn5tLsilmYGWT0mpr2USLIUTS-7sxqEiIf8FlYUkbI3wY7PpXIYHRLvUB2U9jyTvV_2OS8PWu5aOt2rfcaOSgM30bSiir6ZYHUADKV_fvjlkV8aq8wwCRATM8HXNfU9iyZFoqqPv33MicpZygjkoEpx9D_qrFHvaDuhLU2Av184UXf9m9wHOGfMnTsACeEdEK3INssZz3YQ_oEjZdDG0cdD1dkSjLcca1pCrPW0TayokX83kPlEiKlYkvVQJQGTGOVo-yANkc3v0OFa2RLx2EJipIN6w2asNgd5nvd-pyUwB6uX4wb0gFlFytqwpOy_6kCx9CEKGiXf3M8VY1fZgFa4eLNG2CJlY02JEa69k4Q_SPoja-_NqbiWSeRjYcBN-ZGmxod97_i7h3aKwx_7VjJLqmGjSdZdjLDQZaSwWi7-RZ_hgHFz3I61_3ygMTxaPDm1cdKqCXuSsprbE_NRHdoUaUhTy8TaX-LhUfLB43gfbZ82GJo4JZ7tya1IR_2BQUQV6gBoRfS90qLkFlqpe77sRsxikaacZOOanHRBfYmy38mNbNqOCnZAMNpWRGomd5DE0Ev49K2HP197jAqmV397h5i7Jh6jInzk5Cae9UTehNvQ3wMH8VNkJkNAhp10mIJyz8F1aohpq9m3CrTgoJy68x3nAELkaDXB1pZa8ywRoE8VueZewcKD7uXETheUGvCsuBqa0cyWr-3MSl6hd_PJuOEwWfgYCylSV5e01EAblemZlr57K8bYrjI-L7KQOXHp2DPABnXNhosaHIRESofqOxd-b9grdVi_7_rbfnSK5lcRH_By_k82BgnKnvEsT-IgdxcgwyC5JdODn_RZife3h5-cZl9euy-Lpaj-SiXrJzfoKJ1u6oblaZFYMHB_tM3OlVG0WqksvoPnNYo_pc06Gn4WD16MQOHamb6pu1fBW4jLeFhNJkrP0D7reTJmWQ7VRaRHxXFpKo-wnTnsH0j2ytCYV0xVwwHX6jeV9h7r7lFy818mfTapUQu8H_4LDffT_80PROVTkvlb-5xMhZgJJUBnarYMkcoK3Ztz1BX2DiRPDO-b4q79sa6sJFzqDjfTR3Q217AXClz7bdTxxXwriV4OyyREiK8Liq19cYEayhXn4DnJQuNFSFK3ATutYm3kq4mhQ1wgS6mp7YzjA2hHpKeE7HEITpX7LNmy4lwjPgTMAG2cjeu6mne1qYPXgl_RCNB8wmUPxGNesuJTpe3_tF4VFN5DxZkB_R4N5tTtyR10Ckz1p1GhueI2Z0VjB9O2OUdUIUWO3g924TxZqh5kTUGXj1AF93tnFclYqm55hFRkL_xthV8Zih2Vzo2y5jHpXM52UTapU-jBL36K1HivsMUx8wE-TuUcWGJ84SenSo5lX1t9Ql9WE8Sr6o5E7p7ngsnc_EyxrxWEzBMjKuPAins_ebgF08x-gelEYDtQBX3VSZfE9oE90Ebn4j8d-UNlMJcTnISaPUDn-V1X2ch2QX6l8DcA8GrYVTNhINV13WXdjs1pvDfysq_lqqYfHaksxjlwAzxlk6ogOJ62mlfK_8wJ5bCXGyqTshzL6YGD0x9yxH5KO7j3sS02XfYYfDz8lGK0xlyHwtsEmK-YF3CwNMl0NSlMK4QbDv9A2vSYqgi2IOPSU0tWL6Cm5lK7meLdWgLcxJotYIMtzvZnt6CxF2BPWAWWWiNqdTnHZ0pu2pmaaoMxIpuRegf21ZcG3l2btaIjXb8z7OWSAgCe95pP6J3xySm582jGdKVDNbdIwN_L_HuG0o6mjssktlRzB-cc6tcK92W4buhxqoEWMdye7MfNDAvKher-zWoJv5frd4ecPKuJF3neQu7Y19hgm2-MmaOfp9vMl0hgk9RurL1COQ4DHA-mbtTg7yfbFWZmZXBZnneo5l65dyXvBcvxmiqGfPdSbICvxW5K_X1S42wAY41tcDqq1Mc9zp4nhg-zlufOcNx3_L8qGNk0MJYmiYam6ONEtD4Df2n19SBHtWrR7qRtzlxlvwj3GGSB-gCQawAsehqqRuHrV3SxHszw0WR8K_QPrFZ1shv20CPww5B5QyfenT2r9DXRGDAP4MqX2aKy2O6Is7NtWzKFuhBmJtT4rnF7JamazOaf7UuJiA9EuWBYSuv7E1nzZ5himv1ZmGicOLUEQEGH9Dy9xmEw6Kf0ir1BBIOayP8uOXQpd87LXgq4KlsHpuFbybDq_yd-CEuYlOjs9Ped4QSPJ7g8g-xj8mAmeNDE5ekTPL9UVfiwJIX6gUHarRqugVO3WqLSNdclfjxWUpD3DXBMw7pX6RNhghC3nLw_mrNDjHBajL1l6TS-KjyrBYubG5SH8t_bObnWV1xOsi_5pqXlthJmde_2mqQX-Lly6YXoZFxmdPtLluqCt0wq9F7SSD937eINmGHLLtdqXt2X8cFBgTS1mSCjm1MGwIWQbiY-dpY6KxULfQFFMMWMxloGU0w-IaO2ai1Y2R0x_9YMF1fd0T-CmmVvbQBsU6rweLkY3RG6XJWmrIUnrLHub0PRAbhSiIy5pISF5baM0TIvqtBTZ0QMN8mcRanZuZA-HKDNyDcfTDop5YPoMWAwiq9lbcfsYBP_aP7X4VkGGC0hen__X1-OoYawhPgKPQVcIO6yHfcBrgzLhMUHcPUBwhctzP2NL5RKwz9wr7Ba1fOa4aljDwdMopCQSkBS6XzoI_Eel8yRYLk6I2v0eqHtKSsf-Fyj1lQWuA3wnUrVVtq1pisORqTu5RW6eqOzLNGVNRMpcexrtlZZwVMrNssMloCjo3mvM0iPYv9vHbw5mQZ8awRBYhWSKjgbcEVG6CcEpHvMJkpDLliDEKtK47tNpBYSq9LGrKVsv1DRJqnm-MRLX86o4rfZRb0D80zf9LTpPxPBYb5Z9J2U39cal1bo9m8lzCRD7LQL0xoZCAASFeRoNSq_vytxTbzrP_5AvFaYaNDKEWAB&adsafe_url=http%3A%2F%2Fblogma.co.uk%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:d2b8aaa8-cbf0-38fc-ed70-9ec09a2198a9,c:5JiRnH,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-894b99788-kgvc2,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:2,fm:sYWVu9B+11*.743429-55635901%7C111%7C121%7C13,idMap:11*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:15,oid:9747428a-9a55-11ec-89e5-5e6fda6dba36,v:19.8.289,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Mar 2022 18:21:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame FCB5 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B1NGLrrUfYoCqELGT7_UPutqDoAoAAAAAOAHgBAI&bg=!KCulK2_NAAYFuXAgBbk7ACkAdvg8WgZDLzHIMEuLNeSMnn7e0THcmZnK2HODbgK8wK2NuuXRpDrT7gIAAABVUgAAAANoAQcKAHxJCq7Inm0SH1vU04lpMKDous7O2gIIOJuLqTM9Vpo2LWyXw41wNDoz5E9eLsUlGChlASCMrG0fpgOrrz7f93dh0xlZx0VY4N0fnsDE2OWKZz66HBx1-i3nApN1NQAPimP8uuinsvOaHoSGNtH1KTQrI_Vmi_092H_8YmwamQLZBh48z8nYv3c99zCuV9uVLWnzDqkhNVR0dvFUxaBExJPDTBUgN3htYbrq-C26seymrIfkvtdO-DpEP4BaUlvqZ_bU-j7q4qsRYOCtTFFDEMbICOxd4sM4Sr55SKEaCbK7oT_MWi51--3JWx5y9OOP2DQSUK_4jpYIrhj9qpuoxiTEzeQPOAh13R27L0_zIyC4xXdCd1XDbXeKyP370VKxAIBlWC5xOFtwScJzVNmHrh63jArnXvO83-JbAwcJkcqS5Smlc8BTg517jvEB04vtk0Gkiy8GgnkzYTFrAEfL9FojQvB0XNmNSQvQKUigF1wtkBetN1OztrSZ_0Fy63UAMPGxRZcqVHtrr2HzE3D5SO6ZxwuIXo-6MzFaOO2ImrI87QimRe8qOV4JFa3Ux44HckmWak7jGXIw2h-VB4-Tcn3HeIR-9v2RuXiBSOXWis4Q7qxlutnvct2nv3T7RMJ5NTGSt6VapRTqfP5XFo-sUigt5A6hcM9uJzr2Rv2tKokgYiTxnoh3U8WHRtdjks0F5jc3qG5hybL-NgKlaUXU0KHG8dIZjgr0xRQlpLMVoSk4fcmHWI2QQM0PwFYGkhjFbLX1jDbxd4jHq2X9TvkalfyVEktrNL6HqE7JBq85TjrdXyfoJjLd4xOrfsvz7K0FNrxOuc4Yiw9hpgYLXib4ZXpGkehY276jVEuWA2xrBTuYN2CeID_zHZnktvlWZhTCb1oTMO5E79XG1o6CnwIlUEHxJKyPFmgSpzfDi5e0RYr10FVWFiTVtFaOZK3vKiK2OKVTBlTxRcNINg5GYp3DvSIrBO6Y7Sn9s2bwKz0iZQinkfF0HAzWMmvN33-1ED8ukThQnAJ_7Orv6155B9djk2nwsxkjTGs1D6CYmWa3PBEIEBeEWBLVuZxXQtSmh47I9UdMR1mHPEs9LnxFeHeAWWmk70hE__RJxf9IH0J5bGIJaqSOgJWejicw
Requested by
Host: 130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com
URL: https://130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:21:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4249
ads.everesttech.net/ads/mti/20742/ Frame BBB8 		9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.everesttech.net/ads/mti/20742/4249?CLK_TR=%2F%2Fstatsf-tm.everesttech.net%2Fstats%2F1%2Fct%3Fcmpo%3Dt%26cmpe%3DH4sIAAAAAAAAAAHAAD__DVcE_He_v-T9OLc_sQXoVERyVjb5J8aGdxuU9KJkalixOgZpWKO1cWX3XxorcMoy2SrrYKz8-zzOnpkOcd0RP-2mzsG0P6WMB5t8W91SU9HA7JJYrbKfN8IQb4YCEOZVMJcQhMF0N_cxhZVFejP2f2O9_6OjrTHKjGwmpQ1kMJDlF2GoMHZJff8RyIgxUmxp7P9GyMHmT9AbX_EcTNlh9v0F0Ht8rU2z7FZHFe8SFjpNqQhieoymfs5puNwNSA63U2bjnMAAAAA%26redir%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Fpcs%252Fclick%253Fxai%253DAKAOjsvym_DGezIk5bLCdGbjvOWnSnojLybmlSS-58zWq0cJnmoNVhn4hfwegLCFQDUW3ARbbegHzJ7L4e-9CQQSz7m3zcBojb8UMRAU6Ro5uuLgQ5tREsocWoNZKH2pBZyfNdcz0Tyl4nlCo-TMmrSaHm4AlqJSrKA8WY0JxDjNIUSMTTXcJjGnJIkor-Kt2tXgOcHEGV3XQAwYA1BrM_z_eWqNqpXuFxYzt4bhwR5Q47NPYvh6InihwD5x16y8ejfphNaacJkJUYGXXOh7Sby0ij0suZj5rwniniFS52JrVVm60ny0_EtQc2mhzgiSg-a_r81jpfGV7n-nHP6UjWkaOOpiof--Wb6DjEmPhwTULQQR6Bn4EQxo0N9tPui23eXZdx_m-NNmJPdutPg6blzlCMAf1vESAdqM_Ir75M4nlzAWCdH906-eD8AHjp2y-MFaBDfdnPClCwgGTpL2SK7CfPxZ6UCAsndgPzEf3svEOouzT-qMNtI8b3ufeWuVuEjVIdzV32bQd1dobgmmyHIo3OMsXpbgCbLfNlM-5XK_Ib-826ZKFk2K7IUWx3DCfaDokMcFv32PDNdPgbTngPwJZ6ckpoJQ_zrtecLpaVGkScYtQ9TIoSHrleB9VKj7cdilhTBzXTCMDJDYdplm_Do0ymqY8Znrh5OTf-wb2ydcpoHrDgZcSUYj8KavUeoViJVQecRQ41ns4JG6L6bE_kKogC2-kh1GxH6thJhRb7wLJrNICTk6wOuLXQ_x9zYslzBIkyEazVGWyrET_JzEwRh2Yd22NhBNO4QDvM9PPnfD55QX9c80st1kV-_ZbPieD66zfjqBAz-xwixXePKF3GOtSAlxfQlaPG5j6jzlTVZ_4i8MaFThB506jsd1WMY2xlpT2cA3gbN_wDXwBU3iV77qT6wmLtRhMWAs-ILl3sTMXLuVELuGsbFD2u_GqVRChXIpJwEicrUoVk1E25VufGd9EHJ4qY1TSGTQRpseWWshvMwpshbvxmlJ1DWoqpwrMOGMCoXosOiYH3oJEbRqVBB3nKktMeEpWAOQHJ2gvvYbXc6Uf8mmBefi1GXgn94I2ziCrc9l5o2WuQU%2526sai%253DAMfl-YQbwmH20S6BFGEseJGiIUvU__Yq0ndOsBqtjpytO0vQs_f9r9dBmyL-ybHkgTYObrr6qIaCRlyuEc8QrlApucUepzV_SZkyDmliuQdlq_4xp1rQz8_EvivG_uAGre6nZf9zwz3FPBhJQtf3RstOnxsuSid6qwJXA9LK0iDaqcrjV8GJ7Q%2526sig%253DCg0ArKJSzKagGlHal75CEAE%2526cry%253D1%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&CMP_ID=25947223&PLCMT_ID=305706233&AD_ID=498879351&FEED_ID=${TM_FEED_ID_NUM}&Placement_ID=305706233&cachebuster=1646245248&TC_1=2200008&TC_2=25947223&TC_3=305706233&TC_4=137843133&TC_5=dcmadvertiserid|8404942$dcmcampaignid|25947223$dcmadid|498879351$dcmrenderingid|137678428$dcmsiteid|6958819$dcmplacementid|305706233$customer|Microsoft$dv360auctionid|
Requested by
Host: cmp-as-tm.everesttech.net
URL: https://cmp-as-tm.everesttech.net/ads/cmp/s/2021/457933?w=728&h=90&s=5&dsp=Google+DCM&clk=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsvym_DGezIk5bLCdGbjvOWnSnojLybmlSS-58zWq0cJnmoNVhn4hfwegLCFQDUW3ARbbegHzJ7L4e-9CQQSz7m3zcBojb8UMRAU6Ro5uuLgQ5tREsocWoNZKH2pBZyfNdcz0Tyl4nlCo-TMmrSaHm4AlqJSrKA8WY0JxDjNIUSMTTXcJjGnJIkor-Kt2tXgOcHEGV3XQAwYA1BrM_z_eWqNqpXuFxYzt4bhwR5Q47NPYvh6InihwD5x16y8ejfphNaacJkJUYGXXOh7Sby0ij0suZj5rwniniFS52JrVVm60ny0_EtQc2mhzgiSg-a_r81jpfGV7n-nHP6UjWkaOOpiof--Wb6DjEmPhwTULQQR6Bn4EQxo0N9tPui23eXZdx_m-NNmJPdutPg6blzlCMAf1vESAdqM_Ir75M4nlzAWCdH906-eD8AHjp2y-MFaBDfdnPClCwgGTpL2SK7CfPxZ6UCAsndgPzEf3svEOouzT-qMNtI8b3ufeWuVuEjVIdzV32bQd1dobgmmyHIo3OMsXpbgCbLfNlM-5XK_Ib-826ZKFk2K7IUWx3DCfaDokMcFv32PDNdPgbTngPwJZ6ckpoJQ_zrtecLpaVGkScYtQ9TIoSHrleB9VKj7cdilhTBzXTCMDJDYdplm_Do0ymqY8Znrh5OTf-wb2ydcpoHrDgZcSUYj8KavUeoViJVQecRQ41ns4JG6L6bE_kKogC2-kh1GxH6thJhRb7wLJrNICTk6wOuLXQ_x9zYslzBIkyEazVGWyrET_JzEwRh2Yd22NhBNO4QDvM9PPnfD55QX9c80st1kV-_ZbPieD66zfjqBAz-xwixXePKF3GOtSAlxfQlaPG5j6jzlTVZ_4i8MaFThB506jsd1WMY2xlpT2cA3gbN_wDXwBU3iV77qT6wmLtRhMWAs-ILl3sTMXLuVELuGsbFD2u_GqVRChXIpJwEicrUoVk1E25VufGd9EHJ4qY1TSGTQRpseWWshvMwpshbvxmlJ1DWoqpwrMOGMCoXosOiYH3oJEbRqVBB3nKktMeEpWAOQHJ2gvvYbXc6Uf8mmBefi1GXgn94I2ziCrc9l5o2WuQU%26sai%3DAMfl-YQbwmH20S6BFGEseJGiIUvU__Yq0ndOsBqtjpytO0vQs_f9r9dBmyL-ybHkgTYObrr6qIaCRlyuEc8QrlApucUepzV_SZkyDmliuQdlq_4xp1rQz8_EvivG_uAGre6nZf9zwz3FPBhJQtf3RstOnxsuSid6qwJXA9LK0iDaqcrjV8GJ7Q%26sig%3DCg0ArKJSzKagGlHal75CEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&dsp_bu_id=25947223&dsp_pa_id=305706233&dsp_si_id=6958819&dsp_ad_id=498879351&dsp_cr_id=137843133&dp1=305706233&tc_1=2200008&tc_2=25947223&tc_3=305706233&tc_4=137843133&tc_5=dcmadvertiserid|8404942$dcmcampaignid|25947223$dcmadid|498879351$dcmrenderingid|137678428$dcmsiteid|6958819$dcmplacementid|305706233$customer|Microsoft$dv360auctionid|
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.23.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-23-166.compute-1.amazonaws.com
Software
AMO-jAds/1.1 /
Resource Hash
120b736d2014001d58d2fa9728765fb83b51cbb873b845c856a9dbe8a6da00ef

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com/

Response headers

date
Wed, 02 Mar 2022 18:21:35 GMT
content-type
text/html;charset=utf-8
pragma
no-cache
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
expires
Wed Mar 02 18:21:35 UTC 2022
p3p
NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT
server
AMO-jAds/1.1
imp
statsf-tm.everesttech.net/stats/1/ Frame 8C77 		85 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statsf-tm.everesttech.net/stats/1/imp?cmpo=t&cmpe=H4sIAAAAAAAAAAHAAD__DVcE_He_v-T9OLc_sQXoVERyVjb5J8aGdxuU9KJkalixOgZpWKO1cWX3XxorcMoy2SrrYKz8-zzOnpkOcd0RP-2mzsG0P6WMB5t8W91SU9HA7JJYrbKfN8IQb4YCEOZVMJcQhMF0N_cxhZVFejP2f2O9_6OjrTHKjGwmpQ1kMJDlF2GoMHZJff8RyIgxUmxp7P9GyMHmT9AbX_EcTNlh9v0F0Ht8rU2z7FZHFe8SFjpNqQhieoymfs5puNwNSA63U2bjnMAAAAA
Requested by
Host: 130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com
URL: https://130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:21:35 GMT
via
1.1 varnish
x-pt
P=173
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
x-cache-hits
0
x-region
EU-West
content-length
85
x-served-by
cache-lhr7370-LHR
pragma
no-cache
server
Jetty(9.4.35.v20201120)
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
expires
Wed, 2 Mar 2022 18:21:35 GMT
truncated
/ Frame 8C77 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6ca033e383e05508a714f039053531a9beb49eccb574a38b2a9f4bef87170c4f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
dt
dt.adsafeprotected.com/ Frame 8C77 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=743429&asId=d2b8aaa8-cbf0-38fc-ed70-9ec09a2198a9&tv=%7Bc:5JiRuZ,pingTime:-10,time:466,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85OS4wLjQ4NDQuNTEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000002002220000022220200000222200022020002022022022222202002220222022222022222000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000020220202220000022200202202220022000200222022200200022202220020222202000220000222202222202222000002002002222222202220022202200022002220202202,asp:1646245294837%7C%7C92caffc1db5ed914637759d527510523%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7Cfaaf449dc81a3f8afb283fc5de52edf1%7C%7Ca7c47418e6e4143aeadec8204e3f7db3%7C%7C28ad94750f4c046a7471a6ee87651480%7C%7C5668ce99a8c0dc94c958a9dfd39f77df%7C%7C3c77b902ebfa265f2dc94d6bde0c9f21%7C%7C1629390669%7D
Requested by
Host: 130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com
URL: https://130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.138.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-138-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:21:34 GMT
x-server-name
dt19.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 8C77 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=743429&asId=d2b8aaa8-cbf0-38fc-ed70-9ec09a2198a9&tv=%7Bc:5JiRwj,time:548,type:e,im:%7Bpci:%7Btdr:505%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:13,o:535,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B530~0%5D,as:%5B530~728.90%5D%7D%7D,%7Bsl:i,t:535,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B13~100%5D,as:%5B13~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:315,fm:sYWVu9B+11*.743429-55635901%7C111%7C121%7C13,idMap:11*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by
Host: 130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com
URL: https://130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.138.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-138-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:21:34 GMT
x-server-name
dt14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022022401&jk=3050511087925957&bg=!xsWlxYHNAAYFuXAgBbk7ACkAdvg8WqaZW4VqPX1Mu0cMNAj-xCBUaRAl9zB9vH-6iaWKJtHnr5Rv3wIAAAB7UgAAAARoAQeZAp62IqvVKAUbKNkbiF4Mmsi-wt4axDv95FBGUbYpFzobDyYCYnQB6DKqCEKPLUt-W21nzMAMHBgT60pnfEQk1_ADSnv5P0Mg70Ji56VDorcXxfieGovvsax8vfOAVdyQg83Gkamrbp9MLHrThVWqYFCelIcHpo65Tq1i_-KpFAFxNza3Kg6gpqgT0RTMp7vMdqkGZVzYCumGtQjGGdhb6Yiak5kt9BviG6TPKS05jRRTCALnVp50aHoancHCwnHk8sY8ZqNhJv-kz9bKOnVchQyva5f6WYQ46_GfIrsMMaEvg-OfIQGqvLFEjmPtImt36uNJeF-_Dhqw2aiBkpego6dZOzF3XlfhXiKD7t-ttGNW5knLVMzr48QGdO4CPlCvFdRM63TutAuOuX3l8JIbwkhGyczl-u_EZRYbENlmV2BvOBkjzMu1ekIs4s7ZheHcARao2Dhse-ALVyqGyWhXFuuN4eLzqyk0PKBi0VXER_KPZxXV2gPYLW2vvSl5kdpBlfsJkVvwlJSwd56MW1csJlFVVYB2c5flOcKqGokdTmDCoVdt8-q5tANYIkRQl0f2WN-y0TtfTEOahp3oaex0yTlFmYbhQPCFx4TjiX-bIPWRF9UebJgg0Cj5VBj10PErpz6TSmUvJ4DhXdZVWwVxHDxsvU8D2qO2ZULlglIEuFrIG6NHP6AoYZrO5L7-CYGNV8JmR3bLSHkzXYyxR9EyJSwiVVDqUH8lXYqkLBOb3HCEfPmzhVl1PmIb5eFFQTzt4VGVQDsxuwzrI8xy1xKRWTAdwY8LIGUWr7GHq8hPOPrhXRNLaRmUnpv6EbNQml9hqrtEQAI9oeG3DXnVOJawf2ro0LXuZ2MSMbf1tgIlslLnESLyJXNBWCe6vm27fxK6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://blogma.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:21:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4249
ads.everesttech.net/ads/mti/20742/ Frame BBB8 		14 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.everesttech.net/ads/mti/20742/4249?CLK_TR=%2F%2Fstatsf-tm.everesttech.net%2Fstats%2F1%2Fct%3Fcmpo%3Dt%26cmpe%3DH4sIAAAAAAAAAAHAAD__DVcE_He_v-T9OLc_sQXoVERyVjb5J8aGdxuU9KJkalixOgZpWKO1cWX3XxorcMoy2SrrYKz8-zzOnpkOcd0RP-2mzsG0P6WMB5t8W91SU9HA7JJYrbKfN8IQb4YCEOZVMJcQhMF0N_cxhZVFejP2f2O9_6OjrTHKjGwmpQ1kMJDlF2GoMHZJff8RyIgxUmxp7P9GyMHmT9AbX_EcTNlh9v0F0Ht8rU2z7FZHFe8SFjpNqQhieoymfs5puNwNSA63U2bjnMAAAAA%26redir%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Fpcs%252Fclick%253Fxai%253DAKAOjsvym_DGezIk5bLCdGbjvOWnSnojLybmlSS-58zWq0cJnmoNVhn4hfwegLCFQDUW3ARbbegHzJ7L4e-9CQQSz7m3zcBojb8UMRAU6Ro5uuLgQ5tREsocWoNZKH2pBZyfNdcz0Tyl4nlCo-TMmrSaHm4AlqJSrKA8WY0JxDjNIUSMTTXcJjGnJIkor-Kt2tXgOcHEGV3XQAwYA1BrM_z_eWqNqpXuFxYzt4bhwR5Q47NPYvh6InihwD5x16y8ejfphNaacJkJUYGXXOh7Sby0ij0suZj5rwniniFS52JrVVm60ny0_EtQc2mhzgiSg-a_r81jpfGV7n-nHP6UjWkaOOpiof--Wb6DjEmPhwTULQQR6Bn4EQxo0N9tPui23eXZdx_m-NNmJPdutPg6blzlCMAf1vESAdqM_Ir75M4nlzAWCdH906-eD8AHjp2y-MFaBDfdnPClCwgGTpL2SK7CfPxZ6UCAsndgPzEf3svEOouzT-qMNtI8b3ufeWuVuEjVIdzV32bQd1dobgmmyHIo3OMsXpbgCbLfNlM-5XK_Ib-826ZKFk2K7IUWx3DCfaDokMcFv32PDNdPgbTngPwJZ6ckpoJQ_zrtecLpaVGkScYtQ9TIoSHrleB9VKj7cdilhTBzXTCMDJDYdplm_Do0ymqY8Znrh5OTf-wb2ydcpoHrDgZcSUYj8KavUeoViJVQecRQ41ns4JG6L6bE_kKogC2-kh1GxH6thJhRb7wLJrNICTk6wOuLXQ_x9zYslzBIkyEazVGWyrET_JzEwRh2Yd22NhBNO4QDvM9PPnfD55QX9c80st1kV-_ZbPieD66zfjqBAz-xwixXePKF3GOtSAlxfQlaPG5j6jzlTVZ_4i8MaFThB506jsd1WMY2xlpT2cA3gbN_wDXwBU3iV77qT6wmLtRhMWAs-ILl3sTMXLuVELuGsbFD2u_GqVRChXIpJwEicrUoVk1E25VufGd9EHJ4qY1TSGTQRpseWWshvMwpshbvxmlJ1DWoqpwrMOGMCoXosOiYH3oJEbRqVBB3nKktMeEpWAOQHJ2gvvYbXc6Uf8mmBefi1GXgn94I2ziCrc9l5o2WuQU%2526sai%253DAMfl-YQbwmH20S6BFGEseJGiIUvU__Yq0ndOsBqtjpytO0vQs_f9r9dBmyL-ybHkgTYObrr6qIaCRlyuEc8QrlApucUepzV_SZkyDmliuQdlq_4xp1rQz8_EvivG_uAGre6nZf9zwz3FPBhJQtf3RstOnxsuSid6qwJXA9LK0iDaqcrjV8GJ7Q%2526sig%253DCg0ArKJSzKagGlHal75CEAE%2526cry%253D1%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&CMP_ID=25947223&PLCMT_ID=305706233&AD_ID=498879351&FEED_ID=${TM_FEED_ID_NUM}&Placement_ID=305706233&cachebuster=1646245248&TC_1=2200008&TC_2=25947223&TC_3=305706233&TC_4=137843133&TC_5=dcmadvertiserid|8404942$dcmcampaignid|25947223$dcmadid|498879351$dcmrenderingid|137678428$dcmsiteid|6958819$dcmplacementid|305706233$customer|Microsoft$dv360auctionid|&nr=0.9339319445173098&edge=y&html5=y&loc=https%3A%2F%2F130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com%2F
Requested by
Host: ads.everesttech.net
URL: https://ads.everesttech.net/ads/mti/20742/4249?CLK_TR=%2F%2Fstatsf-tm.everesttech.net%2Fstats%2F1%2Fct%3Fcmpo%3Dt%26cmpe%3DH4sIAAAAAAAAAAHAAD__DVcE_He_v-T9OLc_sQXoVERyVjb5J8aGdxuU9KJkalixOgZpWKO1cWX3XxorcMoy2SrrYKz8-zzOnpkOcd0RP-2mzsG0P6WMB5t8W91SU9HA7JJYrbKfN8IQb4YCEOZVMJcQhMF0N_cxhZVFejP2f2O9_6OjrTHKjGwmpQ1kMJDlF2GoMHZJff8RyIgxUmxp7P9GyMHmT9AbX_EcTNlh9v0F0Ht8rU2z7FZHFe8SFjpNqQhieoymfs5puNwNSA63U2bjnMAAAAA%26redir%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Fpcs%252Fclick%253Fxai%253DAKAOjsvym_DGezIk5bLCdGbjvOWnSnojLybmlSS-58zWq0cJnmoNVhn4hfwegLCFQDUW3ARbbegHzJ7L4e-9CQQSz7m3zcBojb8UMRAU6Ro5uuLgQ5tREsocWoNZKH2pBZyfNdcz0Tyl4nlCo-TMmrSaHm4AlqJSrKA8WY0JxDjNIUSMTTXcJjGnJIkor-Kt2tXgOcHEGV3XQAwYA1BrM_z_eWqNqpXuFxYzt4bhwR5Q47NPYvh6InihwD5x16y8ejfphNaacJkJUYGXXOh7Sby0ij0suZj5rwniniFS52JrVVm60ny0_EtQc2mhzgiSg-a_r81jpfGV7n-nHP6UjWkaOOpiof--Wb6DjEmPhwTULQQR6Bn4EQxo0N9tPui23eXZdx_m-NNmJPdutPg6blzlCMAf1vESAdqM_Ir75M4nlzAWCdH906-eD8AHjp2y-MFaBDfdnPClCwgGTpL2SK7CfPxZ6UCAsndgPzEf3svEOouzT-qMNtI8b3ufeWuVuEjVIdzV32bQd1dobgmmyHIo3OMsXpbgCbLfNlM-5XK_Ib-826ZKFk2K7IUWx3DCfaDokMcFv32PDNdPgbTngPwJZ6ckpoJQ_zrtecLpaVGkScYtQ9TIoSHrleB9VKj7cdilhTBzXTCMDJDYdplm_Do0ymqY8Znrh5OTf-wb2ydcpoHrDgZcSUYj8KavUeoViJVQecRQ41ns4JG6L6bE_kKogC2-kh1GxH6thJhRb7wLJrNICTk6wOuLXQ_x9zYslzBIkyEazVGWyrET_JzEwRh2Yd22NhBNO4QDvM9PPnfD55QX9c80st1kV-_ZbPieD66zfjqBAz-xwixXePKF3GOtSAlxfQlaPG5j6jzlTVZ_4i8MaFThB506jsd1WMY2xlpT2cA3gbN_wDXwBU3iV77qT6wmLtRhMWAs-ILl3sTMXLuVELuGsbFD2u_GqVRChXIpJwEicrUoVk1E25VufGd9EHJ4qY1TSGTQRpseWWshvMwpshbvxmlJ1DWoqpwrMOGMCoXosOiYH3oJEbRqVBB3nKktMeEpWAOQHJ2gvvYbXc6Uf8mmBefi1GXgn94I2ziCrc9l5o2WuQU%2526sai%253DAMfl-YQbwmH20S6BFGEseJGiIUvU__Yq0ndOsBqtjpytO0vQs_f9r9dBmyL-ybHkgTYObrr6qIaCRlyuEc8QrlApucUepzV_SZkyDmliuQdlq_4xp1rQz8_EvivG_uAGre6nZf9zwz3FPBhJQtf3RstOnxsuSid6qwJXA9LK0iDaqcrjV8GJ7Q%2526sig%253DCg0ArKJSzKagGlHal75CEAE%2526cry%253D1%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&CMP_ID=25947223&PLCMT_ID=305706233&AD_ID=498879351&FEED_ID=${TM_FEED_ID_NUM}&Placement_ID=305706233&cachebuster=1646245248&TC_1=2200008&TC_2=25947223&TC_3=305706233&TC_4=137843133&TC_5=dcmadvertiserid|8404942$dcmcampaignid|25947223$dcmadid|498879351$dcmrenderingid|137678428$dcmsiteid|6958819$dcmplacementid|305706233$customer|Microsoft$dv360auctionid|
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.23.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-23-166.compute-1.amazonaws.com
Software
AMO-jAds/1.1 /
Resource Hash
a639a3a0336d71b9d8af58e81ac71b15157feea19d897dadd1b127f4e796cd92

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.everesttech.net/ads/mti/20742/4249?CLK_TR=%2F%2Fstatsf-tm.everesttech.net%2Fstats%2F1%2Fct%3Fcmpo%3Dt%26cmpe%3DH4sIAAAAAAAAAAHAAD__DVcE_He_v-T9OLc_sQXoVERyVjb5J8aGdxuU9KJkalixOgZpWKO1cWX3XxorcMoy2SrrYKz8-zzOnpkOcd0RP-2mzsG0P6WMB5t8W91SU9HA7JJYrbKfN8IQb4YCEOZVMJcQhMF0N_cxhZVFejP2f2O9_6OjrTHKjGwmpQ1kMJDlF2GoMHZJff8RyIgxUmxp7P9GyMHmT9AbX_EcTNlh9v0F0Ht8rU2z7FZHFe8SFjpNqQhieoymfs5puNwNSA63U2bjnMAAAAA%26redir%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Fpcs%252Fclick%253Fxai%253DAKAOjsvym_DGezIk5bLCdGbjvOWnSnojLybmlSS-58zWq0cJnmoNVhn4hfwegLCFQDUW3ARbbegHzJ7L4e-9CQQSz7m3zcBojb8UMRAU6Ro5uuLgQ5tREsocWoNZKH2pBZyfNdcz0Tyl4nlCo-TMmrSaHm4AlqJSrKA8WY0JxDjNIUSMTTXcJjGnJIkor-Kt2tXgOcHEGV3XQAwYA1BrM_z_eWqNqpXuFxYzt4bhwR5Q47NPYvh6InihwD5x16y8ejfphNaacJkJUYGXXOh7Sby0ij0suZj5rwniniFS52JrVVm60ny0_EtQc2mhzgiSg-a_r81jpfGV7n-nHP6UjWkaOOpiof--Wb6DjEmPhwTULQQR6Bn4EQxo0N9tPui23eXZdx_m-NNmJPdutPg6blzlCMAf1vESAdqM_Ir75M4nlzAWCdH906-eD8AHjp2y-MFaBDfdnPClCwgGTpL2SK7CfPxZ6UCAsndgPzEf3svEOouzT-qMNtI8b3ufeWuVuEjVIdzV32bQd1dobgmmyHIo3OMsXpbgCbLfNlM-5XK_Ib-826ZKFk2K7IUWx3DCfaDokMcFv32PDNdPgbTngPwJZ6ckpoJQ_zrtecLpaVGkScYtQ9TIoSHrleB9VKj7cdilhTBzXTCMDJDYdplm_Do0ymqY8Znrh5OTf-wb2ydcpoHrDgZcSUYj8KavUeoViJVQecRQ41ns4JG6L6bE_kKogC2-kh1GxH6thJhRb7wLJrNICTk6wOuLXQ_x9zYslzBIkyEazVGWyrET_JzEwRh2Yd22NhBNO4QDvM9PPnfD55QX9c80st1kV-_ZbPieD66zfjqBAz-xwixXePKF3GOtSAlxfQlaPG5j6jzlTVZ_4i8MaFThB506jsd1WMY2xlpT2cA3gbN_wDXwBU3iV77qT6wmLtRhMWAs-ILl3sTMXLuVELuGsbFD2u_GqVRChXIpJwEicrUoVk1E25VufGd9EHJ4qY1TSGTQRpseWWshvMwpshbvxmlJ1DWoqpwrMOGMCoXosOiYH3oJEbRqVBB3nKktMeEpWAOQHJ2gvvYbXc6Uf8mmBefi1GXgn94I2ziCrc9l5o2WuQU%2526sai%253DAMfl-YQbwmH20S6BFGEseJGiIUvU__Yq0ndOsBqtjpytO0vQs_f9r9dBmyL-ybHkgTYObrr6qIaCRlyuEc8QrlApucUepzV_SZkyDmliuQdlq_4xp1rQz8_EvivG_uAGre6nZf9zwz3FPBhJQtf3RstOnxsuSid6qwJXA9LK0iDaqcrjV8GJ7Q%2526sig%253DCg0ArKJSzKagGlHal75CEAE%2526cry%253D1%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&CMP_ID=25947223&PLCMT_ID=305706233&AD_ID=498879351&FEED_ID=${TM_FEED_ID_NUM}&Placement_ID=305706233&cachebuster=1646245248&TC_1=2200008&TC_2=25947223&TC_3=305706233&TC_4=137843133&TC_5=dcmadvertiserid|8404942$dcmcampaignid|25947223$dcmadid|498879351$dcmrenderingid|137678428$dcmsiteid|6958819$dcmplacementid|305706233$customer|Microsoft$dv360auctionid|

Response headers

date
Wed, 02 Mar 2022 18:21:35 GMT
content-type
text/html;charset=utf-8
pragma
no-cache
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
expires
Wed Mar 02 18:21:35 UTC 2022
server
AMO-jAds/1.1
html5-ad-script_v4.html
dco-assets.everestads.net/ics-campaign/static/dco/ Frame DCDF 		16 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=Yh_1rwAAA58WbA_r
Requested by
Host: ads.everesttech.net
URL: https://ads.everesttech.net/ads/mti/20742/4249?CLK_TR=%2F%2Fstatsf-tm.everesttech.net%2Fstats%2F1%2Fct%3Fcmpo%3Dt%26cmpe%3DH4sIAAAAAAAAAAHAAD__DVcE_He_v-T9OLc_sQXoVERyVjb5J8aGdxuU9KJkalixOgZpWKO1cWX3XxorcMoy2SrrYKz8-zzOnpkOcd0RP-2mzsG0P6WMB5t8W91SU9HA7JJYrbKfN8IQb4YCEOZVMJcQhMF0N_cxhZVFejP2f2O9_6OjrTHKjGwmpQ1kMJDlF2GoMHZJff8RyIgxUmxp7P9GyMHmT9AbX_EcTNlh9v0F0Ht8rU2z7FZHFe8SFjpNqQhieoymfs5puNwNSA63U2bjnMAAAAA%26redir%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Fpcs%252Fclick%253Fxai%253DAKAOjsvym_DGezIk5bLCdGbjvOWnSnojLybmlSS-58zWq0cJnmoNVhn4hfwegLCFQDUW3ARbbegHzJ7L4e-9CQQSz7m3zcBojb8UMRAU6Ro5uuLgQ5tREsocWoNZKH2pBZyfNdcz0Tyl4nlCo-TMmrSaHm4AlqJSrKA8WY0JxDjNIUSMTTXcJjGnJIkor-Kt2tXgOcHEGV3XQAwYA1BrM_z_eWqNqpXuFxYzt4bhwR5Q47NPYvh6InihwD5x16y8ejfphNaacJkJUYGXXOh7Sby0ij0suZj5rwniniFS52JrVVm60ny0_EtQc2mhzgiSg-a_r81jpfGV7n-nHP6UjWkaOOpiof--Wb6DjEmPhwTULQQR6Bn4EQxo0N9tPui23eXZdx_m-NNmJPdutPg6blzlCMAf1vESAdqM_Ir75M4nlzAWCdH906-eD8AHjp2y-MFaBDfdnPClCwgGTpL2SK7CfPxZ6UCAsndgPzEf3svEOouzT-qMNtI8b3ufeWuVuEjVIdzV32bQd1dobgmmyHIo3OMsXpbgCbLfNlM-5XK_Ib-826ZKFk2K7IUWx3DCfaDokMcFv32PDNdPgbTngPwJZ6ckpoJQ_zrtecLpaVGkScYtQ9TIoSHrleB9VKj7cdilhTBzXTCMDJDYdplm_Do0ymqY8Znrh5OTf-wb2ydcpoHrDgZcSUYj8KavUeoViJVQecRQ41ns4JG6L6bE_kKogC2-kh1GxH6thJhRb7wLJrNICTk6wOuLXQ_x9zYslzBIkyEazVGWyrET_JzEwRh2Yd22NhBNO4QDvM9PPnfD55QX9c80st1kV-_ZbPieD66zfjqBAz-xwixXePKF3GOtSAlxfQlaPG5j6jzlTVZ_4i8MaFThB506jsd1WMY2xlpT2cA3gbN_wDXwBU3iV77qT6wmLtRhMWAs-ILl3sTMXLuVELuGsbFD2u_GqVRChXIpJwEicrUoVk1E25VufGd9EHJ4qY1TSGTQRpseWWshvMwpshbvxmlJ1DWoqpwrMOGMCoXosOiYH3oJEbRqVBB3nKktMeEpWAOQHJ2gvvYbXc6Uf8mmBefi1GXgn94I2ziCrc9l5o2WuQU%2526sai%253DAMfl-YQbwmH20S6BFGEseJGiIUvU__Yq0ndOsBqtjpytO0vQs_f9r9dBmyL-ybHkgTYObrr6qIaCRlyuEc8QrlApucUepzV_SZkyDmliuQdlq_4xp1rQz8_EvivG_uAGre6nZf9zwz3FPBhJQtf3RstOnxsuSid6qwJXA9LK0iDaqcrjV8GJ7Q%2526sig%253DCg0ArKJSzKagGlHal75CEAE%2526cry%253D1%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&CMP_ID=25947223&PLCMT_ID=305706233&AD_ID=498879351&FEED_ID=${TM_FEED_ID_NUM}&Placement_ID=305706233&cachebuster=1646245248&TC_1=2200008&TC_2=25947223&TC_3=305706233&TC_4=137843133&TC_5=dcmadvertiserid|8404942$dcmcampaignid|25947223$dcmadid|498879351$dcmrenderingid|137678428$dcmsiteid|6958819$dcmplacementid|305706233$customer|Microsoft$dv360auctionid|&nr=0.9339319445173098&edge=y&html5=y&loc=https%3A%2F%2F130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.229.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-229-87.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3bdf27a1124d341aa2b1880639ae305d9af0d84dd79d7e7f460794038ff75fbf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.everesttech.net/

Response headers

Content-Type
text/html; charset=UTF-8
Content-Length
3934
Server
Apache
Last-Modified
Tue, 21 Dec 2021 13:19:20 GMT
ETag
"127386841-3fce-5d3a7da5bc600"
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
X-Permitted-Cross-Domain-Policies
all
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Expires
Wed, 02 Mar 2022 19:21:35 GMT
Date
Wed, 02 Mar 2022 18:21:35 GMT
Connection
keep-alive
mraid.js
dco-assets.everestads.net/ics-campaign/static/dco/ Frame DCDF 		0
390 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dco-assets.everestads.net/ics-campaign/static/dco/mraid.js
Requested by
Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=Yh_1rwAAA58WbA_r
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.229.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-229-87.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=Yh_1rwAAA58WbA_r
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 02 Mar 2022 18:21:35 GMT
Last-Modified
Tue, 21 Dec 2021 13:19:20 GMT
X-Permitted-Cross-Domain-Policies
all
ETag
"1272240c0-0-5d3a7da5bc600"
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
Server
Apache
Expires
Wed, 02 Mar 2022 19:21:35 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 8C77 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv_WK7wZjqLBIhwN0ufniOse0DptqSmiJbfEJlJHAGa28zLISYC0bmUt8SdLfelEjGc_T4kEgwBpLPJFmSo_7EqiVSPQvuWQW0o1FH55sUUwOsu8E5KA4OoJqoCnKk&sai=AMfl-YTRs3FGN8N1NvB2t1Z8T2Y-gSxNEA4MkewMwWz91wefg0VC4P3MBzXnOXzAZDAG83ILAXj5KCpfR_OJ7OLvgNaHvK7yvTruPXK6u28&sig=Cg0ArKJSzEGWImSYU0ErEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=859&vt=11&dtpt=858&dett=4&cstd=0&cisv=r20220228.44674&adurl=
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/743429/55635901/xbbe/creative/adj?p=APEucNURmVPAjgiqWI_eDv1ad_CBT0GiIpOknAd4xW-fj31bKgkVbiY&d=CnkAoCZ_4F7jphbUdF8MNI759V9xS7KIlEfMCEXY3UB4o6KF0Il1SX2652EggtMn2Di047eCwqwoQoMDBzL7EzkpQu-K7RCKmgu0XPk9hF2IBHLlfgr0Mg0siO-R8dDs7QxAj3Rh4PmaJ6ENM3Ic53YBadCpTeImFWlhEukRAKAmf-Bm_7-TrHYzD3838q_dmwOWMEmaJoWjSjRZm5QlVM44q68B3xNc_SZiZ1MbnWgpfdEnZ9hQ4cxX_xROfPYIeozqEkk2JEz8au4Y-yzxqjb5CviJzvn5tLsilmYGWT0mpr2USLIUTS-7sxqEiIf8FlYUkbI3wY7PpXIYHRLvUB2U9jyTvV_2OS8PWu5aOt2rfcaOSgM30bSiir6ZYHUADKV_fvjlkV8aq8wwCRATM8HXNfU9iyZFoqqPv33MicpZygjkoEpx9D_qrFHvaDuhLU2Av184UXf9m9wHOGfMnTsACeEdEK3INssZz3YQ_oEjZdDG0cdD1dkSjLcca1pCrPW0TayokX83kPlEiKlYkvVQJQGTGOVo-yANkc3v0OFa2RLx2EJipIN6w2asNgd5nvd-pyUwB6uX4wb0gFlFytqwpOy_6kCx9CEKGiXf3M8VY1fZgFa4eLNG2CJlY02JEa69k4Q_SPoja-_NqbiWSeRjYcBN-ZGmxod97_i7h3aKwx_7VjJLqmGjSdZdjLDQZaSwWi7-RZ_hgHFz3I61_3ygMTxaPDm1cdKqCXuSsprbE_NRHdoUaUhTy8TaX-LhUfLB43gfbZ82GJo4JZ7tya1IR_2BQUQV6gBoRfS90qLkFlqpe77sRsxikaacZOOanHRBfYmy38mNbNqOCnZAMNpWRGomd5DE0Ev49K2HP197jAqmV397h5i7Jh6jInzk5Cae9UTehNvQ3wMH8VNkJkNAhp10mIJyz8F1aohpq9m3CrTgoJy68x3nAELkaDXB1pZa8ywRoE8VueZewcKD7uXETheUGvCsuBqa0cyWr-3MSl6hd_PJuOEwWfgYCylSV5e01EAblemZlr57K8bYrjI-L7KQOXHp2DPABnXNhosaHIRESofqOxd-b9grdVi_7_rbfnSK5lcRH_By_k82BgnKnvEsT-IgdxcgwyC5JdODn_RZife3h5-cZl9euy-Lpaj-SiXrJzfoKJ1u6oblaZFYMHB_tM3OlVG0WqksvoPnNYo_pc06Gn4WD16MQOHamb6pu1fBW4jLeFhNJkrP0D7reTJmWQ7VRaRHxXFpKo-wnTnsH0j2ytCYV0xVwwHX6jeV9h7r7lFy818mfTapUQu8H_4LDffT_80PROVTkvlb-5xMhZgJJUBnarYMkcoK3Ztz1BX2DiRPDO-b4q79sa6sJFzqDjfTR3Q217AXClz7bdTxxXwriV4OyyREiK8Liq19cYEayhXn4DnJQuNFSFK3ATutYm3kq4mhQ1wgS6mp7YzjA2hHpKeE7HEITpX7LNmy4lwjPgTMAG2cjeu6mne1qYPXgl_RCNB8wmUPxGNesuJTpe3_tF4VFN5DxZkB_R4N5tTtyR10Ckz1p1GhueI2Z0VjB9O2OUdUIUWO3g924TxZqh5kTUGXj1AF93tnFclYqm55hFRkL_xthV8Zih2Vzo2y5jHpXM52UTapU-jBL36K1HivsMUx8wE-TuUcWGJ84SenSo5lX1t9Ql9WE8Sr6o5E7p7ngsnc_EyxrxWEzBMjKuPAins_ebgF08x-gelEYDtQBX3VSZfE9oE90Ebn4j8d-UNlMJcTnISaPUDn-V1X2ch2QX6l8DcA8GrYVTNhINV13WXdjs1pvDfysq_lqqYfHaksxjlwAzxlk6ogOJ62mlfK_8wJ5bCXGyqTshzL6YGD0x9yxH5KO7j3sS02XfYYfDz8lGK0xlyHwtsEmK-YF3CwNMl0NSlMK4QbDv9A2vSYqgi2IOPSU0tWL6Cm5lK7meLdWgLcxJotYIMtzvZnt6CxF2BPWAWWWiNqdTnHZ0pu2pmaaoMxIpuRegf21ZcG3l2btaIjXb8z7OWSAgCe95pP6J3xySm582jGdKVDNbdIwN_L_HuG0o6mjssktlRzB-cc6tcK92W4buhxqoEWMdye7MfNDAvKher-zWoJv5frd4ecPKuJF3neQu7Y19hgm2-MmaOfp9vMl0hgk9RurL1COQ4DHA-mbtTg7yfbFWZmZXBZnneo5l65dyXvBcvxmiqGfPdSbICvxW5K_X1S42wAY41tcDqq1Mc9zp4nhg-zlufOcNx3_L8qGNk0MJYmiYam6ONEtD4Df2n19SBHtWrR7qRtzlxlvwj3GGSB-gCQawAsehqqRuHrV3SxHszw0WR8K_QPrFZ1shv20CPww5B5QyfenT2r9DXRGDAP4MqX2aKy2O6Is7NtWzKFuhBmJtT4rnF7JamazOaf7UuJiA9EuWBYSuv7E1nzZ5himv1ZmGicOLUEQEGH9Dy9xmEw6Kf0ir1BBIOayP8uOXQpd87LXgq4KlsHpuFbybDq_yd-CEuYlOjs9Ped4QSPJ7g8g-xj8mAmeNDE5ekTPL9UVfiwJIX6gUHarRqugVO3WqLSNdclfjxWUpD3DXBMw7pX6RNhghC3nLw_mrNDjHBajL1l6TS-KjyrBYubG5SH8t_bObnWV1xOsi_5pqXlthJmde_2mqQX-Lly6YXoZFxmdPtLluqCt0wq9F7SSD937eINmGHLLtdqXt2X8cFBgTS1mSCjm1MGwIWQbiY-dpY6KxULfQFFMMWMxloGU0w-IaO2ai1Y2R0x_9YMF1fd0T-CmmVvbQBsU6rweLkY3RG6XJWmrIUnrLHub0PRAbhSiIy5pISF5baM0TIvqtBTZ0QMN8mcRanZuZA-HKDNyDcfTDop5YPoMWAwiq9lbcfsYBP_aP7X4VkGGC0hen__X1-OoYawhPgKPQVcIO6yHfcBrgzLhMUHcPUBwhctzP2NL5RKwz9wr7Ba1fOa4aljDwdMopCQSkBS6XzoI_Eel8yRYLk6I2v0eqHtKSsf-Fyj1lQWuA3wnUrVVtq1pisORqTu5RW6eqOzLNGVNRMpcexrtlZZwVMrNssMloCjo3mvM0iPYv9vHbw5mQZ8awRBYhWSKjgbcEVG6CcEpHvMJkpDLliDEKtK47tNpBYSq9LGrKVsv1DRJqnm-MRLX86o4rfZRb0D80zf9LTpPxPBYb5Z9J2U39cal1bo9m8lzCRD7LQL0xoZCAASFeRoNSq_vytxTbzrP_5AvFaYaNDKEWAB&adsafe_url=http%3A%2F%2Fblogma.co.uk%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:d2b8aaa8-cbf0-38fc-ed70-9ec09a2198a9,c:5JiRnH,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-894b99788-kgvc2,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:2,fm:sYWVu9B+11*.743429-55635901%7C111%7C121%7C13,idMap:11*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:15,oid:9747428a-9a55-11ec-89e5-5e6fda6dba36,v:19.8.289,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Mar 2022 18:21:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
z728x90.html
dco-assets.everestads.net/ics-campaign//5031/t/7878/5/ Frame 7EAE 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dco-assets.everestads.net/ics-campaign//5031/t/7878/5/z728x90.html
Requested by
Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=Yh_1rwAAA58WbA_r
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.229.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-229-87.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
371a120aa245219dda7278d9960471338cb9883e8801e73be035a5c69824cc1e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=Yh_1rwAAA58WbA_r

Response headers

Server
Apache
Last-Modified
Fri, 08 Oct 2021 14:34:44 GMT
ETag
"16ca57837-1fba-5cdd847c0c900"
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
X-Permitted-Cross-Domain-Policies
all
Access-Control-Allow-Origin
*
Content-Length
2243
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=3600
Expires
Wed, 02 Mar 2022 19:21:35 GMT
Date
Wed, 02 Mar 2022 18:21:35 GMT
Connection
keep-alive
AMOLibrary.js
ads.everesttech.net/ads/static/local/ Frame 7EAE 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.everesttech.net/ads/static/local/AMOLibrary.js
Requested by
Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/7878/5/z728x90.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.23.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-23-166.compute-1.amazonaws.com
Software
AMO-jAds/1.1 /
Resource Hash
e66ad7a792dcaa684917803058147d54e110728a7cef76562e5bc5ca1388339e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://dco-assets.everestads.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
cache
date
Wed, 02 Mar 2022 18:21:35 GMT
last-modified
Wed, 22 Dec 2021 09:29:42 GMT
server
AMO-jAds/1.1
etag
W/"5582-1640165382000"
content-type
application/javascript
cache-control
cache,store,max-age=86400
accept-ranges
bytes
content-length
5582
O365_FY20Q4_SMB_USA_728x90_BAN_AllUp_AI_English_NA_NA_ANI_BN_NA_1.htm
dco-assets.everestads.net/ics-campaign//5031/t/7878/5/AllUpAI/ Frame 3F91 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dco-assets.everestads.net/ics-campaign//5031/t/7878/5/AllUpAI/O365_FY20Q4_SMB_USA_728x90_BAN_AllUp_AI_English_NA_NA_ANI_BN_NA_1.htm
Requested by
Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/7878/5/z728x90.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.229.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-229-87.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
dfe727957ccac07ebd58cd40322e4d99ae6441e323cd33601ab9e5a75939c48c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://dco-assets.everestads.net/ics-campaign//5031/t/7878/5/z728x90.html

Response headers

Server
Apache
Last-Modified
Fri, 08 Oct 2021 14:34:44 GMT
ETag
"172ae9d18-3b44-5cdd847c0c900"
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
X-Permitted-Cross-Domain-Policies
all
Access-Control-Allow-Origin
*
Content-Length
5460
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=3600
Expires
Wed, 02 Mar 2022 19:21:35 GMT
Date
Wed, 02 Mar 2022 18:21:35 GMT
Connection
keep-alive
TweenMax.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/2.0.2/ Frame 3F91 		113 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/2.0.2/TweenMax.min.js
Requested by
Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/7878/5/AllUpAI/O365_FY20Q4_SMB_USA_728x90_BAN_AllUp_AI_English_NA_NA_ANI_BN_NA_1.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
009bf00d3831fb62595adb20e170ed288d8a157493fb6028b1888b05875ed8f3
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://dco-assets.everestads.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:21:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1116868
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33806
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-1c56a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ss%2FVzlR1ZtujLhDFoH1uEJ7kQS5ceV0EGSUkNWmfRlrgiUtjg5C3oaoa%2FhQt3pGZU6sjbXrXSmip4i5%2BkDNK6lCobwk1PnSM7J2%2FpMeUBvt5u%2Bs8R63TzrWvHlcBLK0XA9dI3R1xKhY22Nk3WcyuU1nu"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6e5c272a2c007480-LHR
expires
Mon, 20 Feb 2023 18:21:35 GMT
createjs.min.js
code.createjs.com/1.0.0/ Frame 3F91 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/7878/5/AllUpAI/O365_FY20Q4_SMB_USA_728x90_BAN_AllUp_AI_English_NA_NA_ANI_BN_NA_1.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:60::173e:6213 Schiphol, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://dco-assets.everestads.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:21:35 GMT
content-encoding
gzip
server
Apache
cache-control
max-age=900
vary
Accept-Encoding
content-type
text/javascript
x-n
S
accept-ranges
bytes
expires
Wed, 02 Mar 2022 18:36:35 GMT
O365_FY20Q4_SMB_USA_728x90_BAN_AllUp_AI_English_NA_NA_ANI_BN_NA_1.js
dco-assets.everestads.net/ics-campaign//5031/t/7878/5/AllUpAI/ Frame 3F91 		61 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dco-assets.everestads.net/ics-campaign//5031/t/7878/5/AllUpAI/O365_FY20Q4_SMB_USA_728x90_BAN_AllUp_AI_English_NA_NA_ANI_BN_NA_1.js?1501171107836
Requested by
Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/7878/5/AllUpAI/O365_FY20Q4_SMB_USA_728x90_BAN_AllUp_AI_English_NA_NA_ANI_BN_NA_1.htm
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.229.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-229-87.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4d552f6e2a93ad330b1a711c12aa50d0f01c865c4256084af77fe920dec3090a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://dco-assets.everestads.net/ics-campaign//5031/t/7878/5/AllUpAI/O365_FY20Q4_SMB_USA_728x90_BAN_AllUp_AI_English_NA_NA_ANI_BN_NA_1.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 02 Mar 2022 18:21:35 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Oct 2021 14:34:44 GMT
X-Permitted-Cross-Domain-Policies
all
ETag
"16273ec12-f48c-5cdd847c0c900"
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10696
Server
Apache
Expires
Wed, 02 Mar 2022 19:21:35 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8C77 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssH2SN0wXLFo5ttKAyi8Kjn6oJcD7KrZ7yhsZN4BdksughNuWt1GQJTgwUxRMj-Uvr3ouNbGAPvrw18kqKmmwIh8jAkDonHTncxcujMSVm11qp5r2s&sai=AMfl-YToz0WTt0RLMAF2g-cJEA0hLBNyuuusA36JalkR1aG__OBZxduj4TkX2AgsWrWJK3cafuZlq5QrvNG2SJPITqp546ymoUCkqgd4FU1XWrSJoA7BzPV9JzqgU8Ig2MY&sig=Cg0ArKJSzGoj965uBoqhEAE&cid=CAASFeRoNSq_vytxTbzrP_5AvFaYaNDKEQ&id=lidar2&mcvt=1000&p=409,435,499,1163&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220228&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2598950254&rs=4&la=0&cr=0&vs=4&r=v&rst=1646245294065&rpt=733&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:21:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SegoePro-Semibold.woff
dco-assets.everestads.net/ics-campaign//5031/t/7878/5/AllUpAI/fonts/ Frame 3F91 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dco-assets.everestads.net/ics-campaign//5031/t/7878/5/AllUpAI/fonts/SegoePro-Semibold.woff
Requested by
Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/7878/5/AllUpAI/O365_FY20Q4_SMB_USA_728x90_BAN_AllUp_AI_English_NA_NA_ANI_BN_NA_1.htm
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.229.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-229-87.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
dd5cedf68c73545e36272585c781c66d4d723804e427be71a95c9b2610f2f8c8

Request headers

Referer
https://dco-assets.everestads.net/ics-campaign//5031/t/7878/5/AllUpAI/O365_FY20Q4_SMB_USA_728x90_BAN_AllUp_AI_English_NA_NA_ANI_BN_NA_1.htm
Origin
https://dco-assets.everestads.net
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 02 Mar 2022 18:21:35 GMT
Last-Modified
Fri, 08 Oct 2021 14:34:44 GMT
X-Permitted-Cross-Domain-Policies
all
ETag
"16de8e199-6590-5cdd847c0c900"
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26000
Server
Apache
Expires
Wed, 02 Mar 2022 19:21:35 GMT
O365_FY20Q4_SMB_USA_728x90_BAN_AllUp_AI_English_NA_NA_ANI_BN_NA_1_atlas_.png
dco-assets.everestads.net/ics-campaign//5031/t/7878/5/AllUpAI/images/ Frame 3F91 		74 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dco-assets.everestads.net/ics-campaign//5031/t/7878/5/AllUpAI/images/O365_FY20Q4_SMB_USA_728x90_BAN_AllUp_AI_English_NA_NA_ANI_BN_NA_1_atlas_.png?1584613194854
Requested by
Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/7878/5/z728x90.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.229.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-229-87.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a794633fb9a0772517cc4aa1c763b2af328b83e1fcb8f3ee16974b4dd205bdae

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://dco-assets.everestads.net/ics-campaign//5031/t/7878/5/AllUpAI/O365_FY20Q4_SMB_USA_728x90_BAN_AllUp_AI_English_NA_NA_ANI_BN_NA_1.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 02 Mar 2022 18:21:35 GMT
Last-Modified
Fri, 08 Oct 2021 14:34:44 GMT
X-Permitted-Cross-Domain-Policies
all
ETag
"16273ec13-1289e-5cdd847c0c900"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
75934
Server
Apache
Expires
Wed, 02 Mar 2022 19:21:35 GMT
dt
dt.adsafeprotected.com/ Frame 8C77 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=743429&asId=d2b8aaa8-cbf0-38fc-ed70-9ec09a2198a9&tv=%7Bc:5JiRMe,pingTime:1,time:1535,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:14%7D,%7Bpiv:100,vs:i,r:,t:535%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:535,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B530~0%5D,as:%5B530~728.90%5D%7D%7D,%7Bsl:i,t:535,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:99,fm:sYWVu9B+11*.743429-55635901%7C111%7C121%7C13,idMap:11*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.138.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-138-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:21:35 GMT
x-server-name
dt09.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 8C77 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=743429&asId=d2b8aaa8-cbf0-38fc-ed70-9ec09a2198a9&tv=%7Bc:5JiRMf,pingTime:1,time:1536,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:14%7D,%7Bpiv:100,vs:i,r:,t:535%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:535,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B530~0%5D,as:%5B530~728.90%5D%7D%7D,%7Bsl:i,t:535,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:99,fm:sYWVu9B+11*.743429-55635901%7C111%7C121%7C13,idMap:11*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.138.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-138-170.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:21:35 GMT
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
imp
analyticspixel.microsoft.com/aid/ Frame 3F91 		0
566 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticspixel.microsoft.com/aid/imp?dcoimpid=Yh_1rwAAA58WbA_r&dcmadvertiserid|8404942$dcmcampaignid|25947223$dcmadid|498879351$dcmrenderingid|137678428$dcmsiteid|6958819$dcmplacementid|305706233$customer|Microsoft$dv360auctionid|
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.204 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0005.a-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://dco-assets.everestads.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:21:36 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BBD701C5B52C4E6C8305D31518283D7F Ref B: LTSEDGE1014 Ref C: 2022-03-02T18:21:36Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| structuredClone object| oncontextlost object| oncontextrestored object| googletag object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| GoogleGcLKhOms object| ampInaboxIframes object| ampInaboxPendingMessages object| google_image_requests

11 Cookies

Domain/Path Name / Value
.blogma.co.uk/ Name: __gads
Value: ID=5e1ef3a2840b68d4-226ac2e551cd00ed:T=1646245293:S=ALNI_MZSdKGhXS2YcPlJhCD82waHCu9xdg
.doubleclick.net/ Name: IDE
Value: AHWqTUnDaz3zAiZBS2jUJZYufM5zzx6Xi6tT24crkkqMIPmgE0Sy7EoO1VBwigbhPe4
.turn.com/ Name: uid
Value: 3209975843406799333
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Yh@1rgAAAHGr6Hdy
.casalemedia.com/ Name: CMPS
Value: 689
.casalemedia.com/ Name: CMST
Value: Yh+1r2Ifta8A
.casalemedia.com/ Name: CMID
Value: Yh.1rq8tG0w4Lf.B2wSg3AAA
.casalemedia.com/ Name: CMPRO
Value: 333
.casalemedia.com/ Name: CMRUM3
Value: 2d621fb5af2760CAESEO1N8E4x72y1WqhlqN7wyyY
.microsoft.com/ Name: MC1
Value: GUID=2a900a13e3d841fd992a8594fa6a775a&HASH=2a90&LV=202203&V=4&LU=1646245296306
.microsoft.com/ Name: MUID
Value: 09954D4652A869902D425C1D56A86F05

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

130bed1c99f16fd70222b9c56a073a65.safeframe.googlesyndication.com
ads.everesttech.net
adservice.google.co.uk
adservice.google.com
analyticspixel.microsoft.com
bid.g.doubleclick.net
blogma.co.uk
cdnjs.cloudflare.com
cm.g.doubleclick.net
cmp-as-tm.everesttech.net
code.createjs.com
d.turn.com
dco-assets.everestads.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
statsf-tm.everesttech.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.livetodot.com
104.111.229.87
107.23.138.170
142.250.185.98
142.250.186.130
142.250.74.194
151.101.66.49
2.18.234.21
2001:678:cb4:bbbb::13
204.79.197.204
2600:9000:214f:f600:8:48e:53c0:93a1
2606:4700::6810:135e
2a00:1450:4001:800::2002
2a00:1450:4001:802::2002
2a00:1450:4001:808::2001
2a00:1450:4001:813::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:831::2002
2a02:26f0:60::173e:6213
2a05:d018:5f8:5906:261f:8f1a:e46e:73f2
3.217.23.166
52.19.214.88
54.75.231.227
74.125.133.154
87.124.70.66
009bf00d3831fb62595adb20e170ed288d8a157493fb6028b1888b05875ed8f3
120b736d2014001d58d2fa9728765fb83b51cbb873b845c856a9dbe8a6da00ef
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1a81c00b02e9a797e6e8cfce706577e8eb14c66fc4ab38ed71f09508d9222c72
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
371a120aa245219dda7278d9960471338cb9883e8801e73be035a5c69824cc1e
383f95a75b02bb1370e93c9c3c6b9f060a98dbe492b16d8e1da3f653a800e435
3bdf27a1124d341aa2b1880639ae305d9af0d84dd79d7e7f460794038ff75fbf
421826ba172a54d9fd676a0a6ec9d635c3f2210aba81b270d1505c8c653ae4ff
43b47c40685880070991a06b239d1766ac070f4a5f85e54f805916852eec0691
4869d34286cf7e51f09f762190d338474a1489c7afa78a873b6eb05eba5cad0b
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4d552f6e2a93ad330b1a711c12aa50d0f01c865c4256084af77fe920dec3090a
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5780d8896c8016dc9fe6985c7fb727958c9f78fb1a4cfed404a701efec2b002c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67d2cd64b5d91616352db846f3e51a215e5438180fd3cee3ab20cd5b220989a0
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
6ca033e383e05508a714f039053531a9beb49eccb574a38b2a9f4bef87170c4f
746134874373cc5568db6ab88501d278f7901b65928a85aaf14512148d1413ce
80b0d2382426b2d291d4a385a80f8fc36ad6edbcd2349c88952afaaa2fae3306
8fb844df2c40ef9261ef412bc1f6c05db67de9c2bd57651f6c33e3ad4085df9a
90d6e8aa7d3916b21b60c2faf462f63569d012a8d4484a3c65686cd64c7255db
9bfe4e5adbd15a46b08a23e01f91f0a655ca544fa7f004c404af68a76e5fe52b
9c0e12504afc35438281ce3387294fad7573c3bab9d8205977da91aedc95812d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a639a3a0336d71b9d8af58e81ac71b15157feea19d897dadd1b127f4e796cd92
a64116456336da12e9032239b579a4389aba2162512ddfb8cbcb1a14d11a5627
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a794633fb9a0772517cc4aa1c763b2af328b83e1fcb8f3ee16974b4dd205bdae
ac9132afe7728cb1c03c6d0b47160bff3fd0580f90a1086bcf015fce1ce237d3
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b934f61b801a95c78575e1f0812967b3c47834e40763ec9146c1093a2f274277
bae5162ba73cd03a948c552c350f6e1b78fdd06025d6ad9dd687f53d584b4538
cb824270c3f76a6ac2d8d3172ac14c600a8ac5e73e4398cc1a7d2dc86a66657f
d806a97e6d6dd86eeaf4b92b43618dd5b4e48a6b991aa5af365e4f970746ca3d
dd5cedf68c73545e36272585c781c66d4d723804e427be71a95c9b2610f2f8c8
dfe727957ccac07ebd58cd40322e4d99ae6441e323cd33601ab9e5a75939c48c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e66ad7a792dcaa684917803058147d54e110728a7cef76562e5bc5ca1388339e
eb17a933f0977509c796b9055e3c140746326ecd3ec343dfa3614e8bdb1ac2f5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629