www.dek-d.com Open in urlscan Pro
94.74.116.230 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.dek-d.com/board/view/4089585
Submission: On June 23 via manual (June 23rd 2023, 2:23:49 am UTC) from ID — Scanned from US

Summary HTTP 285 Redirects Links 32 Behaviour Indicators

Summary

This website contacted 60 IPs in 7 countries across 42 domains to perform 285 HTTP transactions. The main IP is 94.74.116.230, located in Bangkok, Thailand and belongs to HWCLOUDS-AS-AP HUAWEI CLOUDS, HK. The main domain is www.dek-d.com. The Cisco Umbrella rank of the primary domain is 173290.
TLS certificate: Issued by RapidSSL Global TLS RSA4096 SHA256 20... on January 6th 2023. Valid for: a year.

This is the only time www.dek-d.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	94.74.116.230 94.74.116.230	136907 (HWCLOUDS-...) (HWCLOUDS-AS-AP HUAWEI CLOUDS)
2 50	199.91.74.219 199.91.74.219	21859 (ZEN-ECN) (ZEN-ECN)
10	2607:f8b0:402... 2607:f8b0:4020:807::2002	15169 (GOOGLE) (GOOGLE)
5	23.223.124.41 23.223.124.41	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2607:f8b0:402... 2607:f8b0:4020:804::2001	15169 (GOOGLE) (GOOGLE)
4	2606:4700:10:... 2606:4700:10::6816:3f96	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:402... 2607:f8b0:4020:807::200a	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:81d::2004	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:402... 2607:f8b0:4020:804::2008	15169 (GOOGLE) (GOOGLE)
3	2606:4700:10:... 2606:4700:10::ac43:2682	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
6	2607:f8b0:402... 2607:f8b0:4020:807::200e	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:402... 2607:f8b0:4020:805::2003	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:402... 2607:f8b0:4020:804::2003	15169 (GOOGLE) (GOOGLE)
7	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	146.75.36.157 146.75.36.157	54113 (FASTLY) (FASTLY)
2	202.183.165.228 202.183.165.228	4750 (CSLOXINFO...) (CSLOXINFO-AS-AP CS LOXINFO PUBLIC COMPANY LIMITED)
6	2607:f8b0:402... 2607:f8b0:4020:805::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:402... 2607:f8b0:4020:804::200a	15169 (GOOGLE) (GOOGLE)
8	149.129.240.178 149.129.240.178	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
16	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
1	18.160.46.56 18.160.46.56	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:219... 2600:9000:2199:8c00:a:e047:753:be1	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2607:f8b0:402... 2607:f8b0:4020:805::200d	15169 (GOOGLE) (GOOGLE)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
4	2607:f8b0:400... 2607:f8b0:4004:c0b::9c	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:36::181	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:402... 2607:f8b0:4020:805::2006	15169 (GOOGLE) (GOOGLE)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
1	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
2	2607:f8b0:402... 2607:f8b0:4020:804::2002	15169 (GOOGLE) (GOOGLE)
1	54.236.176.175 54.236.176.175	14618 (AMAZON-AES) (AMAZON-AES)
1	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
3	119.81.192.134 119.81.192.134	36351 (SOFTLAYER) (SOFTLAYER)
3	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2 3	2600:1f18:4e9... 2600:1f18:4e9:5a05:ece6:9019:be6a:7d62	14618 (AMAZON-AES) (AMAZON-AES)
1 2	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
2 2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 12	172.217.13.130 172.217.13.130	15169 (GOOGLE) (GOOGLE)
2	2620:100:a001::3 2620:100:a001::3	19750 (AS-CRITEO) (AS-CRITEO)
2	2620:100:a001... 2620:100:a001::24	19750 (AS-CRITEO) (AS-CRITEO)
10	2607:f8b0:402... 2607:f8b0:4020:805::2001	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:816::2002	15169 (GOOGLE) (GOOGLE)
2	2620:116:800b... 2620:116:800b:21:1456:d0e1:7db4:a56b	14618 (AMAZON-AES) (AMAZON-AES)
4 4	2606:ae80:145... 2606:ae80:1451:13::2330	25751 (VALUECLICK) (VALUECLICK)
4 4	52.71.141.42 52.71.141.42	14618 (AMAZON-AES) (AMAZON-AES)
2 2	38.98.69.175 38.98.69.175	174 (COGENT-174) (COGENT-174)
7	2600:1400:900... 2600:1400:9000::6875:b612	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	74.119.119.147 74.119.119.147	19750 (AS-CRITEO) (AS-CRITEO)
2	2600:9000:24f... 2600:9000:24f3:ae00:19:fc2c:a140:93a1	16509 (AMAZON-02) (AMAZON-02)
2 4	172.217.13.166 172.217.13.166	15169 (GOOGLE) (GOOGLE)
2	35.169.41.60 35.169.41.60	14618 (AMAZON-AES) (AMAZON-AES)
6	34.117.228.201 34.117.228.201	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2620:100:a001::9 2620:100:a001::9	19750 (AS-CRITEO) (AS-CRITEO)
2	2620:100:a001... 2620:100:a001::16	19750 (AS-CRITEO) (AS-CRITEO)
285	60

9 94.74.116.230 (Bangkok, Thailand)

ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK)
PTR: ecs-94-74-116-230.compute.hwclouds-dns.com

www.dek-d.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 199.91.74.219 (Mexico) 2 redirects

ASN21859 (ZEN-ECN, US)

www0.dek-d.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.dek-d.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4020:807::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.223.124.41 (United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-223-124-41.deploy.static.akamaitechnologies.com

media.innity.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssl-avd.innity.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
avd.innity.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4020:804::2001 (Montreal, Canada)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6816:3f96 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.radiantmediatechs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:807::200a (Montreal, Canada)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:81d::2004 (Flushing, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4020:804::2008 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::ac43:2682 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.adbro.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
apis.adbro.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4020:807::200e (Montreal, Canada)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4020:805::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4020:804::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.36.157 (Reston, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 202.183.165.228 (Thailand)

ASN4750 (CSLOXINFO-AS-AP CS LOXINFO PUBLIC COMPANY LIMITED, TH)
PTR: p354-nasbkkST3.C.csloxinfo.net

cdn.thelead.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
connect.thelead.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4020:805::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:804::200a (Montreal, Canada)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 149.129.240.178 (Jakarta, Indonesia)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

as.innity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.46.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-46-56.iad55.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2199:8c00:a:e047:753:be1 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4020:805::200d (Montreal, Canada)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c0b::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:805::2006 (Montreal, Canada)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::c (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.118 (France)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:804::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.236.176.175 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-176-175.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 119.81.192.134 (Singapore)

ASN36351 (SOFTLAYER, US)
PTR: 86.c0.5177.ip4.static.sl-reverse.com

avd.innity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1f18:4e9:5a05:ece6:9019:be6a:7d62 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.130.91 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.217.13.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::3 (United States)

ASN19750 (AS-CRITEO, US)

rtb.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::24 (United States)

ASN19750 (AS-CRITEO, US)

ads.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4020:805::2001 (Montreal, Canada)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:816::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800b:21:1456:d0e1:7db4:a56b (United States)

ASN14618 (AMAZON-AES, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:ae80:1451:13::2330 (United States) 4 redirects

ASN25751 (VALUECLICK, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.71.141.42 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-141-42.compute-1.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 38.98.69.175 (New York, United States) 2 redirects

ASN174 (COGENT-174, US)

aep.mxptint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:1400:9000::6875:b612 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.119.119.147 (United States)

ASN19750 (AS-CRITEO, US)

cat.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:24f3:ae00:19:fc2c:a140:93a1 (United States)

ASN16509 (AMAZON-02, US)

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.13.166 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.169.41.60 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-41-60.compute-1.amazonaws.com

tracker.samplicio.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.117.228.201 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 201.228.117.34.bc.googleusercontent.com

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtbc-ue1.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-ue1.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2620:100:a001::9 (United States)

ASN19750 (AS-CRITEO, US)

imageproxy.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::16 (United States)

ASN19750 (AS-CRITEO, US)

csm.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
59	dek-d.com 2 redirects www.dek-d.com — Cisco Umbrella Rank: 173290 www0.dek-d.com — Cisco Umbrella Rank: 299451 img.dek-d.com — Cisco Umbrella Rank: 408322	2 MB
34	criteo.net static.criteo.net — Cisco Umbrella Rank: 583 imageproxy.us.criteo.net — Cisco Umbrella Rank: 3090 csm.us.criteo.net — Cisco Umbrella Rank: 3136	194 KB
32	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 219 pubads.g.doubleclick.net — Cisco Umbrella Rank: 417 stats.g.doubleclick.net — Cisco Umbrella Rank: 124 cm.g.doubleclick.net — Cisco Umbrella Rank: 244 ad.doubleclick.net — Cisco Umbrella Rank: 184	177 KB
19	googlesyndication.com 6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 155 pagead2.googlesyndication.com — Cisco Umbrella Rank: 133	104 KB
15	google.com www.google.com — Cisco Umbrella Rank: 3 apis.google.com — Cisco Umbrella Rank: 191 accounts.google.com — Cisco Umbrella Rank: 59 analytics.google.com — Cisco Umbrella Rank: 256 adservice.google.com — Cisco Umbrella Rank: 107	96 KB
13	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 490 rtb0.doubleverify.com — Cisco Umbrella Rank: 765 rtbc-ue1.doubleverify.com — Cisco Umbrella Rank: 2373 tps.doubleverify.com — Cisco Umbrella Rank: 516 tpsc-ue1.doubleverify.com — Cisco Umbrella Rank: 1435	153 KB
11	innity.com as.innity.com — Cisco Umbrella Rank: 26915 avd.innity.com — Cisco Umbrella Rank: 30168	8 KB
11	gstatic.com www.gstatic.com fonts.gstatic.com csi.gstatic.com Failed	481 KB
9	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 407 mug.criteo.com — Cisco Umbrella Rank: 2114 rtb.va.us.criteo.com — Cisco Umbrella Rank: 9888 ads.us.criteo.com — Cisco Umbrella Rank: 3029 cat.va.us.criteo.com — Cisco Umbrella Rank: 2936	117 KB
7	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	228 B
5	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1383 google-bidout-d.openx.net — Cisco Umbrella Rank: 1387 us-u.openx.net — Cisco Umbrella Rank: 492	2 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 176	331 KB
5	innity.net media.innity.net — Cisco Umbrella Rank: 61505 ssl-avd.innity.net — Cisco Umbrella Rank: 48202 avd.innity.net — Cisco Umbrella Rank: 42938	85 KB
4	w55c.net 4 redirects pm.w55c.net — Cisco Umbrella Rank: 1012	3 KB
4	dotomi.com 4 redirects dclk-match.dotomi.com — Cisco Umbrella Rank: 3231	2 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 207	224 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 60	69 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 82	309 KB
4	radiantmediatechs.com cdn.radiantmediatechs.com — Cisco Umbrella Rank: 47573	223 KB
3	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 468	2 KB
3	adbro.me tag.adbro.me — Cisco Umbrella Rank: 21838 apis.adbro.me — Cisco Umbrella Rank: 25670	12 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 80 imasdk.googleapis.com — Cisco Umbrella Rank: 495	348 KB
2	samplicio.us tracker.samplicio.us — Cisco Umbrella Rank: 1994	780 B
2	agkn.com d.agkn.com — Cisco Umbrella Rank: 696	1 KB
2	mxptint.net 2 redirects aep.mxptint.net — Cisco Umbrella Rank: 7479	1 KB
2	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 846	925 B
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 375	970 B
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 337	2 KB
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 1538	335 B
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 839 id5-sync.com — Cisco Umbrella Rank: 434	25 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1019 bcp.crwdcntrl.net — Cisco Umbrella Rank: 952	12 KB
2	thelead.tech cdn.thelead.tech — Cisco Umbrella Rank: 77361 connect.thelead.tech — Cisco Umbrella Rank: 76538	11 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 263	5 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 338	17 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 721	394 B
1	t.co t.co — Cisco Umbrella Rank: 504	377 B
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 1408	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 379	897 B
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1509	2 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1553	8 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 768	15 KB
1	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 14391	33 KB
285	42

	Domain	Requested by
49	www0.dek-d.com	2 redirects www.dek-d.com www0.dek-d.com
16	imageproxy.us.criteo.net	ads.us.criteo.com
16	static.criteo.net	securepubads.g.doubleclick.net ads.us.criteo.com cdnjs.cloudflare.com static.criteo.net
12	cm.g.doubleclick.net	1 redirects google-bidout-d.openx.net 6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com
10	tpc.googlesyndication.com	6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com
10	securepubads.g.doubleclick.net	www.dek-d.com securepubads.g.doubleclick.net 6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com www.googletagservices.com
9	www.dek-d.com	www.dek-d.com www0.dek-d.com
8	as.innity.com	media.innity.net
7	cdn.doubleverify.com	ads.us.criteo.com cdn.doubleverify.com www.dek-d.com
7	www.facebook.com	connect.facebook.net www.dek-d.com
6	fonts.gstatic.com	fonts.googleapis.com www.google.com
6	www.google.com	www0.dek-d.com www.gstatic.com www.dek-d.com www.google.com 6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com
5	6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	www.gstatic.com	www.google.com www.gstatic.com accounts.google.com
5	connect.facebook.net	www0.dek-d.com connect.facebook.net www.dek-d.com
4	ad.doubleclick.net	2 redirects ads.us.criteo.com
4	pm.w55c.net	4 redirects
4	dclk-match.dotomi.com	4 redirects
4	www.googletagservices.com	6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com
4	pagead2.googlesyndication.com	6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com www.googletagservices.com
4	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	www.googletagmanager.com	www.dek-d.com www.googletagmanager.com tag.adbro.me
4	cdn.radiantmediatechs.com	www.dek-d.com cdn.radiantmediatechs.com
3	pr-bh.ybp.yahoo.com	2 redirects google-bidout-d.openx.net
3	avd.innity.com	avd.innity.net www.dek-d.com
3	accounts.google.com	apis.google.com www.dek-d.com www.gstatic.com
2	csm.us.criteo.net	ads.us.criteo.com
2	rtbc-ue1.doubleverify.com	cdn.doubleverify.com
2	rtb0.doubleverify.com	cdn.doubleverify.com
2	tracker.samplicio.us	ads.us.criteo.com
2	d.agkn.com	ads.us.criteo.com
2	cat.va.us.criteo.com	ads.us.criteo.com
2	aep.mxptint.net	2 redirects
2	cms.quantserve.com	6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com
2	ads.us.criteo.com	6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com
2	rtb.va.us.criteo.com	www.dek-d.com
2	us-u.openx.net	google-bidout-d.openx.net
2	match.adsrvr.org	2 redirects
2	s.amazon-adsystem.com	1 redirects google-bidout-d.openx.net
2	adservice.google.com	imasdk.googleapis.com securepubads.g.doubleclick.net
2	gum.criteo.com	1 redirects static.criteo.net
2	oajs.openx.net	1 redirects www.dek-d.com
2	esp.rtbhouse.com	invstatic101.creativecdn.com
2	avd.innity.net	ssl-avd.innity.net www.dek-d.com
2	analytics.google.com	www.googletagmanager.com
2	imasdk.googleapis.com	cdn.radiantmediatechs.com imasdk.googleapis.com
2	pubads.g.doubleclick.net	www.dek-d.com imasdk.googleapis.com
2	apis.google.com	www0.dek-d.com apis.google.com
2	tag.adbro.me	www.dek-d.com
2	media.innity.net	www.dek-d.com
1	tpsc-ue1.doubleverify.com	cdn.doubleverify.com
1	tps.doubleverify.com	cdn.doubleverify.com
1	cdnjs.cloudflare.com	ads.us.criteo.com
1	connect.thelead.tech	cdn.thelead.tech
1	google-bidout-d.openx.net	oa.openxcdn.net
1	mug.criteo.com	www.dek-d.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	id5-sync.com	cdn.id5-sync.com
1	s0.2mdn.net	imasdk.googleapis.com
1	analytics.twitter.com	www.dek-d.com
1	t.co	www.dek-d.com
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	ssl-avd.innity.net	www.dek-d.com
1	cdn.thelead.tech	www.dek-d.com
1	static.ads-twitter.com	www.googletagmanager.com
1	apis.adbro.me	tag.adbro.me
1	fonts.googleapis.com	www0.dek-d.com
1	img.dek-d.com	www.dek-d.com
1	blogger.googleusercontent.com	www.dek-d.com
0	csi.gstatic.com Failed	imasdk.googleapis.com
285	76

This site contains links to these domains. Also see Links.

Domain
novel.dek-d.com
writer.dek-d.com
docs.google.com
school.dek-d.com
coachdd.dek-d.com
shopee.co.th
my.dek-d.com
goo.gl
blogger.googleusercontent.com
cuevaflix.online
baan-seriestv.blogspot.com
readthecloud.co
www.facebook.com
www.youtube.com

Subject Issuer	Validity	Valid
*.dek-d.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-01-06` - `2024-01-21`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.innity.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-24` - `2024-02-26`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
radiantmediatechs.com Cloudflare Inc ECC CA-3	`2023-04-02` - `2024-04-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
adbro.me GTS CA 1P5	`2023-06-16` - `2023-09-14`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-04-01` - `2023-06-30`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
cdn.thelead.tech R3	`2023-05-19` - `2023-08-17`	3 months	crt.sh
*.innity.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-08` - `2023-12-09`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-05-28` - `2023-08-26`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-05-18` - `2023-08-16`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-04-28` - `2023-07-28`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2023-02-01` - `2024-02-01`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-31` - `2024-01-30`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-05-17` - `2023-08-15`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
connect.thelead.tech R3	`2023-05-19` - `2023-08-17`	3 months	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-04` - `2023-09-27`	6 months	crt.sh
*.va.us.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-01` - `2023-08-02`	3 months	crt.sh
*.us.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-22` - `2023-07-19`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-07`	a year	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-09-06` - `2023-09-21`	a year	crt.sh
*.samplicio.us Amazon RSA 2048 M02	`2023-02-16` - `2024-03-16`	a year	crt.sh
*.us.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-04` - `2023-08-31`	3 months	crt.sh
*.tps.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2022-09-28` - `2023-10-30`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://www.dek-d.com/board/view/4089585
Frame ID: 0FA03F01C0129899B01AE8CA2344B96F
Requests: 142 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdgGzgbAAAAAKq-w4ME0uPg7kBQpYm7UblBWaHK&co=aHR0cHM6Ly93d3cuZGVrLWQuY29tOjQ0Mw..&hl=th&v=IqA9DpBOUJevxkykws9RiIBs&size=invisible&cb=32ebkrs4rn5d
Frame ID: A787BEDCDC15866BDC36D2885210BB2B
Requests: 7 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: C0BC71E43A96B31FDE39916460F37E77
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html
Frame ID: D176FCEB91B4EA0C72167A0232D147AA
Requests: 4 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.dek-d.com
Frame ID: D48A562BDA10153ADDAE5F54BC149E86
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 3501066A89254F91148EF817ECF81763
Requests: 6 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 45B693485B2D1AC6C1EB307A42376087
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 7E38CEECBB5B8280EE2935D3DCF80BB3
Requests: 1 HTTP requests in this frame

Frame: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0CA2AA4F56E10F80362C0904926A244E
Requests: 1 HTTP requests in this frame

Frame: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AE65D96DCA820BBE4823AEE505870BBC
Requests: 9 HTTP requests in this frame

Frame: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F728CD4E37C8BDAEC63A69472D824F45
Requests: 10 HTTP requests in this frame

Frame: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9F1970DB27956F3BB9700450E0B561E9
Requests: 7 HTTP requests in this frame

Frame: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4FFB960A95B3241A487B18985E565782
Requests: 7 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=ZJUCLgABGOEKs9sRAA21UO4NFTnPnMt3n-5VbA&u=%7CA0oG8TsfsQIJ1jmN8Zd5a8SgnyRrc3KR%2BMyHQW%2B1YEY%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSORU0Czg3jKSfbBp90MLS0g-bYZvVZyAZxZIBHtvJNqQTRezZLVMMbHi3qipa2qDdSMdLyHBpEOe8wn9j7A4pYfCFQ5e6hSWJww1NH_88yacw0P2xFRTGT8iQEpZtZ8tzVFDBHJ4W8SvtURXtAMWTAr5yjAu4VcsfRlCHWbBAHSPCuws8Xbc9a2MF-lWA0Dt4dS9Ry4htAFTXcYXA0qIB9W6_WDQ1gpHA2C6ekXyAMikr12GMmHCWmxNwoxX5bVIDY-fL3DeBkEvAkbuv9c8Frtjj_CZc33MZ9-ysTSfZVHI6eJOCSz9Wam29QDcxpuAiGmAfrWSA7CH56A4q4STuhzvTqvk5XyCUSAzPCKp1QJ7ycnIU0AqXkG0lk_J-kaNGQt_KgADonbUrTYdpLvpRNOqbCmwAhDbqi6mtojYo8A6rVTrBV9mL_gQZyJt5GMo24FvBEciALlWKGsU9KcRBF4RR_jO6Si6PxMDLQxCxyu53pLHMLkQpkFzaraB9zNdzMqkd973I5pYJvpoGTg2RWehLs3Qe4_fYvwIba-aPzLPkIn4qA1fC6VDPuIWPcgaSWbiqu6un9DPRxhdTw9JKL9JUEJBHfELyZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyBCDLgKVZOGxBJG2zwXQ6raYBpyB77BcosqnqnTAjbcBEAEgAGDJxqmLwKTYD4IBF2NhLXB1Yi0wNzk1MjczMzMxNTcxNTk5yAEJ4AIAqAMBqgT5AU_QaQS5xnhCT5I-xRJVKkcp8V47eDIvXoYFYO2NGVmrMoXHvQaIyr035MCk-_g9WOn3hldglVjZUQdN0nTwj4T0zBmNKrB-CcIkKdj--W1TRYB38nXOhHryoTbvUMAs83OJwLskF6mVfK3gqIyD14jD3OEJmXkz1oImVoFkbCKLr4u7lqXxjr6nd0QrBROVfiYDCUs3q5OE_GpbE_egqfz88h8n0iq2jqvo9-fNL5hnpX6xs3sVm-ROxFOXdNRjXTYgtLWlRLqIsaKSIS77RGoyRznWvqMgbp9_uTJSrmbG58_v_Q-eQiaB889c9cQ5qL538X_v2b-ynOAEAYAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2QdCl84nRR9JmPkZr_LBAKgcK1vw%26client%3Dca-pub-0795273331571599%26adurl%3D
Frame ID: 912686F4ECB3D2262941EFD346A07F61
Requests: 40 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BE806CAB52B0083E3A2EA67B4CB7369F
Requests: 7 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=ZJUCLgABGOIKs9sRAA21UPKGAkUwj7fJ8KWqpA&u=%7CA0oG8TsfsQLvczkpOoP7a52lvNkhW5dhjwY5ejVSkvs%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSORU0Czg3jKSfbBp90MLS0g-bYZvVZyAZxZIBHtvJNqQTCqphM0JA5pdjVDjmqrH8NUoKq7FNOpbt6iiIswzxL47Fp8xw2TILqZzFK6RMm0HT4TwujS8R8MbTbfghPYbmqJk0aM85JXpwLq4oR7DUN2B4AmNG-R1OMsmt3hiVCpPwUnJRrDiAEeS9iV5ZdfAJrjgQGW6ymCrFAm33OjqDm0qRtq3YzAwG5TWA9eU7xXnyQ2-1jOCIpScjxJo3jp6ts2fikdMpf4SwY5nYLFvdCkzH1Ikc7PPb1kmS_B6r4KA9blDwVAfy3vIIE3MrQ6lZK3vnSzMIX5OKLZAbscZl2dmeV4S585hvmAWQXX6FeCGZ2xS6rAcyW54Oa5MD-02OEE_SCPDjaTeqePUssajKEWBLaqEseqPkYcbIGfPENt9YmDvkokDL7IddKpanMN9Xb5QA3YnKeg7LsKs4XWk10QN0dSaicjxKQWjiZZNkvL5YZ9nog7olqX4MpOZ6S56zcOvmKDibP5QBh_82MzbrCsmhF23pPb_txhlQeHAgJO-Qaydg42dTfGUCi9mykXxlhFEmA_JVyseG1ZQoERT38RpL1qbMT76Acg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJgErLgKVZOKxBJG2zwXQ6raYBpyB77BcosqnqnTAjbcBEAEgAGDJxqmLwKTYD4IBF2NhLXB1Yi0wNzk1MjczMzMxNTcxNTk5yAEJ4AIAqAMBqgT8AU_QfmOZbAsSQ02UmjiN0s4xnOWfqUzzTUZA3WJlN5ZqTixaj6_VICOccB1FzYSQl6GSCgzitxmb33bpn8yjL4_2nCYeMcwozsUec_FtRSghPasczHZnFc5nCMtWtOlBpSIjA6_wx36QE3qQ19ojsrznzpxf_gLYb5mKpbJ7T8vP8kgU5S6IPWH5V1C_v2ODD0JLIGYfXvNPzaiNl4aaMIUO6IGOLw9d43IYhorpX4bt_-NfHxgKgA7dIo87QDEI4iNKK8lRNbfdWKDMlOCWtBM4Y6HR3fYBjBHLgDhs2_NH6SCV09sLhd-FhlTK3bZlgS6gImpd6G3XZ-FVsuAEAYAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3gQGT9-f3LnuC90JP8kB2B8Uo6zw%26client%3Dca-pub-0795273331571599%26adurl%3D
Frame ID: 3447F5471575B31CBDF01AD2A1873873
Requests: 30 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0B96C3D492EDBC3739F776F8A1AF5CDD
Requests: 7 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3986.js
Frame ID: 01BF20937FB36D5FDAE5F9A2BEC92DC0
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3986.js
Frame ID: E3B62B97E7E3711C84C348D6ACA08291
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Fairy From the Painting (2022) ลิขิตรักจากปลายพู่กัน พากย์ไทย Ep.1-24 | Dek-D.com

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+foundation[^>"]+css

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

285
Requests

87 %
HTTPS

57 %
IPv6

42
Domains

76
Subdomains

60
IPs

7
Countries

4907 kB
Transfer

11013 kB
Size

51
Cookies

32 Outgoing links

These are links going to different origins than the main page.

URL: https://novel.dek-d.com/
Title: นิยาย

Search URL Search Domain Scan URL

URL: https://novel.dek-d.com/search/
Title: ค้นหานิยาย

Search URL Search Domain Scan URL

URL: https://novel.dek-d.com/featured/
Title: นิยายแนะนำ

Search URL Search Domain Scan URL

URL: https://novel.dek-d.com/recommend/group/
Title: นิยายใหม่มาแรง

Search URL Search Domain Scan URL

URL: https://novel.dek-d.com/store/
Title: ร้านค้านิยาย

Search URL Search Domain Scan URL

URL: https://novel.dek-d.com/writer/
Title: มุมนักเขียนนิยาย

Search URL Search Domain Scan URL

URL: https://writer.dek-d.com/dekdee/control/writer3/
Title: แต่งนิยาย

Search URL Search Domain Scan URL

URL: https://novel.dek-d.com/writer/academy/
Title: เริ่มต้นแต่งนิยาย New

Search URL Search Domain Scan URL

URL: https://docs.google.com/forms/d/e/1FAIpQLSdjZSnYxY0dVIWL_qm4ohxL3ElOBoJjND-hPtDHxX5wmCDMdw/viewform
Title: พรีเทส-สอบเข้า ม.1

Search URL Search Domain Scan URL

URL: https://school.dek-d.com/
Title: ติวออนไลน์

Search URL Search Domain Scan URL

URL: https://coachdd.dek-d.com/
Title: ปรึกษารุ่นพี่

Search URL Search Domain Scan URL

URL: https://shopee.co.th/dekdstore
Title: สินค้า

Search URL Search Domain Scan URL

URL: https://novel.dek-d.com/bookshelf/follow/
Title: ชั้นหนังสือ

Search URL Search Domain Scan URL

URL: https://my.dek-d.com/dekdee/control/visualnovel/?create=true
Title: แต่ง Visual Novel

Search URL Search Domain Scan URL

URL: https://my.dek-d.com/dekdee/control/gamecenter/
Title: ควิซของฉัน

Search URL Search Domain Scan URL

URL: https://goo.gl/CfwsMj
Title: อ่านรายละเอียดเพิ่มเติม

Search URL Search Domain Scan URL

URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEidtSaYArjK4bgSepUspg0apiNkDICpGAVuvp9Dx59SwXCzYc0DqI6zcJb5NydDZyFKi13_2SzZ4LBZJsq_KgiiWqAu2NUt3c8CcHDGqY49XDhlhDRGeCwiwuRlmd6x-j_MmrCd9ejYWZnKr77uU3OBv3zhYEsSBbjKuxm1ghZ-Tjb0wiq5JjZ0EWmrRXuk/s1280/FAIRY.jpg

Search URL Search Domain Scan URL

URL: https://cuevaflix.online/th/tv/214605/fairy-from-the-painting&sub_id=cuevaflix
Title: Fairy From the Painting (2022) ลิขิตรักจากปลายพู่กัน พากย์ไทย Ep.1

Search URL Search Domain Scan URL

URL: https://baan-seriestv.blogspot.com/2023/06/fairy-from-painting-2022-ep1-24.html
Title: Fairy From the Painting (2022) ลิขิตรักจากปลายพู่กัน พากย์ไทย Ep.2 Fairy From the Painting (2022) ลิขิตรักจากปลายพู่กัน พากย์ไทย Ep.3 Fairy From the Painting (2022) ลิขิตรักจากปลายพู่กัน พากย์ไทย Ep.4 Fairy From the Painting (2022) ลิขิตรักจากปลายพู่กัน พากย์ไทย Ep.5 Fairy From the Painting (2022) ลิขิตรักจากปลายพู่กัน พากย์ไทย Ep.6 Fairy From the Painting (2022) ลิขิตรักจากปลายพู่กัน พากย์ไทย Ep.7 Fairy From the Painting (2022) ลิขิตรักจากปลายพู่กัน พากย์ไทย Ep.8 Fairy From the Painting (2022) ลิขิตรักจากปลายพู่กัน พากย์ไทย Ep.9 Fairy From the Painting (2022) ลิขิตรักจากปลายพู่กัน พากย์ไทย Ep.10 Fairy From the Painting (2022) ลิขิตรักจากปลายพู่กัน พากย์ไทย Ep.11 Fairy From the Painting (2022) ลิขิตรักจากปลายพู่กัน พากย์ไทย Ep.12 Fairy From the Painting (2022) ลิขิตรักจากปลายพู่กัน พากย์ไทย Ep.13 Fairy From the Painting (2022) ลิขิตรักจากปลายพู่กัน พากย์ไทย Ep.14 Fairy From the Painting (2022) ลิขิตรักจากปลายพู่กัน พากย์ไทย Ep.15 Fairy From the Painting (2022) ลิขิตรักจาก

Search URL Search Domain Scan URL

URL: https://baan-seriestv.blogspot.com/2023/06/a-date-with-future-2023-ep1-20.html
Title: A Date With the Future (2023) พบรักที่ปลายสัญญา ซับไทย Ep.1-20

Search URL Search Domain Scan URL

URL: https://my.dek-d.com/Series2you/

Search URL Search Domain Scan URL

URL: https://readthecloud.co/dek-d-20th-anniversary/?fbclid=IwAR1ktJswzMm_KWje2-rsoCYBWLv5YrJMqAQvkuvxIkJ1Lby9euPGPQOjlmQ/
Title: รู้จักกับ CEO เด็กดี

Search URL Search Domain Scan URL

URL: https://www.facebook.com/DekDfc/
Title: Dek-D

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dekdTCAS/
Title: TCAS สอบติดไปด้วยกัน

Search URL Search Domain Scan URL

URL: https://www.facebook.com/nugirldekd/
Title: NUGIRL

Search URL Search Domain Scan URL

URL: https://www.facebook.com/StudyAbroadFan/
Title: STUDY ABROAD

Search URL Search Domain Scan URL

URL: https://www.facebook.com/OneMoreCoursebyDekD/
Title: ONE MORE COURSE

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/dekdbar4
Title: เรียลลิตี้เด็ก TCAS

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC2bo9kqIZZizMG-hYBSJM9A
Title: เด็กมาหาไร?

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/nugirldekd
Title: NUGIRL TV

Search URL Search Domain Scan URL

URL: https://www.youtube.com/playlist?list=PLiWAqRXZaSQq9Q_0nIDURWe5hVEJvjyxm
Title: Dek-D Live

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/Dogilike
Title: DogiLike

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://www0.dek-d.com/captless/v3.js.php?v=1.89 HTTP 302
https://www.dek-d.com//captless/v3.js.php?v=1.89

Request Chain 28

https://www0.dek-d.com/captless/v3.js.php?v=21.7 HTTP 302
https://www.dek-d.com//captless/v3.js.php?v=21.7

Request Chain 133

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.dek-d.com%2Fboard%2Fview%2F4089585&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.dek-d.com%2Fboard%2Fview%2F4089585&rid=esp&cc=1

Request Chain 144

https://gum.criteo.com/sid/json?origin=publishertagids&domain=dek-d.com&sn=ChromeSyncframe&so=0&topUrl=www.dek-d.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=4A8RFnxXZjhYSHB3cUlJcGFHODB0NUxLNGhJbWxyUDhjT0pCb1ViR2VWQWlxT2hGNkp0TGZjcmIrQkRBUEwyUnZMbFVqTG9Yb25CMGJldTkyK3I0Q1hBV214SkloRTVtODZrOTY5ZVNOVGlyaVR2U1JLUzRndytzaHNyMTRCNk8vb1FJcTBaNmk5alVzWFdzQmU2dmlxV3d5QVZ4Q0lVSjg2d0tmazYxMDZGM0xLN0JVMDJyQ1FtYlRzWjZXU20zSW1US0VZZHQyMFdueWJZaGY4R0p3RXFxbnpPRzZ3RWpYL3k1SDcxTlk2amJQdldFVHdXbkQ5V2phUTU4MGxIcm5JUmFiaEtOeWhkQVQwOVNncVp3VHp1eDdqUT09fA&cppv=2

Request Chain 155

https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=d01b65ce-c5c9-c94c-198d-0b04b02b6d05 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=d01b65ce-c5c9-c94c-198d-0b04b02b6d05&dcc=t

Request Chain 156

https://match.adsrvr.org/track/cmf/openx?oxid=88cd19b3-d963-72b6-d983-8993d818a6e5&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/openx?oxid=88cd19b3-d963-72b6-d983-8993d818a6e5&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=905d8965-b469-4abf-b72b-692dbac0cfd0&ttd_puid=88cd19b3-d963-72b6-d983-8993d818a6e5&gdpr=0&gdpr_consent=

Request Chain 158

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELYo79M1DrFzDNlIKvLo1EE&google_cver=1

Request Chain 194

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEC1BPKttAzO7Xf-lBEkVizk&google_cver=1&google_push=ATf1kGP47ITeHoF61K4F-VxQ-BybbRl61dTOmPHsef6bqWHSSycPXnKJYikNHGcOMX3B6v9gERiBsrW1wbISfGb6254R6GUXDU8 HTTP 302
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=64ac787f4f4c231b&is_secure=true&networkId=14000&version=1&google_gid=CAESEC1BPKttAzO7Xf-lBEkVizk&google_cver=1&google_push=ATf1kGP47ITeHoF61K4F-VxQ-BybbRl61dTOmPHsef6bqWHSSycPXnKJYikNHGcOMX3B6v9gERiBsrW1wbISfGb6254R6GUXDU8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAG_02vvytYUgNvEpCkAAAAAAA&expiration=1687573422&google_cver=1&is_secure=true&google_gid=CAESEC1BPKttAzO7Xf-lBEkVizk&google_push=ATf1kGP47ITeHoF61K4F-VxQ-BybbRl61dTOmPHsef6bqWHSSycPXnKJYikNHGcOMX3B6v9gERiBsrW1wbISfGb6254R6GUXDU8

Request Chain 195

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECweQMsJ6qItOuKgZDVpyEI&google_cver=1&google_push=ATf1kGMBH0sd24xQa5uUEqVuGtwQ3gpcsSe-uwZ0o5fWMFYjclE5n7ocLh-PSrR2mhRCFLO0s6fou4joO9u8D7B_bOXrCiQCFE8o HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECweQMsJ6qItOuKgZDVpyEI&google_cver=1&google_push=ATf1kGMBH0sd24xQa5uUEqVuGtwQ3gpcsSe-uwZ0o5fWMFYjclE5n7ocLh-PSrR2mhRCFLO0s6fou4joO9u8D7B_bOXrCiQCFE8o HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NWx4cjNHVXIxUWN3c0M1&google_gid=CAESECweQMsJ6qItOuKgZDVpyEI&google_cver=1&google_push=ATf1kGMBH0sd24xQa5uUEqVuGtwQ3gpcsSe-uwZ0o5fWMFYjclE5n7ocLh-PSrR2mhRCFLO0s6fou4joO9u8D7B_bOXrCiQCFE8o

Request Chain 196

https://aep.mxptint.net/sn.ashx?google_gid=CAESENN3FH8ICmk8HaZNgc7o_XY&google_cver=1&google_push=ATf1kGMU65AYGAT3RHvJuyLh_lCxOsuPWQD5RAIOBh8fLPsgepsnlgwoiRgDScptzJ3_PWuwqWT7sZMnQqwT2mDvZJMo5oiqqu0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=ATf1kGMU65AYGAT3RHvJuyLh_lCxOsuPWQD5RAIOBh8fLPsgepsnlgwoiRgDScptzJ3_PWuwqWT7sZMnQqwT2mDvZJMo5oiqqu0&google_hm=UjMzNjQ2XzEwNEIyNUIyQ18xMjA5QTIzMTU%3D

Request Chain 197

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEF6h0SKqUoGSQVSnJqYn-6A&google_cver=1&google_push=ATf1kGMcAxowKiBu2SSFw-QaaiT6597jDux-12ECxNwJQ1LXRj2RvV2b4lHUbKeqUzroqz1Oml7ZkdYpa8Ft9hhv6RB8-HHLoswy HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMcAxowKiBu2SSFw-QaaiT6597jDux-12ECxNwJQ1LXRj2RvV2b4lHUbKeqUzroqz1Oml7ZkdYpa8Ft9hhv6RB8-HHLoswy&google_hm=eS1MdUdMWTg5RTJwR05wcUJjSFJGSXN0SjN2UERidzRobH5B

Request Chain 200

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEC1BPKttAzO7Xf-lBEkVizk&google_cver=1&google_push=ATf1kGO4Ut-DC3YPXWbUd9yMHIkSNRcXiD8NVhsdFUOHLcDLeXXtzDfnhX7MDcNR-xWheHTs1oVV8EZK52CJcuQo0x4dgB2zGT5F HTTP 302
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=13a16c0aa9f7212e&is_secure=true&networkId=14000&version=1&google_gid=CAESEC1BPKttAzO7Xf-lBEkVizk&google_cver=1&google_push=ATf1kGO4Ut-DC3YPXWbUd9yMHIkSNRcXiD8NVhsdFUOHLcDLeXXtzDfnhX7MDcNR-xWheHTs1oVV8EZK52CJcuQo0x4dgB2zGT5F HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAALybNB7_2iygN7H72RAAAAAAA&expiration=1687573422&google_cver=1&is_secure=true&google_gid=CAESEC1BPKttAzO7Xf-lBEkVizk&google_push=ATf1kGO4Ut-DC3YPXWbUd9yMHIkSNRcXiD8NVhsdFUOHLcDLeXXtzDfnhX7MDcNR-xWheHTs1oVV8EZK52CJcuQo0x4dgB2zGT5F

Request Chain 201

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECweQMsJ6qItOuKgZDVpyEI&google_cver=1&google_push=ATf1kGMZVXUXRJR0KvtOe-G66mCT5MrD8gRQNI7Y8dNwFH_u24v7qtR89p5zhykb5DeRdTIcnekYXpSoWr4TRHanCuzmRCBeK_cV HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECweQMsJ6qItOuKgZDVpyEI&google_cver=1&google_push=ATf1kGMZVXUXRJR0KvtOe-G66mCT5MrD8gRQNI7Y8dNwFH_u24v7qtR89p5zhykb5DeRdTIcnekYXpSoWr4TRHanCuzmRCBeK_cV HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NWx4cjNHVXIxUWN3c0M1&google_gid=CAESECweQMsJ6qItOuKgZDVpyEI&google_cver=1&google_push=ATf1kGMZVXUXRJR0KvtOe-G66mCT5MrD8gRQNI7Y8dNwFH_u24v7qtR89p5zhykb5DeRdTIcnekYXpSoWr4TRHanCuzmRCBeK_cV

Request Chain 202

https://aep.mxptint.net/sn.ashx?google_gid=CAESENN3FH8ICmk8HaZNgc7o_XY&google_cver=1&google_push=ATf1kGM5quD_zBZu2d9k8DoauFMVVLnrOvbBtdxMp-U4aAy5iR63pQlZL8pB1iXaISVtUHTAdDFsy-c38U3iZX-hl22VCh4rywTW HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=ATf1kGM5quD_zBZu2d9k8DoauFMVVLnrOvbBtdxMp-U4aAy5iR63pQlZL8pB1iXaISVtUHTAdDFsy-c38U3iZX-hl22VCh4rywTW&google_hm=UjMzNjQ2XzEwNEIyNUIyQ18xMjA5QTI0MTc%3D

Request Chain 203

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEF6h0SKqUoGSQVSnJqYn-6A&google_cver=1&google_push=ATf1kGMGG9v3GWGOZvsw3kbmeNIOsCgL5ehYnNcSxwjeQ3zk_r-mNv5UPLvfeR7tedV9AtNeiWF6hx6tkzzp8RQ_RWSQjqPn_9sT HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMGG9v3GWGOZvsw3kbmeNIOsCgL5ehYnNcSxwjeQ3zk_r-mNv5UPLvfeR7tedV9AtNeiWF6hx6tkzzp8RQ_RWSQjqPn_9sT&google_hm=eS1MdUdMWTg5RTJwR05wcUJjSFJGSXN0SjN2UERidzRobH5B

Request Chain 215

https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B29214310.358196926;dc_trk_aid=549043976;dc_trk_cid=186144873;dcopt=anid;ord=6495022e9a9f6a740ffcea4897200a30;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B29214310.358196926;dc_pre=CPaqyISr2P8CFQfeswodfDcH7Q;dc_trk_aid=549043976;dc_trk_cid=186144873;dcopt=anid;ord=6495022e9a9f6a740ffcea4897200a30;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd=

Request Chain 225

https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B29214310.358196926;dc_trk_aid=549043976;dc_trk_cid=186144873;dcopt=anid;ord=6495022e064b7cbf2d869a9a7c3b639d;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B29214310.358196926;dc_pre=CJO0yISr2P8CFccYiAkdmmsGNw;dc_trk_aid=549043976;dc_trk_cid=186144873;dcopt=anid;ord=6495022e064b7cbf2d869a9a7c3b639d;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd=

285 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 4089585 Show response
www.dek-d.com/board/view/ 105 KB
23 KB 1099ms
516ms Document
text/html 94.74.116.230
HWCLOUDS-AS-AP HU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dek-d.com/board/view/4089585
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.74.116.230 Bangkok, Thailand, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS: ecs-94-74-116-230.compute.hwclouds-dns.com
Software: Apache /
Resource Hash: 239d391d471b7db05b7fcf17975cd9a3e0d81bc37ea88593a194e52396562add

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate no-cache, must-revalidate
content-encoding: gzip
content-length: 22921
content-type: text/html; charset=UTF-8
date: Fri, 23 Jun 2023 02:23:36 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: Apache
vary: Accept-Encoding
x-app-server: be_www.dek-d.com/www-9-51
x-via: haproxy-user-4-52

GET
H2 200 all.min.css
www0.dek-d.com/assets/vendor/fontawesome5/css/ 58 KB
58 KB 1201ms
68ms Stylesheet
text/css 199.91.74.219
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://www0.dek-d.com/assets/vendor/fontawesome5/css/all.min.css?v=1.89
Requested by: Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.91.74.219 , Mexico, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: openresty /
Resource Hash: 14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 23 Jun 2023 02:23:38 GMT
via: LA-MEX-queretaro-EDGE2-CACHE1[4],LA-MEX-queretaro-EDGE2-CACHE5[0,TCP_HIT,2],LA-MEX-mexicocity-GLOBAL1-CACHE27[16],LA-MEX-mexicocity-GLOBAL1-CACHE22[0,TCP_HIT,15]
x-ccdn-cachettl: 2592000
x-app-server: be_www0.dek-d.com/www0-9-102
age: 2546182
x-via: haproxy-internal-4-42
content-length: 58935
last-modified: Thu, 30 Jul 2020 07:35:14 GMT
server: openresty
etag: "5f227832-e637"
content-type: text/css
cache-control: max-age=2592000
x-ccdn-expires: 45818
accept-ranges: bytes
x-hcs-proxy-type: 1
expires: Fri, 23 Jun 2023 15:06:33 GMT

GET
H2 200 board-style.min.css
www0.dek-d.com/board/assets/css/ 140 KB
141 KB 1440ms
308ms Stylesheet
text/css 199.91.74.219
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://www0.dek-d.com/board/assets/css/board-style.min.css?v=1.89
Requested by: Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.91.74.219 , Mexico, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: openresty /
Resource Hash: a2c3b3c036cc51c6ff9b2491a547370fc2396aafcb1d84bf2506597e1167c8e8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 23 Jun 2023 02:23:38 GMT
via: LA-MEX-queretaro-EDGE2-CACHE1[7],LA-MEX-queretaro-EDGE2-CACHE7[0,TCP_HIT,4],LA-MEX-mexicocity-GLOBAL1-CACHE19[512],LA-MEX-mexicocity-GLOBAL1-CACHE25[508,TCP_MISS,510]
x-ccdn-cachettl: 2592000
x-app-server: be_www0.dek-d.com/www0-9-102
age: 2546182
x-via: haproxy-internal-4-41
content-length: 143579
last-modified: Wed, 02 Nov 2022 03:52:14 GMT
server: openresty
etag: "6361e96e-230db"
content-type: text/css
cache-control: max-age=2592000
x-ccdn-expires: 45819
accept-ranges: bytes
x-hcs-proxy-type: 1
expires: Fri, 23 Jun 2023 15:07:16 GMT

GET
H2 200 module-modal.min.css
www0.dek-d.com/assets/vendor/dekd-foundation-2.2/css/dist/ 3 KB
3 KB 1437ms
305ms Stylesheet
text/css 199.91.74.219
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://www0.dek-d.com/assets/vendor/dekd-foundation-2.2/css/dist/module-modal.min.css?v=1.89
Requested by: Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.91.74.219 , Mexico, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: openresty /
Resource Hash: fcd4625516cb3f0a9c5059428b98aa92b3c464c256b67860eaeaee247f48e585

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 23 Jun 2023 02:23:38 GMT
via: LA-MEX-queretaro-EDGE2-CACHE1[5],LA-MEX-queretaro-EDGE2-CACHE5[0,TCP_HIT,2],LA-MEX-mexicocity-GLOBAL1-CACHE29[1030],LA-MEX-mexicocity-GLOBAL1-CACHE17[1029,TCP_MISS,1030]
x-ccdn-cachettl: 2592000
x-app-server: be_www0.dek-d.com/www0-9-102
age: 2546181
x-via: haproxy-internal-4-41
content-length: 3075
last-modified: Wed, 14 Jun 2017 06:27:50 GMT
server: openresty
etag: "5940d766-c03"
content-type: text/css
cache-control: max-age=2592000
x-ccdn-expires: 45819
accept-ranges: bytes
x-hcs-proxy-type: 1
expires: Fri, 23 Jun 2023 15:07:17 GMT

GET
H2 200 module-alerts.min.css
www0.dek-d.com/assets/vendor/dekd-foundation-2.2/css/dist/ 3 KB
4 KB 1339ms
207ms Stylesheet
text/css 199.91.74.219
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://www0.dek-d.com/assets/vendor/dekd-foundation-2.2/css/dist/module-alerts.min.css?v=1.89
Requested by: Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.91.74.219 , Mexico, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: openresty /
Resource Hash: 8a3ff5c88f5a18e0fe884f65f852799078d509d405420d83013c3967fd4b7229

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 23 Jun 2023 02:23:38 GMT
via: LA-MEX-queretaro-EDGE2-CACHE1[3],LA-MEX-queretaro-EDGE2-CACHE6[0,TCP_HIT,1],LA-MEX-mexicocity-GLOBAL1-CACHE32[3],LA-MEX-mexicocity-GLOBAL1-CACHE30[0,TCP_HIT,2]
x-ccdn-cachettl: 2592000
x-app-server: be_www0.dek-d.com/www0-9-103
age: 2546182
x-via: haproxy-internal-4-41
content-length: 3229
last-modified: Fri, 17 Feb 2017 04:48:25 GMT
server: openresty
etag: "58a68099-c9d"
content-type: text/css
cache-control: max-age=2592000
x-ccdn-expires: 45818
accept-ranges: bytes
x-hcs-proxy-type: 1
expires: Fri, 23 Jun 2023 15:06:25 GMT

GET
H2 200 login.min.css
www0.dek-d.com/assets/authenticate/css/ 19 KB
19 KB 1403ms
271ms Stylesheet
text/css 199.91.74.219
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://www0.dek-d.com/assets/authenticate/css/login.min.css?v=1.89
Requested by: Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.91.74.219 , Mexico, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: openresty /
Resource Hash: ff3c1cb3424337f7ff8c94c1ab52511d1816611396da57228508fbeb304ba342

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 23 Jun 2023 02:23:38 GMT
via: LA-MEX-queretaro-EDGE2-CACHE1[3],LA-MEX-queretaro-EDGE2-CACHE8[0,TCP_HIT,2],LA-MEX-mexicocity-GLOBAL1-CACHE28[20],LA-MEX-mexicocity-GLOBAL1-CACHE33[0,TCP_HIT,19]
x-ccdn-cachettl: 2592000
x-app-server: be_www0.dek-d.com/www0-9-102
age: 2546182
x-via: haproxy-internal-4-42
content-length: 19415
last-modified: Tue, 13 Jul 2021 09:20:16 GMT
server: openresty
etag: "60ed5ad0-4bd7"
content-type: text/css
cache-control: max-age=2592000
x-ccdn-expires: 45818
accept-ranges: bytes
x-hcs-proxy-type: 1
expires: Fri, 23 Jun 2023 15:06:27 GMT

GET
H2 200 jquery-latest.min.js Show response
www0.dek-d.com/assets/global/js/ 90 KB
91 KB 1465ms
333ms Script
application/javascript 199.91.74.219
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://www0.dek-d.com/assets/global/js/jquery-latest.min.js?v=1.89
Requested by: Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.91.74.219 , Mexico, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: openresty /
Resource Hash: f76723546bbac5db730ae4b659672608f5ad1716a609858a43735823636d6ebe

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 23 Jun 2023 02:23:38 GMT
via: LA-MEX-queretaro-EDGE2-CACHE1[8],LA-MEX-queretaro-EDGE2-CACHE3[0,TCP_HIT,2],LA-MEX-mexicocity-GLOBAL1-CACHE29[4],LA-MEX-mexicocity-GLOBAL1-CACHE22[0,TCP_HIT,2]
x-ccdn-cachettl: 2592000
x-app-server: be_www0.dek-d.com/www0-9-103
age: 1184711
x-via: haproxy-internal-4-41
content-length: 92628
last-modified: Thu, 24 Dec 2015 10:14:00 GMT
server: openresty
etag: "567bc568-169d4"
content-type: application/javascript
cache-control: max-age=2592000
x-ccdn-expires: 1407289
accept-ranges: bytes
x-hcs-proxy-type: 1
expires: Fri, 23 Jun 2023 15:07:16 GMT

GET
H2 200 gpi_interface.min.css
www0.dek-d.com/assets/vendor/gpi/css/ 42 KB
42 KB 1344ms
213ms Stylesheet
text/css 199.91.74.219
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://www0.dek-d.com/assets/vendor/gpi/css/gpi_interface.min.css?v=5.48
Requested by: Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.91.74.219 , Mexico, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: openresty /
Resource Hash: e90f06f1927a9b7a87d6c29ccc9bdf08a8e7f4479393d42a7b1d1e8cf8875923

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 23 Jun 2023 02:23:38 GMT
via: LA-MEX-queretaro-EDGE2-CACHE1[4],LA-MEX-queretaro-EDGE2-CACHE5[0,TCP_HIT,2],LA-MEX-mexicocity-GLOBAL1-CACHE28[4],LA-MEX-mexicocity-GLOBAL1-CACHE16[0,TCP_HIT,4]
x-ccdn-cachettl: 2592000
x-app-server: be_www0.dek-d.com/www0-9-103
age: 1291632
x-via: haproxy-internal-4-41
content-length: 42528
last-modified: Fri, 05 Jan 2018 08:48:15 GMT
server: openresty
etag: "5a4f3bcf-a620"
content-type: text/css
cache-control: max-age=2592000
x-ccdn-expires: 1300368
accept-ranges: bytes
x-hcs-proxy-type: 1
expires: Fri, 23 Jun 2023 15:07:17 GMT

GET
H2 200 gpi.min.js Show response
www0.dek-d.com/assets/vendor/gpi/js/ 68 KB
68 KB 1464ms
333ms Script
application/javascript 199.91.74.219
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://www0.dek-d.com/assets/vendor/gpi/js/gpi.min.js?v=5.48
Requested by: Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.91.74.219 , Mexico, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: openresty /
Resource Hash: 3f2343e6cb9cb7d7b75e45aac52e247399eaa000efdc4c54368615f64cf42ef0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 23 Jun 2023 02:23:38 GMT
via: LA-MEX-queretaro-EDGE2-CACHE1[9],LA-MEX-queretaro-EDGE2-CACHE8[0,TCP_HIT,1],LA-MEX-mexicocity-GLOBAL1-CACHE27[3],LA-MEX-mexicocity-GLOBAL1-CACHE21[0,TCP_HIT,3]
x-ccdn-cachettl: 2592000
x-app-server: be_www0.dek-d.com/www0-9-102
age: 2546182
x-via: haproxy-internal-4-41
content-length: 69449
last-modified: Tue, 18 Jan 2022 08:55:27 GMT
server: openresty
etag: "61e6807f-10f49"
content-type: application/javascript
cache-control: max-age=2592000
x-ccdn-expires: 45818
accept-ranges: bytes
x-hcs-proxy-type: 1
expires: Fri, 23 Jun 2023 15:06:30 GMT

GET
H2 200 toolbar_desktop_2015.min.css
www0.dek-d.com/assets/toolbar/css/ 42 KB
43 KB 1414ms
283ms Stylesheet
text/css 199.91.74.219
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://www0.dek-d.com/assets/toolbar/css/toolbar_desktop_2015.min.css?v=1.89
Requested by: Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.91.74.219 , Mexico, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: openresty /
Resource Hash: 533a1c9896c2a7dd8111066e3c03868e9aae885116e276678c0d4a3b4da28aa0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 23 Jun 2023 02:23:38 GMT
via: LA-MEX-queretaro-EDGE2-CACHE1[4],LA-MEX-queretaro-EDGE2-CACHE6[0,TCP_HIT,3],LA-MEX-mexicocity-GLOBAL1-CACHE29[21],LA-MEX-mexicocity-GLOBAL1-CACHE21[0,TCP_HIT,20]
x-ccdn-cachettl: 2592000
x-app-server: be_www0.dek-d.com/www0-9-102
age: 2545621
x-via: haproxy-internal-4-41
content-length: 43343
last-modified: Mon, 16 Jan 2023 17:34:41 GMT
server: openresty
etag: "63c58ab1-a94f"
content-type: text/css
cache-control: max-age=2592000
x-ccdn-expires: 46379
accept-ranges: bytes
x-hcs-proxy-type: 1
expires: Fri, 23 Jun 2023 15:10:38 GMT

GET
H2 200 view.min.js Show response
www0.dek-d.com/board/assets/js/ 14 KB
15 KB 1464ms
333ms Script
application/javascript 199.91.74.219
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://www0.dek-d.com/board/assets/js/view.min.js?v=1.89
Requested by: Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.91.74.219 , Mexico, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: openresty /
Resource Hash: 9313f8c93fc291eb938365e5445cde6f79b5c291a54248f699ef210dcd0ecf41

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 23 Jun 2023 02:23:38 GMT
via: LA-MEX-queretaro-EDGE2-CACHE1[9],LA-MEX-queretaro-EDGE2-CACHE2[0,TCP_HIT,3],LA-MEX-mexicocity-GLOBAL1-CACHE33[7322],LA-MEX-mexicocity-GLOBAL1-CACHE21[1314,TCP_MISS,7320]
x-ccdn-cachettl: 2592000
x-app-server: be_www0.dek-d.com/www0-9-102
age: 2546174
x-via: haproxy-internal-4-41
content-length: 14726
last-modified: Fri, 29 Oct 2021 07:19:09 GMT
server: openresty
etag: "617ba06d-3986"
content-type: application/javascript
cache-control: max-age=2592000
x-ccdn-expires: 45825
accept-ranges: bytes
x-hcs-proxy-type: 1
expires: Fri, 23 Jun 2023 15:07:23 GMT

GET
H2

200

v3.js.php Show response
www.dek-d.com//captless/
Redirect Chain

https://www0.dek-d.com/captless/v3.js.php?v=1.89
https://www.dek-d.com//captless/v3.js.php?v=1.89

3 KB
1 KB

254ms
254ms

Script
application/javascript

94.74.116.230
HWCLOUDS-AS-AP HU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dek-d.com//captless/v3.js.php?v=1.89
Requested by: Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585
Protocol: H2
Server: 94.74.116.230 Bangkok, Thailand, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS: ecs-94-74-116-230.compute.hwclouds-dns.com
Software: Apache /
Resource Hash: 686eec39df089c5c83a467842e31e32b8c67ad032007682958b53723b226aa30

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:39 GMT
content-encoding: gzip
server: Apache
x-app-server: be_www.dek-d.com/www-9-51
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
x-via: haproxy-user-4-52
cache-control: max-age=120, no-cache, must-revalidate
content-length: 1029
expires: Fri, 23 Jun 2023 02:25:39 GMT

Redirect headers

date: Fri, 23 Jun 2023 02:23:39 GMT
strict-transport-security: max-age=31536000
via: LA-MEX-queretaro-EDGE2-CACHE1[1011],LA-MEX-queretaro-EDGE2-CACHE8[1008,TCP_MISS,1010],LA-MEX-mexicocity-GLOBAL1-CACHE23[972],LA-MEX-mexicocity-GLOBAL1-CACHE19[970,TCP_MISS,970]
x-ccdn-cachettl: 0
server: openresty
x-app-server: be_www0.dek-d.com/www0-9-103
x-via: haproxy-internal-4-41
location: https://www.dek-d.com//captless/v3.js.php?v=1.89
content-type: text/html
x-ccdn-origin-time: 970
content-length: 138
x-hcs-proxy-type: 0

GET
H2 200 googleless.js Show response
www0.dek-d.com/assets/vendor/googleless/ 6 KB
7 KB 1463ms
332ms Script
application/javascript 199.91.74.219
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://www0.dek-d.com/assets/vendor/googleless/googleless.js?v=1.89
Requested by: Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.91.74.219 , Mexico, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: openresty /
Resource Hash: a28ff90a243b0ade844a07147f1ee7e04425a1cc6e7cf1c89bfb7e09212b3172

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 23 Jun 2023 02:23:38 GMT
via: LA-MEX-queretaro-EDGE2-CACHE1[10],LA-MEX-queretaro-EDGE2-CACHE2[0,TCP_HIT,2],LA-MEX-mexicocity-GLOBAL1-CACHE23[1047],LA-MEX-mexicocity-GLOBAL1-CACHE21[1042,TCP_MISS,1046]
x-ccdn-cachettl: 2592000
x-app-server: be_www0.dek-d.com/www0-9-103
age: 2546181
x-via: haproxy-internal-4-41
content-length: 6643
last-modified: Mon, 25 Feb 2019 08:35:59 GMT
server: openresty
etag: "5c73a8ef-19f3"
content-type: application/javascript
cache-control: max-age=2592000
x-ccdn-expires: 45819
accept-ranges: bytes
x-hcs-proxy-type: 1
expires: Fri, 23 Jun 2023 15:07:17 GMT

GET
H2 200 faceless.js Show response
www0.dek-d.com/assets/vendor/faceless/ 13 KB
13 KB 1469ms
339ms Script
application/javascript 199.91.74.219
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://www0.dek-d.com/assets/vendor/faceless/faceless.js?v=1.89
Requested by: Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.91.74.219 , Mexico, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: openresty /
Resource Hash: 7e0c81da14c45bdc0b8b9555cad9e24a5b1b23f6d31833ff4effd7364676993e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 23 Jun 2023 02:23:38 GMT
via: LA-MEX-queretaro-EDGE2-CACHE1[7],LA-MEX-queretaro-EDGE2-CACHE1[0,TCP_HIT,1],LA-MEX-mexicocity-GLOBAL1-CACHE22[1044],LA-MEX-mexicocity-GLOBAL1-CACHE27[1042,TCP_MISS,1043]
x-ccdn-cachettl: 2592000
x-app-server: be_www0.dek-d.com/www0-9-102
age: 2546181
x-via: haproxy-internal-4-41
content-length: 13110
last-modified: Thu, 29 Apr 2021 08:49:15 GMT
server: openresty
etag: "608a730b-3336"
content-type: application/javascript
cache-control: max-age=2592000
x-ccdn-expires: 45819
accept-ranges: bytes
x-hcs-proxy-type: 1
expires: Fri, 23 Jun 2023 15:07:17 GMT

GET
H2 200 captless.js Show response
www0.dek-d.com/assets/vendor/captless/ 4 KB
5 KB 1466ms
336ms Script
application/javascript 199.91.74.219
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://www0.dek-d.com/assets/vendor/captless/captless.js?v=1.89
Requested by: Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.91.74.219 , Mexico, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: openresty /
Resource Hash: cedae759c5a7a3f4e86d26f5fe797c7981d96c0d213d4320af1388952c95edbf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 23 Jun 2023 02:23:38 GMT
via: LA-MEX-queretaro-EDGE2-CACHE1[6],LA-MEX-queretaro-EDGE2-CACHE5[0,TCP_HIT,2],LA-MEX-mexicocity-GLOBAL1-CACHE24[1051],LA-MEX-mexicocity-GLOBAL1-CACHE31[1048,TCP_MISS,1050]
x-ccdn-cachettl: 2592000
x-app-server: be_www0.dek-d.com/www0-9-102
age: 2546181
x-via: haproxy-internal-4-41
content-length: 4257
last-modified: Wed, 17 Oct 2018 07:56:41 GMT
server: openresty
etag: "5bc6eb39-10a1"
content-type: application/javascript
cache-control: max-age=2592000
x-ccdn-expires: 45819
accept-ranges: bytes
x-hcs-proxy-type: 1
expires: Fri, 23 Jun 2023 15:07:17 GMT

GET
H2 200 onestop_helper.min.js Show response
www0.dek-d.com/assets/authenticate/js/ 2 KB
3 KB 1470ms
340ms Script
application/javascript 199.91.74.219
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://www0.dek-d.com/assets/authenticate/js/onestop_helper.min.js?v=1.89
Requested by: Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.91.74.219 , Mexico, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: openresty /
Resource Hash: 2c994d9a029a4777e58feeb5e8c0f7c332690bd1a26a9c9ad1c8ad918fb69b27

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 23 Jun 2023 02:23:38 GMT
via: LA-MEX-queretaro-EDGE2-CACHE1[15],LA-MEX-queretaro-EDGE2-CACHE3[0,TCP_HIT,12],LA-MEX-mexicocity-GLOBAL1-CACHE21[3],LA-MEX-mexicocity-GLOBAL1-CACHE26[0,TCP_HIT,2]
x-ccdn-cachettl: 2592000
x-app-server: be_www0.dek-d.com/www0-9-103
age: 1184711
x-via: haproxy-internal-4-41
content-length: 2098
last-modified: Tue, 07 Mar 2023 02:37:42 GMT
server: openresty
etag: "6406a376-832"
content-type: application/javascript
cache-control: max-age=2592000
x-ccdn-expires: 1407289
accept-ranges: bytes
x-hcs-proxy-type: 1
expires: Fri, 23 Jun 2023 15:07:17 GMT

GET
H2 200 register.min.js Show response
www0.dek-d.com/assets/authenticate/js/ 30 KB
31 KB 1469ms
339ms Script
application/javascript 199.91.74.219
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://www0.dek-d.com/assets/authenticate/js/register.min.js?v=1.89
Requested by: Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.91.74.219 , Mexico, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: openresty /
Resource Hash: fc4e70c63b0610ca61745f2bc1a27a3f3f9cacd73499033f973c2e9be2964461

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 23 Jun 2023 02:23:38 GMT
via: LA-MEX-queretaro-EDGE2-CACHE1[7],LA-MEX-queretaro-EDGE2-CACHE8[0,TCP_HIT,2],LA-MEX-mexicocity-GLOBAL1-CACHE16[14],LA-MEX-mexicocity-GLOBAL1-CACHE29[0,TCP_HIT,12]
x-ccdn-cachettl: 2592000
x-app-server: be_www0.dek-d.com/www0-9-103
age: 2546182
x-via: haproxy-internal-4-41
content-length: 31105
last-modified: Mon, 25 Feb 2019 11:23:39 GMT
server: openresty
etag: "5c73d03b-7981"
content-type: application/javascript
cache-control: max-age=2592000
x-ccdn-expires: 45818
accept-ranges: bytes
x-hcs-proxy-type: 1
expires: Fri, 23 Jun 2023 15:06:25 GMT

GET
H2 200 login.min.js Show response
www0.dek-d.com/assets/authenticate/js/ 33 KB
33 KB 1468ms
338ms Script
application/javascript 199.91.74.219
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://www0.dek-d.com/assets/authenticate/js/login.min.js?v=1.89
Requested by: Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.91.74.219 , Mexico, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: openresty /
Resource Hash: 10d6219bf4af38477c42a467bfc685709476e042f919c4c83d0da88ffc49fdac

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 23 Jun 2023 02:23:38 GMT
via: LA-MEX-queretaro-EDGE2-CACHE1[9],LA-MEX-queretaro-EDGE2-CACHE6[0,TCP_HIT,8],LA-MEX-mexicocity-GLOBAL1-CACHE24[518],LA-MEX-mexicocity-GLOBAL1-CACHE17[515,TCP_MISS,516]
x-ccdn-cachettl: 2592000
x-app-server: be_www0.dek-d.com/www0-9-103
age: 2546182
x-via: haproxy-internal-4-41
content-length: 33386
last-modified: Tue, 13 Jul 2021 09:44:58 GMT
server: openresty
etag: "60ed609a-826a"
content-type: application/javascript
cache-control: max-age=2592000
x-ccdn-expires: 45818
accept-ranges: bytes
x-hcs-proxy-type: 1
expires: Fri, 23 Jun 2023 15:07:16 GMT

GET
H2 200 helper.min.js Show response
www0.dek-d.com/assets/vendor/dekd-foundation-2.2/js/ 4 KB
5 KB 1464ms
334ms Script
application/javascript 199.91.74.219
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://www0.dek-d.com/assets/vendor/dekd-foundation-2.2/js/helper.min.js?v=1.89
Requested by: Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.91.74.219 , Mexico, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: openresty /
Resource Hash: 251a93a77aba5e4bc08dd84fe9dcd6003f78465fe61ece08892d2576ec592f29

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 23 Jun 2023 02:23:38 GMT
via: LA-MEX-queretaro-EDGE2-CACHE1[7],LA-MEX-queretaro-EDGE2-CACHE4[0,TCP_HIT,2],LA-MEX-mexicocity-GLOBAL1-CACHE21[1051],LA-MEX-mexicocity-GLOBAL1-CACHE25[1046,TCP_MISS,1049]
x-ccdn-cachettl: 2592000
x-app-server: be_www0.dek-d.com/www0-9-103
age: 2546181
x-via: haproxy-internal-4-41
content-length: 4550
last-modified: Wed, 08 Apr 2020 07:44:26 GMT
server: openresty
etag: "5e8d80da-11c6"
content-type: application/javascript
cache-control: max-age=2592000
x-ccdn-expires: 45819
accept-ranges: bytes
x-hcs-proxy-type: 1
expires: Fri, 23 Jun 2023 15:07:17 GMT

GET
H2 200 dropdownbox.min.js Show response
www0.dek-d.com/assets/vendor/dekd-foundation-2.2/js/ 4 KB
4 KB 1463ms
334ms Script
application/javascript 199.91.74.219
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://www0.dek-d.com/assets/vendor/dekd-foundation-2.2/js/dropdownbox.min.js?v=1.89
Requested by: Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.91.74.219 , Mexico, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: openresty /
Resource Hash: 64949f2ff53bfd042f783bbff4bf66f73457cbee715ed477668eb5f71e082d0c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 23 Jun 2023 02:23:38 GMT
via: LA-MEX-queretaro-EDGE2-CACHE1[7],LA-MEX-queretaro-EDGE2-CACHE3[0,TCP_HIT,2],LA-MEX-mexicocity-GLOBAL1-CACHE21[2],LA-MEX-mexicocity-GLOBAL1-CACHE29[0,TCP_HIT,2]
x-ccdn-cachettl: 2592000
x-app-server: be_www0.dek-d.com/www0-9-102
age: 1184711
x-via: haproxy-internal-4-41
content-length: 4065
last-modified: Fri, 03 Sep 2021 11:04:37 GMT
server: openresty
etag: "61320145-fe1"
content-type: application/javascript
cache-control: max-age=2592000
x-ccdn-expires: 1407289
accept-ranges: bytes
x-hcs-proxy-type: 1
expires: Fri, 23 Jun 2023 15:07:16 GMT

GET
H2 200 alertbox.min.js Show response
www0.dek-d.com/assets/vendor/dekd-foundation-2.2/js/ 2 KB
3 KB 1465ms
335ms Script
application/javascript 199.91.74.219
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://www0.dek-d.com/assets/vendor/dekd-foundation-2.2/js/alertbox.min.js?v=1.89
Requested by: Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.91.74.219 , Mexico, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: openresty /
Resource Hash: 7bc501919bfb156f85d8bafd315114a5a8b152eba85ad9be4b6db468220ec175

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 23 Jun 2023 02:23:38 GMT
via: LA-MEX-queretaro-EDGE2-CACHE1[9],LA-MEX-queretaro-EDGE2-CACHE1[0,TCP_HIT,5],LA-MEX-mexicocity-GLOBAL1-CACHE25[9],LA-MEX-mexicocity-GLOBAL1-CACHE18[0,TCP_HIT,8]
x-ccdn-cachettl: 2592000
x-app-server: be_www0.dek-d.com/www0-9-102
age: 2546182
x-via: haproxy-internal-4-41
content-length: 2312
last-modified: Thu, 22 Dec 2016 03:36:23 GMT
server: openresty
etag: "585b4a37-908"
content-type: application/javascript
cache-control: max-age=2592000
x-ccdn-expires: 45818
accept-ranges: bytes
x-hcs-proxy-type: 1
expires: Fri, 23 Jun 2023 15:06:25 GMT

GET
H2 200 main.min.js Show response
www0.dek-d.com/assets/dist/comment-reply-v3/js/ 485 KB
486 KB 1466ms
337ms Script
application/javascript 199.91.74.219
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://www0.dek-d.com/assets/dist/comment-reply-v3/js/main.min.js?v=1.89
Requested by: Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.91.74.219 , Mexico, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: openresty /
Resource Hash: 6c12af9d8b05e5295d52e51d1ee444ecb115965db404bfa9b5925821ab764b57

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 23 Jun 2023 02:23:38 GMT
via: LA-MEX-queretaro-EDGE2-CACHE1[9],LA-MEX-queretaro-EDGE2-CACHE4[0,TCP_HIT,3],LA-MEX-mexicocity-GLOBAL1-CACHE28[1300],LA-MEX-mexicocity-GLOBAL1-CACHE32[1296,TCP_MISS,1299]
x-ccdn-cachettl: 2592000
x-app-server: be_www0.dek-d.com/www0-9-102
age: 2546181
x-via: haproxy-internal-4-41
content-length: 497077
last-modified: Mon, 21 Nov 2022 10:33:53 GMT
server: openresty
etag: "637b5411-795b5"
content-type: application/javascript
cache-control: max-age=2592000
x-ccdn-expires: 45820
accept-ranges: bytes
x-hcs-proxy-type: 1
expires: Fri, 23 Jun 2023 15:07:17 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
26 KB 138ms
50ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22df3742333cce866d795d11ba7776da3b2276f009387b0502038ee3392e854c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26599
x-xss-protection: 0
server: cafe
etag: 490 / 19531 / 31075547 / config-hash: 11591319961802778394
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 23 Jun 2023 02:23:39 GMT

GET
H/1.1 200
OK innityPrebidHB.js Show response
media.innity.net/lib/ 223 KB
71 KB 322ms
80ms Script
application/javascript 23.223.124.41
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://media.innity.net/lib/innityPrebidHB.js

Requested by

Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.223.124.41 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-223-124-41.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

3171ff6f844469adc6246bb42aec71eb879440f991a242a14f8815e4499b5dc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
Date: Fri, 23 Jun 2023 02:23:40 GMT
Last-Modified: Wed, 14 Jul 2021 03:31:56 GMT
Server: Apache
ETag: "37af1-5c70cff0b0300-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 71908
Expires: Sat, 24 Jun 2023 02:23:40 GMT

GET
H/1.1 200
OK hbconfig_prebid60.js Show response
media.innity.net/adnetwork/hb_prebid/12/ 3 KB
1 KB 320ms
79ms Script
application/javascript 23.223.124.41
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://media.innity.net/adnetwork/hb_prebid/12/hbconfig_prebid60.js

Requested by

Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.223.124.41 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-223-124-41.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

b7315bf7a32244460de7e75c93b7f0b63b6dd134a21ba7ad426d818c4c4b123a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
Date: Fri, 23 Jun 2023 02:23:40 GMT
Last-Modified: Thu, 22 Jun 2023 16:15:42 GMT
Server: Apache
ETag: "d7a-5feba322825d6-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=1800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 851
Expires: Fri, 23 Jun 2023 02:53:40 GMT

GET
H2 200 set_password_modal.min.css
www0.dek-d.com/assets/toolbar/css/ 24 KB
24 KB 1386ms
257ms Stylesheet
text/css 199.91.74.219
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://www0.dek-d.com/assets/toolbar/css/set_password_modal.min.css?v=21.7
Requested by: Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.91.74.219 , Mexico, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: openresty /
Resource Hash: 8f0ff75922589a178737511cd0863e8e6ddabd7c317585dd226242700a89cc16

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 23 Jun 2023 02:23:38 GMT
via: LA-MEX-queretaro-EDGE2-CACHE1[3],LA-MEX-queretaro-EDGE2-CACHE7[0,TCP_HIT,2],LA-MEX-mexicocity-GLOBAL1-CACHE22[3],LA-MEX-mexicocity-GLOBAL1-CACHE33[0,TCP_HIT,2]
x-ccdn-cachettl: 2592000
x-app-server: be_www0.dek-d.com/www0-9-103
age: 2546321
x-via: haproxy-internal-4-41
content-length: 24098
last-modified: Thu, 16 Apr 2020 08:50:16 GMT
server: openresty
etag: "5e981c48-5e22"
content-type: text/css
cache-control: max-age=2592000
x-ccdn-expires: 45679
accept-ranges: bytes
x-hcs-proxy-type: 1
expires: Fri, 23 Jun 2023 15:04:28 GMT

GET
H2 200 jquery.transform2d.min.js Show response
www0.dek-d.com/assets/vendor/jquery-transform/ 7 KB
8 KB 1465ms
336ms Script
application/javascript 199.91.74.219
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://www0.dek-d.com/assets/vendor/jquery-transform/jquery.transform2d.min.js?v=21.7
Requested by: Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.91.74.219 , Mexico, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: openresty /
Resource Hash: e25eb55114097d6c0c5e875ead57fb8a80cf600e1f711fa1ead280bf1066a1e6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 23 Jun 2023 02:23:38 GMT
via: LA-MEX-queretaro-EDGE2-CACHE1[6],LA-MEX-queretaro-EDGE2-CACHE7[0,TCP_HIT,1],LA-MEX-mexicocity-GLOBAL1-CACHE32[23],LA-MEX-mexicocity-GLOBAL1-CACHE28[0,TCP_HIT,22]
x-ccdn-cachettl: 2592000
x-app-server: be_www0.dek-d.com/www0-9-102
age: 2546321
x-via: haproxy-internal-4-41
content-length: 7395
last-modified: Thu, 24 Dec 2015 10:14:00 GMT
server: openresty
etag: "567bc568-1ce3"
content-type: application/javascript
cache-control: max-age=2592000
x-ccdn-expires: 45679
accept-ranges: bytes
x-hcs-proxy-type: 1
expires: Fri, 23 Jun 2023 15:04:28 GMT

GET
H2 200 fb.min.js Show response
www0.dek-d.com/resource/js/ 2 KB
2 KB 1466ms
337ms Script
application/javascript 199.91.74.219
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://www0.dek-d.com/resource/js/fb.min.js?v=21.7
Requested by: Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.91.74.219 , Mexico, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: openresty /
Resource Hash: ef57e1db69b1e14847d51d81379972bc3789ab7ec281f50b1f7807b66905528a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 23 Jun 2023 02:23:38 GMT
via: LA-MEX-queretaro-EDGE2-CACHE1[4],LA-MEX-queretaro-EDGE2-CACHE7[0,TCP_HIT,2],LA-MEX-mexicocity-GLOBAL1-CACHE16[12],LA-MEX-mexicocity-GLOBAL1-CACHE29[0,TCP_HIT,11]
x-ccdn-cachettl: 2592000
x-app-server: be_www0.dek-d.com/www0-9-102
age: 2546321
x-via: haproxy-internal-4-42
content-length: 2022
last-modified: Wed, 25 Mar 2020 03:40:21 GMT
server: openresty
etag: "5e7ad2a5-7e6"
content-type: application/javascript
cache-control: max-age=2592000
x-ccdn-expires: 45679
accept-ranges: bytes
x-hcs-proxy-type: 1
expires: Fri, 23 Jun 2023 15:04:36 GMT

GET
H2 200 jquery.timesince.js Show response
www0.dek-d.com/assets/notify/js/ 5 KB
5 KB 1467ms
338ms Script
application/javascript 199.91.74.219
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://www0.dek-d.com/assets/notify/js/jquery.timesince.js?v=21.7
Requested by: Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.91.74.219 , Mexico, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: openresty /
Resource Hash: 585c2cc1ee76c4f06f1cf2ac6aedd4d8849eb3f35bce2189c50d5fd46666addb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 23 Jun 2023 02:23:38 GMT
via: LA-MEX-queretaro-EDGE2-CACHE1[9],LA-MEX-queretaro-EDGE2-CACHE6[0,TCP_HIT,2],LA-MEX-mexicocity-GLOBAL1-CACHE21[5],LA-MEX-mexicocity-GLOBAL1-CACHE30[0,TCP_HIT,4]
x-ccdn-cachettl: 2592000
x-app-server: be_www0.dek-d.com/www0-9-102
age: 2546321
x-via: haproxy-internal-4-42
content-length: 5025
last-modified: Thu, 24 Dec 2015 10:14:00 GMT
server: openresty
etag: "567bc568-13a1"
content-type: application/javascript
cache-control: max-age=2592000
x-ccdn-expires: 45679
accept-ranges: bytes
x-hcs-proxy-type: 1
expires: Fri, 23 Jun 2023 15:04:36 GMT

GET
H2

200

v3.js.php Show response
www.dek-d.com//captless/
Redirect Chain

https://www0.dek-d.com/captless/v3.js.php?v=21.7
https://www.dek-d.com//captless/v3.js.php?v=21.7

3 KB
1 KB

250ms
249ms

Script
application/javascript

94.74.116.230
HWCLOUDS-AS-AP HU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dek-d.com//captless/v3.js.php?v=21.7
Requested by: Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585
Protocol: H2
Server: 94.74.116.230 Bangkok, Thailand, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS: ecs-94-74-116-230.compute.hwclouds-dns.com
Software: Apache /
Resource Hash: 686eec39df089c5c83a467842e31e32b8c67ad032007682958b53723b226aa30

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:39 GMT
content-encoding: gzip
server: Apache
x-app-server: be_www.dek-d.com/www-9-53
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
x-via: haproxy-user-4-52
cache-control: max-age=120, no-cache, must-revalidate
content-length: 1029
expires: Fri, 23 Jun 2023 02:25:39 GMT

Redirect headers

date: Fri, 23 Jun 2023 02:23:39 GMT
strict-transport-security: max-age=31536000
via: LA-MEX-queretaro-EDGE2-CACHE1[1083],LA-MEX-queretaro-EDGE2-CACHE6[1077,TCP_MISS,1079],LA-MEX-mexicocity-GLOBAL1-CACHE22[1033],LA-MEX-mexicocity-GLOBAL1-CACHE24[1029,TCP_MISS,1032]
x-ccdn-cachettl: 0
server: openresty
x-app-server: be_www0.dek-d.com/www0-9-102
x-via: haproxy-internal-4-41
location: https://www.dek-d.com//captless/v3.js.php?v=21.7
content-type: text/html
x-ccdn-origin-time: 1029
content-length: 138
x-hcs-proxy-type: 0

GET
H2 200 modalbox.min.js Show response
www0.dek-d.com/assets/vendor/dekd-foundation-2.2/js/ 5 KB
6 KB 1463ms
335ms Script
application/javascript 199.91.74.219
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://www0.dek-d.com/assets/vendor/dekd-foundation-2.2/js/modalbox.min.js?v=21.7
Requested by: Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.91.74.219 , Mexico, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: openresty /
Resource Hash: c8ff405b1b0c5cb75cc666047001e1d83b965cf15de1ea7abc62d64a2e9205f4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 23 Jun 2023 02:23:38 GMT
via: LA-MEX-queretaro-EDGE2-CACHE1[8],LA-MEX-queretaro-EDGE2-CACHE6[0,TCP_HIT,3],LA-MEX-mexicocity-GLOBAL1-CACHE34[10],LA-MEX-mexicocity-GLOBAL1-CACHE18[0,TCP_HIT,10]
x-ccdn-cachettl: 2592000
x-app-server: be_www0.dek-d.com/www0-9-103
age: 2546321
x-via: haproxy-internal-4-41
content-length: 5573
last-modified: Mon, 12 Jun 2017 03:24:14 GMT
server: openresty
etag: "593e095e-15c5"
content-type: application/javascript
cache-control: max-age=2592000
x-ccdn-expires: 45679
accept-ranges: bytes
x-hcs-proxy-type: 1
expires: Fri, 23 Jun 2023 15:04:28 GMT

GET
H2 200 yoyo_id.png
www0.dek-d.com/assets/toolbar/images/ 5 KB
5 KB 68ms
63ms Image
image/png 199.91.74.219
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www0.dek-d.com/assets/toolbar/images/yoyo_id.png

Requested by

Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

199.91.74.219 , Mexico, ASN21859 (ZEN-ECN, US),

Reverse DNS

Software

openresty /

Resource Hash

6aee8b0daa3c0a2e9cb9742646334e8a07c3198fdbcb0a7a258a5a2c6d94eee7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 23 Jun 2023 02:23:39 GMT
strict-transport-security: max-age=31536000
via: LA-MEX-queretaro-EDGE2-CACHE1[5],LA-MEX-queretaro-EDGE2-CACHE4[0,TCP_HIT,0],LA-MEX-mexicocity-GLOBAL1-CACHE16[14],LA-MEX-mexicocity-GLOBAL1-CACHE17[0,TCP_HIT,14]
x-ccdn-cachettl: 2592000
x-app-server: be_www0.dek-d.com/www0-9-103
age: 2546322
x-via: haproxy-internal-4-41
content-length: 4883
last-modified: Wed, 18 Oct 2017 07:36:01 GMT
server: openresty
etag: "59e70461-1313"
content-type: image/png
cache-control: max-age=604800
x-ccdn-expires: 45693
accept-ranges: bytes
x-hcs-proxy-type: 1
expires: Wed, 31 May 2023 15:04:38 GMT

GET
H2 200 bombom_state.png
www0.dek-d.com/assets/toolbar/images/ 5 KB
5 KB 69ms
64ms Image
image/png 199.91.74.219
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www0.dek-d.com/assets/toolbar/images/bombom_state.png

Requested by

Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

199.91.74.219 , Mexico, ASN21859 (ZEN-ECN, US),

Reverse DNS

Software

openresty /

Resource Hash

7dd6daa5a054a1bec51a4f5f22f6a0ab4c092a885b7c6b13919f3281519e6e7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 23 Jun 2023 02:23:39 GMT
strict-transport-security: max-age=31536000
via: LA-MEX-queretaro-EDGE2-CACHE1[4],LA-MEX-queretaro-EDGE2-CACHE2[0,TCP_HIT,1],LA-MEX-mexicocity-GLOBAL1-CACHE27[6008],LA-MEX-mexicocity-GLOBAL1-CACHE21[1,TCP_HIT,6007]
x-ccdn-cachettl: 2592000
x-app-server: be_www0.dek-d.com/www0-9-103
age: 2546316
x-via: haproxy-internal-4-41
content-length: 4735
last-modified: Wed, 18 Oct 2017 07:36:01 GMT
server: openresty
etag: "59e70461-127f"
content-type: image/png
cache-control: max-age=604800
x-ccdn-expires: 45684
accept-ranges: bytes
x-hcs-proxy-type: 1
expires: Wed, 31 May 2023 15:05:02 GMT

GET
H2 200 jeejee_noti.png
www0.dek-d.com/assets/toolbar/images/ 5 KB
5 KB 74ms
70ms Image
image/png 199.91.74.219
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www0.dek-d.com/assets/toolbar/images/jeejee_noti.png

Requested by

Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

199.91.74.219 , Mexico, ASN21859 (ZEN-ECN, US),

Reverse DNS

Software

openresty /

Resource Hash

570acae215e1412e694a8ce553b74afaf15de9ac78ed53cf3ee65eef82ffa96f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 23 Jun 2023 02:23:39 GMT
strict-transport-security: max-age=31536000
via: LA-MEX-queretaro-EDGE2-CACHE1[6],LA-MEX-queretaro-EDGE2-CACHE1[0,TCP_HIT,4],LA-MEX-mexicocity-GLOBAL1-CACHE25[3],LA-MEX-mexicocity-GLOBAL1-CACHE24[0,TCP_HIT,2]
x-ccdn-cachettl: 2592000
x-app-server: be_www0.dek-d.com/www0-9-103
age: 2546322
x-via: haproxy-internal-4-41
content-length: 4865
last-modified: Wed, 18 Oct 2017 07:36:01 GMT
server: openresty
etag: "59e70461-1301"
content-type: image/png
cache-control: max-age=604800
x-ccdn-expires: 45678
accept-ranges: bytes
x-hcs-proxy-type: 1
expires: Wed, 31 May 2023 15:04:44 GMT

GET
H2 200 bombom_noti.png
www0.dek-d.com/assets/toolbar/images/ 5 KB
5 KB 77ms
72ms Image
image/png 199.91.74.219
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www0.dek-d.com/assets/toolbar/images/bombom_noti.png

Requested by

Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

199.91.74.219 , Mexico, ASN21859 (ZEN-ECN, US),

Reverse DNS

Software

openresty /

Resource Hash

72797546325e299050f869eb99756cc911118aae93c39b1153e97dcd6ea9219c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 23 Jun 2023 02:23:39 GMT
strict-transport-security: max-age=31536000
via: LA-MEX-queretaro-EDGE2-CACHE1[12],LA-MEX-queretaro-EDGE2-CACHE8[0,TCP_HIT,11],LA-MEX-mexicocity-GLOBAL1-CACHE28[6009],LA-MEX-mexicocity-GLOBAL1-CACHE27[0,TCP_HIT,6008]
x-ccdn-cachettl: 2592000
x-app-server: be_www0.dek-d.com/www0-9-102
age: 2546311
x-via: haproxy-internal-4-41
content-length: 4859
last-modified: Wed, 18 Oct 2017 07:36:01 GMT
server: openresty
etag: "59e70461-12fb"
content-type: image/png
cache-control: max-age=604800
x-ccdn-expires: 45704
accept-ranges: bytes
x-hcs-proxy-type: 1
expires: Wed, 31 May 2023 15:05:07 GMT

GET
H2 200 bombom_noti_ok.png
www0.dek-d.com/assets/toolbar/images/ 5 KB
6 KB 69ms
65ms Image
image/png 199.91.74.219
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www0.dek-d.com/assets/toolbar/images/bombom_noti_ok.png

Requested by

Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

199.91.74.219 , Mexico, ASN21859 (ZEN-ECN, US),

Reverse DNS

Software

openresty /

Resource Hash

3d1838a88c8bb09dfb74722883fa30f9f5c6c0774558f212be89012866df5ca3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 23 Jun 2023 02:23:39 GMT
strict-transport-security: max-age=31536000
via: LA-MEX-queretaro-EDGE2-CACHE1[3],LA-MEX-queretaro-EDGE2-CACHE6[0,TCP_HIT,2],LA-MEX-mexicocity-GLOBAL1-CACHE25[3456],LA-MEX-mexicocity-GLOBAL1-CACHE25[3444,TCP_HIT,3455]
x-ccdn-cachettl: 2592000
x-app-server: be_www0.dek-d.com/www0-9-103
age: 2546309
x-via: haproxy-internal-4-42
content-length: 5423
last-modified: Wed, 18 Oct 2017 07:36:01 GMT
server: openresty
etag: "59e70461-152f"
content-type: image/png
cache-control: max-age=604800
x-ccdn-expires: 45691
accept-ranges: bytes
x-hcs-proxy-type: 1
expires: Wed, 31 May 2023 15:05:10 GMT

GET
H2 200 toolbar_desktop_2015.min.js Show response
www0.dek-d.com/assets/toolbar/js/ 21 KB
22 KB 63ms
62ms Script
application/javascript 199.91.74.219
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://www0.dek-d.com/assets/toolbar/js/toolbar_desktop_2015.min.js?v=21.7
Requested by: Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.91.74.219 , Mexico, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: openresty /
Resource Hash: d0f9ab04988366fa701201955657ef3fa15f06b534783d344a1eb85a5fff8f13

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 23 Jun 2023 02:23:39 GMT
via: LA-MEX-queretaro-EDGE2-CACHE1[3],LA-MEX-queretaro-EDGE2-CACHE5[0,TCP_HIT,1],LA-MEX-mexicocity-GLOBAL1-CACHE19[8],LA-MEX-mexicocity-GLOBAL1-CACHE20[0,TCP_HIT,7]
x-ccdn-cachettl: 2592000
x-app-server: be_www0.dek-d.com/www0-9-103
age: 2546322
x-via: haproxy-internal-4-41
content-length: 21868
last-modified: Fri, 09 Sep 2022 07:36:55 GMT
server: openresty
etag: "631aed17-556c"
content-type: application/javascript
cache-control: max-age=2592000
x-ccdn-expires: 45678
accept-ranges: bytes
x-hcs-proxy-type: 1
expires: Fri, 23 Jun 2023 15:04:38 GMT

GET
H2 200 analytic.js Show response
www0.dek-d.com/assets/toolbar/js/ 561 B
1 KB 77ms
71ms Script
application/javascript 199.91.74.219
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://www0.dek-d.com/assets/toolbar/js/analytic.js?v=21.7
Requested by: Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.91.74.219 , Mexico, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: openresty /
Resource Hash: 7d4791d8f5be8203299dd505afc9cc51f27348d7af2d0459415c247d2e013e13

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 23 Jun 2023 02:23:39 GMT
via: LA-MEX-queretaro-EDGE2-CACHE1[13],LA-MEX-queretaro-EDGE2-CACHE2[0,TCP_HIT,12],LA-MEX-mexicocity-GLOBAL1-CACHE24[16],LA-MEX-mexicocity-GLOBAL1-CACHE24[0,TCP_HIT,15]
x-ccdn-cachettl: 2592000
x-app-server: be_www0.dek-d.com/www0-9-102
age: 2546322
x-via: haproxy-internal-4-41
content-length: 561
last-modified: Fri, 03 Sep 2021 11:04:37 GMT
server: openresty
etag: "61320145-231"
content-type: application/javascript
cache-control: max-age=2592000
x-ccdn-expires: 45678
accept-ranges: bytes
x-hcs-proxy-type: 1
expires: Fri, 23 Jun 2023 15:04:38 GMT

GET
H2 200 FAIRY.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEidtSaYArjK4bgSepUspg0apiNkDICpGAVuvp9Dx59SwXCzYc0DqI6zcJb5NydDZyFKi13_2SzZ4LBZJsq_KgiiWqAu2NUt3c8CcHDGqY49XDhlhDRGeCwiwuRlmd6x-j_MmrCd9ejYWZnKr77u... 32 KB
33 KB 969ms
892ms Image
image/jpeg 2607:f8b0:4020:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEidtSaYArjK4bgSepUspg0apiNkDICpGAVuvp9Dx59SwXCzYc0DqI6zcJb5NydDZyFKi13_2SzZ4LBZJsq_KgiiWqAu2NUt3c8CcHDGqY49XDhlhDRGeCwiwuRlmd6x-j_MmrCd9ejYWZnKr77uU3OBv3zhYEsSBbjKuxm1ghZ-Tjb0wiq5JjZ0EWmrRXuk/w640-h360/FAIRY.jpg

Requested by

Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2f6177f13581c6868fd6417a72f26141dd626ad16c262321433c2fb9f8cd1eae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:40 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ca"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FAIRY.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33015
x-xss-protection: 0
expires: Sat, 24 Jun 2023 02:23:40 GMT

GET
H2 200 rmp.min.js Show response
cdn.radiantmediatechs.com/rmp/5.11.3/js/ 887 KB
197 KB 65ms
19ms Script
application/javascript 2606:4700:10::6816:3f96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.radiantmediatechs.com/rmp/5.11.3/js/rmp.min.js

Requested by

Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3f96 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f81f61ccc0fea20fa1d38a17629c8a92c624aac6016c96d67b5ce7e3df76b87

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 311624
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 07 Dec 2020 12:42:03 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, no-transform
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Range
cf-ray: 7db945327a9d4286-EWR
expires: Wed, 19 Jul 2023 11:49:55 GMT

GET
H2 200 9733685
img.dek-d.com/1/newtoon/973/ 4 KB
4 KB 835ms
85ms Image
image/jpeg 199.91.74.219
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.dek-d.com/1/newtoon/973/9733685

Requested by

Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

199.91.74.219 , Mexico, ASN21859 (ZEN-ECN, US),

Reverse DNS

Software

openresty /

Resource Hash

32f031de54d6b52a419efb47cae628e11203dac5a1018b4e2c159c02f5b3a199

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 23 Jun 2023 02:23:40 GMT
strict-transport-security: max-age=31536000
via: LA-MEX-queretaro-EDGE2-CACHE1[24],LA-MEX-queretaro-EDGE2-CACHE8[0,TCP_HIT,22],LA-MEX-mexicocity-GLOBAL1-CACHE30[984],LA-MEX-mexicocity-GLOBAL1-CACHE25[980,TCP_MISS,983]
x-ccdn-cachettl: 2592000
x-app-server: be_img.dek-d.com/image-9-108
age: 1425574
x-via: haproxy-internal-4-42
content-length: 3596
last-modified: Fri, 10 Feb 2023 19:59:05 GMT
server: openresty
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
x-hcs-proxy-type: 1
expires: Thu, 06 Jul 2023 14:24:06 GMT

GET
H2 200 dekdlogo.png
www0.dek-d.com/home/assets/images/ 4 KB
4 KB 70ms
66ms Image
image/png 199.91.74.219
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www0.dek-d.com/home/assets/images/dekdlogo.png?v=21.7

Requested by

Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

199.91.74.219 , Mexico, ASN21859 (ZEN-ECN, US),

Reverse DNS

Software

openresty /

Resource Hash

64d9c089881a969d05f8f85a564c6b1ca48ee07924fb08e2f4ef0228bcee8fee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 23 Jun 2023 02:23:39 GMT
strict-transport-security: max-age=31536000
via: LA-MEX-queretaro-EDGE2-CACHE1[3],LA-MEX-queretaro-EDGE2-CACHE8[0,TCP_HIT,1],LA-MEX-mexicocity-GLOBAL1-CACHE19[17],LA-MEX-mexicocity-GLOBAL1-CACHE18[0,TCP_HIT,16]
x-ccdn-cachettl: 2592000
x-app-server: be_www0.dek-d.com/www0-9-103
age: 2545618
x-via: haproxy-internal-4-41
content-length: 3622
last-modified: Mon, 03 Feb 2020 10:13:36 GMT
server: openresty
etag: "5e37f250-e26"
content-type: image/png
cache-control: max-age=604800
x-ccdn-expires: 46382
accept-ranges: bytes
x-hcs-proxy-type: 1
expires: Wed, 31 May 2023 15:10:39 GMT

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
996 B 115ms
51ms Stylesheet
text/css 2607:f8b0:4020:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Bai+Jamjuree:wght@400;500;700&display=swap

Requested by

Host: www0.dek-d.com
URL: https://www0.dek-d.com/board/assets/css/board-style.min.css?v=1.89

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d61904a4fe4faad3b765353e72b7e5007ab51e5990b79ace7a7f395af198bf85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www0.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 23 Jun 2023 02:23:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 23 Jun 2023 02:23:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 23 Jun 2023 02:23:38 GMT

GET
H2 200 gpi_lib.min.js Show response
www0.dek-d.com/assets/vendor/gpi/js/ 18 KB
19 KB 71ms
67ms Script
application/javascript 199.91.74.219
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://www0.dek-d.com/assets/vendor/gpi/js/gpi_lib.min.js?v=2
Requested by: Host: www0.dek-d.com
URL: https://www0.dek-d.com/assets/vendor/gpi/js/gpi.min.js?v=5.48
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.91.74.219 , Mexico, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: openresty /
Resource Hash: 157c17c3a50d0926d3244b1af57f17524bf7e386b1a220194f4875010f6ee7b0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 23 Jun 2023 02:23:39 GMT
via: LA-MEX-queretaro-EDGE2-CACHE1[2],LA-MEX-queretaro-EDGE2-CACHE8[0,TCP_HIT,2],LA-MEX-mexicocity-GLOBAL1-CACHE22[516],LA-MEX-mexicocity-GLOBAL1-CACHE16[513,TCP_MISS,515]
x-ccdn-cachettl: 2592000
x-app-server: be_www0.dek-d.com/www0-9-102
age: 2546181
x-via: haproxy-internal-4-41
content-length: 18641
last-modified: Tue, 12 Feb 2019 10:36:21 GMT
server: openresty
etag: "5c62a1a5-48d1"
content-type: application/javascript
cache-control: max-age=2592000
x-ccdn-expires: 45819
accept-ranges: bytes
x-hcs-proxy-type: 1
expires: Fri, 23 Jun 2023 15:07:17 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 966 B
699 B 51ms
28ms Script
text/javascript 2607:f8b0:4006:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=oncallBackLoadReCaptchaV3_1687487019830&render=6LdgGzgbAAAAAKq-w4ME0uPg7kBQpYm7UblBWaHK&hl=th

Requested by

Host: www0.dek-d.com
URL: https://www0.dek-d.com/captless/v3.js.php?v=1.89

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2004 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

279bf79f4913a093c3931230c64d465ee517c2511be26c0f9296f772d956f399

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 630
x-xss-protection: 1; mode=block
expires: Fri, 23 Jun 2023 02:23:39 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 932 B
918 B 48ms
26ms Script
text/javascript 2607:f8b0:4006:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=oncallBackLoadReCaptcha_1687487019831&render=explicit&hl=th

Requested by

Host: www0.dek-d.com
URL: https://www0.dek-d.com/assets/vendor/captless/captless.js?v=1.89

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2004 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b818975ee4dd0d949c24b0c89dae1332f9540a3f8d4ba5179441eedc86546015

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 598
x-xss-protection: 1; mode=block
expires: Fri, 23 Jun 2023 02:23:39 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 201 KB
73 KB 100ms
55ms Script
application/javascript 2607:f8b0:4020:804::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PMXT86T

Requested by

Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2008 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0f27dca136ba3ebfd7fea1244567fbd47672b6846f0db2ceb63a8dc276ce272b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74171
x-xss-protection: 0
last-modified: Fri, 23 Jun 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 23 Jun 2023 02:23:39 GMT

GET
H2 200 ptag.js Show response
tag.adbro.me/tags/ 34 KB
11 KB 59ms
22ms Script
application/javascript 2606:4700:10::ac43:2682
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.adbro.me/tags/ptag.js
Requested by: Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2682 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd1d01b77062907cd4a48ce5c1c6e6808904ecea05e2e926a607a80a882e6be9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:39 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 11 May 2023 13:52:36 GMT
content-md5: sdBluCDsnUM4tB8WtRu3gA==
age: 3186
server: cloudflare
cf-polished: origSize=65509
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7db945326be08c4d-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 pi8ye0t8.js Show response
tag.adbro.me/configs/ 2 KB
1 KB 22ms
22ms Script
application/javascript 2606:4700:10::ac43:2682
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.adbro.me/configs/pi8ye0t8.js
Requested by: Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2682 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a73b7026dcde9b5d3bfea51bfabcaa1b58fadebb10bdb02221d0c1d032e5220

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:39 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 30 Aug 2022 10:37:33 GMT
server: cloudflare
age: 3161
cf-polished: origSize=3605
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7db945328bf88c4d-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 core.min.js Show response
www.dek-d.com/assets/analytics/js/ 17 KB
8 KB 255ms
253ms Script
application/javascript 94.74.116.230
HWCLOUDS-AS-AP HU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dek-d.com/assets/analytics/js/core.min.js
Requested by: Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.74.116.230 Bangkok, Thailand, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS: ecs-94-74-116-230.compute.hwclouds-dns.com
Software: Apache /
Resource Hash: b804b86024f8d2514ef41bc3cf8a9fadb0f76e43d7d7650cc3e5d580dcf49f96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/board/view/4089585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:39 GMT
content-encoding: gzip
last-modified: Thu, 13 Dec 2018 08:24:59 GMT
server: Apache
x-app-server: be_www.dek-d.com/www-9-52
vary: Accept-Encoding
content-type: application/javascript
x-via: haproxy-user-4-52
cache-control: max-age=120, no-cache, must-revalidate
accept-ranges: bytes
content-length: 7592
expires: Fri, 23 Jun 2023 02:25:39 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 33ms
6ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www0.dek-d.com
URL: https://www0.dek-d.com/assets/vendor/faceless/faceless.js?v=1.89

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

14497ff909f12144b0a7ba2eec3d8f45b2bcc9bd4f5a71d8e826f8854e0e57c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 23 Jun 2023 02:23:39 GMT
content-md5: UP5m6zpJuSH8BywnlCiuHQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
x-fb-debug: VyA5bhSUrplbA6hSVcH8X+YaIp/u8cjp77xKyyXIWrtSsw2xqek8LD2TDGNbmLYpdd9bq+9mLo/syd8ZdiS1AA==
x-fb-content-md5: e64033a4f32ca150f48b18fa937fb412
cross-origin-opener-policy: same-origin-allow-popups
etag: "d07457dad76eff59e8b13386aa403936"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Fri, 23 Jun 2023 02:36:40 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 57 KB
22 KB 99ms
50ms Script
text/javascript 2607:f8b0:4020:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js?onload=__GOOGLELESSCALLBACK

Requested by

Host: www0.dek-d.com
URL: https://www0.dek-d.com/assets/vendor/googleless/googleless.js?v=1.89

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7969e8bf9d1bcb1b238fa5ba4cae4a9b42d8b00ea67762ff9ea3290cac213618

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 23 Jun 2023 02:23:39 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22297
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "440c9b7f19a04070"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Jun 2023 02:23:39 GMT

GET
H2 200 logo-d.png
www0.dek-d.com/assets/toolbar/images/ 3 KB
4 KB 64ms
64ms Image
image/png 199.91.74.219
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www0.dek-d.com/assets/toolbar/images/logo-d.png

Requested by

Host: www0.dek-d.com
URL: https://www0.dek-d.com/assets/toolbar/css/toolbar_desktop_2015.min.css?v=1.89

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

199.91.74.219 , Mexico, ASN21859 (ZEN-ECN, US),

Reverse DNS

Software

openresty /

Resource Hash

1518353cee66adbdd1ff472acb8c766004ed3be2dd30bbcb75c7cec20d66831c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www0.dek-d.com/assets/toolbar/css/toolbar_desktop_2015.min.css?v=1.89
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 23 Jun 2023 02:23:39 GMT
strict-transport-security: max-age=31536000
via: LA-MEX-queretaro-EDGE2-CACHE1[2],LA-MEX-queretaro-EDGE2-CACHE4[0,TCP_HIT,2],LA-MEX-mexicocity-GLOBAL1-CACHE25[10],LA-MEX-mexicocity-GLOBAL1-CACHE23[0,TCP_HIT,9]
x-ccdn-cachettl: 2592000
x-app-server: be_www0.dek-d.com/www0-9-103
age: 2546319
x-via: haproxy-internal-4-42
content-length: 3242
last-modified: Mon, 04 Jun 2018 11:04:22 GMT
server: openresty
etag: "5b151cb6-caa"
content-type: image/png
cache-control: max-age=604800
x-ccdn-expires: 45681
accept-ranges: bytes
x-hcs-proxy-type: 1
expires: Wed, 31 May 2023 15:04:41 GMT

GET
H2 200 fontawesome-webfont.woff
www0.dek-d.com/assets/vendor/fontawesome4/fonts/ 96 KB
96 KB 191ms
66ms Font
application/font-woff 199.91.74.219
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://www0.dek-d.com/assets/vendor/fontawesome4/fonts/fontawesome-webfont.woff?v=4.6.1
Requested by: Host: www0.dek-d.com
URL: https://www0.dek-d.com/assets/authenticate/css/login.min.css?v=1.89
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.91.74.219 , Mexico, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: openresty /
Resource Hash: ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Request headers

Referer: https://www0.dek-d.com/assets/authenticate/css/login.min.css?v=1.89
Origin: https://www.dek-d.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 23 Jun 2023 02:23:40 GMT
via: LA-MEX-queretaro-EDGE2-CACHE5[4],LA-MEX-queretaro-EDGE2-CACHE6[0,TCP_HIT,1],LA-MEX-mexicocity-GLOBAL1-CACHE33[3535],LA-MEX-mexicocity-GLOBAL1-CACHE26[3532,TCP_MISS,3535]
x-ccdn-cachettl: 2592000
x-app-server: be_www0.dek-d.com/www0-9-102
age: 2546271
x-via: haproxy-internal-4-42
content-length: 98024
last-modified: Fri, 02 Jun 2017 03:31:50 GMT
server: openresty
etag: "5930dc26-17ee8"
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-expires: 45730
accept-ranges: bytes
x-hcs-proxy-type: 1
expires: Fri, 23 Jun 2023 15:05:49 GMT

GET
H2 200 global-loading.gif
www0.dek-d.com/assets/toolbar/images/ 529 B
1022 B 65ms
64ms Image
image/gif 199.91.74.219
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www0.dek-d.com/assets/toolbar/images/global-loading.gif

Requested by

Host: www0.dek-d.com
URL: https://www0.dek-d.com/assets/toolbar/css/toolbar_desktop_2015.min.css?v=1.89

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

199.91.74.219 , Mexico, ASN21859 (ZEN-ECN, US),

Reverse DNS

Software

openresty /

Resource Hash

f8fe0afaef5b29024217e93d234b1144b6b0562918782c90041c40d77cc28537

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www0.dek-d.com/assets/toolbar/css/toolbar_desktop_2015.min.css?v=1.89
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 23 Jun 2023 02:23:39 GMT
strict-transport-security: max-age=31536000
via: LA-MEX-queretaro-EDGE2-CACHE1[3],LA-MEX-queretaro-EDGE2-CACHE1[0,TCP_HIT,2],LA-MEX-mexicocity-GLOBAL1-CACHE27[14],LA-MEX-mexicocity-GLOBAL1-CACHE32[0,TCP_HIT,12]
x-ccdn-cachettl: 2592000
x-app-server: be_www0.dek-d.com/www0-9-102
age: 2546245
x-via: haproxy-internal-4-41
content-length: 529
last-modified: Thu, 24 Dec 2015 10:14:00 GMT
server: openresty
etag: "567bc568-211"
content-type: image/gif
cache-control: max-age=604800
x-ccdn-expires: 45755
accept-ranges: bytes
x-hcs-proxy-type: 1
expires: Wed, 31 May 2023 15:06:01 GMT

GET
H2 200 / Show response
www.dek-d.com/auth/login2014/ 8 KB
3 KB 274ms
264ms XHR
text/html 94.74.116.230
HWCLOUDS-AS-AP HU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dek-d.com/auth/login2014/
Requested by: Host: www0.dek-d.com
URL: https://www0.dek-d.com/assets/global/js/jquery-latest.min.js?v=1.89
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.74.116.230 Bangkok, Thailand, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS: ecs-94-74-116-230.compute.hwclouds-dns.com
Software: Apache /
Resource Hash: ad3c8510a4cc866c28d2c8fda0e2e7a1c502dba84f258a9ca944051d33cc3dc6

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.dek-d.com/board/view/4089585
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jun 2023 02:23:40 GMT
content-encoding: gzip
server: Apache
x-app-server: be_www.dek-d.com/www-9-51
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
x-via: haproxy-user-4-52
cache-control: no-store, no-cache, must-revalidate, no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
content-length: 2048
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 recaptcha__th.js Show response
www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/ 456 KB
175 KB 94ms
16ms Script
text/javascript 2607:f8b0:4020:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/recaptcha__th.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=oncallBackLoadReCaptcha_1687487019831&render=explicit&hl=th

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e33714f51ae27e1b6810a2457f8fba28b24081e380a6189b47d006100892487

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dek-d.com/
Origin: https://www.dek-d.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 21:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191195
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 178886
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:10:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Jun 2024 21:17:05 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 301 KB
85 KB 15ms
7ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=2d79a7ac0ca0aa0d4c06b269ab951ff7

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

53127b5eb67255608192cc57e208deec0105e76fb9f7fdfa70b16a20220375bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.dek-d.com/
Origin: https://www.dek-d.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 23 Jun 2023 02:23:39 GMT
content-md5: +2PSubXyGVRBjK89tmYaqg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87250
x-fb-debug: OtV8EKBzza+QJWIZt475B0ewc1luByc/1aRgyuL00YyuYvExbrBH4zaJKN8CrueJoKs799gO+Y1I5L95Pt55LA==
x-fb-content-md5: 60352c5e4c2feb249924ff4b4e018499
cross-origin-opener-policy: same-origin-allow-popups
etag: "672fafdd3e8e22d47e36147a8160987a"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 22 Jun 2024 00:43:51 GMT

GET
H2 200 KaLaTeXaDisplay-Regular.woff2
www0.dek-d.com/assets/fonts/ 68 KB
69 KB 384ms
315ms Font
application/octet-stream 199.91.74.219
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://www0.dek-d.com/assets/fonts/KaLaTeXaDisplay-Regular.woff2
Requested by: Host: www0.dek-d.com
URL: https://www0.dek-d.com/board/assets/css/board-style.min.css?v=1.89
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.91.74.219 , Mexico, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: openresty /
Resource Hash: b8300f24c021918757e172f73c7baf91ec41385167a63c13c05a12352baa1fab

Request headers

Referer: https://www0.dek-d.com/board/assets/css/board-style.min.css?v=1.89
Origin: https://www.dek-d.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 23 Jun 2023 02:23:40 GMT
via: LA-MEX-queretaro-EDGE2-CACHE5[3],LA-MEX-queretaro-EDGE2-CACHE8[0,TCP_HIT,2],LA-MEX-mexicocity-GLOBAL1-CACHE25[3522],LA-MEX-mexicocity-GLOBAL1-CACHE22[3518,TCP_MISS,3522]
x-ccdn-cachettl: 2592000
x-app-server: be_www0.dek-d.com/www0-9-103
age: 2546302
x-via: haproxy-internal-4-42
content-length: 69784
last-modified: Wed, 27 Feb 2019 03:37:28 GMT
server: openresty
etag: "5c7605f8-11098"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-expires: 45698
accept-ranges: bytes
x-hcs-proxy-type: 1
expires: Fri, 23 Jun 2023 15:05:17 GMT

GET
H2 200 fa-solid-900.woff2
www0.dek-d.com/assets/vendor/fontawesome5/webfonts/ 78 KB
79 KB 318ms
249ms Font
application/octet-stream 199.91.74.219
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://www0.dek-d.com/assets/vendor/fontawesome5/webfonts/fa-solid-900.woff2
Requested by: Host: www0.dek-d.com
URL: https://www0.dek-d.com/assets/vendor/fontawesome5/css/all.min.css?v=1.89
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.91.74.219 , Mexico, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: openresty /
Resource Hash: cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658

Request headers

Referer: https://www0.dek-d.com/assets/vendor/fontawesome5/css/all.min.css?v=1.89
Origin: https://www.dek-d.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 23 Jun 2023 02:23:40 GMT
via: LA-MEX-queretaro-EDGE2-CACHE5[4],LA-MEX-queretaro-EDGE2-CACHE3[0,TCP_HIT,1],LA-MEX-mexicocity-GLOBAL1-CACHE23[3],LA-MEX-mexicocity-GLOBAL1-CACHE27[0,TCP_HIT,2]
x-ccdn-cachettl: 2592000
x-app-server: be_www0.dek-d.com/www0-9-103
age: 1184729
x-via: haproxy-internal-4-42
content-length: 80148
last-modified: Thu, 30 Jul 2020 07:35:14 GMT
server: openresty
etag: "5f227832-13914"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-expires: 1407271
accept-ranges: bytes
x-hcs-proxy-type: 1
expires: Fri, 23 Jun 2023 15:05:43 GMT

GET
H2 200 LDIqapSCOBt_aeQQ7ftydoa0reHegJo0yyg.woff2
fonts.gstatic.com/s/baijamjuree/v11/ 9 KB
9 KB 78ms
22ms Font
font/woff2 2607:f8b0:4020:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/baijamjuree/v11/LDIqapSCOBt_aeQQ7ftydoa0reHegJo0yyg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Bai+Jamjuree:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d37135b28f0162246e9bedc9e84727eb880969af4c2fc1eaac00a325d618c987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.dek-d.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 10:24:02 GMT
x-content-type-options: nosniff
age: 230378
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9564
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:12:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jun 2024 10:24:02 GMT

GET
H2 200 KaLaTeXaText-Regular.woff2
www0.dek-d.com/assets/fonts/ 36 KB
37 KB 398ms
330ms Font
application/octet-stream 199.91.74.219
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://www0.dek-d.com/assets/fonts/KaLaTeXaText-Regular.woff2
Requested by: Host: www0.dek-d.com
URL: https://www0.dek-d.com/board/assets/css/board-style.min.css?v=1.89
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.91.74.219 , Mexico, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: openresty /
Resource Hash: 775cb13f5b2ca8a252c5a0255d56e331a4df04f8bb32318ad8a5d2d2fb4204a9

Request headers

Referer: https://www0.dek-d.com/board/assets/css/board-style.min.css?v=1.89
Origin: https://www.dek-d.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 23 Jun 2023 02:23:40 GMT
via: LA-MEX-queretaro-EDGE2-CACHE5[3],LA-MEX-queretaro-EDGE2-CACHE2[0,TCP_HIT,2],LA-MEX-mexicocity-GLOBAL1-CACHE25[2],LA-MEX-mexicocity-GLOBAL1-CACHE24[0,TCP_HIT,1]
x-ccdn-cachettl: 2592000
x-app-server: be_www0.dek-d.com/www0-9-102
age: 2546177
x-via: haproxy-internal-4-41
content-length: 37156
last-modified: Wed, 27 Feb 2019 03:37:28 GMT
server: openresty
etag: "5c7605f8-9124"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-expires: 45823
accept-ranges: bytes
x-hcs-proxy-type: 1
expires: Fri, 23 Jun 2023 15:06:36 GMT

GET
H2 200 LDI1apSCOBt_aeQQ7ftydoa8XsLL.woff2
fonts.gstatic.com/s/baijamjuree/v11/ 10 KB
10 KB 82ms
25ms Font
font/woff2 2607:f8b0:4020:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/baijamjuree/v11/LDI1apSCOBt_aeQQ7ftydoa8XsLL.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Bai+Jamjuree:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2045d10a89d38e10fa42a5eb8c9aea9387c50d8470eb1791ad1ce88cd47a7733

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.dek-d.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 17:58:03 GMT
x-content-type-options: nosniff
age: 548737
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10632
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:15:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Jun 2024 17:58:03 GMT

GET
H2 200 LDIqapSCOBt_aeQQ7ftydoa0reHelJo0.woff2
fonts.gstatic.com/s/baijamjuree/v11/ 11 KB
11 KB 76ms
20ms Font
font/woff2 2607:f8b0:4020:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/baijamjuree/v11/LDIqapSCOBt_aeQQ7ftydoa0reHelJo0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Bai+Jamjuree:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a257de7d16cbc56379bbeba00afc1533e9aee044331ef5d618ec6db47ba103c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.dek-d.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 22:18:09 GMT
x-content-type-options: nosniff
age: 533131
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10808
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Jun 2024 22:18:09 GMT

GET
H2 200 KaLaTeXaText-Bold.woff2
www0.dek-d.com/assets/fonts/ 37 KB
37 KB 364ms
297ms Font
application/octet-stream 199.91.74.219
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://www0.dek-d.com/assets/fonts/KaLaTeXaText-Bold.woff2?v=1.2
Requested by: Host: www0.dek-d.com
URL: https://www0.dek-d.com/assets/toolbar/css/toolbar_desktop_2015.min.css?v=1.89
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.91.74.219 , Mexico, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: openresty /
Resource Hash: d557733d9f3a6357a746803a95623b759188066234c09fc197989ab9297dffda

Request headers

Referer: https://www0.dek-d.com/assets/toolbar/css/toolbar_desktop_2015.min.css?v=1.89
Origin: https://www.dek-d.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 23 Jun 2023 02:23:40 GMT
via: LA-MEX-queretaro-EDGE2-CACHE5[4],LA-MEX-queretaro-EDGE2-CACHE5[0,TCP_HIT,4],LA-MEX-mexicocity-GLOBAL1-CACHE22[1319],LA-MEX-mexicocity-GLOBAL1-CACHE22[1315,TCP_MISS,1318]
x-ccdn-cachettl: 2592000
x-app-server: be_www0.dek-d.com/www0-9-102
age: 2546173
x-via: haproxy-internal-4-41
content-length: 37760
last-modified: Wed, 27 Feb 2019 03:37:28 GMT
server: openresty
etag: "5c7605f8-9380"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-expires: 45827
accept-ranges: bytes
x-hcs-proxy-type: 1
expires: Fri, 23 Jun 2023 15:07:27 GMT

GET
H2 200 LDI1apSCOBt_aeQQ7ftydoa8SsLLq7s.woff2
fonts.gstatic.com/s/baijamjuree/v11/ 9 KB
9 KB 79ms
36ms Font
font/woff2 2607:f8b0:4020:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/baijamjuree/v11/LDI1apSCOBt_aeQQ7ftydoa8SsLLq7s.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Bai+Jamjuree:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0486e179145cb2205451d9848af818372ce09559f692d637e1e3c0f749d0533b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.dek-d.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 22:30:02 GMT
x-content-type-options: nosniff
age: 532418
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8992
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:13:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Jun 2024 22:30:02 GMT

GET
H3 200 vgs.json Show response
cdn.radiantmediatechs.com/rmp/rr/ 15 KB
6 KB 283ms
261ms XHR
application/json 2606:4700:10::6816:3f96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.radiantmediatechs.com/rmp/rr/vgs.json?rdm=468746

Requested by

Host: cdn.radiantmediatechs.com
URL: https://cdn.radiantmediatechs.com/rmp/5.11.3/js/rmp.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3f96 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57b0c884cfc112c78161d9294432e2dce5cdca0b33d78cf206f44450d0533c6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 5731
last-modified: Wed, 21 Jun 2023 17:46:38 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300, no-transform
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Range
cf-ray: 7db94533edaf8cad-EWR
expires: Fri, 23 Jun 2023 02:28:40 GMT

GET
H2 200 rmp-s1.min.css
cdn.radiantmediatechs.com/rmp/5.11.3/css/ 83 KB
11 KB 24ms
23ms Stylesheet
text/css 2606:4700:10::6816:3f96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.radiantmediatechs.com/rmp/5.11.3/css/rmp-s1.min.css

Requested by

Host: cdn.radiantmediatechs.com
URL: https://cdn.radiantmediatechs.com/rmp/5.11.3/js/rmp.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3f96 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2f15f011c683d63b4703dd8847509e69471af5ef29fc443db3958eee809cba7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 311615
alt-svc: h3=":443"; ma=86400
content-length: 11405
last-modified: Mon, 07 Dec 2020 12:41:54 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, no-transform
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Range
cf-ray: 7db94533cc0a4286-EWR
expires: Wed, 19 Jul 2023 11:50:05 GMT

GET
H2 200 4089585
www.dek-d.com/board/view/ 105 KB
105 KB 304ms
301ms Image
text/html 94.74.116.230
HWCLOUDS-AS-AP HU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dek-d.com/board/view/4089585
Requested by: Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.74.116.230 Bangkok, Thailand, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS: ecs-94-74-116-230.compute.hwclouds-dns.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/board/view/4089585
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jun 2023 02:23:40 GMT
content-encoding: gzip
server: Apache
x-app-server: be_www.dek-d.com/www-9-51
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
x-via: haproxy-user-4-52
cache-control: no-store, no-cache, must-revalidate, no-cache, must-revalidate
content-length: 22897
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 KaLaTeXaDisplay-Bold.woff2
www0.dek-d.com/assets/fonts/ 73 KB
73 KB 238ms
235ms Font
application/octet-stream 199.91.74.219
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://www0.dek-d.com/assets/fonts/KaLaTeXaDisplay-Bold.woff2?v=1.2
Requested by: Host: www0.dek-d.com
URL: https://www0.dek-d.com/assets/toolbar/css/toolbar_desktop_2015.min.css?v=1.89
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.91.74.219 , Mexico, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: openresty /
Resource Hash: 8406475cc1152c00a8acfe4c75416ce4fa53acd459bec2c6a4a53dcf16f14c25

Request headers

Referer: https://www0.dek-d.com/assets/toolbar/css/toolbar_desktop_2015.min.css?v=1.89
Origin: https://www.dek-d.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 23 Jun 2023 02:23:40 GMT
via: LA-MEX-queretaro-EDGE2-CACHE5[5],LA-MEX-queretaro-EDGE2-CACHE7[0,TCP_HIT,2],LA-MEX-mexicocity-GLOBAL1-CACHE18[2],LA-MEX-mexicocity-GLOBAL1-CACHE22[0,TCP_HIT,1]
x-ccdn-cachettl: 2592000
x-app-server: be_www0.dek-d.com/www0-9-102
age: 2546290
x-via: haproxy-internal-4-41
content-length: 74424
last-modified: Wed, 27 Feb 2019 03:37:28 GMT
server: openresty
etag: "5c7605f8-122b8"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-expires: 45710
accept-ranges: bytes
x-hcs-proxy-type: 1
expires: Fri, 23 Jun 2023 15:05:11 GMT

GET
H2 200 fa-regular-400.woff2
www0.dek-d.com/assets/vendor/fontawesome5/webfonts/ 13 KB
14 KB 239ms
236ms Font
application/octet-stream 199.91.74.219
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://www0.dek-d.com/assets/vendor/fontawesome5/webfonts/fa-regular-400.woff2
Requested by: Host: www0.dek-d.com
URL: https://www0.dek-d.com/assets/vendor/fontawesome5/css/all.min.css?v=1.89
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.91.74.219 , Mexico, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: openresty /
Resource Hash: 245818b22d1ec4892fcb722437e32888e97f63a0316bd22aaf9f44cde01f4c91

Request headers

Referer: https://www0.dek-d.com/assets/vendor/fontawesome5/css/all.min.css?v=1.89
Origin: https://www.dek-d.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 23 Jun 2023 02:23:40 GMT
via: LA-MEX-queretaro-EDGE2-CACHE5[5],LA-MEX-queretaro-EDGE2-CACHE5[0,TCP_HIT,3],LA-MEX-mexicocity-GLOBAL1-CACHE20[4],LA-MEX-mexicocity-GLOBAL1-CACHE21[0,TCP_HIT,3]
x-ccdn-cachettl: 2592000
x-app-server: be_www0.dek-d.com/www0-9-103
age: 2546177
x-via: haproxy-internal-4-41
content-length: 13600
last-modified: Thu, 30 Jul 2020 07:35:14 GMT
server: openresty
etag: "5f227832-3520"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-expires: 45824
accept-ranges: bytes
x-hcs-proxy-type: 1
expires: Fri, 23 Jun 2023 15:07:05 GMT

GET
H2 200 fa-brands-400.woff2
www0.dek-d.com/assets/vendor/fontawesome5/webfonts/ 76 KB
76 KB 237ms
236ms Font
application/octet-stream 199.91.74.219
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://www0.dek-d.com/assets/vendor/fontawesome5/webfonts/fa-brands-400.woff2
Requested by: Host: www0.dek-d.com
URL: https://www0.dek-d.com/assets/vendor/fontawesome5/css/all.min.css?v=1.89
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.91.74.219 , Mexico, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: openresty /
Resource Hash: 1c87d2b26de7d55c66037916bbb4cba6c791da0e2adfa378332678ff13e12d9d

Request headers

Referer: https://www0.dek-d.com/assets/vendor/fontawesome5/css/all.min.css?v=1.89
Origin: https://www.dek-d.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 23 Jun 2023 02:23:40 GMT
via: LA-MEX-queretaro-EDGE2-CACHE5[4],LA-MEX-queretaro-EDGE2-CACHE4[0,TCP_HIT,2],LA-MEX-mexicocity-GLOBAL1-CACHE20[4],LA-MEX-mexicocity-GLOBAL1-CACHE29[0,TCP_HIT,3]
x-ccdn-cachettl: 2592000
x-app-server: be_www0.dek-d.com/www0-9-102
age: 2546176
x-via: haproxy-internal-4-41
content-length: 77400
last-modified: Thu, 30 Jul 2020 07:35:14 GMT
server: openresty
etag: "5f227832-12e58"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-expires: 45824
accept-ranges: bytes
x-hcs-proxy-type: 1
expires: Fri, 23 Jun 2023 15:07:05 GMT

GET
H2 200 gddads.js Show response
www0.dek-d.com/assets/js/ 861 B
1 KB 1149ms
1147ms Script
application/javascript 199.91.74.219
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://www0.dek-d.com/assets/js/gddads.js?_=1687487018948
Requested by: Host: www0.dek-d.com
URL: https://www0.dek-d.com/assets/global/js/jquery-latest.min.js?v=1.89
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.91.74.219 , Mexico, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: openresty /
Resource Hash: d7c8504158d89bf76f740a10b0c8a552d7c22ab68dc1f2d9496b60e44918aaf5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:41 GMT
via: LA-MEX-queretaro-EDGE2-CACHE1[1085],LA-MEX-queretaro-EDGE2-CACHE8[1080,TCP_MISS,1082],LA-MEX-mexicocity-GLOBAL1-CACHE33[1037],LA-MEX-mexicocity-GLOBAL1-CACHE21[1034,TCP_MISS,1036]
x-ccdn-cachettl: 2592000
x-app-server: be_www0.dek-d.com/www0-9-102
age: 1
x-via: haproxy-internal-4-41
x-ccdn-origin-time: 1032
content-length: 861
last-modified: Thu, 24 Dec 2015 10:14:00 GMT
server: openresty
etag: "567bc568-35d"
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
x-hcs-proxy-type: 0
expires: Sun, 23 Jul 2023 02:23:41 GMT

GET
H2 200 / Show response
www.dek-d.com/login/osl/template/ 10 KB
2 KB 534ms
532ms XHR
text/html 94.74.116.230
HWCLOUDS-AS-AP HU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dek-d.com/login/osl/template/
Requested by: Host: www0.dek-d.com
URL: https://www0.dek-d.com/assets/global/js/jquery-latest.min.js?v=1.89
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.74.116.230 Bangkok, Thailand, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS: ecs-94-74-116-230.compute.hwclouds-dns.com
Software: Apache /
Resource Hash: eaef5a867299e6c32cd6115f3ecec0dc1bc1e3fd806ada39631ec1aa889fd266

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.dek-d.com/board/view/4089585
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jun 2023 02:23:40 GMT
content-encoding: gzip
server: Apache
x-app-server: be_www.dek-d.com/www-9-52
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
x-via: haproxy-user-4-52
cache-control: no-store, no-cache, must-revalidate, no-cache, must-revalidate
access-control-allow-credentials: true
content-length: 1803
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 / Show response
www.dek-d.com/auth/login2014/ 8 KB
3 KB 531ms
531ms XHR
text/html 94.74.116.230
HWCLOUDS-AS-AP HU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dek-d.com/auth/login2014/
Requested by: Host: www0.dek-d.com
URL: https://www0.dek-d.com/assets/global/js/jquery-latest.min.js?v=1.89
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.74.116.230 Bangkok, Thailand, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS: ecs-94-74-116-230.compute.hwclouds-dns.com
Software: Apache /
Resource Hash: 9ae563edc1340a35b578d82c8c4c90100e25b24636ebea9c61a2a4b3ef58acb5

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.dek-d.com/board/view/4089585
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jun 2023 02:23:40 GMT
content-encoding: gzip
server: Apache
x-app-server: be_www.dek-d.com/www-9-53
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
x-via: haproxy-user-4-52
cache-control: no-store, no-cache, must-revalidate, no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
content-length: 2047
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 init_html Show response
www.dek-d.com/gpi/ 9 KB
2 KB 340ms
340ms XHR
text/html 94.74.116.230
HWCLOUDS-AS-AP HU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dek-d.com/gpi/init_html
Requested by: Host: www0.dek-d.com
URL: https://www0.dek-d.com/assets/global/js/jquery-latest.min.js?v=1.89
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.74.116.230 Bangkok, Thailand, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS: ecs-94-74-116-230.compute.hwclouds-dns.com
Software: Apache /
Resource Hash: 08f689063e3695a477e132c4e6d270728456c09220ba6cb591f72a526ff65c68

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.dek-d.com/board/view/4089585
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jun 2023 02:23:40 GMT
content-encoding: gzip
server: Apache
x-app-server: be_www.dek-d.com/www-9-52
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
x-via: haproxy-user-4-52
cache-control: no-store, no-cache, must-revalidate, no-cache, must-revalidate
content-length: 2033
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 / Show response
apis.adbro.me/api/v2/advertising/slot/ae2fda59-1aad-4db8-9c4b-ef4da4b8ff5c/advertisement/ 13 B
448 B 300ms
277ms XHR
application/json 2606:4700:10::ac43:2682
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://apis.adbro.me/api/v2/advertising/slot/ae2fda59-1aad-4db8-9c4b-ef4da4b8ff5c/advertisement/?pageUrl=https%3A%2F%2Fwww.dek-d.com%2Fboard%2Fview%2F4089585&pageTitle=Fairy%20From%20the%20Painting%20(2022)%20%E0%B8%A5%E0%B8%B4%E0%B8%82%E0%B8%B4%E0%B8%95%E0%B8%A3%E0%B8%B1%E0%B8%81%E0%B8%88%E0%B8%B2%E0%B8%81%E0%B8%9B%E0%B8%A5%E0%B8%B2%E0%B8%A2%E0%B8%9E%E0%B8%B9%E0%B9%88%E0%B8%81%E0%B8%B1%E0%B8%99%20%E0%B8%9E%E0%B8%B2%E0%B8%81%E0%B8%A2%E0%B9%8C%E0%B9%84%E0%B8%97%E0%B8%A2%20Ep.1-24&imageUrl=https%3A%2F%2Fblogger.googleusercontent.com%2Fimg%2Fb%2FR29vZ2xl%2FAVvXsEidtSaYArjK4bgSepUspg0apiNkDICpGAVuvp9Dx59SwXCzYc0DqI6zcJb5NydDZyFKi13_2SzZ4LBZJsq_KgiiWqAu2NUt3c8CcHDGqY49XDhlhDRGeCwiwuRlmd6x-j_MmrCd9ejYWZnKr77uU3OBv3zhYEsSBbjKuxm1ghZ-Tjb0wiq5JjZ0EWmrRXuk%2Fw640-h360%2FFAIRY.jpg&imageSize=640x360&r=ug3gi
Requested by: Host: tag.adbro.me
URL: https://tag.adbro.me/tags/ptag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2682 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba5f3ea40e95f49bce11942f375ebd3882eb837976eda5c0cb78b9b99ca7b485

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-adbro-uid: 69ebfb56-2cd9-4059-880e-82f7dfc02482
date: Fri, 23 Jun 2023 02:23:40 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-adbro-page: 10346649702297129098
x-adbro-ip: Kg1WAAAkFQAQEvNx3pDjWQ==
content-type: application/json
access-control-allow-origin: https://www.dek-d.com
access-control-expose-headers: X-ADBRO-uid,X-ADBRO-ip,X-ADBRO-page,X-ADBRO-assessor,X-ADBRO-preview
access-control-allow-credentials: true
cf-ray: 7db945345d7d8c4d-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 43ms
24ms Fetch
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=193207127471363&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.dek-d.com%2Fboard%2Fview%2F4089585&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=2d79a7ac0ca0aa0d4c06b269ab951ff7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
date: Fri, 23 Jun 2023 02:23:40 GMT
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
x-fb-debug: W2dxIO/Q9Gw/f0ZWrWiICfhorKG1lEhQG9pm6SR2KWZi0CzPv5jxLus5BsOtq9j7jxLFk21LsTWfPTgBPcNnRQ==
fb-s: unknown
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.dek-d.com
origin-agent-cluster: ?0
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306210101/ 393 KB
125 KB 21ms
20ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306210101/pubads_impl.js?cb=31075547

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b682cb846d14bb05298861383969201f50f3334cd261828d904b198b21a81c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 10:36:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56842
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127958
x-xss-protection: 0
server: cafe
etag: 9594374905283295825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 21 Jun 2024 10:36:18 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 5 KB
823 B 78ms
40ms XHR
application/json 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.dek-d.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f7c364728971894d2b7ac0290f8da5091f7a189b6a935a435a9c61a84df62a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 798
x-xss-protection: 0
expires: Fri, 23 Jun 2023 02:23:40 GMT

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 125 KB
48 KB 103ms
52ms Script
application/javascript 2607:f8b0:4020:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=OPT-5QXM7R9

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PMXT86T

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a2d0761be313fb73a4073118fed6413e841adb113514e6cf68702e9895f27ed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 49275
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 23 Jun 2023 02:23:40 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 64ms
17ms Script
text/javascript 2607:f8b0:4020:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PMXT86T

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 23 Jun 2023 00:39:17 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6263
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 23 Jun 2023 02:39:17 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 253 KB
87 KB 58ms
57ms Script
application/javascript 2607:f8b0:4020:804::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-K7NW9P92F5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PMXT86T

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2008 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5e54de80dba0f40336ef0dca07020886660aa79f52dea0d457f90c93e745ca16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88455
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 23 Jun 2023 02:23:40 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 69ms
14ms Script
application/javascript 146.75.36.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PMXT86T
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.36.157 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:40 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
x-amz-server-side-encryption: AES256
etag: "32ad004436155ec972bc50e6238b5b67+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kcgs7200092-IAD

GET
H2 200 lead-latest.js Show response
cdn.thelead.tech/lead/ 10 KB
11 KB 790ms
250ms Script
application/javascript 202.183.165.228
CSLOXINFO-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.thelead.tech/lead/lead-latest.js

Requested by

Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

202.183.165.228 , Thailand, ASN4750 (CSLOXINFO-AS-AP CS LOXINFO PUBLIC COMPANY LIMITED, TH),

Reverse DNS

p354-nasbkkST3.C.csloxinfo.net

Software

Resource Hash

f191536821e73c14b5d46ae722b8c0acadd4db28476a0b4cf53c6bd78b344682

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:40 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 29 Aug 2022 14:43:48 GMT
etag: "630cd0a4-294e"
content-type: application/javascript
cache-control: must-revalidate, max-age=3600
accept-ranges: bytes
content-length: 10574

GET
H/1.1 200
OK container_56d8ecb31c51b1a06c964404.js Show response
ssl-avd.innity.net/142/ 8 KB
4 KB 284ms
83ms Script
application/javascript 23.223.124.41
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl-avd.innity.net/142/container_56d8ecb31c51b1a06c964404.js
Requested by: Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.223.124.41 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-223-124-41.deploy.static.akamaitechnologies.com
Software: nginx/1.20.2 /
Resource Hash: 6f0a897883d0b1557c12a1628f7cd5ff5452cc3af453be4f3302e06400030765

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Fri, 23 Jun 2023 02:23:40 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 Aug 2020 08:15:05 GMT
Server: nginx/1.20.2
ETag: "5f48bd09-20f5-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=1482037
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3226
Expires: Mon, 10 Jul 2023 06:04:17 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 112 KB
28 KB 11ms
8ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b9d9c248d1c87f59c7f19b198c5ed7310a4bfd0f57759dd87d649b00ec9fdb5b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 23 Jun 2023 02:23:40 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 28296
x-xss-protection: 0
pragma: public
x-fb-debug: H9CvChUMo28zCcjwZaHwrwZ7p2hIKliN3P2UYzwsAinojsgEUUFB9JlO5CKJbGRCwqxvm4L4fg5EhAS1pO/brA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 DFPAudiencePixel;ord=1124241994745.5295;dc_seg=444488111
pubads.g.doubleclick.net/activity;dc_iu=/8408698/ 42 B
542 B 107ms
43ms Image
image/gif 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;dc_iu=/8408698/DFPAudiencePixel;ord=1124241994745.5295;dc_seg=444488111?

Requested by

Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jun 2023 02:23:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame A787 51 KB
28 KB 46ms
45ms Document
text/html 2607:f8b0:4006:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdgGzgbAAAAAKq-w4ME0uPg7kBQpYm7UblBWaHK&co=aHR0cHM6Ly93d3cuZGVrLWQuY29tOjQ0Mw..&hl=th&v=IqA9DpBOUJevxkykws9RiIBs&size=invisible&cb=32ebkrs4rn5d

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/recaptcha__th.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2004 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

83865291be2301606b27df17d8072f760a34ff67d3746bf84f4b2f9abc688192

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-R1WmTx9plDIEPJXnowEzqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dek-d.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 28276
content-security-policy: script-src 'report-sample' 'nonce-R1WmTx9plDIEPJXnowEzqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 23 Jun 2023 02:23:40 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5o5-TAFr18s.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_qgszOsFrBH7bZ1Rmfwa9Mc03wLQ/ 118 KB
40 KB 21ms
19ms Script
text/javascript 2607:f8b0:4020:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5o5-TAFr18s.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_qgszOsFrBH7bZ1Rmfwa9Mc03wLQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js?onload=__GOOGLELESSCALLBACK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ecdcd1378b47621bc3956b581c5fced3950dbbfda269bb90009df8b5725116b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 22:21:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 532957
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40788
x-xss-protection: 0
last-modified: Tue, 06 Jun 2023 15:25:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Jun 2024 22:21:03 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 361 KB
121 KB 154ms
82ms Script
text/javascript 2607:f8b0:4020:804::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cdn.radiantmediatechs.com
URL: https://cdn.radiantmediatechs.com/rmp/5.11.3/js/rmp.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed3307c62c0d78bf73af142b4c660e3257374d97385b2f50b28b1003a5c00513

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123120
x-xss-protection: 0
expires: Fri, 23 Jun 2023 02:23:40 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 431ced6916a2a21a156e38701afe55bbd7f88969fbbfc56d7fe099d47f265460

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 rmp-font.woff2
cdn.radiantmediatechs.com/rmp/5.11.3/css/fonts/ 9 KB
9 KB 29ms
29ms Font
application/font-woff2 2606:4700:10::6816:3f96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.radiantmediatechs.com/rmp/5.11.3/css/fonts/rmp-font.woff2?s73jsd

Requested by

Host: cdn.radiantmediatechs.com
URL: https://cdn.radiantmediatechs.com/rmp/5.11.3/css/rmp-s1.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:3f96 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f61c0b0df63d46075f6c7b82cfdcf833dcee642cfa41b55bbdec201c893359c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.radiantmediatechs.com/rmp/5.11.3/css/rmp-s1.min.css
Origin: https://www.dek-d.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:40 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 171635
alt-svc: h3=":443"; ma=86400
content-length: 9204
last-modified: Mon, 07 Dec 2020 12:41:53 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31536000, no-transform
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Range
cf-ray: 7db94535bef38cad-EWR
expires: Fri, 21 Jul 2023 02:43:05 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/ Frame A787 55 KB
24 KB 70ms
29ms Stylesheet
text/css 2607:f8b0:4020:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdgGzgbAAAAAKq-w4ME0uPg7kBQpYm7UblBWaHK&co=aHR0cHM6Ly93d3cuZGVrLWQuY29tOjQ0Mw..&hl=th&v=IqA9DpBOUJevxkykws9RiIBs&size=invisible&cb=32ebkrs4rn5d

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:13:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 195009
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:10:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Jun 2024 20:13:31 GMT

GET
H3 200 recaptcha__th.js Show response
www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/ Frame A787 456 KB
175 KB 71ms
32ms Script
text/javascript 2607:f8b0:4020:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/recaptcha__th.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e33714f51ae27e1b6810a2457f8fba28b24081e380a6189b47d006100892487

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 21:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191195
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 178886
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:10:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Jun 2024 21:17:05 GMT

GET
H/1.1 200
OK / Show response
as.innity.com/synd/ 2 B
855 B 1256ms
495ms XHR
application/json 149.129.240.178
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://as.innity.com/synd/?cb=1687487020501&ver=2&hb=1&output=js&pub=12&zone=65028&url=https%253A%252F%252Fwww.dek-d.com%252Fboard%252Fview%252F4089585&width=300&height=250&vpw=1600&vph=1200&callback=json&callback_uid=2a6649e0643ef&auction=ae445e6b-fabd-4a72-9eaf-aca25c10926d
Requested by: Host: media.innity.net
URL: https://media.innity.net/lib/innityPrebidHB.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 149.129.240.178 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.dek-d.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 23 Jun 2023 02:23:41 GMT
Last-Modified: Fri, 23 Jun 2023 02:23:41 GMT
Server: Apache
Access-Control-Max-Age: 86400
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.dek-d.com
Content-Type: application/json; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Content-Length: 2
Expires: Sat, 03 Sep 1983 02:00:00 GMT

GET
H/1.1 200
OK / Show response
as.innity.com/synd/ 2 B
725 B 2014ms
1238ms XHR
application/json 149.129.240.178
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://as.innity.com/synd/?cb=1687487020501&ver=2&hb=1&output=js&pub=4802&zone=68072&url=https%253A%252F%252Fwww.dek-d.com%252Fboard%252Fview%252F4089585&width=300&height=250&vpw=1600&vph=1200&callback=json&callback_uid=3707cbcc9deab&auction=ae445e6b-fabd-4a72-9eaf-aca25c10926d
Requested by: Host: media.innity.net
URL: https://media.innity.net/lib/innityPrebidHB.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 149.129.240.178 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.dek-d.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 23 Jun 2023 02:23:42 GMT
Last-Modified: Fri, 23 Jun 2023 02:23:42 GMT
Server: Apache
Access-Control-Max-Age: 86400
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.dek-d.com
Content-Type: application/json; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Content-Length: 2
Expires: Sat, 03 Sep 1983 02:00:00 GMT

GET
H/1.1 200
OK / Show response
as.innity.com/synd/ 2 B
855 B 1040ms
255ms XHR
application/json 149.129.240.178
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://as.innity.com/synd/?cb=1687487020501&ver=2&hb=1&output=js&pub=12&zone=64195&url=https%253A%252F%252Fwww.dek-d.com%252Fboard%252Fview%252F4089585&width=1&height=1&vpw=1600&vph=1200&callback=json&callback_uid=400c34badb604e&auction=ae445e6b-fabd-4a72-9eaf-aca25c10926d
Requested by: Host: media.innity.net
URL: https://media.innity.net/lib/innityPrebidHB.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 149.129.240.178 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.dek-d.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 23 Jun 2023 02:23:41 GMT
Last-Modified: Fri, 23 Jun 2023 02:23:41 GMT
Server: Apache
Access-Control-Max-Age: 86400
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.dek-d.com
Content-Type: application/json; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Content-Length: 2
Expires: Sat, 03 Sep 1983 02:00:00 GMT

GET
H/1.1 200
OK / Show response
as.innity.com/synd/ 2 B
725 B 1042ms
258ms XHR
application/json 149.129.240.178
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://as.innity.com/synd/?cb=1687487020501&ver=2&hb=1&output=js&pub=4802&zone=68075&url=https%253A%252F%252Fwww.dek-d.com%252Fboard%252Fview%252F4089585&width=1&height=1&vpw=1600&vph=1200&callback=json&callback_uid=5db36ff571260d&auction=ae445e6b-fabd-4a72-9eaf-aca25c10926d
Requested by: Host: media.innity.net
URL: https://media.innity.net/lib/innityPrebidHB.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 149.129.240.178 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.dek-d.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 23 Jun 2023 02:23:41 GMT
Last-Modified: Fri, 23 Jun 2023 02:23:41 GMT
Server: Apache
Access-Control-Max-Age: 86400
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.dek-d.com
Content-Type: application/json; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Content-Length: 2
Expires: Sat, 03 Sep 1983 02:00:00 GMT

GET
H/1.1 200
OK / Show response
as.innity.com/synd/ 2 B
855 B 1266ms
481ms XHR
application/json 149.129.240.178
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://as.innity.com/synd/?cb=1687487020501&ver=2&hb=1&output=js&pub=12&zone=64195&url=https%253A%252F%252Fwww.dek-d.com%252Fboard%252Fview%252F4089585&width=1&height=1&vpw=1600&vph=1200&callback=json&callback_uid=66a30f9638a40a&auction=ae445e6b-fabd-4a72-9eaf-aca25c10926d
Requested by: Host: media.innity.net
URL: https://media.innity.net/lib/innityPrebidHB.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 149.129.240.178 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.dek-d.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 23 Jun 2023 02:23:41 GMT
Last-Modified: Fri, 23 Jun 2023 02:23:41 GMT
Server: Apache
Access-Control-Max-Age: 86400
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.dek-d.com
Content-Type: application/json; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Content-Length: 2
Expires: Sat, 03 Sep 1983 02:00:00 GMT

GET
H/1.1 200
OK / Show response
as.innity.com/synd/ 2 B
725 B 1272ms
478ms XHR
application/json 149.129.240.178
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://as.innity.com/synd/?cb=1687487020501&ver=2&hb=1&output=js&pub=4802&zone=68075&url=https%253A%252F%252Fwww.dek-d.com%252Fboard%252Fview%252F4089585&width=1&height=1&vpw=1600&vph=1200&callback=json&callback_uid=7ca1b3af63ac8b&auction=ae445e6b-fabd-4a72-9eaf-aca25c10926d
Requested by: Host: media.innity.net
URL: https://media.innity.net/lib/innityPrebidHB.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 149.129.240.178 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.dek-d.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 23 Jun 2023 02:23:41 GMT
Last-Modified: Fri, 23 Jun 2023 02:23:41 GMT
Server: Apache
Access-Control-Max-Age: 86400
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.dek-d.com
Content-Type: application/json; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Content-Length: 2
Expires: Sat, 03 Sep 1983 02:00:00 GMT

GET
H/1.1 200
OK / Show response
as.innity.com/synd/ 2 B
855 B 2770ms
1730ms XHR
application/json 149.129.240.178
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://as.innity.com/synd/?cb=1687487020501&ver=2&hb=1&output=js&pub=12&zone=65025&url=https%253A%252F%252Fwww.dek-d.com%252Fboard%252Fview%252F4089585&width=728&height=90&vpw=1600&vph=1200&callback=json&callback_uid=88ec35c5dd19fd&auction=ae445e6b-fabd-4a72-9eaf-aca25c10926d
Requested by: Host: media.innity.net
URL: https://media.innity.net/lib/innityPrebidHB.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 149.129.240.178 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.dek-d.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 23 Jun 2023 02:23:43 GMT
Last-Modified: Fri, 23 Jun 2023 02:23:43 GMT
Server: Apache
Access-Control-Max-Age: 86400
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.dek-d.com
Content-Type: application/json; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Content-Length: 2
Expires: Sat, 03 Sep 1983 02:00:00 GMT

GET
H/1.1 200
OK / Show response
as.innity.com/synd/ 2 B
725 B 1628ms
588ms XHR
application/json 149.129.240.178
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://as.innity.com/synd/?cb=1687487020501&ver=2&hb=1&output=js&pub=4802&zone=68073&url=https%253A%252F%252Fwww.dek-d.com%252Fboard%252Fview%252F4089585&width=728&height=90&vpw=1600&vph=1200&callback=json&callback_uid=9a6103dc590f24&auction=ae445e6b-fabd-4a72-9eaf-aca25c10926d
Requested by: Host: media.innity.net
URL: https://media.innity.net/lib/innityPrebidHB.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 149.129.240.178 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.dek-d.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 23 Jun 2023 02:23:42 GMT
Last-Modified: Fri, 23 Jun 2023 02:23:42 GMT
Server: Apache
Access-Control-Max-Age: 86400
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.dek-d.com
Content-Type: application/json; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Content-Length: 2
Expires: Sat, 03 Sep 1983 02:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 206 KB
75 KB 70ms
69ms Script
application/javascript 2607:f8b0:4020:804::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-J8TZJ65FPH

Requested by

Host: tag.adbro.me
URL: https://tag.adbro.me/tags/ptag.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2008 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9c548be9ebff40be49a8f899b9e49783a3e618a71b10ed113e31fb743a51d09d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76343
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 23 Jun 2023 02:23:40 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 40ms
9ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306210101/pubads_impl.js?cb=31075547
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 07:50:23 GMT
content-encoding: gzip
age: 1449197
x-guploader-uploadid: ADPycds3JwSMfjQ_7tyrkJkHYOWiMih3In4NNdnRTqxkvFzZG_cJxuMGoEEGDbByHhOVpF6uTCRM29ZrKY6rSCrUtgw2-Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Wed, 05 Jun 2024 07:50:23 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 62ms
24ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306210101/pubads_impl.js?cb=31075547

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 31 May 2023 13:09:50 GMT
server: nginx
etag: W/"6477471e-a980"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 24 Jun 2023 02:23:40 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 79ms
16ms Script
text/javascript 18.160.46.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306210101/pubads_impl.js?cb=31075547
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.46.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-46-56.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 05:20:10 GMT
content-encoding: gzip
via: 1.1 bdf2aab533e801e16a7a135842a2ee18.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:34:33 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P2
age: 75811
x-amz-server-side-encryption: AES256
etag: W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: LBaI0V2H3yZowh70LDhhyIGtEjNMc5ZiB_CdgHiLSxj0Jb2dMylM-w==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 99ms
15ms Script
text/javascript 2600:9000:2199:8c00:a:e047:753:be1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306210101/pubads_impl.js?cb=31075547
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2199:8c00:a:e047:753:be1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: null
Date: Thu, 22 Jun 2023 09:17:00 GMT
Via: 1.1 f082203290ecd8aea497e1bd9f2f6ebc.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: IAD79-C1
Age: 61601
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: wsjUw42u4jiSMGZbsN_5MTer_8Vv3HKXmSU72K9PKyO0bGv94lgwug==

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
897 B 79ms
13ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306210101/pubads_impl.js?cb=31075547

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 23 Jun 2023 02:23:40 GMT
x-content-type-options: nosniff
content-encoding: br
age: 11037
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230042-FRA, cache-lga21978-LGA
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 102 KB
25 KB 67ms
19ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306210101/pubads_impl.js?cb=31075547

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:40 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Jun 2023 08:35:03 GMT
server: cloudflare
x-amz-request-id: 2SZ9RDK3TZ336WS1
age: 1862
etag: W/"9b8b8eb50e4814cbdc325ce477c96910"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7db94536ec65c328-EWR
x-amz-id-2: 87et/dRbi2QIh1pmhvbMNHp/LDcSbRBHFxWM6+4G7c0YIjRyaPg9uOwiYpjoewva/VTFqqQ7c34=

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 2 KB
2 KB 35ms
9ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306210101/pubads_impl.js?cb=31075547
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:08:55 GMT
via: 1.1 google
age: 885
x-guploader-uploadid: ADPycdu520VmOEjT8qF53dN1viFY5EwONBiDubcsudmWOa4FTpb7rXDGiKQxxZXkTRu_ifYeiZkf6HyEQJ2O11sDFc2dDV3Zhg7l
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1938
last-modified: Thu, 27 Apr 2023 19:53:17 GMT
server: UploadServer
etag: "0a4a90264145ed4c5c647dae5dfb0429"
x-goog-generation: 1682625197861193
x-goog-hash: crc32c=jhvysQ==, md5=CkqQJkFF7UxcZH2uXfsEKQ==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 1938
accept-ranges: bytes
expires: Fri, 23 Jun 2023 03:08:55 GMT

GET
H2 200 new_folder.png
www0.dek-d.com/assets/vendor/gpi/images/ 510 B
1010 B 67ms
65ms Image
image/png 199.91.74.219
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www0.dek-d.com/assets/vendor/gpi/images/new_folder.png

Requested by

Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

199.91.74.219 , Mexico, ASN21859 (ZEN-ECN, US),

Reverse DNS

Software

openresty /

Resource Hash

8474954136a482e8cf61b398fbb9125ae8a798706d6da3e07e14c106958221fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 23 Jun 2023 02:23:40 GMT
strict-transport-security: max-age=31536000
via: LA-MEX-queretaro-EDGE2-CACHE1[3],LA-MEX-queretaro-EDGE2-CACHE5[0,TCP_HIT,2],LA-MEX-mexicocity-GLOBAL1-CACHE33[1055],LA-MEX-mexicocity-GLOBAL1-CACHE26[1052,TCP_MISS,1055]
x-ccdn-cachettl: 2592000
x-app-server: be_www0.dek-d.com/www0-9-102
age: 2546174
x-via: haproxy-internal-4-41
content-length: 510
last-modified: Thu, 15 Dec 2016 09:55:02 GMT
server: openresty
etag: "58526876-1fe"
content-type: image/png
cache-control: max-age=604800
x-ccdn-expires: 45826
accept-ranges: bytes
x-hcs-proxy-type: 1
expires: Wed, 31 May 2023 15:07:26 GMT

GET
H2 200 folder.png
www0.dek-d.com/assets/vendor/gpi/images/ 6 KB
7 KB 68ms
66ms Image
image/png 199.91.74.219
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www0.dek-d.com/assets/vendor/gpi/images/folder.png

Requested by

Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

199.91.74.219 , Mexico, ASN21859 (ZEN-ECN, US),

Reverse DNS

Software

openresty /

Resource Hash

aa33b8559115ea155123c65ec809c358ea0e0acccdcff8bdf642ac7979013008

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 23 Jun 2023 02:23:40 GMT
strict-transport-security: max-age=31536000
via: LA-MEX-queretaro-EDGE2-CACHE1[2],LA-MEX-queretaro-EDGE2-CACHE1[0,TCP_HIT,2],LA-MEX-mexicocity-GLOBAL1-CACHE21[269],LA-MEX-mexicocity-GLOBAL1-CACHE16[259,TCP_MISS,264]
x-ccdn-cachettl: 2592000
x-app-server: be_www0.dek-d.com/www0-9-103
age: 2546174
x-via: haproxy-internal-4-41
content-length: 6280
last-modified: Wed, 17 Jan 2018 07:31:02 GMT
server: openresty
etag: "5a5efbb6-1888"
content-type: image/png
cache-control: max-age=604800
x-ccdn-expires: 45826
accept-ranges: bytes
x-hcs-proxy-type: 1
expires: Wed, 31 May 2023 15:07:26 GMT

GET
H2 200 iframe Show response
accounts.google.com/o/oauth2/ Frame C0BC 283 B
1 KB 173ms
84ms Document
text/html 2607:f8b0:4020:805::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5o5-TAFr18s.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_qgszOsFrBH7bZ1Rmfwa9Mc03wLQ/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200d Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b0943439fe18587cb1751f3e7cacf1ce96babe7ef882df7c81f93fdbb74b7cf3

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-EMKcAumNt431jg7YxJmFwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dek-d.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-EMKcAumNt431jg7YxJmFwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Fri, 23 Jun 2023 02:23:40 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 adsct
t.co/i/ 43 B
377 B 115ms
30ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=021499fa-dcef-4f45-8302-693e9b5736a8&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=0436e6d5-e834-4775-abcd-fd63cd8ebc75&tw_document_href=https%3A%2F%2Fwww.dek-d.com%2Fboard%2Fview%2F4089585&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2rbx&type=javascript&version=2.3.29

Requested by

Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-response-time: 5
date: Fri, 23 Jun 2023 02:23:40 GMT
strict-transport-security: max-age=0
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: ba24f4c94a9402b3
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 5bd0776f3e991ed69f991193af1983a3f6363d7d6664da187df1203eff51a1bc
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
394 B 102ms
30ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=021499fa-dcef-4f45-8302-693e9b5736a8&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=0436e6d5-e834-4775-abcd-fd63cd8ebc75&tw_document_href=https%3A%2F%2Fwww.dek-d.com%2Fboard%2Fview%2F4089585&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2rbx&type=javascript&version=2.3.29

Requested by

Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-response-time: 6
date: Fri, 23 Jun 2023 02:23:40 GMT
strict-transport-security: max-age=631138519
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: 7e3566d6cea6ae2d
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: feed60050c69cfeb3503a18d3380258a96963e956464a48b57ee7c5726594f15
content-length: 43

GET
H3 200 1196977856998347 Show response
connect.facebook.net/signals/config/ 376 KB
107 KB 13ms
12ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1196977856998347?v=2.9.108&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1b2260c9ab2d316cf507c37020dc018b6b6c6bf15c1df62eae2f7ba28ae048b8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 23 Jun 2023 02:23:40 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 109802
x-xss-protection: 0
pragma: public
x-fb-debug: NEu8vzTZ1Edv6Bql+wUPPuKMnHQMr85FF3nJyHjTqxRf1ZF5kRaBTTcCCNeSKszcYzt/4nfifdxnFyAJ18BCfg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
23 B 39ms
39ms XHR
text/plain 2607:f8b0:4020:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=984165322&t=pageview&_s=1&dl=https%3A%2F%2Fwww.dek-d.com%2Fboard%2Fview%2F4089585&ul=en-us&de=UTF-8&dt=Fairy%20From%20the%20Painting%20(2022)%20%E0%B8%A5%E0%B8%B4%E0%B8%82%E0%B8%B4%E0%B8%95%E0%B8%A3%E0%B8%B1%E0%B8%81%E0%B8%88%E0%B8%B2%E0%B8%81%E0%B8%9B%E0%B8%A5%E0%B8%B2%E0%B8%A2%E0%B8%9E%E0%B8%B9%E0%B9%88%E0%B8%81%E0%B8%B1%E0%B8%99%20%E0%B8%9E%E0%B8%B2%E0%B8%81%E0%B8%A2%E0%B9%8C%E0%B9%84%E0%B8%97%E0%B8%A2%20Ep.1-24%20%7C%20Dek-D.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEABQAAAACAAI~&jid=24426866&gjid=14681101&cid=915016495.1687487021&uid=0&tid=UA-1726177-1&_gid=1769911761.1687487021&_slc=1&gtm=45He36l0n81PMXT86T&cg1=Board%20View&z=556224200

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dek-d.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 23 Jun 2023 02:23:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dek-d.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
346 B 58ms
23ms XHR
text/plain 2607:f8b0:4004:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-1726177-1&cid=915016495.1687487021&jid=24426866&uid=0&gjid=14681101&_gid=1769911761.1687487021&_u=aGBAgEABQAAAAGAAI~&z=1419336617

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9c Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dek-d.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 23 Jun 2023 02:23:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dek-d.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 41ms
40ms XHR
text/plain 2607:f8b0:4020:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=984165322&t=pageview&_s=1&dl=https%3A%2F%2Fwww.dek-d.com%2Fboard%2Fview%2F4089585&dp=%2F10346649702297129098&ul=en-us&de=UTF-8&dt=Fairy%20From%20the%20Painting%20(2022)%20%E0%B8%A5%E0%B8%B4%E0%B8%82%E0%B8%B4%E0%B8%95%E0%B8%A3%E0%B8%B1%E0%B8%81%E0%B8%88%E0%B8%B2%E0%B8%81%E0%B8%9B%E0%B8%A5%E0%B8%B2%E0%B8%A2%E0%B8%9E%E0%B8%B9%E0%B9%88%E0%B8%81%E0%B8%B1%E0%B8%99%20%E0%B8%9E%E0%B8%B2%E0%B8%81%E0%B8%A2%E0%B9%8C%E0%B9%84%E0%B8%97%E0%B8%A2%20Ep.1-24%20%7C%20Dek-D.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEABQAAAAGAAI~&jid=1493774779&gjid=196198914&cid=915016495.1687487021&tid=UA-127545387-9&_gid=1769911761.1687487021&_r=1&_slc=1&cd1=Kg1WAAAkFQAQEvNx3pDjWQ%3D%3D&z=1060657281

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dek-d.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 23 Jun 2023 02:23:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dek-d.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 206 KB
75 KB 52ms
51ms Script
application/javascript 2607:f8b0:4020:804::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-J8TZJ65FPH&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K7NW9P92F5&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2008 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b1bbe65fc113c6a797a4af805193180bb0b3fcfc814b4a6002edad852f36b760

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76385
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 23 Jun 2023 02:23:40 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
253 B 59ms
31ms Ping
text/plain 2001:4860:4802:36::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-K7NW9P92F5&gtm=45je36l0&_p=984165322&_gaz=1&cid=915016495.1687487021&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1687487020&sct=1&seg=0&dl=https%3A%2F%2Fwww.dek-d.com%2Fboard%2Fview%2F4089585&dt=Fairy%20From%20the%20Painting%20(2022)%20%E0%B8%A5%E0%B8%B4%E0%B8%82%E0%B8%B4%E0%B8%95%E0%B8%A3%E0%B8%B1%E0%B8%81%E0%B8%88%E0%B8%B2%E0%B8%81%E0%B8%9B%E0%B8%A5%E0%B8%B2%E0%B8%A2%E0%B8%9E%E0%B8%B9%E0%B9%88%E0%B8%81%E0%B8%B1%E0%B8%99%20%E0%B8%9E%E0%B8%B2%E0%B8%81%E0%B8%A2%E0%B9%8C%E0%B9%84%E0%B8%97%E0%B8%A2%20Ep.1-24%20%7C%20Dek-D.com&en=page_view&_fv=1&_ss=1&ep.debug_mode=true
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K7NW9P92F5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jun 2023 02:23:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dek-d.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 24ms
23ms Ping
text/plain 2607:f8b0:4004:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-K7NW9P92F5&cid=915016495.1687487021&gtm=45je36l0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K7NW9P92F5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c0b::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jun 2023 02:23:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dek-d.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
69 B 24ms
23ms XHR
text/plain 2607:f8b0:4004:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-127545387-9&cid=915016495.1687487021&jid=1493774779&gjid=196198914&_gid=1769911761.1687487021&_u=aGDAAEABQAAAAGAAI~&z=697542134

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9c Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dek-d.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 23 Jun 2023 02:23:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dek-d.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 27ms
26ms Image
image/gif 2607:f8b0:4006:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1726177-1&cid=915016495.1687487021&jid=24426866&_u=aGBAgEABQAAAAGAAI~&z=1402779407

Requested by

Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2004 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jun 2023 02:23:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dc.js Show response
avd.innity.net/lib/ 20 KB
7 KB 253ms
73ms Script
application/javascript 23.223.124.41
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://avd.innity.net/lib/dc.js
Requested by: Host: ssl-avd.innity.net
URL: https://ssl-avd.innity.net/142/container_56d8ecb31c51b1a06c964404.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.223.124.41 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-223-124-41.deploy.static.akamaitechnologies.com
Software: nginx/1.20.2 /
Resource Hash: 0014ffccade01ae1ab385b85433decef0f11f26cbe25721faa0d13bb5c0badda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Fri, 23 Jun 2023 02:23:40 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Oct 2021 06:40:46 GMT
Server: nginx/1.20.2
ETag: "61725cee-5149-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=1885268
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6412
Expires: Fri, 14 Jul 2023 22:04:48 GMT

GET
H/1.1 200
OK container_5f47736a47e7049801000002.js Show response
avd.innity.net/261/ 8 KB
3 KB 269ms
81ms Script
application/javascript 23.223.124.41
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://avd.innity.net/261/container_5f47736a47e7049801000002.js
Requested by: Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.223.124.41 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-223-124-41.deploy.static.akamaitechnologies.com
Software: nginx/1.20.2 /
Resource Hash: 2c3282f6361e85f669bc3d248b8693c53dd22f8f06488c99beb57258e6e00f87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Fri, 23 Jun 2023 02:23:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Sep 2020 01:58:26 GMT
Server: nginx/1.20.2
ETag: "5f73e642-1eac-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=945867
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2875
Expires: Tue, 04 Jul 2023 01:08:08 GMT

GET
H2 200 bridge3.578.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame D176 709 KB
226 KB 13ms
12ms Document
text/html 2607:f8b0:4020:804::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4895c44118a86780663c6e877b78922dda0ddb83051b4b1d22ed786415868af1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dek-d.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 564451
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 231472
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Jun 2023 13:36:09 GMT
expires: Sat, 15 Jun 2024 13:36:09 GMT
last-modified: Wed, 07 Jun 2023 16:35:26 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 82ms
38ms Script
text/javascript 2607:f8b0:4020:805::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2006 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 23 Jun 2023 02:23:40 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame A787 2 KB
2 KB 13ms
13ms Image
image/png 2607:f8b0:4020:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 17:35:53 GMT
x-content-type-options: nosniff
age: 31667
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 29 Jun 2023 17:35:53 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A787 15 KB
15 KB 14ms
12ms Font
font/woff2 2607:f8b0:4020:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:59:20 GMT
x-content-type-options: nosniff
age: 559460
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Jun 2024 14:59:20 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A787 15 KB
15 KB 16ms
15ms Font
font/woff2 2607:f8b0:4020:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 20:49:12 GMT
x-content-type-options: nosniff
age: 538468
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Jun 2024 20:49:12 GMT

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 241 B
335 B 92ms
91ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: fb7848c0a95bc63ea5042649ba9718b8c81342b46cbc1120f17ae8805b92592f

Request headers

Referer: https://www.dek-d.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 23 Jun 2023 02:23:41 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: a11aea2ab75d68876474c66e05863b22
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 241

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 113ms
87ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.dek-d.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://www.dek-d.com
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Fri, 23 Jun 2023 02:23:40 GMT
server: Google Frontend
vary: Origin
via: 1.1 google, 1.1 google
x-cloud-trace-context: 9906ce5bb213d30d1529fb32d1c825fa

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.dek-d.com%2Fboard%2Fview%2F4089585&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.dek-d.com%2Fboard%2Fview%2F4089585&rid=esp&cc=1

85 B
203 B

45ms
35ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.dek-d.com%2Fboard%2Fview%2F4089585&rid=esp&cc=1
Requested by: Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 1412c44a0e7127f2e7a1df157021a23205e7ef502748b497a0d3118082e36795

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:41 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-DAqpjxYvjeAL9Cv57g6Gz9/qcrU"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.dek-d.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Fri, 23 Jun 2023 02:23:40 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://www.dek-d.com
location: /esp?url=https%3A%2F%2Fwww.dek-d.com%2Fboard%2Fview%2F4089585&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 m=base Show response
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.GgHLvQHDfb0.es5.O/d=1/rs=AOaEmlG_8QJwokVuA8xS0kxHp_7Qc-8sNw/ Frame C0BC 100 KB
35 KB 14ms
13ms Script
text/javascript 2607:f8b0:4020:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.GgHLvQHDfb0.es5.O/d=1/rs=AOaEmlG_8QJwokVuA8xS0kxHp_7Qc-8sNw/m=base

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5273764ccd1820d13d57789b0e446201640b35b5fe2b7c5927b72b36a102ecfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 19:22:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25275
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35307
x-xss-protection: 0
last-modified: Sat, 10 Jun 2023 04:39:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Jun 2024 19:22:25 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 19ms
17ms Ping
text/plain 2001:4860:4802:36::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-J8TZJ65FPH&gtm=45je36l0&_p=984165322&_gaz=1&cid=915016495.1687487021&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dl=%2F10346649702297129098&sid=1687487020&sct=1&seg=0&dt=Fairy%20From%20the%20Painting%20(2022)%20%E0%B8%A5%E0%B8%B4%E0%B8%82%E0%B8%B4%E0%B8%95%E0%B8%A3%E0%B8%B1%E0%B8%81%E0%B8%88%E0%B8%B2%E0%B8%81%E0%B8%9B%E0%B8%A5%E0%B8%B2%E0%B8%A2%E0%B8%9E%E0%B8%B9%E0%B9%88%E0%B8%81%E0%B8%B1%E0%B8%99%20%E0%B8%9E%E0%B8%B2%E0%B8%81%E0%B8%A2%E0%B9%8C%E0%B9%84%E0%B8%97%E0%B8%A2%20Ep.1-24%20%7C%20Dek-D.com&en=page_view&_fv=1&_ss=1&_ee=1&ep.ip=Kg1WAAAkFQAQEvNx3pDjWQ%3D%3D
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J8TZJ65FPH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jun 2023 02:23:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dek-d.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 17ms
16ms Ping
text/plain 2607:f8b0:4004:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-J8TZJ65FPH&cid=915016495.1687487021&gtm=45je36l0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J8TZJ65FPH
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c0b::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jun 2023 02:23:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dek-d.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame D48A 15 KB
6 KB 37ms
12ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.dek-d.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.dek-d.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 23 Jun 2023 02:23:40 GMT
server: Kestrel
server-processing-duration-in-ticks: 266809
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
322 B 281ms
88ms XHR
text/plain 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.dek-d.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.dek-d.com
date: Fri, 23 Jun 2023 02:23:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame A787 102 B
133 B 26ms
25ms Other
text/javascript 2607:f8b0:4006:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=th&v=IqA9DpBOUJevxkykws9RiIBs

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2004 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5fdce742967bbaa916dae111a269960794a5c26feb779e5d78de2bce5aaa55d7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdgGzgbAAAAAKq-w4ME0uPg7kBQpYm7UblBWaHK&co=aHR0cHM6Ly93d3cuZGVrLWQuY29tOjQ0Mw..&hl=th&v=IqA9DpBOUJevxkykws9RiIBs&size=invisible&cb=32ebkrs4rn5d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
x-xss-protection: 1; mode=block
expires: Fri, 23 Jun 2023 02:23:41 GMT

POST
H2 400 cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame C0BC 2 KB
914 B 44ms
43ms Other
text/html 2607:f8b0:4020:805::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/_/IdpIFrameHttp/cspreport

Requested by

Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200d Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

adffcaa33fbbdf276bdf830cb875e36e8652567361c9333f7a6064d3aa07f74d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Fri, 23 Jun 2023 02:23:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 86ms
41ms Script
application/javascript 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.dek-d.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 156 B
613 B 77ms
28ms XHR
application/json 54.236.176.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.236.176.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-176-175.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 1146303deacd97b785598d354f72931affa9a9b67673b7d36e356d4e0d592dd4

Request headers

Referer: https://www.dek-d.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 23 Jun 2023 02:23:41 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.dek-d.com
cache-control: no-cache
x-server: 10.40.46.209
access-control-allow-credentials: true
content-length: 156
expires: 0

GET
H3 200 103996097093670 Show response
connect.facebook.net/signals/config/ 376 KB
107 KB 54ms
53ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/103996097093670?v=2.9.108&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fed2b266d7be58e5abd969c4c56880bad330d7dac9b2f147c8bd8cce7c45844a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 23 Jun 2023 02:23:41 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: og3klg0aVbx50baE9xl+JpZewZxPmMtf9sct5vUgqATrT0wLeEW4uqtO8pD3C8DSHBDXy3i5w8JvNj8UP/WgdQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame D48A
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=dek-d.com&sn=ChromeSyncframe&so=0&topUrl=www.dek-d.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=4A8RFnxXZjhYSHB3cUlJcGFHODB0NUxLNGhJbWxyUDhjT0pCb1ViR2VWQWlxT2hGNkp0TGZjcmIrQkRBUEwyUnZMbFVqTG9Yb25CMGJldTkyK3I0Q1hBV214SkloRTVtODZrOTY5ZVNOVGlyaVR2U1JLUzRndytzaHNyMT...

435 B
651 B

51ms
13ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=4A8RFnxXZjhYSHB3cUlJcGFHODB0NUxLNGhJbWxyUDhjT0pCb1ViR2VWQWlxT2hGNkp0TGZjcmIrQkRBUEwyUnZMbFVqTG9Yb25CMGJldTkyK3I0Q1hBV214SkloRTVtODZrOTY5ZVNOVGlyaVR2U1JLUzRndytzaHNyMTRCNk8vb1FJcTBaNmk5alVzWFdzQmU2dmlxV3d5QVZ4Q0lVSjg2d0tmazYxMDZGM0xLN0JVMDJyQ1FtYlRzWjZXU20zSW1US0VZZHQyMFdueWJZaGY4R0p3RXFxbnpPRzZ3RWpYL3k1SDcxTlk2amJQdldFVHdXbkQ5V2phUTU4MGxIcm5JUmFiaEtOeWhkQVQwOVNncVp3VHp1eDdqUT09fA&cppv=2

Requested by

Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

3afaf38c8717da1e382e2061f474744f7f0c7af0ab63985565d92c50868c561d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jun 2023 02:23:41 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1833539
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 23 Jun 2023 02:23:40 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=4A8RFnxXZjhYSHB3cUlJcGFHODB0NUxLNGhJbWxyUDhjT0pCb1ViR2VWQWlxT2hGNkp0TGZjcmIrQkRBUEwyUnZMbFVqTG9Yb25CMGJldTkyK3I0Q1hBV214SkloRTVtODZrOTY5ZVNOVGlyaVR2U1JLUzRndytzaHNyMTRCNk8vb1FJcTBaNmk5alVzWFdzQmU2dmlxV3d5QVZ4Q0lVSjg2d0tmazYxMDZGM0xLN0JVMDJyQ1FtYlRzWjZXU20zSW1US0VZZHQyMFdueWJZaGY4R0p3RXFxbnpPRzZ3RWpYL3k1SDcxTlk2amJQdldFVHdXbkQ5V2phUTU4MGxIcm5JUmFiaEtOeWhkQVQwOVNncVp3VHp1eDdqUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 269697
content-length: 0
expires: 0

GET
H/1.1 200
OK / Show response
avd.innity.com/dc/cb/ 59 B
707 B 1021ms
250ms Script
application/javascript 119.81.192.134
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://avd.innity.com/dc/cb/?mt=_iampt._cbUC
Requested by: Host: avd.innity.net
URL: https://avd.innity.net/lib/dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.192.134 , Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: 86.c0.5177.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: e6ff0e015af83e153abfc1233eaa0133d93ae5e24ec088fdda929a6d36318186

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Jun 2023 02:23:42 GMT
Content-Encoding: gzip
Last-Modified: Fri, 23 Jun 2023 02:23:42 GMT
Server: Apache
Vary: Accept-Encoding
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length: 79
Expires: Wed, 04 Aug 1985 12:59:00 GMT

GET
H3 200 iframerpc Show response
accounts.google.com/o/oauth2/ Frame C0BC 49 B
96 B 60ms
59ms XHR
application/json 2607:f8b0:4020:805::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fwww.dek-d.com&client_id=897471588109.apps.googleusercontent.com

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.GgHLvQHDfb0.es5.O/d=1/rs=AOaEmlG_8QJwokVuA8xS0kxHp_7Qc-8sNw/m=base

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::200d Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CIvbMh3YvLAjPDOpHBbJNg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
X-Requested-With: XmlHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-CIvbMh3YvLAjPDOpHBbJNg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
content-encoding: gzip
cross-origin-embedder-policy: require-corp
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site, Origin
content-type: application/json; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Fri, 23 Jun 2023 02:23:41 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 3501 594 B
809 B 53ms
30ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: b4edc9a9957f33efebc52edb7315b06e6d0fffbd2bb39e90038fcea9f2c871eb

Request headers

Referer: https://www.dek-d.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 383
content-type: text/html
date: Fri, 23 Jun 2023 02:23:41 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 /
www.facebook.com/tr/ 0
102 B 10ms
8ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1196977856998347&ev=PageView&dl=https%3A%2F%2Fwww.dek-d.com%2Fboard%2Fview%2F4089585&rl=&if=false&ts=1687487021345&sw=1600&sh=1200&v=2.9.108&r=stable&ec=0&o=30&fbp=fb.1.1687487021343.1039425757&cs_est=true&it=1687487020637&coo=false&rqm=GET

Requested by

Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 23 Jun 2023 02:23:41 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 10ms
9ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=103996097093670&ev=PageView&dl=https%3A%2F%2Fwww.dek-d.com%2Fboard%2Fview%2F4089585&rl=&if=false&ts=1687487021347&sw=1600&sh=1200&v=2.9.108&r=stable&ec=0&o=30&fbp=fb.1.1687487021343.1039425757&cs_est=true&it=1687487020637&coo=false&rqm=GET

Requested by

Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 23 Jun 2023 02:23:41 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 11ms
9ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1196977856998347&ev=PageViewNUGIRL&dl=https%3A%2F%2Fwww.dek-d.com%2Fboard%2Fview%2F4089585&rl=&if=false&ts=1687487021348&sw=1600&sh=1200&v=2.9.108&r=stable&ec=1&o=30&fbp=fb.1.1687487021343.1039425757&it=1687487020637&coo=false&rqm=GET

Requested by

Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 23 Jun 2023 02:23:41 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 11ms
10ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=103996097093670&ev=PageViewNUGIRL&dl=https%3A%2F%2Fwww.dek-d.com%2Fboard%2Fview%2F4089585&rl=&if=false&ts=1687487021349&sw=1600&sh=1200&v=2.9.108&r=stable&ec=1&o=30&fbp=fb.1.1687487021343.1039425757&it=1687487020637&coo=false&rqm=GET

Requested by

Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 23 Jun 2023 02:23:41 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 bulk Show response
connect.thelead.tech/event/ 77 B
228 B 815ms
262ms XHR
application/json 202.183.165.228
CSLOXINFO-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.thelead.tech/event/bulk

Requested by

Host: cdn.thelead.tech
URL: https://cdn.thelead.tech/lead/lead-latest.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

202.183.165.228 , Thailand, ASN4750 (CSLOXINFO-AS-AP CS LOXINFO PUBLIC COMPANY LIMITED, TH),

Reverse DNS

p354-nasbkkST3.C.csloxinfo.net

Software

Resource Hash

c6125d394ff2c9e6d541bc3d5dc17cba5a207fa9cddaad3d07c5e82aa193aef6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.dek-d.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 23 Jun 2023 02:23:42 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 77
vary: Origin
content-type: application/json

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D176 156 B
561 B 392ms
391ms XHR
text/xml 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F8408698%2Fvast&description_url=%5Bplaceholder%5D&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=640704773724834&nofb=1&vpa=click&vpmute=1&vconp=1&sdkv=h.3.578.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=radiantmediaplayer&mpv=5.11.3&sdki=445&ptt=20&adk=3384091189&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.578.0&sid=419EC963-459B-4283-A52A-BECED4A87EE0&a3p=EhwKDWNyd2RjbnRybC5uZXQYmvzBsI4xSABSAghkEhkKCnB1YmNpZC5vcmcYt__BsI4xSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGJr8wbCOMUgAUgIIZBLWAQoIcnRiaG91c2USwAFyUWxhWWRnOFhSL3lNbWZYeVFqR2tKV0szWnBqNlc5MHZ5OVNFQmZPaEdhY0pGZ21JOFhPem9KQjlWU05veEtSNGhEeFhlQml2amx6TmhiZmhIVVhMNVQydnZGeEhzYmpsQ3JUTmZMNUZaU0V0QVROYTZ1cW9lSGNnSm4xeTJDc3hQMTVUcXUrWWYwRHdsVEFnWitYaEtSanlTM21tc3oxQjBjL2lrOHFTeGk0TmczaHJsMm0yRGhHNHdEeVl2NVMY2YHCsI4xSAASGQoKdWlkYXBpLmNvbRia_MGwjjFIAFICCGQSFAoFb3BlbngYmfzBsI4xSABSAghkEhsKDGlkNS1zeW5jLmNvbRia_MGwjjFIAFICCGQ.&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&url=https%3A%2F%2Fwww.dek-d.com%2Fboard%2Fview%2F4089585&dlt=1687487017301&idt=3884&dt=1687487021369&cookie_enabled=1&scor=3713482357108500&ged=ve4_td4_tt0_pd4_la4000_er968.300.1120.600_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1c0a7ff7-49cf-e0ff-e854-9f66274f6bac
pr-bh.ybp.yahoo.com/sync/openx/ Frame 3501 43 B
602 B 73ms
22ms Image
image/gif 2600:1f18:4e9:5a05:ece6:9019:be6a:7d62
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/1c0a7ff7-49cf-e0ff-e854-9f66274f6bac?gdpr=0

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:4e9:5a05:ece6:9019:be6a:7d62 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:41 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 3501
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=d01b65ce-c5c9-c94c-198d-0b04b02b6d05
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=d01b65ce-c5c9-c94c-198d-0b04b02b6d05&dcc=t

43 B
855 B

37ms
37ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=d01b65ce-c5c9-c94c-198d-0b04b02b6d05&dcc=t

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Jun 2023 02:23:41 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: RM33XDRRA4WRW395E85P
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 23 Jun 2023 02:23:41 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: DNN5XZG1QW0F83DB1V4C
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=d01b65ce-c5c9-c94c-198d-0b04b02b6d05&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 3501
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=88cd19b3-d963-72b6-d983-8993d818a6e5&gdpr=0
https://match.adsrvr.org/track/cmb/openx?oxid=88cd19b3-d963-72b6-d983-8993d818a6e5&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=905d8965-b469-4abf-b72b-692dbac0cfd0&ttd_puid=88cd19b3-d963-72b6-d983-8993d818a6e5&gdpr=0&gdpr_consent=

43 B
323 B

39ms
29ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=905d8965-b469-4abf-b72b-692dbac0cfd0&ttd_puid=88cd19b3-d963-72b6-d983-8993d818a6e5&gdpr=0&gdpr_consent=
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jun 2023 02:23:41 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 23 Jun 2023 02:23:41 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=905d8965-b469-4abf-b72b-692dbac0cfd0&ttd_puid=88cd19b3-d963-72b6-d983-8993d818a6e5&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 335

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 3501 170 B
409 B 153ms
40ms Image
image/png 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTRhMmNhNzktMTAxNC0yYzEyLWNjNjMtZDMyYTEyZmE2ODg1

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jun 2023 02:23:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 3501
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELYo79M1DrFzDNlIKvLo1EE&google_cver=1

43 B
106 B

32ms
32ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELYo79M1DrFzDNlIKvLo1EE&google_cver=1
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jun 2023 02:23:41 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 23 Jun 2023 02:23:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELYo79M1DrFzDNlIKvLo1EE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST csi
csi.gstatic.com/ Frame D176 0
0

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 45B6 0
18 B 7ms
7ms Document
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.dek-d.com
Referer: https://www.dek-d.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.dek-d.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 23 Jun 2023 02:23:41 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 7E38 0
15 B 6ms
6ms Document
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.dek-d.com
Referer: https://www.dek-d.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.dek-d.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 23 Jun 2023 02:23:41 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 53ms
52ms Script
application/javascript 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.dek-d.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306210101/pubads_impl.js?cb=31075547

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 115 KB
20 KB 509ms
508ms XHR
text/plain 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1394678872176879&correlator=2999460234361157&eid=31075484%2C31075547%2C21065725&output=ldjh&gdfp_req=1&vrg=202306210101&ptt=17&impl=fifs&iu_parts=8408698%2CB1%2CB2%2CNative_Relate_Article_1%2CNative_Relate_Article_2&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=970x250%7C728x90%7C970x150%2C300x250%2C320x50%2C320x50&fluid=0%2C0%2Cheight%2Cheight&ifi=1&adks=1338211412%2C2099640265%2C2924369313%2C1486134490&didk=1671204175~1671204160~218851779~218851778&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1687487021988&lmt=1687487021&dlt=1687487017301&idt=3246&adxs=315%2C1035%2C265%2C265&adys=60%2C306%2C4107%2C4148&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.dek-d.com%2Fboard%2Fview%2F4089585&frm=20&vis=1&psz=970x90%7C300x372%7C710x21%7C710x20&msz=970x90%7C300x-1%7C710x0%7C710x0&fws=0%2C4%2C0%2C0&ohw=0%2C710%2C0%2C0&ga_vid=915016495.1687487021&ga_sid=1687487022&ga_hid=984165322&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306210101/pubads_impl.js?cb=31075547

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7c6c4f734bf6710c763736e7e21a718dbe9ff63b03e12c86c650e7a271d31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:42 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20098
x-xss-protection: 0
google-lineitem-id: -1,-1,624773058,624773058
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,138333503463,138331879167
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.dek-d.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0CA2 6 KB
3 KB 85ms
48ms Document
text/html 2607:f8b0:4020:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306210101/pubads_impl.js?cb=31075547

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dek-d.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 23 Jun 2023 02:23:42 GMT
expires: Sat, 22 Jun 2024 02:23:42 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST csi
csi.gstatic.com/ Frame D176 0
0

GET
H/1.1 200
OK /
avd.innity.com/dc/ 43 B
570 B 251ms
250ms Image
image/gif 119.81.192.134
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avd.innity.com/dc/?cl=142&cuid=8b63462aaa6d3b6839162722d781afb5&cb=1687487022286&douid=&sess=43815980.142.1687487022285&dur=0&ref=https%3A%2F%2Fwww.dek-d.com%2Fboard%2Fview%2F4089585&srf=&pk=&pt=Fairy%20From%20the%20Painting%20(2022)%20%E0%B8%A5%E0%B8%B4%E0%B8%82%E0%B8%B4%E0%B8%95%E0%B8%A3%E0%B8%B1%E0%B8%81%E0%B8%88%E0%B8%B2%E0%B8%81%E0%B8%9B%E0%B8%A5%E0%B8%B2%E0%B8%A2%E0%B8%9E%E0%B8%B9%E0%B9%88%E0%B8%81%E0%B8%B1%E0%B8%99%20%E0%B8%9E%E0%B8%B2%E0%B8%81%E0%B8%A2%E0%B9%8C%E0%B9%84%E0%B8%97%E0%B8%A2%20Ep.1-24&sr=1600x1200&ul=en-US&de=UTF-8&vp=1600x1200
Requested by: Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.192.134 , Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: 86.c0.5177.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Jun 2023 02:23:42 GMT
Last-Modified: Fri, 23 Jun 2023 02:23:42 GMT
Server: Apache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length: 43
Expires: Wed, 04 Aug 1985 12:59:00 GMT

GET
H/1.1 200
OK /
avd.innity.com/sync/ 43 B
452 B 252ms
251ms Image
image/gif 119.81.192.134
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avd.innity.com/sync/?partner=innity&token=8b63462aaa6d3b6839162722d781afb5&type=cookie&itmcb=1687487022287
Requested by: Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.192.134 , Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: 86.c0.5177.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dek-d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Jun 2023 02:23:42 GMT
Last-Modified: Fri, 23 Jun 2023 02:23:42 GMT
Server: Apache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length: 43
Expires: Wed, 04 Aug 1985 12:59:00 GMT

GET
H2 200 container.html Show response
6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AE65 6 KB
3 KB 17ms
15ms Document
text/html 2607:f8b0:4020:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306210101/pubads_impl.js?cb=31075547

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dek-d.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 23 Jun 2023 02:23:42 GMT
expires: Sat, 22 Jun 2024 02:23:42 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F728 6 KB
3 KB 15ms
14ms Document
text/html 2607:f8b0:4020:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306210101/pubads_impl.js?cb=31075547

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dek-d.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 23 Jun 2023 02:23:42 GMT
expires: Sat, 22 Jun 2024 02:23:42 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9F19 6 KB
3 KB 17ms
17ms Document
text/html 2607:f8b0:4020:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306210101/pubads_impl.js?cb=31075547

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dek-d.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 23 Jun 2023 02:23:42 GMT
expires: Sat, 22 Jun 2024 02:23:42 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4FFB 6 KB
3 KB 18ms
18ms Document
text/html 2607:f8b0:4020:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306210101/pubads_impl.js?cb=31075547

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dek-d.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 23 Jun 2023 02:23:42 GMT
expires: Sat, 22 Jun 2024 02:23:42 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame AE65 0
0 52ms
51ms Fetch
text/html 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CoVzSLgKVZOGxBJG2zwXQ6raYBpyB77BcosqnqnTAjbcBEAEgAGDJxqmLwKTYD4IBF2NhLXB1Yi0wNzk1MjczMzMxNTcxNTk5yAEJ4AIAqAMBqgT2AU_QaQS5xnhCT5I-xRJVKkcp8V47eDIvXoYFYO2NGVmrMoXHvQaIyr035MCk-_g9WOn3hldglVjZUQdN0nTwj4T0zBmNKrB-CcIkKdj--W1TRYB38nXOhHryoTbvUMAs83OJwLskF6mVfK3gqIyD14jD3OEJmXkz1oImVoFkbCKLr4u7lqXxjr6nd0QrBROVfiYDCUs3q5OE_GpbE_egqfz88h8n0iq2jqvo9-fNL5hnpX6xs3sVm-ROxFOXdNRjXTYgtLWlRLqIsaKSIS77RGoyBTv2LAjS55-8MF_eRRxPJHjT1QawWuIaALXVPHonhKbeJ-7vGuAEAYAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMDc5NTI3MzMzMTU3MTU5ORiS0hA&sigh=UA2iZhpW58k&uach_m=[UACH]&cid=CAQSPABygQiD6RDGHYt3DE7FJ4aJPqxKlz6_iVi-KGeHbqiNhp5dZgRrSxhI6eNXpTRTx2tijtx1K29qCSJk7hgB
Requested by: Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H2 200 notify
rtb.va.us.criteo.com/google/auction/ Frame AE65 0
0 63ms
18ms Fetch 2620:100:a001::3
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kq_oEuL6CsoH-gHiIp0XAgAAAN5T-Jgfku3hM7J2rhAtApVk2AbTDg1AkxYW_gAAEgAACgpBUVVCQ2dFQkNn&wp=ZJUCLgABGOEKs9sRAA21UO4NFTnPnMt3n-5VbA

Requested by

Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:42 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 231759
server: Kestrel
content-length: 0

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame 9126 191 KB
56 KB 201ms
137ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=ZJUCLgABGOEKs9sRAA21UO4NFTnPnMt3n-5VbA&u=%7CA0oG8TsfsQIJ1jmN8Zd5a8SgnyRrc3KR%2BMyHQW%2B1YEY%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSORU0Czg3jKSfbBp90MLS0g-bYZvVZyAZxZIBHtvJNqQTRezZLVMMbHi3qipa2qDdSMdLyHBpEOe8wn9j7A4pYfCFQ5e6hSWJww1NH_88yacw0P2xFRTGT8iQEpZtZ8tzVFDBHJ4W8SvtURXtAMWTAr5yjAu4VcsfRlCHWbBAHSPCuws8Xbc9a2MF-lWA0Dt4dS9Ry4htAFTXcYXA0qIB9W6_WDQ1gpHA2C6ekXyAMikr12GMmHCWmxNwoxX5bVIDY-fL3DeBkEvAkbuv9c8Frtjj_CZc33MZ9-ysTSfZVHI6eJOCSz9Wam29QDcxpuAiGmAfrWSA7CH56A4q4STuhzvTqvk5XyCUSAzPCKp1QJ7ycnIU0AqXkG0lk_J-kaNGQt_KgADonbUrTYdpLvpRNOqbCmwAhDbqi6mtojYo8A6rVTrBV9mL_gQZyJt5GMo24FvBEciALlWKGsU9KcRBF4RR_jO6Si6PxMDLQxCxyu53pLHMLkQpkFzaraB9zNdzMqkd973I5pYJvpoGTg2RWehLs3Qe4_fYvwIba-aPzLPkIn4qA1fC6VDPuIWPcgaSWbiqu6un9DPRxhdTw9JKL9JUEJBHfELyZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyBCDLgKVZOGxBJG2zwXQ6raYBpyB77BcosqnqnTAjbcBEAEgAGDJxqmLwKTYD4IBF2NhLXB1Yi0wNzk1MjczMzMxNTcxNTk5yAEJ4AIAqAMBqgT5AU_QaQS5xnhCT5I-xRJVKkcp8V47eDIvXoYFYO2NGVmrMoXHvQaIyr035MCk-_g9WOn3hldglVjZUQdN0nTwj4T0zBmNKrB-CcIkKdj--W1TRYB38nXOhHryoTbvUMAs83OJwLskF6mVfK3gqIyD14jD3OEJmXkz1oImVoFkbCKLr4u7lqXxjr6nd0QrBROVfiYDCUs3q5OE_GpbE_egqfz88h8n0iq2jqvo9-fNL5hnpX6xs3sVm-ROxFOXdNRjXTYgtLWlRLqIsaKSIS77RGoyRznWvqMgbp9_uTJSrmbG58_v_Q-eQiaB889c9cQ5qL538X_v2b-ynOAEAYAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2QdCl84nRR9JmPkZr_LBAKgcK1vw%26client%3Dca-pub-0795273331571599%26adurl%3D

Requested by

Host: 6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com
URL: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4d0d12e5475277120412e976b3d2598589026bcd6483b3693a52595b4b4f835a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 23 Jun 2023 02:23:42 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=H0a7eVwXvvdwtvlfm-vHjxCtCCD5zUS3BbOR02MvGI-tUZI_kBBqiO0HewFmf654Fu7yQQVpZJ3BkPYyNP0hhIXMjGd4YpG3tORdBTA8vLGv_a7ygIJ65ACSmScVMa2TnHXRv9pS6xL5SVIQG2uy3u1kJary7uONFLXtAam_T-FtER-5q_OLHQ4-ibPc1ND8x9r5lwgIrEGVW-pGQjPtrWjqfcwGYwCV9FBBcqA5I6MWIti7mOItUNadAboiix7gQ8s1IQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 120667517
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame AE65 3 KB
1 KB 100ms
44ms Script
text/javascript 2607:f8b0:4020:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Host: 6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com
URL: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 19:11:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25959
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Jul 2023 19:11:03 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame BE80 1 KB
1001 B 55ms
13ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com
URL: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 73898
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Jun 2023 05:52:04 GMT
etag: 48472445140208031
expires: Fri, 23 Jun 2023 05:52:04 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame AE65 19 KB
8 KB 74ms
20ms Script
text/javascript 2607:f8b0:4020:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com
URL: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 19:11:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25959
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8131
x-xss-protection: 0
server: cafe
etag: 7076601798724011321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Jul 2023 19:11:03 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame AE65 24 KB
7 KB 77ms
22ms Script
text/javascript 2607:f8b0:4020:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com
URL: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:12:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 569449
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 15 Jun 2024 12:12:53 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AE65 179 KB
56 KB 48ms
47ms Script
text/javascript 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com
URL: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57242
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687383875062185"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Jun 2023 02:23:42 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F728 0
0 52ms
52ms Fetch
text/html 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CfREPLgKVZOKxBJG2zwXQ6raYBpyB77BcosqnqnTAjbcBEAEgAGDJxqmLwKTYD4IBF2NhLXB1Yi0wNzk1MjczMzMxNTcxNTk5yAEJ4AIAqAMBqgT5AU_QfmOZbAsSQ02UmjiN0s4xnOWfqUzzTUZA3WJlN5ZqTixaj6_VICOccB1FzYSQl6GSCgzitxmb33bpn8yjL4_2nCYeMcwozsUec_FtRSghPasczHZnFc5nCMtWtOlBpSIjA6_wx36QE3qQ19ojsrznzpxf_gLYb5mKpbJ7T8vP8kgU5S6IPWH5V1C_v2ODD0JLIGYfXvNPzaiNl4aaMIUO6IGOLw9d43IYhorpX4bt_-NfHxgKgA7dIo87QDEI4iNKK8lRNbfdWKDMlOCWtBM4Y6HRn_QhHro5CTivUp7LAlocEGw3rdarnpBRLszsSJC-DnL0PvzXpOAEAYAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMDc5NTI3MzMzMTU3MTU5ORiS0hA&sigh=99TUF4VH_5Q&uach_m=[UACH]&cid=CAQSPABygQiD6RDGHYt3DE7FJ4aJPqxKlz6_iVi-KGeHbqiNhp5dZgRrSxhI6eNXpTRTx2tijtx1K29qCSJk7hgB
Requested by: Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H2 200 notify
rtb.va.us.criteo.com/google/auction/ Frame F728 0
0 54ms
17ms Fetch 2620:100:a001::3
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kq_oEoGwB6wC-gHiIp0XAgAAAN5T-Jgfku3hM7J2rhAuApVkXW2x1dyGjgkdDgAAEgAACgpBUVVCQ2dFQkNn&wp=ZJUCLgABGOIKs9sRAA21UPKGAkUwj7fJ8KWqpA

Requested by

Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:42 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 249448
server: Kestrel
content-length: 0

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame 3447 177 KB
53 KB 157ms
100ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=ZJUCLgABGOIKs9sRAA21UPKGAkUwj7fJ8KWqpA&u=%7CA0oG8TsfsQLvczkpOoP7a52lvNkhW5dhjwY5ejVSkvs%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSORU0Czg3jKSfbBp90MLS0g-bYZvVZyAZxZIBHtvJNqQTCqphM0JA5pdjVDjmqrH8NUoKq7FNOpbt6iiIswzxL47Fp8xw2TILqZzFK6RMm0HT4TwujS8R8MbTbfghPYbmqJk0aM85JXpwLq4oR7DUN2B4AmNG-R1OMsmt3hiVCpPwUnJRrDiAEeS9iV5ZdfAJrjgQGW6ymCrFAm33OjqDm0qRtq3YzAwG5TWA9eU7xXnyQ2-1jOCIpScjxJo3jp6ts2fikdMpf4SwY5nYLFvdCkzH1Ikc7PPb1kmS_B6r4KA9blDwVAfy3vIIE3MrQ6lZK3vnSzMIX5OKLZAbscZl2dmeV4S585hvmAWQXX6FeCGZ2xS6rAcyW54Oa5MD-02OEE_SCPDjaTeqePUssajKEWBLaqEseqPkYcbIGfPENt9YmDvkokDL7IddKpanMN9Xb5QA3YnKeg7LsKs4XWk10QN0dSaicjxKQWjiZZNkvL5YZ9nog7olqX4MpOZ6S56zcOvmKDibP5QBh_82MzbrCsmhF23pPb_txhlQeHAgJO-Qaydg42dTfGUCi9mykXxlhFEmA_JVyseG1ZQoERT38RpL1qbMT76Acg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJgErLgKVZOKxBJG2zwXQ6raYBpyB77BcosqnqnTAjbcBEAEgAGDJxqmLwKTYD4IBF2NhLXB1Yi0wNzk1MjczMzMxNTcxNTk5yAEJ4AIAqAMBqgT8AU_QfmOZbAsSQ02UmjiN0s4xnOWfqUzzTUZA3WJlN5ZqTixaj6_VICOccB1FzYSQl6GSCgzitxmb33bpn8yjL4_2nCYeMcwozsUec_FtRSghPasczHZnFc5nCMtWtOlBpSIjA6_wx36QE3qQ19ojsrznzpxf_gLYb5mKpbJ7T8vP8kgU5S6IPWH5V1C_v2ODD0JLIGYfXvNPzaiNl4aaMIUO6IGOLw9d43IYhorpX4bt_-NfHxgKgA7dIo87QDEI4iNKK8lRNbfdWKDMlOCWtBM4Y6HR3fYBjBHLgDhs2_NH6SCV09sLhd-FhlTK3bZlgS6gImpd6G3XZ-FVsuAEAYAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3gQGT9-f3LnuC90JP8kB2B8Uo6zw%26client%3Dca-pub-0795273331571599%26adurl%3D

Requested by

Host: 6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com
URL: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

72284c36183ea197f73db8cf137966443b025970d5ccf0ab8c63b101ecaff4d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 23 Jun 2023 02:23:41 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=Svs33FwXvvdwtvlfiL12Gv_0JTEpsYg3Z_H2ZAnvhaHbiMgIUVHd6tVbocYAXAiqZd2dn5fCPipJg_Gy58-8nIUSED_fZlCsrG9nBXmCZXFdM3IDgJgwTN5JyyfBJJIjV61IV3dolpcuUqrAD_5NCjzVqCC8P1I99JwTsKJKcuTxpQgt00Lm9OZOcz-TMHys6OqBRKoPYB_98ZGB4slJRSYIenpFW82CazCUu0jwGAxZYpOTgh18_6sQ1dBqw9sugVNcqw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 82982524
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame F728 3 KB
1 KB 94ms
45ms Script
text/javascript 2607:f8b0:4020:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Host: 6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com
URL: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 19:11:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25959
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Jul 2023 19:11:03 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0B96 1 KB
677 B 49ms
14ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com
URL: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 73898
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Jun 2023 05:52:04 GMT
etag: 48472445140208031
expires: Fri, 23 Jun 2023 05:52:04 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame F728 19 KB
8 KB 86ms
39ms Script
text/javascript 2607:f8b0:4020:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com
URL: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 19:11:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25959
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8131
x-xss-protection: 0
server: cafe
etag: 7076601798724011321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Jul 2023 19:11:03 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F728 0
0 31ms
30ms Image
text/html 2607:f8b0:4006:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ0r4_OUVLCIDneBQibOhBL7C9_wFicI4Ib6ckGMifC0gxpLQzRrd9bKAFmVNuXRJ7GH1DJbb9i9d1QZBrWt5t1nkVAVw
Requested by: Host: 6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com
URL: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81d::2004 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame F728 24 KB
6 KB 82ms
35ms Script
text/javascript 2607:f8b0:4020:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com
URL: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:12:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 569449
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 15 Jun 2024 12:12:53 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F728 179 KB
56 KB 83ms
81ms Script
text/javascript 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com
URL: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57242
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687383875062185"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Jun 2023 02:23:42 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 9F19 24 KB
6 KB 71ms
25ms Script
text/javascript 2607:f8b0:4020:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com
URL: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:12:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 569449
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 15 Jun 2024 12:12:53 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9F19 179 KB
56 KB 105ms
104ms Script
text/javascript 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com
URL: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57242
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687383875062185"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Jun 2023 02:23:42 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 4FFB 24 KB
6 KB 83ms
41ms Script
text/javascript 2607:f8b0:4020:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com
URL: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:12:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 569449
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 15 Jun 2024 12:12:53 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4FFB 179 KB
56 KB 87ms
87ms Script
text/javascript 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com
URL: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57242
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687383875062185"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Jun 2023 02:23:42 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame BE80 35 B
463 B 83ms
16ms Image
image/gif 2620:116:800b:21:1456:d0e1:7db4:a56b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAnSQFGCSx1MXaZpm6cV6zw&google_cver=1&google_push=ATf1kGOObUzcuGVylkJB0XbfQewnV5u7rtQIOZEcTD_GRDG1iqJyP6us1q_rjfA6vtecCk7U1B8_7hJmDYllp-fnCh5KU435ayZk

Requested by

Host: 6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com
URL: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:1456:d0e1:7db4:a56b , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jun 2023 02:23:42 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BE80
Redirect Chain

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEC1BPKttAzO7Xf-lBEkVizk&google_cver=1&google_push=ATf1kGP47ITeHoF61K4F-VxQ-BybbRl61dTOmPHsef6bqWHSSycPXnK...
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=64ac787f4f4c231b&is_secure=true&networkId=14000&version=1&google_gid=CAESEC1BPKttAzO7Xf-lBEkVizk&google_cver=1&google_push=ATf1kGP47ITe...
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAG_02vvytYUgNvEpCkAAAAAAA&expiration=1687573422&google_cver=1&is_secure=true&google_gid=CAESEC1BPKttAzO7Xf-lBEkVi...

170 B
188 B

49ms
45ms

Image
image/png

172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAG_02vvytYUgNvEpCkAAAAAAA&expiration=1687573422&google_cver=1&is_secure=true&google_gid=CAESEC1BPKttAzO7Xf-lBEkVizk&google_push=ATf1kGP47ITeHoF61K4F-VxQ-BybbRl61dTOmPHsef6bqWHSSycPXnKJYikNHGcOMX3B6v9gERiBsrW1wbISfGb6254R6GUXDU8

Requested by

Host: 6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com
URL: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jun 2023 02:23:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 23 Jun 2023 02:23:42 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAG_02vvytYUgNvEpCkAAAAAAA&expiration=1687573422&google_cver=1&is_secure=true&google_gid=CAESEC1BPKttAzO7Xf-lBEkVizk&google_push=ATf1kGP47ITeHoF61K4F-VxQ-BybbRl61dTOmPHsef6bqWHSSycPXnKJYikNHGcOMX3B6v9gERiBsrW1wbISfGb6254R6GUXDU8
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BE80
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECweQMsJ6qItOuKgZDVpyEI&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECweQMsJ6qItOuKgZDVpyEI&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NWx4cjNHVXIxUWN3c0M1&google_gid=CAESECweQMsJ6qItOuKgZDVpyEI&google_cver=1&google_push=ATf1kGMBH0sd24xQa5uUEqVuGtwQ3gpcsSe-uwZ0o5fWMFY...

170 B
188 B

54ms
44ms

Image
image/png

172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NWx4cjNHVXIxUWN3c0M1&google_gid=CAESECweQMsJ6qItOuKgZDVpyEI&google_cver=1&google_push=ATf1kGMBH0sd24xQa5uUEqVuGtwQ3gpcsSe-uwZ0o5fWMFYjclE5n7ocLh-PSrR2mhRCFLO0s6fou4joO9u8D7B_bOXrCiQCFE8o

Requested by

Host: 6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com
URL: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jun 2023 02:23:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 23 Jun 2023 02:23:42 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-782-g97d928b#rel-ec2-master i-01aeb8b319b28e980@us-east-1e@dxedge-app-us-east-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NWx4cjNHVXIxUWN3c0M1&google_gid=CAESECweQMsJ6qItOuKgZDVpyEI&google_cver=1&google_push=ATf1kGMBH0sd24xQa5uUEqVuGtwQ3gpcsSe-uwZ0o5fWMFYjclE5n7ocLh-PSrR2mhRCFLO0s6fou4joO9u8D7B_bOXrCiQCFE8o
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BE80
Redirect Chain

https://aep.mxptint.net/sn.ashx?google_gid=CAESENN3FH8ICmk8HaZNgc7o_XY&google_cver=1&google_push=ATf1kGMU65AYGAT3RHvJuyLh_lCxOsuPWQD5RAIOBh8fLPsgepsnlgwoiRgDScptzJ3_PWuwqWT7sZMnQqwT2mDvZJMo5oiqqu0
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=ATf1kGMU65AYGAT3RHvJuyLh_lCxOsuPWQD5RAIOBh8fLPsgepsnlgwoiRgDScptzJ3_PWuwqWT7sZMnQqwT2mDvZJMo5oiqqu0&google_hm=UjMzNjQ2XzEwNEIyN...

170 B
188 B

47ms
46ms

Image
image/png

172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=ATf1kGMU65AYGAT3RHvJuyLh_lCxOsuPWQD5RAIOBh8fLPsgepsnlgwoiRgDScptzJ3_PWuwqWT7sZMnQqwT2mDvZJMo5oiqqu0&google_hm=UjMzNjQ2XzEwNEIyNUIyQ18xMjA5QTIzMTU%3D

Requested by

Host: 6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com
URL: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jun 2023 02:23:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=ATf1kGMU65AYGAT3RHvJuyLh_lCxOsuPWQD5RAIOBh8fLPsgepsnlgwoiRgDScptzJ3_PWuwqWT7sZMnQqwT2mDvZJMo5oiqqu0&google_hm=UjMzNjQ2XzEwNEIyNUIyQ18xMjA5QTIzMTU%3D
Date: Fri, 23 Jun 2023 02:23:42 GMT
Cache-Control: private
Strict-Transport-Security: max-age=-370491765; includeSubDomains
P3P: CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length: 343
Content-Type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BE80
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEF6h0SKqUoGSQVSnJqYn-6A&google_cver=1&google_push=ATf1kGMcAxowKiBu2SSFw-QaaiT6597jDux-12ECxNwJQ1LXRj2RvV2b4lHUbKeqUzroqz1Oml7ZkdYpa8Ft9hhv6RB8-HH...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMcAxowKiBu2SSFw-QaaiT6597jDux-12ECxNwJQ1LXRj2RvV2b4lHUbKeqUzroqz1Oml7ZkdYpa8Ft9hhv6RB8-HHLoswy&google_hm=eS1MdUdMWTg5RTJwR05wcU...

170 B
188 B

42ms
42ms

Image
image/png

172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMcAxowKiBu2SSFw-QaaiT6597jDux-12ECxNwJQ1LXRj2RvV2b4lHUbKeqUzroqz1Oml7ZkdYpa8Ft9hhv6RB8-HHLoswy&google_hm=eS1MdUdMWTg5RTJwR05wcUJjSFJGSXN0SjN2UERidzRobH5B

Requested by

Host: 6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com
URL: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jun 2023 02:23:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 23 Jun 2023 02:23:42 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMcAxowKiBu2SSFw-QaaiT6597jDux-12ECxNwJQ1LXRj2RvV2b4lHUbKeqUzroqz1Oml7ZkdYpa8Ft9hhv6RB8-HHLoswy&google_hm=eS1MdUdMWTg5RTJwR05wcUJjSFJGSXN0SjN2UERidzRobH5B
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame BE80 0
50 B 43ms
40ms Image
text/html 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K_NjPlFWWSjrnrAH0FDzgXzh6i9-OrtoZ-DU56qmY7ECOG2MhmnwwiBis

Requested by

Host: 6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com
URL: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:42 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dpixel
cms.quantserve.com/ Frame 0B96 35 B
462 B 70ms
17ms Image
image/gif 2620:116:800b:21:1456:d0e1:7db4:a56b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAnSQFGCSx1MXaZpm6cV6zw&google_cver=1&google_push=ATf1kGMyo7Tntitp2lbEPAtcmSmFQ9e050XV33M2et4ipTb8rn3ClxIRGWHSjxbTT6Kgve39kqoRZ0irXm7VsCZEVHeZ-EhLHxg

Requested by

Host: 6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com
URL: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:1456:d0e1:7db4:a56b , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jun 2023 02:23:42 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0B96
Redirect Chain

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEC1BPKttAzO7Xf-lBEkVizk&google_cver=1&google_push=ATf1kGO4Ut-DC3YPXWbUd9yMHIkSNRcXiD8NVhsdFUOHLcDLeXXtzDf...
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=13a16c0aa9f7212e&is_secure=true&networkId=14000&version=1&google_gid=CAESEC1BPKttAzO7Xf-lBEkVizk&google_cver=1&google_push=ATf1kGO4Ut-D...
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAALybNB7_2iygN7H72RAAAAAAA&expiration=1687573422&google_cver=1&is_secure=true&google_gid=CAESEC1BPKttAzO7Xf-lBEkVi...

170 B
188 B

69ms
69ms

Image
image/png

172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAALybNB7_2iygN7H72RAAAAAAA&expiration=1687573422&google_cver=1&is_secure=true&google_gid=CAESEC1BPKttAzO7Xf-lBEkVizk&google_push=ATf1kGO4Ut-DC3YPXWbUd9yMHIkSNRcXiD8NVhsdFUOHLcDLeXXtzDfnhX7MDcNR-xWheHTs1oVV8EZK52CJcuQo0x4dgB2zGT5F

Requested by

Host: 6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com
URL: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jun 2023 02:23:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 23 Jun 2023 02:23:42 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAALybNB7_2iygN7H72RAAAAAAA&expiration=1687573422&google_cver=1&is_secure=true&google_gid=CAESEC1BPKttAzO7Xf-lBEkVizk&google_push=ATf1kGO4Ut-DC3YPXWbUd9yMHIkSNRcXiD8NVhsdFUOHLcDLeXXtzDfnhX7MDcNR-xWheHTs1oVV8EZK52CJcuQo0x4dgB2zGT5F
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0B96
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECweQMsJ6qItOuKgZDVpyEI&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECweQMsJ6qItOuKgZDVpyEI&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NWx4cjNHVXIxUWN3c0M1&google_gid=CAESECweQMsJ6qItOuKgZDVpyEI&google_cver=1&google_push=ATf1kGMZVXUXRJR0KvtOe-G66mCT5MrD8gRQNI7Y8dNwFH_...

170 B
188 B

44ms
43ms

Image
image/png

172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NWx4cjNHVXIxUWN3c0M1&google_gid=CAESECweQMsJ6qItOuKgZDVpyEI&google_cver=1&google_push=ATf1kGMZVXUXRJR0KvtOe-G66mCT5MrD8gRQNI7Y8dNwFH_u24v7qtR89p5zhykb5DeRdTIcnekYXpSoWr4TRHanCuzmRCBeK_cV

Requested by

Host: 6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com
URL: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jun 2023 02:23:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 23 Jun 2023 02:23:42 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-782-g97d928b#rel-ec2-master i-0b8c05fed613e03fd@us-east-1d@dxedge-app-us-east-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NWx4cjNHVXIxUWN3c0M1&google_gid=CAESECweQMsJ6qItOuKgZDVpyEI&google_cver=1&google_push=ATf1kGMZVXUXRJR0KvtOe-G66mCT5MrD8gRQNI7Y8dNwFH_u24v7qtR89p5zhykb5DeRdTIcnekYXpSoWr4TRHanCuzmRCBeK_cV
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0B96
Redirect Chain

https://aep.mxptint.net/sn.ashx?google_gid=CAESENN3FH8ICmk8HaZNgc7o_XY&google_cver=1&google_push=ATf1kGM5quD_zBZu2d9k8DoauFMVVLnrOvbBtdxMp-U4aAy5iR63pQlZL8pB1iXaISVtUHTAdDFsy-c38U3iZX-hl22VCh4rywTW
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=ATf1kGM5quD_zBZu2d9k8DoauFMVVLnrOvbBtdxMp-U4aAy5iR63pQlZL8pB1iXaISVtUHTAdDFsy-c38U3iZX-hl22VCh4rywTW&google_hm=UjMzNjQ2XzEwNEIy...

170 B
188 B

48ms
47ms

Image
image/png

172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=ATf1kGM5quD_zBZu2d9k8DoauFMVVLnrOvbBtdxMp-U4aAy5iR63pQlZL8pB1iXaISVtUHTAdDFsy-c38U3iZX-hl22VCh4rywTW&google_hm=UjMzNjQ2XzEwNEIyNUIyQ18xMjA5QTI0MTc%3D

Requested by

Host: 6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com
URL: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jun 2023 02:23:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=ATf1kGM5quD_zBZu2d9k8DoauFMVVLnrOvbBtdxMp-U4aAy5iR63pQlZL8pB1iXaISVtUHTAdDFsy-c38U3iZX-hl22VCh4rywTW&google_hm=UjMzNjQ2XzEwNEIyNUIyQ18xMjA5QTI0MTc%3D
Date: Fri, 23 Jun 2023 02:23:42 GMT
Cache-Control: private
Strict-Transport-Security: max-age=-370491765; includeSubDomains
P3P: CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length: 344
Content-Type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0B96
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEF6h0SKqUoGSQVSnJqYn-6A&google_cver=1&google_push=ATf1kGMGG9v3GWGOZvsw3kbmeNIOsCgL5ehYnNcSxwjeQ3zk_r-mNv5UPLvfeR7tedV9AtNeiWF6hx6tkzzp8RQ_RWSQjqP...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMGG9v3GWGOZvsw3kbmeNIOsCgL5ehYnNcSxwjeQ3zk_r-mNv5UPLvfeR7tedV9AtNeiWF6hx6tkzzp8RQ_RWSQjqPn_9sT&google_hm=eS1MdUdMWTg5RTJwR05wcU...

170 B
188 B

47ms
46ms

Image
image/png

172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMGG9v3GWGOZvsw3kbmeNIOsCgL5ehYnNcSxwjeQ3zk_r-mNv5UPLvfeR7tedV9AtNeiWF6hx6tkzzp8RQ_RWSQjqPn_9sT&google_hm=eS1MdUdMWTg5RTJwR05wcUJjSFJGSXN0SjN2UERidzRobH5B

Requested by

Host: 6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com
URL: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jun 2023 02:23:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 23 Jun 2023 02:23:42 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMGG9v3GWGOZvsw3kbmeNIOsCgL5ehYnNcSxwjeQ3zk_r-mNv5UPLvfeR7tedV9AtNeiWF6hx6tkzzp8RQ_RWSQjqPn_9sT&google_hm=eS1MdUdMWTg5RTJwR05wcUJjSFJGSXN0SjN2UERidzRobH5B
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 0B96 0
40 B 40ms
39ms Image
text/html 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LQkqOezy8Pv-cK5-h3nO5WwHz2i920nSQjx_YPPMNUH1acIyXcZSvKfGA

Requested by

Host: 6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com
URL: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:42 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame AE65 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc5875363bcc9b7297266a1847c3785d42615c8c87e1e68534bff3908bc0d479

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9F19 0
0 45ms
44ms Fetch
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssX4zkLnXIugjSOu5StxA7Xa59IL-dX8Z9UI5lf4GiK-Gm_Pipqk7rY81bEjqe1NO1jKA7_909u9Ctcdr-3ICfPF2xslmDuLWV9MwjhWS4BJOj1v4ecbbY0L6SCqd1eqq1Xt--u2qvwnsbiJGG2Ifu2YgQK-DyXO7DZ-eAWG6YiSUPuFfAWPJHza3PRZz_FtpFF8bnPl5qHPLujuCLfPmAR4uxgY3rhSAJPGBui8xW46muSksqwHh3v2J20STmNSusjSzm2otLPCKb6Z2sC5mEQJea8CWcVx-S-V9_ndBU_yfAyPK6e8AuCo6iv_iZerr7SZcyXbYY3IOxSKPneVg&sai=AMfl-YQ1Dr1oYPqSJxZ1pmuIeI1PZ-rOyBvai-WB0zsVQvnx8OFP_Rf5Z7Hk4kbIErCg0ABFihA_n1wD2sCGWY3P9V-CWpNIADZyotMDjuG1LFqOkSe07-6ruxipZxnv2hA&sig=Cg0ArKJSzOJUOwVd3TMzEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com
URL: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 3447 2 KB
1 KB 15ms
14ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZJUCLgABGOIKs9sRAA21UPKGAkUwj7fJ8KWqpA&u=%7CA0oG8TsfsQLvczkpOoP7a52lvNkhW5dhjwY5ejVSkvs%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSORU0Czg3jKSfbBp90MLS0g-bYZvVZyAZxZIBHtvJNqQTCqphM0JA5pdjVDjmqrH8NUoKq7FNOpbt6iiIswzxL47Fp8xw2TILqZzFK6RMm0HT4TwujS8R8MbTbfghPYbmqJk0aM85JXpwLq4oR7DUN2B4AmNG-R1OMsmt3hiVCpPwUnJRrDiAEeS9iV5ZdfAJrjgQGW6ymCrFAm33OjqDm0qRtq3YzAwG5TWA9eU7xXnyQ2-1jOCIpScjxJo3jp6ts2fikdMpf4SwY5nYLFvdCkzH1Ikc7PPb1kmS_B6r4KA9blDwVAfy3vIIE3MrQ6lZK3vnSzMIX5OKLZAbscZl2dmeV4S585hvmAWQXX6FeCGZ2xS6rAcyW54Oa5MD-02OEE_SCPDjaTeqePUssajKEWBLaqEseqPkYcbIGfPENt9YmDvkokDL7IddKpanMN9Xb5QA3YnKeg7LsKs4XWk10QN0dSaicjxKQWjiZZNkvL5YZ9nog7olqX4MpOZ6S56zcOvmKDibP5QBh_82MzbrCsmhF23pPb_txhlQeHAgJO-Qaydg42dTfGUCi9mykXxlhFEmA_JVyseG1ZQoERT38RpL1qbMT76Acg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJgErLgKVZOKxBJG2zwXQ6raYBpyB77BcosqnqnTAjbcBEAEgAGDJxqmLwKTYD4IBF2NhLXB1Yi0wNzk1MjczMzMxNTcxNTk5yAEJ4AIAqAMBqgT8AU_QfmOZbAsSQ02UmjiN0s4xnOWfqUzzTUZA3WJlN5ZqTixaj6_VICOccB1FzYSQl6GSCgzitxmb33bpn8yjL4_2nCYeMcwozsUec_FtRSghPasczHZnFc5nCMtWtOlBpSIjA6_wx36QE3qQ19ojsrznzpxf_gLYb5mKpbJ7T8vP8kgU5S6IPWH5V1C_v2ODD0JLIGYfXvNPzaiNl4aaMIUO6IGOLw9d43IYhorpX4bt_-NfHxgKgA7dIo87QDEI4iNKK8lRNbfdWKDMlOCWtBM4Y6HR3fYBjBHLgDhs2_NH6SCV09sLhd-FhlTK3bZlgS6gImpd6G3XZ-FVsuAEAYAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3gQGT9-f3LnuC90JP8kB2B8Uo6zw%26client%3Dca-pub-0795273331571599%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 17 Jun 2024 02:23:42 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 3447 2 KB
1 KB 16ms
16ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 17 Jun 2024 02:23:42 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 3447 308 B
636 B 14ms
12ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 17 Jun 2024 02:23:42 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 3447 293 B
621 B 15ms
14ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 17 Jun 2024 02:23:42 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 3447 2 KB
1 KB 109ms
8ms Script
application/javascript 2600:1400:9000::6875:b612
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=13846930&cmp=29214310&plc=358196926&sid=1340728&dvregion=0&unit=300x250
Requested by: Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZJUCLgABGOIKs9sRAA21UPKGAkUwj7fJ8KWqpA&u=%7CA0oG8TsfsQLvczkpOoP7a52lvNkhW5dhjwY5ejVSkvs%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSORU0Czg3jKSfbBp90MLS0g-bYZvVZyAZxZIBHtvJNqQTCqphM0JA5pdjVDjmqrH8NUoKq7FNOpbt6iiIswzxL47Fp8xw2TILqZzFK6RMm0HT4TwujS8R8MbTbfghPYbmqJk0aM85JXpwLq4oR7DUN2B4AmNG-R1OMsmt3hiVCpPwUnJRrDiAEeS9iV5ZdfAJrjgQGW6ymCrFAm33OjqDm0qRtq3YzAwG5TWA9eU7xXnyQ2-1jOCIpScjxJo3jp6ts2fikdMpf4SwY5nYLFvdCkzH1Ikc7PPb1kmS_B6r4KA9blDwVAfy3vIIE3MrQ6lZK3vnSzMIX5OKLZAbscZl2dmeV4S585hvmAWQXX6FeCGZ2xS6rAcyW54Oa5MD-02OEE_SCPDjaTeqePUssajKEWBLaqEseqPkYcbIGfPENt9YmDvkokDL7IddKpanMN9Xb5QA3YnKeg7LsKs4XWk10QN0dSaicjxKQWjiZZNkvL5YZ9nog7olqX4MpOZ6S56zcOvmKDibP5QBh_82MzbrCsmhF23pPb_txhlQeHAgJO-Qaydg42dTfGUCi9mykXxlhFEmA_JVyseG1ZQoERT38RpL1qbMT76Acg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJgErLgKVZOKxBJG2zwXQ6raYBpyB77BcosqnqnTAjbcBEAEgAGDJxqmLwKTYD4IBF2NhLXB1Yi0wNzk1MjczMzMxNTcxNTk5yAEJ4AIAqAMBqgT8AU_QfmOZbAsSQ02UmjiN0s4xnOWfqUzzTUZA3WJlN5ZqTixaj6_VICOccB1FzYSQl6GSCgzitxmb33bpn8yjL4_2nCYeMcwozsUec_FtRSghPasczHZnFc5nCMtWtOlBpSIjA6_wx36QE3qQ19ojsrznzpxf_gLYb5mKpbJ7T8vP8kgU5S6IPWH5V1C_v2ODD0JLIGYfXvNPzaiNl4aaMIUO6IGOLw9d43IYhorpX4bt_-NfHxgKgA7dIo87QDEI4iNKK8lRNbfdWKDMlOCWtBM4Y6HR3fYBjBHLgDhs2_NH6SCV09sLhd-FhlTK3bZlgS6gImpd6G3XZ-FVsuAEAYAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3gQGT9-f3LnuC90JP8kB2B8Uo6zw%26client%3Dca-pub-0795273331571599%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000::6875:b612 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Fri, 23 Jun 2023 02:23:43 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jan 2023 11:02:09 GMT
Server: UploadServer
ETag: "87b6182d03ee779aa68e37632f67656e"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 913
Expires: Thu, 01 Jun 2023 12:16:13 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 3447 8 KB
4 KB 115ms
15ms Script
application/javascript 2600:1400:9000::6875:b612
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=13846930&cmp=29214310&plc=358196926&sid=1340728&adsrv=169&btreg=banner_content&btadsrv=banner_content&tagtype=&dvtagver=6.1.src
Requested by: Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZJUCLgABGOIKs9sRAA21UPKGAkUwj7fJ8KWqpA&u=%7CA0oG8TsfsQLvczkpOoP7a52lvNkhW5dhjwY5ejVSkvs%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSORU0Czg3jKSfbBp90MLS0g-bYZvVZyAZxZIBHtvJNqQTCqphM0JA5pdjVDjmqrH8NUoKq7FNOpbt6iiIswzxL47Fp8xw2TILqZzFK6RMm0HT4TwujS8R8MbTbfghPYbmqJk0aM85JXpwLq4oR7DUN2B4AmNG-R1OMsmt3hiVCpPwUnJRrDiAEeS9iV5ZdfAJrjgQGW6ymCrFAm33OjqDm0qRtq3YzAwG5TWA9eU7xXnyQ2-1jOCIpScjxJo3jp6ts2fikdMpf4SwY5nYLFvdCkzH1Ikc7PPb1kmS_B6r4KA9blDwVAfy3vIIE3MrQ6lZK3vnSzMIX5OKLZAbscZl2dmeV4S585hvmAWQXX6FeCGZ2xS6rAcyW54Oa5MD-02OEE_SCPDjaTeqePUssajKEWBLaqEseqPkYcbIGfPENt9YmDvkokDL7IddKpanMN9Xb5QA3YnKeg7LsKs4XWk10QN0dSaicjxKQWjiZZNkvL5YZ9nog7olqX4MpOZ6S56zcOvmKDibP5QBh_82MzbrCsmhF23pPb_txhlQeHAgJO-Qaydg42dTfGUCi9mykXxlhFEmA_JVyseG1ZQoERT38RpL1qbMT76Acg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJgErLgKVZOKxBJG2zwXQ6raYBpyB77BcosqnqnTAjbcBEAEgAGDJxqmLwKTYD4IBF2NhLXB1Yi0wNzk1MjczMzMxNTcxNTk5yAEJ4AIAqAMBqgT8AU_QfmOZbAsSQ02UmjiN0s4xnOWfqUzzTUZA3WJlN5ZqTixaj6_VICOccB1FzYSQl6GSCgzitxmb33bpn8yjL4_2nCYeMcwozsUec_FtRSghPasczHZnFc5nCMtWtOlBpSIjA6_wx36QE3qQ19ojsrznzpxf_gLYb5mKpbJ7T8vP8kgU5S6IPWH5V1C_v2ODD0JLIGYfXvNPzaiNl4aaMIUO6IGOLw9d43IYhorpX4bt_-NfHxgKgA7dIo87QDEI4iNKK8lRNbfdWKDMlOCWtBM4Y6HR3fYBjBHLgDhs2_NH6SCV09sLhd-FhlTK3bZlgS6gImpd6G3XZ-FVsuAEAYAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3gQGT9-f3LnuC90JP8kB2B8Uo6zw%26client%3Dca-pub-0795273331571599%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000::6875:b612 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 0746b21cfaae0aeba1fe18ef923cf659a3d82203c4f9368f6c3c10e82eefcffb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Fri, 23 Jun 2023 02:23:43 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Jun 2023 08:32:27 GMT
Server: UploadServer
ETag: "94707cfe9b8ec381b248dabc78be09a3"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3397
Expires: Wed, 21 Jun 2023 08:47:36 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame 3447 43 B
348 B 93ms
17ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=6NL9Km6cc0k6utfRKMw07srqZRvwdwe9AVbkLuzQDRq4BJBRSkAKnuto1p8j-A7kyIzeIPwpsq2lupH3rmVw6MO0cib4DuQ25cUl-ii0sJ3gfDycqbxFULKotWCAoFb3a_kkwfgj-wTy9Igrf0nR8DOApyzo3x73NBCnmy-_29hwGm2nEa1JNfwO1VcOj9K8NOEHvoN62FT8wJrSpzz-hFrDL1iuScryY70lgiTVWzCvNhhkG0CObwBT3WZycNJ_IJWl6JBC1tOavtTXPXER04cOW-GsACf40csw2aWi0x8uKApxr4BWWxdLwdzhohYT_5SF7Icr9Wv2UH5ghVC-HxX53nUuQM5KgFbB4MdR130dGK-ZeLpzEERxDx4qVHVt65wLUaSPV3Hv5DSSj8a13smdIJryGhhEXnlVyFmYCqoYb5Q1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jun 2023 02:23:42 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2461967
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 /
d.agkn.com/pixel/8538/ Frame 3447 43 B
563 B 138ms
16ms Image
image/gif 2600:9000:24f3:ae00:19:fc2c:a140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.agkn.com/pixel/8538/?che=6495022e9a9f6a740ffcea4897200a30&col=308271,0,0,0,11120203,6495022e9a9f6a740ffcea4897200a30
Requested by: Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZJUCLgABGOIKs9sRAA21UPKGAkUwj7fJ8KWqpA&u=%7CA0oG8TsfsQLvczkpOoP7a52lvNkhW5dhjwY5ejVSkvs%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSORU0Czg3jKSfbBp90MLS0g-bYZvVZyAZxZIBHtvJNqQTCqphM0JA5pdjVDjmqrH8NUoKq7FNOpbt6iiIswzxL47Fp8xw2TILqZzFK6RMm0HT4TwujS8R8MbTbfghPYbmqJk0aM85JXpwLq4oR7DUN2B4AmNG-R1OMsmt3hiVCpPwUnJRrDiAEeS9iV5ZdfAJrjgQGW6ymCrFAm33OjqDm0qRtq3YzAwG5TWA9eU7xXnyQ2-1jOCIpScjxJo3jp6ts2fikdMpf4SwY5nYLFvdCkzH1Ikc7PPb1kmS_B6r4KA9blDwVAfy3vIIE3MrQ6lZK3vnSzMIX5OKLZAbscZl2dmeV4S585hvmAWQXX6FeCGZ2xS6rAcyW54Oa5MD-02OEE_SCPDjaTeqePUssajKEWBLaqEseqPkYcbIGfPENt9YmDvkokDL7IddKpanMN9Xb5QA3YnKeg7LsKs4XWk10QN0dSaicjxKQWjiZZNkvL5YZ9nog7olqX4MpOZ6S56zcOvmKDibP5QBh_82MzbrCsmhF23pPb_txhlQeHAgJO-Qaydg42dTfGUCi9mykXxlhFEmA_JVyseG1ZQoERT38RpL1qbMT76Acg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJgErLgKVZOKxBJG2zwXQ6raYBpyB77BcosqnqnTAjbcBEAEgAGDJxqmLwKTYD4IBF2NhLXB1Yi0wNzk1MjczMzMxNTcxNTk5yAEJ4AIAqAMBqgT8AU_QfmOZbAsSQ02UmjiN0s4xnOWfqUzzTUZA3WJlN5ZqTixaj6_VICOccB1FzYSQl6GSCgzitxmb33bpn8yjL4_2nCYeMcwozsUec_FtRSghPasczHZnFc5nCMtWtOlBpSIjA6_wx36QE3qQ19ojsrznzpxf_gLYb5mKpbJ7T8vP8kgU5S6IPWH5V1C_v2ODD0JLIGYfXvNPzaiNl4aaMIUO6IGOLw9d43IYhorpX4bt_-NfHxgKgA7dIo87QDEI4iNKK8lRNbfdWKDMlOCWtBM4Y6HR3fYBjBHLgDhs2_NH6SCV09sLhd-FhlTK3bZlgS6gImpd6G3XZ-FVsuAEAYAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3gQGT9-f3LnuC90JP8kB2B8Uo6zw%26client%3Dca-pub-0795273331571599%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f3:ae00:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jun 2023 02:23:42 GMT
via: 1.1 3d088826d90526f82c740c9ebe467f50.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P2
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: image/gif
cache-control: no-cache, must-revalidate
content-length: 43
x-amz-cf-id: u4QatD7yXPnF-S8-GT2zcOAM3pRJPiRRm1jZBdR2A6alFZyGBvdNnw==
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

B29214310.358196926;dc_pre=CPaqyISr2P8CFQfeswodfDcH7Q;dc_trk_aid=549043976;dc_trk_cid=186144873;dcopt=anid;ord=6495022e9a9f6a740ffcea4897200a30;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf...
ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/ Frame 3447
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B29214310.358196926;dc_trk_aid=549043976;dc_trk_cid=186144873;dcopt=anid;ord=6495022e9a9f6a740ffcea4897200a30;dc_lat=;dc_rdid=;tag_for_ch...
https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B29214310.358196926;dc_pre=CPaqyISr2P8CFQfeswodfDcH7Q;dc_trk_aid=549043976;dc_trk_cid=186144873;dcopt=anid;ord=6495022e9a9f6a740ffcea4897...

42 B
107 B

51ms
50ms

Image
image/gif

172.217.13.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B29214310.358196926;dc_pre=CPaqyISr2P8CFQfeswodfDcH7Q;dc_trk_aid=549043976;dc_trk_cid=186144873;dcopt=anid;ord=6495022e9a9f6a740ffcea4897200a30;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd=?

Requested by

Protocol

Server

172.217.13.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jun 2023 02:23:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 23 Jun 2023 02:23:43 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B29214310.358196926;dc_pre=CPaqyISr2P8CFQfeswodfDcH7Q;dc_trk_aid=549043976;dc_trk_cid=186144873;dcopt=anid;ord=6495022e9a9f6a740ffcea4897200a30;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd=?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pixel.gif
tracker.samplicio.us/tracker/135ae744-093c-4f69-8b53-a36ce6361ac1/ Frame 3447 35 B
390 B 74ms
13ms Image
image/gif 35.169.41.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tracker.samplicio.us/tracker/135ae744-093c-4f69-8b53-a36ce6361ac1/pixel.gif?c1=11120203&pid=41614&sid=13693666557223153817&crid=308271&device_id=&cachebuster=6495022e9a9f6a740ffcea4897200a30&gdpr=0&gdpr_consent=&gdpr_pd=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.169.41.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-169-41-60.compute-1.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Fri, 23 Jun 2023 02:23:42 GMT
Strict-Transport-Security: max-age=604800
Server: nginx/1.20.0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 9126 2 KB
1 KB 14ms
13ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZJUCLgABGOEKs9sRAA21UO4NFTnPnMt3n-5VbA&u=%7CA0oG8TsfsQIJ1jmN8Zd5a8SgnyRrc3KR%2BMyHQW%2B1YEY%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSORU0Czg3jKSfbBp90MLS0g-bYZvVZyAZxZIBHtvJNqQTRezZLVMMbHi3qipa2qDdSMdLyHBpEOe8wn9j7A4pYfCFQ5e6hSWJww1NH_88yacw0P2xFRTGT8iQEpZtZ8tzVFDBHJ4W8SvtURXtAMWTAr5yjAu4VcsfRlCHWbBAHSPCuws8Xbc9a2MF-lWA0Dt4dS9Ry4htAFTXcYXA0qIB9W6_WDQ1gpHA2C6ekXyAMikr12GMmHCWmxNwoxX5bVIDY-fL3DeBkEvAkbuv9c8Frtjj_CZc33MZ9-ysTSfZVHI6eJOCSz9Wam29QDcxpuAiGmAfrWSA7CH56A4q4STuhzvTqvk5XyCUSAzPCKp1QJ7ycnIU0AqXkG0lk_J-kaNGQt_KgADonbUrTYdpLvpRNOqbCmwAhDbqi6mtojYo8A6rVTrBV9mL_gQZyJt5GMo24FvBEciALlWKGsU9KcRBF4RR_jO6Si6PxMDLQxCxyu53pLHMLkQpkFzaraB9zNdzMqkd973I5pYJvpoGTg2RWehLs3Qe4_fYvwIba-aPzLPkIn4qA1fC6VDPuIWPcgaSWbiqu6un9DPRxhdTw9JKL9JUEJBHfELyZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyBCDLgKVZOGxBJG2zwXQ6raYBpyB77BcosqnqnTAjbcBEAEgAGDJxqmLwKTYD4IBF2NhLXB1Yi0wNzk1MjczMzMxNTcxNTk5yAEJ4AIAqAMBqgT5AU_QaQS5xnhCT5I-xRJVKkcp8V47eDIvXoYFYO2NGVmrMoXHvQaIyr035MCk-_g9WOn3hldglVjZUQdN0nTwj4T0zBmNKrB-CcIkKdj--W1TRYB38nXOhHryoTbvUMAs83OJwLskF6mVfK3gqIyD14jD3OEJmXkz1oImVoFkbCKLr4u7lqXxjr6nd0QrBROVfiYDCUs3q5OE_GpbE_egqfz88h8n0iq2jqvo9-fNL5hnpX6xs3sVm-ROxFOXdNRjXTYgtLWlRLqIsaKSIS77RGoyRznWvqMgbp9_uTJSrmbG58_v_Q-eQiaB889c9cQ5qL538X_v2b-ynOAEAYAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2QdCl84nRR9JmPkZr_LBAKgcK1vw%26client%3Dca-pub-0795273331571599%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 17 Jun 2024 02:23:42 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 9126 2 KB
1 KB 17ms
16ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 17 Jun 2024 02:23:42 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 9126 308 B
636 B 26ms
16ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:43 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 17 Jun 2024 02:23:43 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 9126 293 B
621 B 27ms
17ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:43 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 17 Jun 2024 02:23:43 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 9126 2 KB
1 KB 26ms
8ms Script
application/javascript 2600:1400:9000::6875:b612
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=13846930&cmp=29214310&plc=358196926&sid=1340728&dvregion=0&unit=970x250
Requested by: Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZJUCLgABGOEKs9sRAA21UO4NFTnPnMt3n-5VbA&u=%7CA0oG8TsfsQIJ1jmN8Zd5a8SgnyRrc3KR%2BMyHQW%2B1YEY%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSORU0Czg3jKSfbBp90MLS0g-bYZvVZyAZxZIBHtvJNqQTRezZLVMMbHi3qipa2qDdSMdLyHBpEOe8wn9j7A4pYfCFQ5e6hSWJww1NH_88yacw0P2xFRTGT8iQEpZtZ8tzVFDBHJ4W8SvtURXtAMWTAr5yjAu4VcsfRlCHWbBAHSPCuws8Xbc9a2MF-lWA0Dt4dS9Ry4htAFTXcYXA0qIB9W6_WDQ1gpHA2C6ekXyAMikr12GMmHCWmxNwoxX5bVIDY-fL3DeBkEvAkbuv9c8Frtjj_CZc33MZ9-ysTSfZVHI6eJOCSz9Wam29QDcxpuAiGmAfrWSA7CH56A4q4STuhzvTqvk5XyCUSAzPCKp1QJ7ycnIU0AqXkG0lk_J-kaNGQt_KgADonbUrTYdpLvpRNOqbCmwAhDbqi6mtojYo8A6rVTrBV9mL_gQZyJt5GMo24FvBEciALlWKGsU9KcRBF4RR_jO6Si6PxMDLQxCxyu53pLHMLkQpkFzaraB9zNdzMqkd973I5pYJvpoGTg2RWehLs3Qe4_fYvwIba-aPzLPkIn4qA1fC6VDPuIWPcgaSWbiqu6un9DPRxhdTw9JKL9JUEJBHfELyZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyBCDLgKVZOGxBJG2zwXQ6raYBpyB77BcosqnqnTAjbcBEAEgAGDJxqmLwKTYD4IBF2NhLXB1Yi0wNzk1MjczMzMxNTcxNTk5yAEJ4AIAqAMBqgT5AU_QaQS5xnhCT5I-xRJVKkcp8V47eDIvXoYFYO2NGVmrMoXHvQaIyr035MCk-_g9WOn3hldglVjZUQdN0nTwj4T0zBmNKrB-CcIkKdj--W1TRYB38nXOhHryoTbvUMAs83OJwLskF6mVfK3gqIyD14jD3OEJmXkz1oImVoFkbCKLr4u7lqXxjr6nd0QrBROVfiYDCUs3q5OE_GpbE_egqfz88h8n0iq2jqvo9-fNL5hnpX6xs3sVm-ROxFOXdNRjXTYgtLWlRLqIsaKSIS77RGoyRznWvqMgbp9_uTJSrmbG58_v_Q-eQiaB889c9cQ5qL538X_v2b-ynOAEAYAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2QdCl84nRR9JmPkZr_LBAKgcK1vw%26client%3Dca-pub-0795273331571599%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000::6875:b612 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Fri, 23 Jun 2023 02:23:43 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jan 2023 11:02:09 GMT
Server: UploadServer
ETag: "87b6182d03ee779aa68e37632f67656e"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 913
Expires: Thu, 01 Jun 2023 12:16:13 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 9126 8 KB
4 KB 30ms
10ms Script
application/javascript 2600:1400:9000::6875:b612
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=13846930&cmp=29214310&plc=358196926&sid=1340728&adsrv=169&btreg=banner_content&btadsrv=banner_content&tagtype=&dvtagver=6.1.src
Requested by: Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZJUCLgABGOEKs9sRAA21UO4NFTnPnMt3n-5VbA&u=%7CA0oG8TsfsQIJ1jmN8Zd5a8SgnyRrc3KR%2BMyHQW%2B1YEY%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSORU0Czg3jKSfbBp90MLS0g-bYZvVZyAZxZIBHtvJNqQTRezZLVMMbHi3qipa2qDdSMdLyHBpEOe8wn9j7A4pYfCFQ5e6hSWJww1NH_88yacw0P2xFRTGT8iQEpZtZ8tzVFDBHJ4W8SvtURXtAMWTAr5yjAu4VcsfRlCHWbBAHSPCuws8Xbc9a2MF-lWA0Dt4dS9Ry4htAFTXcYXA0qIB9W6_WDQ1gpHA2C6ekXyAMikr12GMmHCWmxNwoxX5bVIDY-fL3DeBkEvAkbuv9c8Frtjj_CZc33MZ9-ysTSfZVHI6eJOCSz9Wam29QDcxpuAiGmAfrWSA7CH56A4q4STuhzvTqvk5XyCUSAzPCKp1QJ7ycnIU0AqXkG0lk_J-kaNGQt_KgADonbUrTYdpLvpRNOqbCmwAhDbqi6mtojYo8A6rVTrBV9mL_gQZyJt5GMo24FvBEciALlWKGsU9KcRBF4RR_jO6Si6PxMDLQxCxyu53pLHMLkQpkFzaraB9zNdzMqkd973I5pYJvpoGTg2RWehLs3Qe4_fYvwIba-aPzLPkIn4qA1fC6VDPuIWPcgaSWbiqu6un9DPRxhdTw9JKL9JUEJBHfELyZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyBCDLgKVZOGxBJG2zwXQ6raYBpyB77BcosqnqnTAjbcBEAEgAGDJxqmLwKTYD4IBF2NhLXB1Yi0wNzk1MjczMzMxNTcxNTk5yAEJ4AIAqAMBqgT5AU_QaQS5xnhCT5I-xRJVKkcp8V47eDIvXoYFYO2NGVmrMoXHvQaIyr035MCk-_g9WOn3hldglVjZUQdN0nTwj4T0zBmNKrB-CcIkKdj--W1TRYB38nXOhHryoTbvUMAs83OJwLskF6mVfK3gqIyD14jD3OEJmXkz1oImVoFkbCKLr4u7lqXxjr6nd0QrBROVfiYDCUs3q5OE_GpbE_egqfz88h8n0iq2jqvo9-fNL5hnpX6xs3sVm-ROxFOXdNRjXTYgtLWlRLqIsaKSIS77RGoyRznWvqMgbp9_uTJSrmbG58_v_Q-eQiaB889c9cQ5qL538X_v2b-ynOAEAYAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2QdCl84nRR9JmPkZr_LBAKgcK1vw%26client%3Dca-pub-0795273331571599%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000::6875:b612 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 0746b21cfaae0aeba1fe18ef923cf659a3d82203c4f9368f6c3c10e82eefcffb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Fri, 23 Jun 2023 02:23:43 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Jun 2023 08:32:27 GMT
Server: UploadServer
ETag: "94707cfe9b8ec381b248dabc78be09a3"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3397
Expires: Wed, 21 Jun 2023 08:47:36 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame 9126 43 B
347 B 27ms
18ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=I5M6U3vww8OiAxYJKAPiIhTrdYL3tgBf--4Zq0YYsiUlA3DY0uIT2CwFZ1-kzdWb5n7WXUfdVhXDA4eOaB_3LPZoaO8M5zcAKIykq8n8exMU1XtoTcyxrtcjHF4I_e3Dg9CyI-ip4cL-E16UYtjRLAOrvShCyDCh4ZoqoGEEbP8PeVGcDJzIF1cjMGAK_f2FnMuVyQ2Vi_uAnOAsRFWcRXMBceWVT5egJXbsLPOX4ZmYCXZD8GYRsIlAMcYUr0bq_Y9KhdIqbXdrhs7H80vUN11c17-ptAiyGokuCGxGV9iAv7OkoZB-O1rcQFpBT0DVEUOup6iEMfayBd0ipL2U2nmdQ2y2MtP5racjFG2uDV7k1QpTzufabw-Ww2ouQlZyhqTrqywBdsY-f1bAolDI-1peAhkJUsqtaetw5ddgzhPEXkSU

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jun 2023 02:23:42 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3957824
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 /
d.agkn.com/pixel/8538/ Frame 9126 43 B
563 B 48ms
17ms Image
image/gif 2600:9000:24f3:ae00:19:fc2c:a140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.agkn.com/pixel/8538/?che=6495022e064b7cbf2d869a9a7c3b639d&col=308271,0,0,0,11120203,6495022e064b7cbf2d869a9a7c3b639d
Requested by: Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZJUCLgABGOEKs9sRAA21UO4NFTnPnMt3n-5VbA&u=%7CA0oG8TsfsQIJ1jmN8Zd5a8SgnyRrc3KR%2BMyHQW%2B1YEY%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSORU0Czg3jKSfbBp90MLS0g-bYZvVZyAZxZIBHtvJNqQTRezZLVMMbHi3qipa2qDdSMdLyHBpEOe8wn9j7A4pYfCFQ5e6hSWJww1NH_88yacw0P2xFRTGT8iQEpZtZ8tzVFDBHJ4W8SvtURXtAMWTAr5yjAu4VcsfRlCHWbBAHSPCuws8Xbc9a2MF-lWA0Dt4dS9Ry4htAFTXcYXA0qIB9W6_WDQ1gpHA2C6ekXyAMikr12GMmHCWmxNwoxX5bVIDY-fL3DeBkEvAkbuv9c8Frtjj_CZc33MZ9-ysTSfZVHI6eJOCSz9Wam29QDcxpuAiGmAfrWSA7CH56A4q4STuhzvTqvk5XyCUSAzPCKp1QJ7ycnIU0AqXkG0lk_J-kaNGQt_KgADonbUrTYdpLvpRNOqbCmwAhDbqi6mtojYo8A6rVTrBV9mL_gQZyJt5GMo24FvBEciALlWKGsU9KcRBF4RR_jO6Si6PxMDLQxCxyu53pLHMLkQpkFzaraB9zNdzMqkd973I5pYJvpoGTg2RWehLs3Qe4_fYvwIba-aPzLPkIn4qA1fC6VDPuIWPcgaSWbiqu6un9DPRxhdTw9JKL9JUEJBHfELyZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyBCDLgKVZOGxBJG2zwXQ6raYBpyB77BcosqnqnTAjbcBEAEgAGDJxqmLwKTYD4IBF2NhLXB1Yi0wNzk1MjczMzMxNTcxNTk5yAEJ4AIAqAMBqgT5AU_QaQS5xnhCT5I-xRJVKkcp8V47eDIvXoYFYO2NGVmrMoXHvQaIyr035MCk-_g9WOn3hldglVjZUQdN0nTwj4T0zBmNKrB-CcIkKdj--W1TRYB38nXOhHryoTbvUMAs83OJwLskF6mVfK3gqIyD14jD3OEJmXkz1oImVoFkbCKLr4u7lqXxjr6nd0QrBROVfiYDCUs3q5OE_GpbE_egqfz88h8n0iq2jqvo9-fNL5hnpX6xs3sVm-ROxFOXdNRjXTYgtLWlRLqIsaKSIS77RGoyRznWvqMgbp9_uTJSrmbG58_v_Q-eQiaB889c9cQ5qL538X_v2b-ynOAEAYAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2QdCl84nRR9JmPkZr_LBAKgcK1vw%26client%3Dca-pub-0795273331571599%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f3:ae00:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jun 2023 02:23:42 GMT
via: 1.1 3d088826d90526f82c740c9ebe467f50.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P2
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: image/gif
cache-control: no-cache, must-revalidate
content-length: 43
x-amz-cf-id: F_BCNVIGLhdBORs_kgjUKy0dMS0v5pGoPrj2qFEpJUQTH2WVInhjBQ==
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

B29214310.358196926;dc_pre=CJO0yISr2P8CFccYiAkdmmsGNw;dc_trk_aid=549043976;dc_trk_cid=186144873;dcopt=anid;ord=6495022e064b7cbf2d869a9a7c3b639d;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf...
ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/ Frame 9126
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B29214310.358196926;dc_trk_aid=549043976;dc_trk_cid=186144873;dcopt=anid;ord=6495022e064b7cbf2d869a9a7c3b639d;dc_lat=;dc_rdid=;tag_for_ch...
https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B29214310.358196926;dc_pre=CJO0yISr2P8CFccYiAkdmmsGNw;dc_trk_aid=549043976;dc_trk_cid=186144873;dcopt=anid;ord=6495022e064b7cbf2d869a9a7c...

42 B
118 B

49ms
48ms

Image
image/gif

172.217.13.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B29214310.358196926;dc_pre=CJO0yISr2P8CFccYiAkdmmsGNw;dc_trk_aid=549043976;dc_trk_cid=186144873;dcopt=anid;ord=6495022e064b7cbf2d869a9a7c3b639d;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd=?

Requested by

Protocol

Server

172.217.13.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jun 2023 02:23:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 23 Jun 2023 02:23:43 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B29214310.358196926;dc_pre=CJO0yISr2P8CFccYiAkdmmsGNw;dc_trk_aid=549043976;dc_trk_cid=186144873;dcopt=anid;ord=6495022e064b7cbf2d869a9a7c3b639d;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd=?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pixel.gif
tracker.samplicio.us/tracker/135ae744-093c-4f69-8b53-a36ce6361ac1/ Frame 9126 35 B
390 B 18ms
13ms Image
image/gif 35.169.41.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tracker.samplicio.us/tracker/135ae744-093c-4f69-8b53-a36ce6361ac1/pixel.gif?c1=11120203&pid=41614&sid=13693666557223153817&crid=308271&device_id=&cachebuster=6495022e064b7cbf2d869a9a7c3b639d&gdpr=0&gdpr_consent=&gdpr_pd=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.169.41.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-169-41-60.compute-1.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Fri, 23 Jun 2023 02:23:43 GMT
Strict-Transport-Security: max-age=604800
Server: nginx/1.20.0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
DATA 200
OK truncated
/ Frame F728 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 39163be1f6f4710c377d069f747fd05ab507f83ae5a9a8d035967b5f465c331f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4FFB 0
0 46ms
46ms Fetch
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu2P0JaLPKuYhK2lgJ_FDp2H7KH8OpoNdKO-REmfhBZ-jRxdmerJoxRxi8Z3rb1SudtqBkdZKD8tI9i1N-XYBev9CFQlPzxor-xFlrgsmUPvOSLbrIw-5NeqePCGeolo-xKIJ2YTUqhfFnJTTVQF0kQaTj6KBwPXYLadde05MctkedV6SSpZNJtbg2k8KsAydKUW_-qTuvqI3aFc97Ptx7vjhANGUVvUrWJAIWIlGaPPwZj3xQ9SfcXmHIG9-pEEgGMzEXVHz1cXmGnd4w5VRkr_ivbK9QLfA4ovt013GEnnv-VT3BHFoJa86iSLaXi0IwwQDDhR644qrR0y3ZojQ&sai=AMfl-YS84ceJu5bEU3YYg7EGSeinSLv5q8H3L7TbJWYGVcj4TscVQFqH2bXAJWYXNI89Oyi4bLH76FoEksYNckViJWdAAnCdNJQfWPxDxXxI7ooUY_kaB2KSFW7N7kCY6k8&sig=Cg0ArKJSzICw2FRSM7XyEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com
URL: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 16524037389474192605
tpc.googlesyndication.com/simgad/ Frame 9F19 16 KB
16 KB 20ms
19ms Image
image/jpeg 2607:f8b0:4020:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16524037389474192605?

Requested by

Host: 6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com
URL: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5606104b0efa0368621f3a7f57c3fa32078786b908484e95a0c996eb9a3b384d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 04:18:29 GMT
x-content-type-options: nosniff
age: 79514
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16350
x-xss-protection: 0
last-modified: Wed, 09 Dec 2020 03:44:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 21 Jun 2024 04:18:29 GMT

GET
DATA 200
OK truncated
/ Frame 9F19 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f69f9d41f3e8759202d4a5f04ff8c8070ea9ec3694139fa355118613db74582

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4368525831897043834
tpc.googlesyndication.com/simgad/ Frame 4FFB 28 KB
28 KB 19ms
19ms Image
image/jpeg 2607:f8b0:4020:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4368525831897043834?

Requested by

Host: 6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com
URL: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ae4a27885823f9d449c6fbf7b850d39d1023e3431b3bfa0179917fe48d33ccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 04:18:29 GMT
x-content-type-options: nosniff
age: 79514
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28226
x-xss-protection: 0
last-modified: Wed, 25 Nov 2020 10:35:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 21 Jun 2024 04:18:29 GMT

GET
DATA 200
OK truncated
/ Frame 4FFB 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea09151ba8f4ebb3eef9f73b27cc79aa4f8a2833b83ede406cee90f3da7f9226

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK dvbs_src_internal117.js Show response
cdn.doubleverify.com/ Frame 3447 57 KB
19 KB 7ms
7ms Script
application/javascript 2600:1400:9000::6875:b612
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=13846930&cmp=29214310&plc=358196926&sid=1340728&dvregion=0&unit=300x250
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000::6875:b612 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: c74d4c8be63fda641c0e0255ad3c7416862f17e31442a1a0ddd7645bc2d69d3c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Fri, 23 Jun 2023 02:23:43 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jan 2023 11:02:11 GMT
Server: UploadServer
ETag: "d07704704b2ea7cfd4b9f2d78f0c7dbb"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18861
Expires: Thu, 30 May 2024 12:11:04 GMT

GET
H/1.1 200
OK dvbs_src_internal117.js Show response
cdn.doubleverify.com/ Frame 9126 57 KB
19 KB 7ms
7ms Script
application/javascript 2600:1400:9000::6875:b612
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=13846930&cmp=29214310&plc=358196926&sid=1340728&dvregion=0&unit=970x250
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000::6875:b612 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: c74d4c8be63fda641c0e0255ad3c7416862f17e31442a1a0ddd7645bc2d69d3c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Fri, 23 Jun 2023 02:23:43 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jan 2023 11:02:11 GMT
Server: UploadServer
ETag: "d07704704b2ea7cfd4b9f2d78f0c7dbb"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18861
Expires: Thu, 30 May 2024 12:11:04 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9F19 0
0 41ms
41ms Fetch
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv7m6F58LXdErfonO-5CsFhev47aGxtFXWXSCn2DiGTfrD32VyDGz2YenG1zgH53NyIUtoHeGOxqvj7rtOs6euNYhV-vMRxzu73r2H_BNI0kj1iThYKZmGt1llYpspC42xvYNJ6617L-XzYZgIJu2eCFgWfoHgSGdWF0lK_MjoRQrO_-poTpCjMlqcz9MrEWJxODBGrMGlDttgRNn74E6lZ5lm-Yv_FS7z0tElvV50OpytgGVeeUZ-QXA0iGiJygDuVrHxdv6jLsp70nm3hWYucSoYGLOeyJB8CRS8iASpHAvIyfPo1OyVA9z-Vx7QDYdiXBUTmOWt1m-K46IIVIhIf&sai=AMfl-YT9H78zvlf6BbukxikLA5lyU6jArXZy6vEZYAttjxX7rQLHyaXyL0Mx0GK9fmCFzcAIH4_AaPvQosqI1Bd2LgKOLVsN3BDvAhvWdUYxRwkJIt2hfifTxMqtjfhiw2o&sig=Cg0ArKJSzL9et3zJEzWVEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 23 Jun 2023 02:23:43 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4FFB 0
0 41ms
41ms Fetch
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsupD25qA-zam5M4hhPdbbRRkRxIYFb5hbXK38FSMtC6iqYpFfo0-g3ATOsgOmc0AbhgKs7fYoSpsSuUY3hcYCWo-weC2HTTUacgaKLJvmA_0COVfzZ8Ab4yrLYyzJ6Ja8TNowQKRhore4DS-ex_hgr5cUwDHpZLPYobgWMC7gX15YP40MqcIrpd0x9Eo76NAoQOrenrA1qRBcy8rSBMcvr8zbDQQc7eeh1bezLviRAzU4NA2RBPkiZyqyrJfBpoXJWeZT5XJIy3qtDDpoHF-hDwIA3rBVEHogOc73-g6Lmfy51ezIbyo4rDEUpSt0xe9rWjPMxy1Em9zrB9ryySeuUN&sai=AMfl-YRlTwCciF-1bby-dSIJrTEfSGEWqh7cvYNwtdVP8gxUcJwi7rI0-VrzkmkOPEua6sTMlfnOjpRqbKPcDFHv2T20QbR1eYtIa0FiaXbqZDaznHpCnUfUDvWR2UKuiFQ&sig=Cg0ArKJSzJ-rxiDI8j42EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 23 Jun 2023 02:23:43 GMT

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 3447 1 KB
924 B 4595ms
4353ms Script
text/javascript 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_650169623501&jsTagObjCallback=__tagObject_callback_650169623501&num=6&ctx=13846930&cmp=29214310&plc=358196926&sid=1340728&advid=&adsrv=&unit=300x250&isdvvid=&uid=650169623501&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.30&dvpx_strhd=0.30&brid=3&brver=114&bridua=3&dup=null&srcurlD=1&ssl=1&refD=2&tagpb=1&htmlmsging=1&tstype=128&aUrlD=1&m1=13&noc=4&fcifrms=11&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=165&eparams=DC4FC%3Dl9EEADTbpTauTaue33%60a%60%60bcgchcffa726g_ff7_4b4_a%60_%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D56%3C%5C5%5D4%40%3ETar9EEADTbpTauTaue33%60a%60%60bcgchcffa726g_ff7_4b4_a%60_%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETar9EEADTbpTauTau25D%5DFD%5D4C%3AE6%40%5D4%40%3EU2%26C%3Dl9EEADTbpTauTaue33%60a%60%60bcgchcffa726g_ff7_4b4_a%60_%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETau&dvp_exetime=13.40&callbackName=__verify_callback_650169623501
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 226fad356524cba22f57436c9ff980a48dd62c091cf4a98db59dd47d367e5c7f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Jun 2023 02:23:47 GMT
Content-Encoding: br
X-DV-Response: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 06/22/2023 02:23:47

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 9126 656 B
702 B 270ms
33ms Script
text/javascript 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_521538002070&jsTagObjCallback=__tagObject_callback_521538002070&num=6&ctx=13846930&cmp=29214310&plc=358196926&sid=1340728&advid=&adsrv=&unit=970x250&isdvvid=&uid=521538002070&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.10&dvpx_strhd=0.10&brid=3&brver=114&bridua=3&dup=null&srcurlD=1&ssl=1&refD=2&tagpb=1&htmlmsging=1&tstype=128&aUrlD=1&m1=13&noc=4&fcifrms=11&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=165&eparams=DC4FC%3Dl9EEADTbpTauTaue33%60a%60%60bcgchcffa726g_ff7_4b4_a%60_%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D56%3C%5C5%5D4%40%3ETar9EEADTbpTauTaue33%60a%60%60bcgchcffa726g_ff7_4b4_a%60_%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETar9EEADTbpTauTau25D%5DFD%5D4C%3AE6%40%5D4%40%3EU2%26C%3Dl9EEADTbpTauTaue33%60a%60%60bcgchcffa726g_ff7_4b4_a%60_%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETau&dvp_exetime=3.90&callbackName=__verify_callback_521538002070
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: d1ce840d512e3b00e4b499e6297e2dddda558f0cdc14f5eaa764f122652640b7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Jun 2023 02:23:43 GMT
Content-Encoding: br
X-DV-Response: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 06/22/2023 02:23:43

POST
H/1.1 204
No Content bsevent.gif
rtbc-ue1.doubleverify.com/ Frame 9126 0
234 B 42ms
25ms Ping
text/plain 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-ue1.doubleverify.com/bsevent.gif?flvr=0&impid=fb21475e136244b0a0905c5f688e6c19&vfdur=271&cbust=1687487023379379
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Fri, 23 Jun 2023 02:23:43 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 06/22/2023 02:23:43

GET
H/1.1 200
OK dv-measurements3986.js Show response
cdn.doubleverify.com/ Frame 01BF 536 KB
102 KB 7ms
7ms Script
application/javascript 2600:1400:9000::6875:b612
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements3986.js
Requested by: Host: www.dek-d.com
URL: https://www.dek-d.com/board/view/4089585
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000::6875:b612 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: c77b0be9295b67ebc3f1c502c5ac19d16146f6944a589571e3614d001fcd6f66

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Fri, 23 Jun 2023 02:23:43 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Jun 2023 07:26:37 GMT
Server: UploadServer
ETag: "d1550ccef1bd9a412485e22d13a82577"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 103922
Expires: Thu, 20 Jun 2024 07:26:53 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 9126 12 KB
5 KB 42ms
17ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2450564
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6kSKkoQ1X2puX7LWOTKWE3LEJvh0Cl72jqiWkOBnQfDc0CxJSnbp3G56xQPFDi%2FNtNcoqLlp2%2FD3P%2FKtxp7AwvvgrxovYyYFraz7QkdGoF%2FLaBSeI69jDLlTqOsLKxa90wwMuR4l3cGNtx4MQk80TXYl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7db945487de643b3-EWR
expires: Wed, 12 Jun 2024 02:23:43 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 9126 12 KB
6 KB 14ms
14ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 17 Jun 2024 02:23:43 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 9126 10 KB
11 KB 61ms
18ms Image
image/png 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?h=496&m=0&partner=5535&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F5535%2F190813%2F2bae0630a27c46a094683d10c9b6171a_logo_dark_horizontal.png&v=3&w=356&s=Nfu7_0LBwoHzlpYOw6E6Z0zi

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

dc34cb9fe29ed790804ac34794be5b3ba18f30322779464b4dd92289372797fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:43 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 10667
expires: Tue, 14 May 2024 16:57:45 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 9126 9 KB
9 KB 60ms
19ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F9%2Foptimized%2F24728626_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=ulBYp0KdX7L9vc-rDT3WBpfK&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

c08f29509210b6406ddc42924607d4b57d6c16a67110e1ac1c33eded0ca528a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:43 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
content-length: 8834
expires: Sat, 22 Jul 2023 16:10:45 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 9126 11 KB
11 KB 52ms
11ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F6%2Foptimized%2F22116306_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=V2gr6butVUPKU1hSSoPhfBId&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

917a05ec67b62ebc8f6af4de63c04ed65158f60276db0df3597be281454899b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:43 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
content-length: 10910
expires: Sat, 15 Jul 2023 22:34:41 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 9126 7 KB
7 KB 64ms
24ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F9%2Foptimized%2F23909590_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=GPJF5X5d38_1NblzZUG40BAU&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

8f7587835530ca3dac74b65d52c7cdb3c0630e4b72820a47b55ce4f129d30322

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:43 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
content-length: 7170
expires: Fri, 21 Jul 2023 21:54:55 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 9126 11 KB
12 KB 67ms
26ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F5%2Foptimized%2F21959485_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=Lcpzb1C1Ga7YGaCxEAIg7r1b&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

0295ddc77f39a8537f9d2466efbb80951e7a0c9e91b7ad2f497c45c777208727

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
content-length: 11728
expires: Sun, 02 Jul 2023 22:15:01 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 9126 8 KB
9 KB 61ms
21ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F7%2Foptimized%2F23456003_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=UVYrElqQ3V3JXFb-xOrcX2Yy&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

cfbfa7526b83268be12afbfc7fb9823a0245e6d16e763727d38381caa58d25eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:43 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
content-length: 8680
expires: Mon, 03 Jul 2023 15:47:57 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 9126 16 KB
16 KB 20ms
18ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F9%2Foptimized%2F22992422_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=ahGIeMSh3enaYhrelkIujGPh&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

8ff76b83b34c1ee5d6ce41c7d32dd942fdfdd8a0744a20c4e547f8481feef92a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:43 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
content-length: 16466
expires: Thu, 20 Jul 2023 15:45:08 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 9126 6 KB
6 KB 20ms
18ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F0%2Foptimized%2F17628711_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=jE7wue2eE7QoPeqBjJCPFX1U&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

a1a8e800b1a6f118ce4e88a87ff9829156f64ff8eb6af70921bbd27981b96ecb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
content-length: 6102
expires: Thu, 20 Jul 2023 15:45:05 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 9126 4 KB
5 KB 18ms
16ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F8%2Foptimized%2F22114548_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=WlHEWgLAinT5NprJMdqI2faq&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

07352e8e40a24035c71b8c75ea0a9e12f21a3062ea3bfbde7e1b1e7c469d308b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:43 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
content-length: 4486
expires: Sat, 01 Jul 2023 16:00:33 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 9126 8 KB
8 KB 26ms
24ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F7%2Foptimized%2F21906667_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=yACZ7aBKVXtOn0jT8JNORPM7&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

5aeb9ed201740481914bc8a07d8e413d2b57c08436da04ed96f145aa3dff2b8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:43 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
content-length: 8400
expires: Tue, 18 Jul 2023 15:05:20 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 9126 6 KB
6 KB 25ms
23ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F2%2Foptimized%2F22461232_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=D7Bqr2R0pFOwQ-zcyqzOCyq_&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

fd36c02b9651e5ed705ddfa3a4d659d6899986e3abb1f8da162947112b67b52f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:43 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
content-length: 6266
expires: Tue, 18 Jul 2023 20:20:01 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 9126 5 KB
5 KB 27ms
26ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F8%2Foptimized%2F18084038_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=Lap1uXGSHbHgjWCaSsjUAbWU&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

bd826dcb22621c1c9ad788177fcae72f3ec4bdf7309c88e65858b43076e00d4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:43 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
content-length: 5154
expires: Tue, 18 Jul 2023 10:59:07 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 9126 9 KB
9 KB 23ms
21ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F2%2Foptimized%2F21906717_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=HAN0E0FZ4fXPL3sNLjRIr8sU&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

8f4b0434f1e6adf106745a0473ca1478d9cb713cd273f96a9c6574a46e0e9d40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
content-length: 9452
expires: Tue, 04 Jul 2023 15:46:38 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 9126 7 KB
7 KB 27ms
25ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F2%2Foptimized%2F22337257_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=SAOILdz2HXA-n2hFRPe5n4u0&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

3b6f99e759d48081bdde4ea9dbf369866d79664d0367f3d0db674163ea673ed1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:43 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
content-length: 6728
expires: Sat, 22 Jul 2023 16:30:57 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 9126 6 KB
7 KB 24ms
22ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F4%2Foptimized%2F23913714_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=UiaHG5ijVG-3FaPmpFX9T3tK&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

f04585061f05cab08f8a070d1ce003a9837a5ade3d429188828555ef5ae066d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:43 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
content-length: 6648
expires: Fri, 21 Jul 2023 22:01:23 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 9126 4 KB
4 KB 24ms
23ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F7%2Foptimized%2F21077459_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=DtwkpqLDho1DsdineWo8ouOX&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

21a1eeb4803793591661a9037eddfbe00b396720b96f6294f358b501daf95613

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
content-length: 3886
expires: Sat, 15 Jul 2023 21:51:44 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 9126 0
128 B 45ms
11ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=H0a7eVwXvvdwtvlfm-vHjxCtCCD5zUS3BbOR02MvGI-tUZI_kBBqiO0HewFmf654Fu7yQQVpZJ3BkPYyNP0hhIXMjGd4YpG3tORdBTA8vLGv_a7ygIJ65ACSmScVMa2TnHXRv9pS6xL5SVIQG2uy3u1kJary7uONFLXtAam_T-FtER-5q_OLHQ4-ibPc1ND8x9r5lwgIrEGVW-pGQjPtrWjqfcwGYwCV9FBBcqA5I6MWIti7mOItUNadAboiix7gQ8s1IQ&sds=2&rev=87007&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 23 Jun 2023 02:23:43 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 9126 2 KB
1 KB 16ms
12ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 17 Jun 2024 02:23:43 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 9126 2 KB
1 KB 12ms
11ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 17 Jun 2024 02:23:43 GMT

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 01BF 694 B
728 B 337ms
31ms Script
text/javascript 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=214&ttfrms=38&brid=3&brver=114.0.5735.133&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTaue33%60a%60%60bcgchcffa726g_ff7_4b4_a%60_%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D56%3C%5C5%5D4%40%3ETar9EEADTbpTauTaue33%60a%60%60bcgchcffa726g_ff7_4b4_a%60_%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETar9EEADTbpTauTau25D%5DFD%5D4C%3AE6%40%5D4%40%3E&srcurlD=1&aUrlD=0&ssl=https:&dfs=242&ddur=151&uid=1687487023630434&jsCallback=dvCallback_1687487023630204&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.133%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=250&winw=970&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3986&tgjsver=3986&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fads.us.criteo.com%2Fdelivery%2Fr%2Fafr.php%3Fz%3DZJUCLgABGOEKs9sRAA21UO4NFTnPnMt3n-5VbA%26u%3D%257CA0oG8TsfsQIJ1jmN8Zd5a8SgnyRrc3KR%252BMyHQW%252B1YEY%253D%257C%26c1%3DTUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSORU0Czg3jKSfbBp90MLS0g-bYZvVZyAZxZIBHtvJNqQTRezZLVMMbHi3qipa2qDdSMdLyHBpEOe8wn9j7A4pYfCFQ5e6hSWJww1NH_88yacw0P2xFRTGT8iQEpZtZ8tzVFDBHJ4W8SvtURXtAMWTAr5yjAu4VcsfRlCHWbBAHSPCuws8Xbc9a2MF-lWA0Dt4dS9Ry4htAFTXcYXA0qIB9W6_WDQ1gpHA2C6ekXyAMikr12GMmHCWmxNwoxX5bVIDY-fL3DeBkEvAkbuv9c8Frtjj_CZc33MZ9-ysTSfZVHI6eJOCSz9Wam29QDcxpuAiGmAfrWSA7CH56A4q4STuhzvTqvk5XyCUSAzPCKp1QJ7ycnIU0AqXkG0lk_J-kaNGQt_KgADonbUrTYdpLvpRNOqbCmwAhDbqi6mtojYo8A6rVTrBV9mL_gQZyJt5GMo24FvBEciALlWKGsU9KcRBF4RR_jO6Si6PxMDLQxCxyu53pLHMLkQpkFzaraB9zNdzMqkd973I5pYJvpoGTg2RWehLs3Qe4_fYvwIba-aPzLPkIn4qA1fC6VDPuIWPcgaSWbiqu6un9DPRxhdTw9JKL9JUEJBHfELyZQ%26ct0%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCyBCDLgKVZOGxBJG2zwXQ6raYBpyB77BcosqnqnTAjbcBEAEgAGDJxqmLwKTYD4IBF2NhLXB1Yi0wNzk1MjczMzMxNTcxNTk5yAEJ4AIAqAMBqgT5AU_QaQS5xnhCT5I-xRJVKkcp8V47eDIvXoYFYO2NGVmrMoXHvQaIyr035MCk-_g9WOn3hldglVjZUQdN0nTwj4T0zBmNKrB-CcIkKdj--W1TRYB38nXOhHryoTbvUMAs83OJwLskF6mVfK3gqIyD14jD3OEJmXkz1oImVoFkbCKLr4u7lqXxjr6nd0QrBROVfiYDCUs3q5OE_GpbE_egqfz88h8n0iq2jqvo9-fNL5hnpX6xs3sVm-ROxFOXdNRjXTYgtLWlRLqIsaKSIS77RGoyRznWvqMgbp9_uTJSrmbG58_v_Q-eQiaB889c9cQ5qL538X_v2b-ynOAEAYAGiKHl-5aRkdh6oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2QdCl84nRR9JmPkZr_LBAKgcK1vw%2526client%253Dca-pub-0795273331571599%2526adurl%253D&fcifrms=11&brh=2&sdf=2&dvp_epl=346&noc=4&nav_pltfrm=Win32&ctx=13846930&cmp=29214310&sid=1340728&plc=358196926&btreg=banner_content&btadsrv=banner_content&adsrv=169&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=7093741.116921541&dvp_tukv=1469166961891.2812&dvp_strhd=0.5999984741210938&dvpx_strhd=0.5999984741210938&dvp_tuid=1636716544275&jurtd=3057941024
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3986.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: f1cf830e9a1966dd251ea8ecebf821444aeb74ab4545b525244fe6e2c0b9b6e9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Jun 2023 02:23:43 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 06/22/2023 02:23:43

GET
H2 200 roboto-400.css
static.criteo.net/design/googlefont/roboto/ Frame 9126 2 KB
842 B 11ms
10ms Stylesheet
text/css 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/roboto/roboto-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

f3bd93baf2d7ea7fe404497a78897e9300a56e1ef8e452cdd29c0156b2ff3aa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:14:19 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f13b-807"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 17 Jun 2024 02:23:43 GMT

GET
H2 200 roboto-700.css
static.criteo.net/design/googlefont/roboto/ Frame 9126 2 KB
841 B 16ms
16ms Stylesheet
text/css 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/roboto/roboto-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

49330dbdf50dc3440d871a2408c7ec4fec185d62e419fd9960000cd8eed78950

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:14:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f13d-807"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 17 Jun 2024 02:23:43 GMT

GET
H2 200 roboto-400-latin.woff2
static.criteo.net/design/googlefont/roboto/ Frame 9126 15 KB
16 KB 35ms
17ms Font
application/octet-stream 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/roboto/roboto-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/roboto/roboto-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

c6bdd002d23dcb0adbd87e3518bdd994de73818a0f0f502707986301b9fbc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/roboto/roboto-400.css
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:14:19 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f13b-3d80"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 17 Jun 2024 02:23:43 GMT

GET
H2 200 roboto-700-latin.woff2
static.criteo.net/design/googlefont/roboto/ Frame 9126 15 KB
16 KB 24ms
9ms Font
application/octet-stream 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/roboto/roboto-700-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/roboto/roboto-700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

ba9f43fbd9c0782c72ff6eddd221abdcfd9642cd4625227ad693347e4d6989db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/roboto/roboto-700.css
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:23:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:14:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f13d-3df4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 17 Jun 2024 02:23:43 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AE65 42 B
64 B 30ms
18ms Fetch
image/gif 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstGMmjYi9xWtINB3Uc6uX_jNvzJOCMuN8oEJYlRurhRxsvI-vx__o_FLe-fq6RBY0LICaeIx39JWj_eUFt8usqPdEE&sig=Cg0ArKJSzJIOlmMM0M8SEAE&id=lidar2&mcvt=1084&p=60,315,310,1285&mtos=1084,1084,1084,1084,1084&tos=1084,0,0,0,0&v=20230621&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1338211412&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687487022538&rpt=274&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jun 2023 02:23:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F728 42 B
64 B 19ms
18ms Fetch
image/gif 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstY3sKs4EvcBoBTC3cegn1LnV_0mmmvms5ihtj_nHU8bo-neXe6u9Is5GtHqdJwUphLStNJVL5Hb-DOxCu7KFBb_Po&sig=Cg0ArKJSzNAoEEzqdoaYEAE&id=lidar2&mcvt=1001&p=466,1035,716,1335&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230621&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2099640265&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687487022548&rpt=396&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Jun 2023 02:23:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 9126 0
127 B 14ms
13ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 23 Jun 2023 02:23:44 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

POST
H/1.1 204
No Content event.png
tpsc-ue1.doubleverify.com/ Frame 01BF 0
234 B 44ms
29ms Ping
text/plain 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-ue1.doubleverify.com/event.png?impid=bc3faa8fc68e489ca71ba6291ec2d61d&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=338&eoid=14&msrjs=3986&sdf=67108870&vit=2&isvelg=1&rmi=16&tltms=151&tetms=9&msltms=16&vltms=338&sei=289&vetms=5&tuviims=252&tuviems=595&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=328&msrcannum=3&ee_dp_tmads=2482&ismms=52&isumms=51&nvr=6&isgmmims=52&isgmv4mims=52&elmtp=3&isbxdms=2452&b0=100&b11=2471&adhgt=250&adwdth=970&norwdth=970&norhgt=250&vsos=13&dvp_vsosnmr=16&lftb=2571&sftb=2571&msrdp=1&naral=64&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=970&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1052&isuiabvms=1052&isgmpims=51&isgmv4dpims=1052&ispmxpms=1052&engalms=49&dvp_dpr=1&vstsz=734&ee_dp_cvcmeeid=1&metp=1&meeid=1&ttfurm=3381&cbust=1687487026976114
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3986.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Fri, 23 Jun 2023 02:23:47 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 06/22/2023 02:23:47

POST
H/1.1 204
No Content bsevent.gif
rtbc-ue1.doubleverify.com/ Frame 3447 0
234 B 55ms
30ms Ping
text/plain 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-ue1.doubleverify.com/bsevent.gif?flvr=0&impid=d59f265f68904c52afc2e67398cad65d&vfdur=4596&cbust=1687487027699569
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Fri, 23 Jun 2023 02:23:47 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 06/22/2023 02:23:47

GET dv-measurements3986.js
cdn.doubleverify.com/ Frame E3B6 0
0

GET webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 3447 0
0

GET animejs.js
static.criteo.net/animejs/ Frame 3447 0
0

GET img
imageproxy.us.criteo.net/img/ Frame 3447 0
0

POST all
csm.us.criteo.net/ Frame 3447 0
0

GET criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 3447 0
0

GET privacy.svg
static.criteo.net/flash/icon/ Frame 3447 0
0

POST all
csm.us.criteo.net/ Frame 3447 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: csi.gstatic.com
URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lj7y7aqr&c=8438493721801&slotId=4219246860900.5&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0

Domain: csi.gstatic.com
URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lj7y7b9k&c=8438493721801&slotId=4219246860900.5&uet=2&ghmsh_eids=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275

Domain: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3986.js

Domain: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Domain: static.criteo.net
URL: https://static.criteo.net/animejs/animejs.js

Domain: imageproxy.us.criteo.net
URL: https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F9%2Foptimized%2F24728626_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=ulBYp0KdX7L9vc-rDT3WBpfK&b=400

Domain: imageproxy.us.criteo.net
URL: https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F9%2Foptimized%2F23909590_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=GPJF5X5d38_1NblzZUG40BAU&b=400

Domain: imageproxy.us.criteo.net
URL: https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F7%2Foptimized%2F21906667_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=yACZ7aBKVXtOn0jT8JNORPM7&b=400

Domain: imageproxy.us.criteo.net
URL: https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F5%2Foptimized%2F21959485_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=Lcpzb1C1Ga7YGaCxEAIg7r1b&b=400

Domain: imageproxy.us.criteo.net
URL: https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F6%2Foptimized%2F22116306_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=V2gr6butVUPKU1hSSoPhfBId&b=400

Domain: imageproxy.us.criteo.net
URL: https://imageproxy.us.criteo.net/img/img?h=76&m=0&partner=5535&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F5535%2F190813%2F858ac6901f0540e895151555affc80e1_logo_dark_horizontal.png&v=3&w=596&s=DvWFZtHGyU8awAn0kAYfXgNl

Domain: imageproxy.us.criteo.net
URL: https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F8%2Foptimized%2F24323399_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=NCgJK8HO-UJ6flVOwQUJN3bP&b=400

Domain: imageproxy.us.criteo.net
URL: https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F5%2Foptimized%2F22678885_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=4T_VW0LA152K-GuaWXO68KNN&b=400

Domain: imageproxy.us.criteo.net
URL: https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F6%2Foptimized%2F22956075_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=9ZJcYS3ECz81AgxkPFGJ3wEz&b=400

Domain: imageproxy.us.criteo.net
URL: https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F2%2Foptimized%2F21908392_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=fqRGmzHGnv6n2amYQzu-V2ev&b=400

Domain: csm.us.criteo.net
URL: https://csm.us.criteo.net/all?cppv=3&cpp=Svs33FwXvvdwtvlfiL12Gv_0JTEpsYg3Z_H2ZAnvhaHbiMgIUVHd6tVbocYAXAiqZd2dn5fCPipJg_Gy58-8nIUSED_fZlCsrG9nBXmCZXFdM3IDgJgwTN5JyyfBJJIjV61IV3dolpcuUqrAD_5NCjzVqCC8P1I99JwTsKJKcuTxpQgt00Lm9OZOcz-TMHys6OqBRKoPYB_98ZGB4slJRSYIenpFW82CazCUu0jwGAxZYpOTgh18_6sQ1dBqw9sugVNcqw&sds=2&rev=87007&sendBeacon=true

Domain: static.criteo.net
URL: https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Domain: static.criteo.net
URL: https://static.criteo.net/flash/icon/privacy.svg

Domain: csm.us.criteo.net
URL: https://csm.us.criteo.net/all?cppv=3&cpp=Svs33FwXvvdwtvlfiL12Gv_0JTEpsYg3Z_H2ZAnvhaHbiMgIUVHd6tVbocYAXAiqZd2dn5fCPipJg_Gy58-8nIUSED_fZlCsrG9nBXmCZXFdM3IDgJgwTN5JyyfBJJIjV61IV3dolpcuUqrAD_5NCjzVqCC8P1I99JwTsKJKcuTxpQgt00Lm9OZOcz-TMHys6OqBRKoPYB_98ZGB4slJRSYIenpFW82CazCUu0jwGAxZYpOTgh18_6sQ1dBqw9sugVNcqw&sds=2&rev=87007&sendBeacon=true

Verdicts & Comments Add Verdict or Comment

318 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

51 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.dek-d.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: qt6hligss7j16le0i4fgu28gbn
.adbro.me/	1970-01-20 21:31:49	Name: uid Value: 69ebfb56-2cd9-4059-880e-82f7dfc02482
.www.dek-d.com/	1970-01-20 22:20:47	Name: G_ENABLED_IDPS Value: google
.dek-d.com/	1970-01-20 12:46:13	Name: _gid Value: GA1.2.1769911761.1687487021
.dek-d.com/	1970-01-20 12:44:47	Name: _dc_gtm_UA-1726177-1 Value: 1
.dek-d.com/	1970-01-20 12:44:47	Name: _gat_adbroGA Value: 1
.dek-d.com/	1969-12-31 23:59:59	Name: xcsrf-dd_login Value: 10750967dbdb6143e3e7989beea24996
.dek-d.com/	1970-01-20 22:20:47	Name: _ga_K7NW9P92F5 Value: GS1.1.1687487020.1.0.1687487020.60.0.0
.dek-d.com/	1970-01-20 22:20:47	Name: _ga Value: GA1.1.915016495.1687487021
.twitter.com/	1970-01-20 22:20:47	Name: personalization_id Value: "v1_itsKNghYQHrnQXAMJjCerw=="
.t.co/	1970-01-20 22:20:47	Name: muc_ads Value: a2844835-da04-4f3b-b790-fcbadd30fa19
.openx.net/	1970-01-20 21:30:23	Name: i Value: 5b6126ea-70e4-4d41-8355-417bbc3f9518\|1687487020
.dek-d.com/	1970-01-20 22:20:47	Name: _ga_J8TZJ65FPH Value: GS1.1.1687487020.1.0.1687487020.60.0.0
.dek-d.com/	1970-01-20 12:44:47	Name: lotame_domain_check Value: dek-d.com
.criteo.com/	1970-01-20 22:06:23	Name: uid Value: 7345b367-95b6-4429-a827-357d4b628b33
.crwdcntrl.net/	1970-01-20 19:13:33	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 19:13:33	Name: _cc_id Value: 3a8b2beeda0981abf73795078303e425
.www.dek-d.com/	1970-01-20 12:46:13	Name: freq.5f73e63e47e7040e00000000 Value: 1
.dek-d.com/	1970-01-20 19:13:35	Name: _cc_id Value: 3a8b2beeda0981abf73795078303e425
.dek-d.com/	1970-01-20 12:46:13	Name: panoramaId_expiry Value: 1687573421167
.dek-d.com/	1970-01-20 14:54:23	Name: _fbp Value: fb.1.1687487021343.1039425757
.google.com/	1970-01-20 17:08:18	Name: NID Value: 511=Tb8si3A-FxpR8lqf7_AJxr2nGjjIJphvC9a2e_S2cWRHPc3UUqeDDw9mVpzrtC6CVJfr2_ex1D4pqqkO1BxNSqzL73jFkH590OdG86UuRxBArolr6cNhuG7Huc4EQ57BmiWW8gitp8q_blUTj9S5qGnFsttLtIjU23hwQwYZQbo
.dek-d.com/	1970-01-20 22:06:23	Name: cto_bundle Value: sDO4vF80bkRRJTJCWUF2clRKYUZndyUyQmo2TXlGdmtHVEUzOHI0dmljajF3TWElMkZOV1YyUHJ2enhLd1V3NHkxb0dQNFo4UUlLY01idzVQc0oyWlZheDM3RGpWdlhnYWtXc2l6VmdpdjdFVWxzaWJCV2NKVU5kV1J2UHpRcWk0NlcxY2RRTDhObUVCNGtMMkhXTTFuVE0lMkIxS2JSJTJGYmlBJTNEJTNE
.openx.net/	1970-01-20 13:06:23	Name: pd Value: v2\|1687487021\|vMgavPkWgy
.adsrvr.org/	1970-01-20 21:31:49	Name: TDID Value: 905d8965-b469-4abf-b72b-692dbac0cfd0
.yahoo.com/	1970-01-20 21:30:44	Name: A3 Value: d=AQABBC0ClWQCEP0mXYiMQ7WuS6pEoo1M6_QFEgEBAQFTlmSeZAAAAAAA_eMAAA&S=AQAAAphzP2ouv1cVinOyIS4XOhc
.adsrvr.org/	1970-01-20 21:31:49	Name: TDCPM Value: CAEYBSABKAIyCwiW1p_58ub5OxAFOAE.
.openx.net/	1970-01-20 13:06:23	Name: univ_id Value: 537072971\|905d8965-b469-4abf-b72b-692dbac0cfd0\|1687487021498860
.amazon-adsystem.com/	1970-01-20 17:21:15	Name: ad-id Value: A1s9InblrUZIsOMhDzHoTQg
.amazon-adsystem.com/	1970-01-20 22:20:47	Name: ad-privacy Value: 0
.innity.com/	1970-01-20 12:46:13	Name: iGEO Value: US%7ENY
.doubleclick.net/	1970-01-20 22:20:47	Name: IDE Value: AHWqTUmPU7MG9DN4Rd3Bj1YYz54x9Q4z5dpWlBdAf-SMJu0IHeNnYmJzdmH3sec5ImE
.dek-d.com/	1970-01-20 22:20:47	Name: ka_iid Value: Sca3qNnDNUskpwfUu5jJ41
.dek-d.com/	1970-01-20 12:44:48	Name: ka_sid Value: 6ZoXs2Xc96vki1c16PULmV
.dek-d.com/	1970-01-20 22:20:47	Name: iUUID Value: 8b63462aaa6d3b6839162722d781afb5
.dek-d.com/	1970-01-20 12:44:48	Name: innity.dmp.142.sess Value: 1.1687487022285.1687487022285.1687487022285
.dek-d.com/	1970-01-20 12:44:48	Name: innity.dmp.142.sess.id Value: 43815980.142.1687487022285
.dek-d.com/	1970-01-20 12:46:13	Name: innity.dmp.cks.innity Value: 1
.dek-d.com/	1970-01-20 22:06:23	Name: __gads Value: ID=ccfe95d1db7eb3c8:T=1687487022:RT=1687487022:S=ALNI_MYAWJd7XjTgIRSsrIwpbixWYXLwkg
.dek-d.com/	1970-01-20 22:06:23	Name: __gpi Value: UID=00000c5f59204cd7:T=1687487022:RT=1687487022:S=ALNI_MYmIYS9XWLRLD0ObbgpHTH8eYxjUQ
avd.innity.com/	1970-01-20 12:46:13	Name: geo Value: %3B%3B%3B%3B%3B
.mxptint.net/	1970-01-20 22:20:47	Name: mxpim Value: R33646_104B25B2C_1209A2417.1.6495022E
.quantserve.com/	1970-01-20 14:54:23	Name: d Value: EBcBCQGmKYEA
.quantserve.com/	1970-01-20 22:15:01	Name: mc Value: 6495022e-c04a7-a3d8a-fe8f1
.w55c.net/	1970-01-20 22:15:01	Name: wfivefivec Value: 5lxr3GUr1QcwsC5
.dotomi.com/	1970-01-20 12:44:47	Name: DotomiTest Value: 13a16c0aa9f7212e
.w55c.net/	1970-01-20 13:27:59	Name: matchgoogle Value: 5
.samplicio.us/	1970-01-20 22:20:47	Name: _ftv Value: 85a3edf3-aa87-4b00-b03c-f68bb850acca
.agkn.com/	1970-01-20 21:30:23	Name: u Value: C\|0AAAsJ76vLCe-rwAAAAAA
.agkn.com/	1970-01-20 21:30:23	Name: ab Value: 0001%3AzdMTKj8WCST0vWw0R0z4vZDpvb%2FOGf55
.innity.com/	1970-01-20 22:20:47	Name: iUUID Value: 92535d008fe1414c8d3b0a2b4d1061dc

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5o5-TAFr18s.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_qgszOsFrBH7bZ1Rmfwa9Mc03wLQ/cb=gapi.loaded_0?le=scs(Line 186) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 468) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport Message: Failed to load resource: the server responded with a status of 400 ()
other	warning	URL: https://6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6bb1211348494772fae8077f0c3c0210.safeframe.googlesyndication.com
accounts.google.com
ad.doubleclick.net
ads.us.criteo.com
adservice.google.com
aep.mxptint.net
analytics.google.com
analytics.twitter.com
apis.adbro.me
apis.google.com
as.innity.com
avd.innity.com
avd.innity.net
bcp.crwdcntrl.net
blogger.googleusercontent.com
cat.va.us.criteo.com
cdn.doubleverify.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.radiantmediatechs.com
cdn.thelead.tech
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
connect.thelead.tech
csi.gstatic.com
csm.us.criteo.net
d.agkn.com
dclk-match.dotomi.com
esp.rtbhouse.com
fonts.googleapis.com
fonts.gstatic.com
google-bidout-d.openx.net
gum.criteo.com
id5-sync.com
imageproxy.us.criteo.net
imasdk.googleapis.com
img.dek-d.com
invstatic101.creativecdn.com
match.adsrvr.org
media.innity.net
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
pm.w55c.net
pr-bh.ybp.yahoo.com
pubads.g.doubleclick.net
rtb.va.us.criteo.com
rtb0.doubleverify.com
rtbc-ue1.doubleverify.com
s.amazon-adsystem.com
s0.2mdn.net
securepubads.g.doubleclick.net
ssl-avd.innity.net
static.ads-twitter.com
static.criteo.net
stats.g.doubleclick.net
t.co
tag.adbro.me
tags.crwdcntrl.net
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-ue1.doubleverify.com
tracker.samplicio.us
us-u.openx.net
www.dek-d.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www0.dek-d.com
cdn.doubleverify.com
cdnjs.cloudflare.com
csi.gstatic.com
csm.us.criteo.net
imageproxy.us.criteo.net
static.criteo.net
104.244.42.197
104.244.42.3
119.81.192.134
146.75.36.157
149.129.240.178
162.19.138.118
172.217.13.130
172.217.13.166
18.160.46.56
199.91.74.219
2001:4860:4802:36::181
202.183.165.228
23.223.124.41
2600:1400:9000::6875:b612
2600:1f18:4e9:5a05:ece6:9019:be6a:7d62
2600:9000:2199:8c00:a:e047:753:be1
2600:9000:24f3:ae00:19:fc2c:a140:93a1
2606:4700:10::6816:3556
2606:4700:10::6816:3f96
2606:4700:10::ac43:2682
2606:4700::6811:180e
2606:ae80:1451:13::2330
2607:f8b0:4004:c0b::9c
2607:f8b0:4006:816::2002
2607:f8b0:4006:81d::2004
2607:f8b0:4020:804::2001
2607:f8b0:4020:804::2002
2607:f8b0:4020:804::2003
2607:f8b0:4020:804::2008
2607:f8b0:4020:804::200a
2607:f8b0:4020:805::2001
2607:f8b0:4020:805::2002
2607:f8b0:4020:805::2003
2607:f8b0:4020:805::2006
2607:f8b0:4020:805::200d
2607:f8b0:4020:807::2002
2607:f8b0:4020:807::200a
2607:f8b0:4020:807::200e
2620:100:a001::16
2620:100:a001::24
2620:100:a001::3
2620:100:a001::4
2620:100:a001::9
2620:100:a001::c
2620:116:800b:21:1456:d0e1:7db4:a56b
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42::485
3.33.220.150
34.102.146.192
34.117.228.201
34.120.135.53
34.96.70.87
35.169.41.60
35.190.39.111
35.244.159.8
38.98.69.175
52.46.130.91
52.71.141.42
54.236.176.175
74.119.119.139
74.119.119.147
94.74.116.230
0014ffccade01ae1ab385b85433decef0f11f26cbe25721faa0d13bb5c0badda
0295ddc77f39a8537f9d2466efbb80951e7a0c9e91b7ad2f497c45c777208727
0486e179145cb2205451d9848af818372ce09559f692d637e1e3c0f749d0533b
07352e8e40a24035c71b8c75ea0a9e12f21a3062ea3bfbde7e1b1e7c469d308b
0746b21cfaae0aeba1fe18ef923cf659a3d82203c4f9368f6c3c10e82eefcffb
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08f689063e3695a477e132c4e6d270728456c09220ba6cb591f72a526ff65c68
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f27dca136ba3ebfd7fea1244567fbd47672b6846f0db2ceb63a8dc276ce272b
0f61c0b0df63d46075f6c7b82cfdcf833dcee642cfa41b55bbdec201c893359c
10d6219bf4af38477c42a467bfc685709476e042f919c4c83d0da88ffc49fdac
1146303deacd97b785598d354f72931affa9a9b67673b7d36e356d4e0d592dd4
13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2
1412c44a0e7127f2e7a1df157021a23205e7ef502748b497a0d3118082e36795
14497ff909f12144b0a7ba2eec3d8f45b2bcc9bd4f5a71d8e826f8854e0e57c4
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
1518353cee66adbdd1ff472acb8c766004ed3be2dd30bbcb75c7cec20d66831c
157c17c3a50d0926d3244b1af57f17524bf7e386b1a220194f4875010f6ee7b0
1b2260c9ab2d316cf507c37020dc018b6b6c6bf15c1df62eae2f7ba28ae048b8
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c87d2b26de7d55c66037916bbb4cba6c791da0e2adfa378332678ff13e12d9d
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2045d10a89d38e10fa42a5eb8c9aea9387c50d8470eb1791ad1ce88cd47a7733
21a1eeb4803793591661a9037eddfbe00b396720b96f6294f358b501daf95613
226fad356524cba22f57436c9ff980a48dd62c091cf4a98db59dd47d367e5c7f
22df3742333cce866d795d11ba7776da3b2276f009387b0502038ee3392e854c
239d391d471b7db05b7fcf17975cd9a3e0d81bc37ea88593a194e52396562add
245818b22d1ec4892fcb722437e32888e97f63a0316bd22aaf9f44cde01f4c91
251a93a77aba5e4bc08dd84fe9dcd6003f78465fe61ece08892d2576ec592f29
279bf79f4913a093c3931230c64d465ee517c2511be26c0f9296f772d956f399
2a257de7d16cbc56379bbeba00afc1533e9aee044331ef5d618ec6db47ba103c
2ae4a27885823f9d449c6fbf7b850d39d1023e3431b3bfa0179917fe48d33ccf
2b682cb846d14bb05298861383969201f50f3334cd261828d904b198b21a81c3
2c3282f6361e85f669bc3d248b8693c53dd22f8f06488c99beb57258e6e00f87
2c994d9a029a4777e58feeb5e8c0f7c332690bd1a26a9c9ad1c8ad918fb69b27
2f6177f13581c6868fd6417a72f26141dd626ad16c262321433c2fb9f8cd1eae
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3171ff6f844469adc6246bb42aec71eb879440f991a242a14f8815e4499b5dc3
32f031de54d6b52a419efb47cae628e11203dac5a1018b4e2c159c02f5b3a199
39163be1f6f4710c377d069f747fd05ab507f83ae5a9a8d035967b5f465c331f
3afaf38c8717da1e382e2061f474744f7f0c7af0ab63985565d92c50868c561d
3b6f99e759d48081bdde4ea9dbf369866d79664d0367f3d0db674163ea673ed1
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b
3d1838a88c8bb09dfb74722883fa30f9f5c6c0774558f212be89012866df5ca3
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f2343e6cb9cb7d7b75e45aac52e247399eaa000efdc4c54368615f64cf42ef0
431ced6916a2a21a156e38701afe55bbd7f88969fbbfc56d7fe099d47f265460
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
4895c44118a86780663c6e877b78922dda0ddb83051b4b1d22ed786415868af1
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5
49330dbdf50dc3440d871a2408c7ec4fec185d62e419fd9960000cd8eed78950
4d0d12e5475277120412e976b3d2598589026bcd6483b3693a52595b4b4f835a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e33714f51ae27e1b6810a2457f8fba28b24081e380a6189b47d006100892487
4f81f61ccc0fea20fa1d38a17629c8a92c624aac6016c96d67b5ce7e3df76b87
5273764ccd1820d13d57789b0e446201640b35b5fe2b7c5927b72b36a102ecfd
53127b5eb67255608192cc57e208deec0105e76fb9f7fdfa70b16a20220375bd
533a1c9896c2a7dd8111066e3c03868e9aae885116e276678c0d4a3b4da28aa0
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
5606104b0efa0368621f3a7f57c3fa32078786b908484e95a0c996eb9a3b384d
570acae215e1412e694a8ce553b74afaf15de9ac78ed53cf3ee65eef82ffa96f
57b0c884cfc112c78161d9294432e2dce5cdca0b33d78cf206f44450d0533c6f
585c2cc1ee76c4f06f1cf2ac6aedd4d8849eb3f35bce2189c50d5fd46666addb
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5aeb9ed201740481914bc8a07d8e413d2b57c08436da04ed96f145aa3dff2b8c
5e54de80dba0f40336ef0dca07020886660aa79f52dea0d457f90c93e745ca16
5fdce742967bbaa916dae111a269960794a5c26feb779e5d78de2bce5aaa55d7
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
64949f2ff53bfd042f783bbff4bf66f73457cbee715ed477668eb5f71e082d0c
64d9c089881a969d05f8f85a564c6b1ca48ee07924fb08e2f4ef0228bcee8fee
686eec39df089c5c83a467842e31e32b8c67ad032007682958b53723b226aa30
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6aee8b0daa3c0a2e9cb9742646334e8a07c3198fdbcb0a7a258a5a2c6d94eee7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c12af9d8b05e5295d52e51d1ee444ecb115965db404bfa9b5925821ab764b57
6f0a897883d0b1557c12a1628f7cd5ff5452cc3af453be4f3302e06400030765
72284c36183ea197f73db8cf137966443b025970d5ccf0ab8c63b101ecaff4d4
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72797546325e299050f869eb99756cc911118aae93c39b1153e97dcd6ea9219c
775cb13f5b2ca8a252c5a0255d56e331a4df04f8bb32318ad8a5d2d2fb4204a9
7969e8bf9d1bcb1b238fa5ba4cae4a9b42d8b00ea67762ff9ea3290cac213618
7bc501919bfb156f85d8bafd315114a5a8b152eba85ad9be4b6db468220ec175
7d4791d8f5be8203299dd505afc9cc51f27348d7af2d0459415c247d2e013e13
7dd6daa5a054a1bec51a4f5f22f6a0ab4c092a885b7c6b13919f3281519e6e7b
7e0c81da14c45bdc0b8b9555cad9e24a5b1b23f6d31833ff4effd7364676993e
7ecdcd1378b47621bc3956b581c5fced3950dbbfda269bb90009df8b5725116b
83865291be2301606b27df17d8072f760a34ff67d3746bf84f4b2f9abc688192
839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259
8406475cc1152c00a8acfe4c75416ce4fa53acd459bec2c6a4a53dcf16f14c25
8474954136a482e8cf61b398fbb9125ae8a798706d6da3e07e14c106958221fb
8a3ff5c88f5a18e0fe884f65f852799078d509d405420d83013c3967fd4b7229
8a73b7026dcde9b5d3bfea51bfabcaa1b58fadebb10bdb02221d0c1d032e5220
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f0ff75922589a178737511cd0863e8e6ddabd7c317585dd226242700a89cc16
8f4b0434f1e6adf106745a0473ca1478d9cb713cd273f96a9c6574a46e0e9d40
8f69f9d41f3e8759202d4a5f04ff8c8070ea9ec3694139fa355118613db74582
8f7587835530ca3dac74b65d52c7cdb3c0630e4b72820a47b55ce4f129d30322
8ff76b83b34c1ee5d6ce41c7d32dd942fdfdd8a0744a20c4e547f8481feef92a
917a05ec67b62ebc8f6af4de63c04ed65158f60276db0df3597be281454899b6
9313f8c93fc291eb938365e5445cde6f79b5c291a54248f699ef210dcd0ecf41
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ae563edc1340a35b578d82c8c4c90100e25b24636ebea9c61a2a4b3ef58acb5
9c548be9ebff40be49a8f899b9e49783a3e618a71b10ed113e31fb743a51d09d
9f7c364728971894d2b7ac0290f8da5091f7a189b6a935a435a9c61a84df62a8
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1a8e800b1a6f118ce4e88a87ff9829156f64ff8eb6af70921bbd27981b96ecb
a28ff90a243b0ade844a07147f1ee7e04425a1cc6e7cf1c89bfb7e09212b3172
a2c3b3c036cc51c6ff9b2491a547370fc2396aafcb1d84bf2506597e1167c8e8
a2d0761be313fb73a4073118fed6413e841adb113514e6cf68702e9895f27ed6
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
aa33b8559115ea155123c65ec809c358ea0e0acccdcff8bdf642ac7979013008
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad3c8510a4cc866c28d2c8fda0e2e7a1c502dba84f258a9ca944051d33cc3dc6
adffcaa33fbbdf276bdf830cb875e36e8652567361c9333f7a6064d3aa07f74d
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0943439fe18587cb1751f3e7cacf1ce96babe7ef882df7c81f93fdbb74b7cf3
b1bbe65fc113c6a797a4af805193180bb0b3fcfc814b4a6002edad852f36b760
b4edc9a9957f33efebc52edb7315b06e6d0fffbd2bb39e90038fcea9f2c871eb
b7315bf7a32244460de7e75c93b7f0b63b6dd134a21ba7ad426d818c4c4b123a
b804b86024f8d2514ef41bc3cf8a9fadb0f76e43d7d7650cc3e5d580dcf49f96
b818975ee4dd0d949c24b0c89dae1332f9540a3f8d4ba5179441eedc86546015
b8300f24c021918757e172f73c7baf91ec41385167a63c13c05a12352baa1fab
b9d9c248d1c87f59c7f19b198c5ed7310a4bfd0f57759dd87d649b00ec9fdb5b
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
ba5f3ea40e95f49bce11942f375ebd3882eb837976eda5c0cb78b9b99ca7b485
ba9f43fbd9c0782c72ff6eddd221abdcfd9642cd4625227ad693347e4d6989db
bc5875363bcc9b7297266a1847c3785d42615c8c87e1e68534bff3908bc0d479
bd826dcb22621c1c9ad788177fcae72f3ec4bdf7309c88e65858b43076e00d4c
c08f29509210b6406ddc42924607d4b57d6c16a67110e1ac1c33eded0ca528a3
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf
c6125d394ff2c9e6d541bc3d5dc17cba5a207fa9cddaad3d07c5e82aa193aef6
c6bdd002d23dcb0adbd87e3518bdd994de73818a0f0f502707986301b9fbc404
c74d4c8be63fda641c0e0255ad3c7416862f17e31442a1a0ddd7645bc2d69d3c
c77b0be9295b67ebc3f1c502c5ac19d16146f6944a589571e3614d001fcd6f66
c8ff405b1b0c5cb75cc666047001e1d83b965cf15de1ea7abc62d64a2e9205f4
cedae759c5a7a3f4e86d26f5fe797c7981d96c0d213d4320af1388952c95edbf
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
cfbfa7526b83268be12afbfc7fb9823a0245e6d16e763727d38381caa58d25eb
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0f9ab04988366fa701201955657ef3fa15f06b534783d344a1eb85a5fff8f13
d1ce840d512e3b00e4b499e6297e2dddda558f0cdc14f5eaa764f122652640b7
d37135b28f0162246e9bedc9e84727eb880969af4c2fc1eaac00a325d618c987
d557733d9f3a6357a746803a95623b759188066234c09fc197989ab9297dffda
d61904a4fe4faad3b765353e72b7e5007ab51e5990b79ace7a7f395af198bf85
d7c8504158d89bf76f740a10b0c8a552d7c22ab68dc1f2d9496b60e44918aaf5
dc34cb9fe29ed790804ac34794be5b3ba18f30322779464b4dd92289372797fe
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df7c6c4f734bf6710c763736e7e21a718dbe9ff63b03e12c86c650e7a271d31e
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7
e25eb55114097d6c0c5e875ead57fb8a80cf600e1f711fa1ead280bf1066a1e6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6ff0e015af83e153abfc1233eaa0133d93ae5e24ec088fdda929a6d36318186
e90f06f1927a9b7a87d6c29ccc9bdf08a8e7f4479393d42a7b1d1e8cf8875923
ea09151ba8f4ebb3eef9f73b27cc79aa4f8a2833b83ede406cee90f3da7f9226
eaef5a867299e6c32cd6115f3ecec0dc1bc1e3fd806ada39631ec1aa889fd266
ed3307c62c0d78bf73af142b4c660e3257374d97385b2f50b28b1003a5c00513
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef57e1db69b1e14847d51d81379972bc3789ab7ec281f50b1f7807b66905528a
f04585061f05cab08f8a070d1ce003a9837a5ade3d429188828555ef5ae066d8
f191536821e73c14b5d46ae722b8c0acadd4db28476a0b4cf53c6bd78b344682
f1cf830e9a1966dd251ea8ecebf821444aeb74ab4545b525244fe6e2c0b9b6e9
f2f15f011c683d63b4703dd8847509e69471af5ef29fc443db3958eee809cba7
f3bd93baf2d7ea7fe404497a78897e9300a56e1ef8e452cdd29c0156b2ff3aa5
f76723546bbac5db730ae4b659672608f5ad1716a609858a43735823636d6ebe
f8fe0afaef5b29024217e93d234b1144b6b0562918782c90041c40d77cc28537
fb7848c0a95bc63ea5042649ba9718b8c81342b46cbc1120f17ae8805b92592f
fc4e70c63b0610ca61745f2bc1a27a3f3f9cacd73499033f973c2e9be2964461
fcd4625516cb3f0a9c5059428b98aa92b3c464c256b67860eaeaee247f48e585
fd1d01b77062907cd4a48ce5c1c6e6808904ecea05e2e926a607a80a882e6be9
fd36c02b9651e5ed705ddfa3a4d659d6899986e3abb1f8da162947112b67b52f
fed2b266d7be58e5abd969c4c56880bad330d7dac9b2f147c8bd8cce7c45844a
ff3c1cb3424337f7ff8c94c1ab52511d1816611396da57228508fbeb304ba342

www.dek-d.com Open in urlscan Pro 94.74.116.230 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

285 Requests

87 %HTTPS

57 %IPv6

42 Domains

76 Subdomains

60 IPs

7 Countries

4907 kBTransfer

11013 kBSize

51 Cookies

32 Outgoing links

Redirected requests

285 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.dek-d.com Open in urlscan Pro
94.74.116.230 Public Scan

Screenshot
Live screenshot

Full Image

285
Requests

87 %
HTTPS

57 %
IPv6

42
Domains

76
Subdomains

60
IPs

7
Countries

4907 kB
Transfer

11013 kB
Size

51
Cookies

285 HTTP transactions
5 data transactions