ahm11xtr.pics Open in urlscan Pro
2606:4700:3033::6815:25af  Public Scan

10 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 194

• https://gum.criteo.com/sid/json?origin=publishertag&domain=ahm11xtr.pics&sn=ChromeSyncframe&so=0&topUrl=ahm11xtr.pics&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
• https://mug.criteo.com/sid?cpp=zMQvYXxoU1ZybHpJZXBGNWQ4Rkl2UUh2T2R4S3h2RS9qWE5MdkZ3cTdHY0U3cjMrOVJPUld2c09VUDU3NFhmQ09rZGtIdnV3dGRxaGE1MTE1a2ZSODl5WnMxakozRWNTTm5JMTFZd1lhT3diR3JsRHZmNVNnaFNibjIrZFFJaFd3S3FOdmlzWFVNckdHcjVpZDkyazIrZXoyQ1IzU1dkN3pTL0lXWjVvUml0WTNPRUlQVjZWU0txT0pQdWtzUGxEa2orOU9LMlhGb2ZqSytiUkdwditudzVPUy9RTWtlcVpDYzhZZVZkNjlIU3JRL25kT2h1dHYrWVllekc0L2tYZjZ6RFZTZGx1MVdQYUh5bGFaT1NDZXFPNC9UcEtPTlYvN0hvdWF1RzZmdmlmRGtjRT18&cppv=2

Request Chain 199

• https://sync.logly.co.jp/sync/sync.gif?ssp_id=1013&jid=srn:smooothieapi:usercard:juicer:f00521c4-642f-4245-aec7-c78253f5c0a3 HTTP 302
• https://juicer-lift.s3-ap-northeast-1.amazonaws.com/px.gif?jid=srn:smooothieapi:usercard:juicer:f00521c4-642f-4245-aec7-c78253f5c0a3&uid=gdYpqJxGm0YdDHR9LDPn5JWQyyc

Request Chain 200

• https://pixel.tapad.com/idsync/ex/receive?partner_id=2798&partner_device_id=f00521c4-642f-4245-aec7-c78253f5c0a3 HTTP 302
• https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2798&partner_device_id=f00521c4-642f-4245-aec7-c78253f5c0a3 HTTP 302
• https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=8a8bb773-4c5a-4f4f-a5e8-5c2650773812%252C%252C&gdpr=0&gdpr_consent= HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=8a8bb773-4c5a-4f4f-a5e8-5c2650773812%252C%252C&gdpr=0&gdpr_consent= HTTP 302
• https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=d3d8929a-69f5-47ad-ad55-5d359b3f6745&ttd_puid=8a8bb773-4c5a-4f4f-a5e8-5c2650773812%2C%2C

Request Chain 215

• https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
• https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 216

• https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fahm11xtr.pics%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
• https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fahm11xtr.pics%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 219

• https://match.adsrvr.org/track/cmf/casale HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=d3d8929a-69f5-47ad-ad55-5d359b3f6745&expiration=1699627136&gdpr=0&gdpr_consent=

Request Chain 220

• https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZSazf7HEqEcgfi2lqFVemQAABZAAAAIB&gpp=&gpp_sid= HTTP 302
• https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZSazf7HEqEcgfi2lqFVemQAABZAAAAIB&gpp=&gpp_sid=&dcc=t

Request Chain 221

• https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZSazf7HEqEcgfi2lqFVemQAABZAAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHVl_JSOQAT5r2o_TZRQNIg&google_cver=1

Request Chain 222

• https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZSazf7HEqEcgfi2lqFVemQAA HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDdOyak4aX66bFOyiR30XPM&google_cver=1

Request Chain 223

• https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
• https://casale-match.dotomi.com/match/bounce/current?DotomiTest=33abe79e7453138a&is_secure=true&networkId=19998&version=1 HTTP 302
• https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAGKn8ZTOCZRgN7rRo2AAAAAAA&expiration=1697121536&is_secure=true

Request Chain 225

• https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=969188720337740503

Request Chain 229

• https://token.rubiconproject.com/token?pid=36584 HTTP 302
• https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LNLUWF48-24-CBD8

Request Chain 230

• https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
• https://pr-bh.ybp.yahoo.com/sync/rubicon/E-G93cM6qtqWApPzixY9_Mn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-k8UYIOZE2oJR3UCFUlYj9GAULxFSbRZWUC5ffg--~A

Request Chain 231

• https://match.adsrvr.org/track/cmf/rubicon HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=d3d8929a-69f5-47ad-ad55-5d359b3f6745&gdpr=0&gdpr_consent=&expires=30

Request Chain 232

• https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDM4N2Y0MGUyN2EzYmMyY2VmOWZlNGU4NzI3MDI0MzIwZjJhNjQzZQ

Request Chain 233

• https://token.rubiconproject.com/token?pid=25470 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE5MVVdGNDgtMjQtQ0JEOA== HTTP 302
• https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEImCI2S1Uv9CY7kIhIm81P0&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5MVVdGNDgtMjQtQ0JEOA==&google_push=

Request Chain 234

• https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
• https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=eDF7OLnERlOmi6ZFXyKWAA&rk=usync-na HTTP 302
• https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=eDF7OLnERlOmi6ZFXyKWAA

Request Chain 236

• https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIBEhjV7Q0GPFcevfNc0lYM&google_cver=1

Request Chain 237

• https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
• https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
• https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACoUk7KTWcAABmaiqJHCA&expires=30

Request Chain 238

• https://token.rubiconproject.com/token?pid=26594 HTTP 302
• https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LNLUWF48-24-CBD8&redir=true HTTP 302
• https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LNLUWF48-24-CBD8&redir=true HTTP 302
• https://hb.yahoo.net/cksync?cs=63&axid_e=eS00aENPMEJGRTJ1RUxNR1pSeFV0U2tRYl9EdlFpYlpOc35B&ovsid=LNLUWF48-24-CBD8&dpid=58160

Request Chain 239

• https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
• https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LNLUWF48-24-CBD8

Request Chain 240

• https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
• https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LNLUWF48-24-CBD8 HTTP 301
• https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LNLUWF48-24-CBD8 HTTP 302
• https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LNLUWF48-24-CBD8&ckls=true&ci=lkJJ3XXIKr&nc=false&trid=-585769437

Request Chain 241

• https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=0a0fcb97-c6e9-4bc9-a110-d62ebf4bfb41&expires=30

Request Chain 242

• https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
• https://prebid.a-mo.net/setuid/magnite?uid=LNLUWF48-24-CBD8

Request Chain 243

• https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
• https://ce.lijit.com/merge?pid=80&3pid=LNLUWF48-24-CBD8 HTTP 302
• https://ce.lijit.com/merge?pid=80&3pid=LNLUWF48-24-CBD8&dnr=1

Request Chain 244

• https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
• https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LNLUWF48-24-CBD8

230 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
16 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response ahm11xtr.pics/	175 KB 25 KB	1292ms 1223ms	Document text/html	2606:4700:3033::6815:25af CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ahm11xtr.pics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:25af , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e5cbb5b11bed15a7f3c57affd9dbee18c8c5c0649880f06794568deb47c8b6f1 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language en-US,en;q=0.9 Response headers access-control-allow-origin * alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8147d94e3fe9c325-EWR content-encoding br content-type text/html; charset=UTF-8 date Wed, 11 Oct 2023 14:38:49 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EXssEE0EyFRVCsPVXkjqVtibzh1LLJTt8eevS%2B8ZvS%2FFclujPo%2FboDX5a%2FLsnXpexYPCkRheouO9YfYSjUFhZ1lFSOKloK6qB%2Bbt6oxSfbT%2BjNlTPl0kLonvLf5NzHDSxGOXxToC0F%2BMqQIP"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	logo.svg bravo-m.ismcdn.jp/common/images/icons/	13 KB 10 KB	86ms 10ms	Image image/svg+xml	23.40.179.8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://bravo-m.ismcdn.jp/common/images/icons/logo.svg Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.40.179.8 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-40-179-8.deploy.static.akamaitechnologies.com Software / Resource Hash 3e3d406b3427a99d78dcf63fa1d55a0bd832620b02f9a3e427356460b198fbc8 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-cache-ttl 900.000 date Wed, 11 Oct 2023 14:38:49 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Thu, 01 Apr 2021 02:38:22 GMT vary Accept-Encoding content-type image/svg+xml cache-control max-age=1587535 accept-ranges bytes content-length 10005 expires Sun, 29 Oct 2023 23:37:44 GMT
GET H2	200	shared.css bravo-m.ismcdn.jp/resources/bravo-m/css/pc/shared/	19 KB 4 KB	84ms 8ms	Stylesheet text/css	23.40.179.8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://bravo-m.ismcdn.jp/resources/bravo-m/css/pc/shared/shared.css?rd=202309261846 Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.40.179.8 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-40-179-8.deploy.static.akamaitechnologies.com Software / Resource Hash e4fc5e6306e73720b79085bea3093b0765e3d14cae21bae2c687816aafeec151 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-cache-ttl 7200.000 date Wed, 11 Oct 2023 14:38:49 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000 last-modified Thu, 03 Aug 2023 00:11:11 GMT x-frame-options SAMEORIGIN vary Accept-Encoding content-type text/css; charset=utf-8 cache-control max-age=37828 accept-ranges bytes content-length 4263 x-xss-protection 1; mode=block x-request-id cba7bac4-88b2-4557-9ef6-b69b814d34a1
GET H2	200	leafs.css bravo-m.ismcdn.jp/resources/bravo-m/css/pc/pages/	24 KB 5 KB	88ms 13ms	Stylesheet text/css	23.40.179.8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://bravo-m.ismcdn.jp/resources/bravo-m/css/pc/pages/leafs.css?rd=202309261846 Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.40.179.8 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-40-179-8.deploy.static.akamaitechnologies.com Software / Resource Hash ed0e083102350ca67f46afd29329c2be6994ad11e62e44e491e22f12fea9bd39 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-cache-ttl 7200.000 date Wed, 11 Oct 2023 14:38:49 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000 last-modified Tue, 26 Sep 2023 09:46:44 GMT x-frame-options SAMEORIGIN vary Accept-Encoding content-type text/css; charset=utf-8 cache-control max-age=37854 accept-ranges bytes content-length 4517 x-xss-protection 1; mode=block x-request-id 1f621be4-4b1c-4dac-9ad0-5198b1a9de51
GET H2	200	12162_bravo.js Show response ads.rubiconproject.com/prebid/	377 KB 118 KB	71ms 32ms	Script text/javascript	23.1.200.83 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.rubiconproject.com/prebid/12162_bravo.js Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.1.200.83 Edison, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-1-200-83.deploy.static.akamaitechnologies.com Software Apache/2.4.37 (rocky) OpenSSL/1.1.1k / Resource Hash 85a2eadf71eb38663b33593605ab2c3766b66fd7df265dcb165e19811dc196c3 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 14:38:49 GMT content-encoding gzip last-modified Tue, 10 Oct 2023 20:27:25 GMT server Apache/2.4.37 (rocky) OpenSSL/1.1.1k vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * access-control-allow-credentials true content-length 120302 expires Wed, 11 Oct 2023 15:45:56 GMT
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	143 KB 50 KB	438ms 74ms	Script text/javascript	172.217.13.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s05-in-f2.1e100.net Software cafe / Resource Hash 79f32cfa99005417e2a835c55b3df3ef3db35f807fb7896ab798def06b852bcb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 14:38:49 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 50808 x-xss-protection 0 server cafe etag 10252599022623125759 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Wed, 11 Oct 2023 14:38:49 GMT
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	97 KB 29 KB	409ms 49ms	Script text/javascript	172.217.13.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul03s05-in-f2.1e100.net Software cafe / Resource Hash cc5e6194891f0f205471d9ca30e2bc7c547ded8144451dc6c62be02e03c6b510 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 14:38:49 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29433 x-xss-protection 0 server cafe etag 363 / 19641 / 31078708 / config-hash: 3746309934444855557 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Wed, 11 Oct 2023 14:38:49 GMT
GET H2	200	chartbeat_mab.js Show response static.chartbeat.com/js/	23 KB 10 KB	411ms 18ms	Script application/x-javascript	108.156.173.236 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.chartbeat.com/js/chartbeat_mab.js Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.156.173.236 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-156-173-236.cmh68.r.cloudfront.net Software nginx / Resource Hash cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 16:55:10 GMT content-encoding gzip via 1.1 c2b321e4bf2baad609809abdec469ff6.cloudfront.net (CloudFront) last-modified Wed, 28 Jun 2023 00:37:14 GMT server nginx x-amz-cf-pop CMH68-P1 age 78219 etag W/"649b80ba-5df1" vary Accept-Encoding x-cache Hit from cloudfront content-type application/x-javascript cache-control max-age=86400 cross-origin-resource-policy cross-origin x-amz-cf-id vcddeSbs90IiqJHytx2bAZLnjw19YYpqfqj31VgYoPOQq882AMJ8yA== expires Wed, 11 Oct 2023 16:55:10 GMT
GET H2	200	/ Show response kitchen.juicer.cc/	1 KB 903 B	626ms 181ms	Script application/x-javascript	35.76.81.157 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://kitchen.juicer.cc/?color=DfUBG/9gaEA= Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.76.81.157 Tokyo, Japan, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-76-81-157.ap-northeast-1.compute.amazonaws.com Software Apache/2.4.57 () OpenSSL/1.0.2k-fips / Resource Hash e4bad3d4594b7342fc439e89c989cd83c8f75bcaecc00f95ca78fd42aa7aaede Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 14:38:49 GMT strict-transport-security max-age=31536000 content-encoding gzip server Apache/2.4.57 () OpenSSL/1.0.2k-fips vary accept-encoding content-type application/x-javascript;charset=utf-8 access-control-allow-origin * content-language en-US cache-control max-age=7200 x-robots-tag noindex, nofollow expires Wed Oct 11 16:38:49 UTC 2023
GET H2	200	fb-g.svg bravo-m.ismcdn.jp/common/bravo-m/images/	329 B 469 B	63ms 56ms	Image image/svg+xml	23.40.179.8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://bravo-m.ismcdn.jp/common/bravo-m/images/fb-g.svg Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.40.179.8 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-40-179-8.deploy.static.akamaitechnologies.com Software / Resource Hash 373ef372dd7ff416b232efbe1ce06f6397fe7b8fac997a9167055b5a42b86764 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-cache-ttl 900.000 date Wed, 11 Oct 2023 14:38:49 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Mon, 15 Feb 2021 12:38:23 GMT vary Accept-Encoding content-type image/svg+xml cache-control max-age=2565871 accept-ranges bytes content-length 281 expires Fri, 10 Nov 2023 07:23:20 GMT
GET H2	200	tw-g.svg bravo-m.ismcdn.jp/common/bravo-m/images/	599 B 564 B	18ms 11ms	Image image/svg+xml	23.40.179.8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://bravo-m.ismcdn.jp/common/bravo-m/images/tw-g.svg Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.40.179.8 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-40-179-8.deploy.static.akamaitechnologies.com Software / Resource Hash af006a5352ba9739e60b4cd6d5b2e35f23d6f3e5c111946308badc55ee16828d Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-cache-ttl 900.000 date Wed, 11 Oct 2023 14:38:49 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Mon, 15 Feb 2021 12:38:23 GMT vary Accept-Encoding content-type image/svg+xml cache-control max-age=2589197 accept-ranges bytes content-length 375 expires Fri, 10 Nov 2023 13:52:06 GMT
GET H2	200	insta-g.svg bravo-m.ismcdn.jp/common/bravo-m/images/	940 B 715 B	20ms 13ms	Image image/svg+xml	23.40.179.8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://bravo-m.ismcdn.jp/common/bravo-m/images/insta-g.svg Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.40.179.8 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-40-179-8.deploy.static.akamaitechnologies.com Software / Resource Hash 59106d12574844a345283e4835b9e553770cd2a1033bca26add0bce6510fb052 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-cache-ttl 900.000 date Wed, 11 Oct 2023 14:38:49 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Mon, 15 Feb 2021 12:38:23 GMT vary Accept-Encoding content-type image/svg+xml cache-control max-age=2030588 accept-ranges bytes content-length 526 expires Sat, 04 Nov 2023 02:41:57 GMT
GET H2	200	search-w.svg bravo-m.ismcdn.jp/common/bravo-m/images/	341 B 462 B	20ms 14ms	Image image/svg+xml	23.40.179.8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://bravo-m.ismcdn.jp/common/bravo-m/images/search-w.svg Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.40.179.8 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-40-179-8.deploy.static.akamaitechnologies.com Software / Resource Hash 8db52fdea2f514df3abf434dae05727dfe8d3740e49072dc654546506e772f6b Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-cache-ttl 900.000 date Wed, 11 Oct 2023 14:38:49 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Mon, 15 Feb 2021 12:38:23 GMT vary Accept-Encoding content-type image/svg+xml cache-control max-age=1108576 accept-ranges bytes content-length 273 expires Tue, 24 Oct 2023 10:35:05 GMT
GET H2	200	ico_close.svg bravo-m.ismcdn.jp/common/bravo-m/images/	669 B 622 B	21ms 14ms	Image image/svg+xml	23.40.179.8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://bravo-m.ismcdn.jp/common/bravo-m/images/ico_close.svg Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.40.179.8 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-40-179-8.deploy.static.akamaitechnologies.com Software / Resource Hash 2046881e89dff423f24cae2d512804b147f2ced339932fd0bda7113c8dd9eced Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-cache-ttl 900.000 date Wed, 11 Oct 2023 14:38:49 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Fri, 19 Mar 2021 03:55:51 GMT vary Accept-Encoding content-type image/svg+xml cache-control max-age=2238221 accept-ranges bytes content-length 433 expires Mon, 06 Nov 2023 12:22:30 GMT
GET H2	200	menu-w.svg bravo-m.ismcdn.jp/common/bravo-m/images/	273 B 424 B	18ms 12ms	Image image/svg+xml	23.40.179.8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://bravo-m.ismcdn.jp/common/bravo-m/images/menu-w.svg Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.40.179.8 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-40-179-8.deploy.static.akamaitechnologies.com Software / Resource Hash 4992623bfc6836353138e2b458636e76a8862c24c8d0fe38361d82ad0c9508e7 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-cache-ttl 900.000 date Wed, 11 Oct 2023 14:38:49 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Mon, 15 Feb 2021 12:38:23 GMT vary Accept-Encoding content-type image/svg+xml cache-control max-age=1225558 accept-ranges bytes content-length 235 expires Wed, 25 Oct 2023 19:04:47 GMT
GET H2	200	1x1.gif bravo-m.ismcdn.jp/common/bravo-m/images/	43 B 219 B	34ms 28ms	Image image/gif	23.40.179.8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://bravo-m.ismcdn.jp/common/bravo-m/images/1x1.gif Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.40.179.8 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-40-179-8.deploy.static.akamaitechnologies.com Software Akamai Image Manager / Resource Hash b1efbaeb8c5ce34e2c6a6492d7aad07daeadfe3e2b4f2360a12bbd756ec23067 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 14:38:49 GMT strict-transport-security max-age=31536000 last-modified Wed, 08 Sep 2021 06:07:52 GMT server Akamai Image Manager content-type image/gif cache-control private, no-transform, max-age=1826659 content-length 43 expires Wed, 01 Nov 2023 18:03:08 GMT
GET H2	200	img_c66d8855c8bd374751d3381561d39238267381.jpg bravo-m.ismcdn.jp/mwimgs/c/6/-/	145 KB 146 KB	30ms 25ms	Image image/avif	23.40.179.8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://bravo-m.ismcdn.jp/mwimgs/c/6/-/img_c66d8855c8bd374751d3381561d39238267381.jpg Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.40.179.8 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-40-179-8.deploy.static.akamaitechnologies.com Software Akamai Image Manager / Resource Hash fc1a36df183b74ae9bd6f966b131ea0e5f69c2f134c7191ffd25a8a81575fdf9 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 14:38:49 GMT strict-transport-security max-age=31536000 x-check-cacheable YES x-serial 858 server Akamai Image Manager last-modified Mon, 02 Oct 2023 03:10:09 GMT content-type image/avif cache-control private, no-transform, max-age=1773090 content-length 148774 expires Wed, 01 Nov 2023 03:10:19 GMT
GET H2	200	img_4409818b4e433bcd8f148221a8500fbe238047.jpg bravo-m.ismcdn.jp/mwimgs/4/4/-/	134 KB 134 KB	66ms 63ms	Image image/avif	23.40.179.8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://bravo-m.ismcdn.jp/mwimgs/4/4/-/img_4409818b4e433bcd8f148221a8500fbe238047.jpg Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.40.179.8 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-40-179-8.deploy.static.akamaitechnologies.com Software Akamai Image Manager / Resource Hash f74833d7d6275a561e73863a007e091775c4cde45b25b9c56cfee421317aa446 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 14:38:49 GMT strict-transport-security max-age=31536000 last-modified Thu, 04 May 2023 23:34:58 GMT server Akamai Image Manager content-type image/avif cache-control private, no-transform, max-age=1773108 content-length 136722 expires Wed, 01 Nov 2023 03:10:37 GMT
GET H2	200	arrow-g.svg bravo-m.ismcdn.jp/common/bravo-m/images/	272 B 426 B	18ms 15ms	Image image/svg+xml	23.40.179.8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://bravo-m.ismcdn.jp/common/bravo-m/images/arrow-g.svg Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.40.179.8 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-40-179-8.deploy.static.akamaitechnologies.com Software / Resource Hash d4bdecf04f2c9314696c2f2f74ab3438b5670396cc05ffaf27b5d04859fd19ac Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-cache-ttl 900.000 date Wed, 11 Oct 2023 14:38:49 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Mon, 15 Feb 2021 12:38:23 GMT vary Accept-Encoding content-type image/svg+xml cache-control max-age=635414 accept-ranges bytes content-length 237 expires Wed, 18 Oct 2023 23:09:03 GMT
GET H2	200	fb-w.svg bravo-m.ismcdn.jp/common/bravo-m/images/	326 B 467 B	18ms 16ms	Image image/svg+xml	23.40.179.8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://bravo-m.ismcdn.jp/common/bravo-m/images/fb-w.svg Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.40.179.8 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-40-179-8.deploy.static.akamaitechnologies.com Software / Resource Hash 960eb62509087c8348b640e00bc6253a0c322470eaf644d8fb91f6660d9533ec Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-cache-ttl 900.000 date Wed, 11 Oct 2023 14:38:49 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Mon, 15 Feb 2021 12:38:23 GMT vary Accept-Encoding content-type image/svg+xml cache-control max-age=1600288 accept-ranges bytes content-length 278 expires Mon, 30 Oct 2023 03:10:17 GMT
GET H2	200	tw-w.svg bravo-m.ismcdn.jp/common/bravo-m/images/	596 B 560 B	18ms 16ms	Image image/svg+xml	23.40.179.8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://bravo-m.ismcdn.jp/common/bravo-m/images/tw-w.svg Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.40.179.8 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-40-179-8.deploy.static.akamaitechnologies.com Software / Resource Hash 03091625cb324d9b6f25c11e6c1b4852931a59cc6a01e9842609119c00c26739 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-cache-ttl 900.000 date Wed, 11 Oct 2023 14:38:49 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Mon, 15 Feb 2021 12:38:23 GMT vary Accept-Encoding content-type image/svg+xml cache-control max-age=942421 accept-ranges bytes content-length 372 expires Sun, 22 Oct 2023 12:25:50 GMT
GET H2	200	line-w.svg bravo-m.ismcdn.jp/common/bravo-m/images/	1 KB 729 B	19ms 17ms	Image image/svg+xml	23.40.179.8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://bravo-m.ismcdn.jp/common/bravo-m/images/line-w.svg Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.40.179.8 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-40-179-8.deploy.static.akamaitechnologies.com Software / Resource Hash 617a8c03bc199718a77329e9fcf0504ab56497479b9e10dc30e0e14c98a4bfdc Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-cache-ttl 900.000 date Wed, 11 Oct 2023 14:38:49 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Mon, 15 Feb 2021 12:38:23 GMT vary Accept-Encoding content-type image/svg+xml cache-control max-age=1138577 accept-ranges bytes content-length 540 expires Tue, 24 Oct 2023 18:55:06 GMT
GET H2	200	chartbeat.js Show response static.chartbeat.com/js/	37 KB 15 KB	409ms 22ms	Script application/x-javascript	108.156.173.236 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.chartbeat.com/js/chartbeat.js Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.156.173.236 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-156-173-236.cmh68.r.cloudfront.net Software nginx / Resource Hash 2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 16:47:39 GMT content-encoding gzip via 1.1 c2b321e4bf2baad609809abdec469ff6.cloudfront.net (CloudFront) last-modified Wed, 09 Aug 2023 00:45:38 GMT server nginx x-amz-cf-pop CMH68-P1 age 78670 etag W/"64d2e1b2-94a1" vary Accept-Encoding x-cache Hit from cloudfront content-type application/x-javascript cache-control max-age=86400 cross-origin-resource-policy cross-origin x-amz-cf-id vmNqQ36Mpi8iHSs77xYBMIeNQ8RmUY5t6CvGFSKiQ0YioU48TtvmcA== expires Wed, 11 Oct 2023 16:47:39 GMT
GET H2	200	search-b.svg bravo-m.ismcdn.jp/common/bravo-m/images/	281 B 422 B	13ms 12ms	Image image/svg+xml	23.40.179.8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://bravo-m.ismcdn.jp/common/bravo-m/images/search-b.svg Requested by Host: bravo-m.ismcdn.jp URL: https://bravo-m.ismcdn.jp/resources/bravo-m/css/pc/shared/shared.css?rd=202309261846 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.40.179.8 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-40-179-8.deploy.static.akamaitechnologies.com Software / Resource Hash 9d991d673745ab5dd75c3ca86a7aac7a7b998d5e8d009c67732fa7bea0bb82bf Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://bravo-m.ismcdn.jp/resources/bravo-m/css/pc/shared/shared.css?rd=202309261846 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-cache-ttl 900.000 date Wed, 11 Oct 2023 14:38:49 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Mon, 15 Feb 2021 12:38:23 GMT vary Accept-Encoding content-type image/svg+xml cache-control max-age=1775599 accept-ranges bytes content-length 233 expires Wed, 01 Nov 2023 03:52:08 GMT
GET H2	200	latest.json Show response cdn.jsdelivr.net/gh/prebid/currency-file@1/	2 KB 1 KB	342ms 3ms	Fetch application/json	151.101.1.229 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231011 Requested by Host: ads.rubiconproject.com URL: https://ads.rubiconproject.com/prebid/12162_bravo.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.229 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 22ca529eb465b28396abb8e473e8ac6d14193e18d2e9c113bcadb9fe57695c5e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://ahm11xtr.pics/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 content-type text/plain Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Wed, 11 Oct 2023 14:38:50 GMT x-content-type-options nosniff content-encoding br age 38277 x-jsd-version 1.0.1839 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 743 x-served-by cache-fra-eddf8230103-FRA, cache-lga21923-LGA x-jsd-version-type version etag W/"63c-cKEiOfaXeLTwodMZbiSJfCGxy1Y" vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 accept-ranges bytes timing-allow-origin *
GET H2	200	/ Show response mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/	183 B 507 B	403ms 18ms	XHR application/json	151.101.66.202 FASTLY
General Check archive.org Show headers Download Go to Full URL https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=bravo-m.futabanet.jp&domain=ahm11xtr.pics&path=%2Farticles%2F-%2F123786 Requested by Host: static.chartbeat.com URL: https://static.chartbeat.com/js/chartbeat_mab.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.66.202 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 4afa709ef4cf3f509aeb24dd1b059b042a732c18d308cbb1af914bb518637242 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-cache-hits 0 date Wed, 11 Oct 2023 14:38:50 GMT content-encoding gzip via 1.1 varnish (Varnish/6.0), 1.1 varnish age 0 x-cache MISS cross-origin-resource-policy cross-origin content-length 154 x-served-by cache-lga21962-LGA x-timer S1697035130.218770,VS0,VE15 vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding content-type application/json access-control-allow-origin * cache-control no-store, no-cache, must-revalidate, max-age=0, s-maxage=0 accept-ranges bytes expires Mon, 09 Oct 2023 14:38:50 GMT
GET H2	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/	420 KB 132 KB	32ms 32ms	Script text/javascript	172.217.13.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul03s05-in-f2.1e100.net Software cafe / Resource Hash 2c1e314bd40a5d53a2e657710b9a41778f2e105084dd41fb2305dc008d5bffd2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 21:49:08 GMT content-encoding br x-content-type-options nosniff age 60581 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 134705 x-xss-protection 0 server cafe etag 4581834702576728701 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Wed, 09 Oct 2024 21:49:08 GMT
GET H2	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	35 B 581 B	406ms 47ms	XHR application/json	172.217.13.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ahm11xtr.pics Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul03s05-in-f2.1e100.net Software cafe / Resource Hash d3a18e798e9f07a505f017cab07d92faf488370a0a9ed91037158a906c501f44 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 14:38:50 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 39 x-xss-protection 0 expires Wed, 11 Oct 2023 14:38:50 GMT
GET H2	200	show_ads_impl_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/	389 KB 132 KB	180ms 179ms	Script text/javascript	172.217.13.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s05-in-f2.1e100.net Software cafe / Resource Hash da32307abc3d8014fbf7c8e4ece7e8180303ba1146a8075e25cd7007c9da7747 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 14:38:50 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 135121 x-xss-protection 0 server cafe etag 2094094206791034678 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Wed, 11 Oct 2023 14:38:50 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/ Frame 11F4	10 KB 5 KB	538ms 15ms	Document text/html	172.217.13.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f2.1e100.net Software cafe / Resource Hash 041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ahm11xtr.pics/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language en-US,en;q=0.9 Response headers age 2606 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4471 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Wed, 11 Oct 2023 13:55:24 GMT etag 2603938475786422795 expires Wed, 25 Oct 2023 13:55:24 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
POST H2	204	cdb Show response bidder.criteo.com/	0 192 B	414ms 30ms	Fetch	74.119.119.129 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.17.0&cb=51738505406&lsavail=1 Requested by Host: ads.rubiconproject.com URL: https://ads.rubiconproject.com/prebid/12162_bravo.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.119.119.129 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS bidder.va1.vip.prod.criteo.com Software Kestrel / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://ahm11xtr.pics/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 content-type text/plain Response headers access-control-allow-origin https://ahm11xtr.pics date Wed, 11 Oct 2023 14:38:50 GMT strict-transport-security max-age=31536000; preload; access-control-allow-credentials true cross-origin-resource-policy cross-origin server Kestrel vary Origin
GET H2	200	fastlane.json Show response fastlane.rubiconproject.com/a/api/	2 KB 4 KB	517ms 117ms	Fetch application/json	8.43.72.32 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23790&site_id=411664&zone_id=2314964%3B2314966%3B2314968%3B2314970%3B2314972%3B2314974%3B2314976%3B2314978%3B2314980%3B2314982&size_id=57%3B15%3B15%3B15%3B15%3B15%3B15%3B15%3B15%3B15&alt_size_ids=%3B16%3B10%3B10%3B10%3B16%2C221%3B16%2C221%3B16%2C221%3B16%2C221%3B16%2C221&rf=https%3A%2F%2Fahm11xtr.pics%2F&kw=%E3%83%88%E3%83%AC%E3%83%83%E3%82%AD%E3%83%B3%E3%82%B0%2C%E3%83%8F%E3%82%A4%E3%82%AD%E3%83%B3%E3%82%B0%2C%E7%B8%A6%E8%B5%B0&tg_i.domain=ahm11xtr.pics&tg_i.page=https%3A%2F%2Fahm11xtr.pics%2F&tg_i.aupname=%2F21694577035%2Fbravo-m%2Fbravo-m_pc_billboard%26div-gpt-ad-bravo-m-pc-billboard%3B%2F21694577035%2Fbravo-m%2Fbravo-m_pc_article_rect%26div-gpt-ad-bravo-m-pc-article-rect%3B%2F21694577035%2Fbravo-m%2Fbravo-m_pc_1st_rect%26div-gpt-ad-bravo-m-pc-1st-rect%3B%2F21694577035%2Fbravo-m%2Fbravo-m_pc_2nd_rect%26div-gpt-ad-bravo-m-pc-2nd-rect%3B%2F21694577035%2Fbravo-m%2Fbravo-m_pc_3rd_rect%26div-gpt-ad-bravo-m-pc-3rd-rect%3B%2F21694577035%2Fbravo-m%2Fbravo-m_pc_main_rect_left%26div-gpt-ad-bravo-m-pc-main-rect-left%3B%2F21694577035%2Fbravo-m%2Fbravo-m_pc_main_rect_right%26div-gpt-ad-bravo-m-pc-main-rect-right%3B%2F21694577035%2Fbravo-m%2Fbravo-m_pc_footer_left%26div-gpt-ad-bravo-m-pc-footer-rect-left%3B%2F21694577035%2Fbravo-m%2Fbravo-m_pc_footer_right%26div-gpt-ad-bravo-m-pc-footer-rect-right%3B%2F21694577035%2Fbravo-m%2Fbravo-m_pc_inread%26div-gpt-ad-bravo-m-pc-inread&tg_i.pbadslot=%2F21694577035%2Fbravo-m%2Fbravo-m_pc_billboard%3B%2F21694577035%2Fbravo-m%2Fbravo-m_pc_article_rect%3B%2F21694577035%2Fbravo-m%2Fbravo-m_pc_1st_rect%3B%2F21694577035%2Fbravo-m%2Fbravo-m_pc_2nd_rect%3B%2F21694577035%2Fbravo-m%2Fbravo-m_pc_3rd_rect%3B%2F21694577035%2Fbravo-m%2Fbravo-m_pc_main_rect_left%3B%2F21694577035%2Fbravo-m%2Fbravo-m_pc_main_rect_right%3B%2F21694577035%2Fbravo-m%2Fbravo-m_pc_footer_left%3B%2F21694577035%2Fbravo-m%2Fbravo-m_pc_footer_right%3B%2F21694577035%2Fbravo-m%2Fbravo-m_pc_inread&tk_flint=dmpbjs_v8.17.0&x_source.tid=863c1683-6a26-412a-a27d-005fc69b83b0&l_pb_bid_id=222e4499eef5e1c%3B2317dd245307471%3B24e9e94ba0e1d5a%3B25f3b0441b08a99%3B2670f8ded543b8f%3B274d2ed59ccc1dd%3B28cf2d31e5f648a%3B2902ccbb019e3c9%3B30fd060461cfd0e%3B31b54798951ab05&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=3b5ed1ee-70ff-48fa-8347-483024d61a3e%3B2b1e1de5-7cde-4866-b9d9-f4c634668c45%3B32e8c04e-6053-4350-afec-218fd91fffd7%3B2c155278-4220-4380-807c-d18243673671%3Ba3a80ad4-45f4-4e80-89e7-c94b7a07827d%3Be3383a98-0de1-4bd6-9f67-d5b5e184ad16%3B8574b9bc-a72d-4f8f-a919-ffe36293ef82%3Bc581e6e6-97b9-4861-9aed-58eca02c2003%3B3b60ea2a-41c1-4397-bcbd-e602df66cda8%3Bcfd670e6-970d-48dc-a495-e03bbddb84a7&rp_maxbids=1&p_gpid=%2F21694577035%2Fbravo-m%2Fbravo-m_pc_billboard%3B%2F21694577035%2Fbravo-m%2Fbravo-m_pc_article_rect%3B%2F21694577035%2Fbravo-m%2Fbravo-m_pc_1st_rect%3B%2F21694577035%2Fbravo-m%2Fbravo-m_pc_2nd_rect%3B%2F21694577035%2Fbravo-m%2Fbravo-m_pc_3rd_rect%3B%2F21694577035%2Fbravo-m%2Fbravo-m_pc_main_rect_left%3B%2F21694577035%2Fbravo-m%2Fbravo-m_pc_main_rect_right%3B%2F21694577035%2Fbravo-m%2Fbravo-m_pc_footer_left%3B%2F21694577035%2Fbravo-m%2Fbravo-m_pc_footer_right%3B%2F21694577035%2Fbravo-m%2Fbravo-m_pc_inread&slots=10&rand=0.8275455675482601 Requested by Host: ads.rubiconproject.com URL: https://ads.rubiconproject.com/prebid/12162_bravo.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.43.72.32 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.21.4 / Resource Hash 3bf3dedca3db19a80dc6288adf0e45a053452f90525335f247981ffa412add3c Request headers Referer https://ahm11xtr.pics/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 content-type text/plain Response headers pragma no-cache date Wed, 11 Oct 2023 14:38:50 GMT content-encoding gzip server nginx/1.21.4 vary Accept-Encoding content-type application/json access-control-allow-origin https://ahm11xtr.pics cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true expires Wed, 17 Sep 1975 21:32:10 GMT
POST H2	200	prebid Show response ib.adnxs.com/ut/v3/	19 B 579 B	25ms 5ms	Fetch application/json	68.67.181.211 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: ads.rubiconproject.com URL: https://ads.rubiconproject.com/prebid/12162_bravo.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.21.3 / Resource Hash 0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://ahm11xtr.pics/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 content-type text/plain Response headers pragma no-cache date Wed, 11 Oct 2023 14:38:50 GMT an-x-request-uuid 177e6915-dc9c-4fd1-8fae-72fe1f6c2929 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type application/json; charset=utf-8 access-control-allow-origin https://ahm11xtr.pics cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 5.181.234.132; 5.181.234.132; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 19 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	200	pbjs Show response htlb.casalemedia.com/openrtb/	37 B 544 B	54ms 28ms	Fetch application/json	104.18.27.193 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://htlb.casalemedia.com/openrtb/pbjs?s=784360 Requested by Host: ads.rubiconproject.com URL: https://ads.rubiconproject.com/prebid/12162_bravo.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8c41d186ca0adb36c79f1f577d1f1c952b8a18ba5ae03af597cb14e9858ddd42 Request headers Referer https://ahm11xtr.pics/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 content-type text/plain Response headers pragma no-cache date Wed, 11 Oct 2023 14:38:50 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p42gEH%2F%2BDZJggEGCnDEi5gJ5Mo3JYrjTK5AiRYeYxRAFy0q6ruAcWzjXnhgyH5iiXbUgnNorCrlAPLHTTagDcpwU8JugNf04X9Mgs4IrMBRmo2y4gFjvR%2BDLBHS5tOfglYxhRN1v"}],"group":"cf-nel","max_age":604800} content-type application/json access-control-allow-origin https://ahm11xtr.pics cache-control no-cache access-control-allow-credentials true cf-ray 8147d95b5fdfc420-EWR alt-svc h3=":443"; ma=86400 content-length 37 expires 0
GET H2	200	/ Show response kitchen.juicer.cc/version/	45 B 299 B	545ms 181ms	Fetch application/json	35.76.81.157 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://kitchen.juicer.cc/version/ Requested by Host: kitchen.juicer.cc URL: https://kitchen.juicer.cc/?color=DfUBG/9gaEA= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.76.81.157 Tokyo, Japan, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-76-81-157.ap-northeast-1.compute.amazonaws.com Software Apache/2.4.57 () OpenSSL/1.0.2k-fips / Resource Hash 582b44ca18e9867127a74998bcec430ad8cf327a1fb00c5e651a2360d905caf0 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 14:38:50 GMT strict-transport-security max-age=31536000 server Apache/2.4.57 () OpenSSL/1.0.2k-fips content-type application/json;charset=utf-8 access-control-allow-origin * cache-control no-cache="set-cookie" x-robots-tag noindex, nofollow content-length 45 expires Sat, 26 Jul 1997 05:00:00 GMT
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	393 B 419 B	40ms 37ms	Script text/javascript	172.217.13.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=ahm11xtr.pics&callback=_gfp_s_&client=ca-pub-3622193293525466 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul03s05-in-f2.1e100.net Software cafe / Resource Hash 39f55571513647de11dd5e9c752a83f14cead0801a97d2eb941b4a7ebc483eb0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 14:38:50 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 252 x-xss-protection 0
GET H2	403	ads Show response googleads.g.doubleclick.net/pagead/ Frame 9415	603 B 218 B	72ms 51ms	Document text/html	172.217.13.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3622193293525466&output=html&adk=1812271804&adf=3025194257&lmt=1697071130&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x675_l%7C260x675_r&format=0x0&url=https%3A%2F%2Fahm11xtr.pics%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697035129917&bpp=5&bdt=660&idt=284&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7612185507670&frm=20&pv=2&ga_vid=382056581.1697035130&ga_sid=1697035130&ga_hid=962558107&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44804782%2C44805099%2C44804179%2C44804940&oid=2&pvsid=1635825021716879&tmod=2114088817&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=340 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f2.1e100.net Software cafe / Resource Hash 00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ahm11xtr.pics/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 46 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Wed, 11 Oct 2023 14:38:50 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/	0 121 B	76ms 73ms	Image image/gif	172.217.13.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&cls=l-header%20js-header&ign=false&pw=1600&ph=1200&x=0&y=0 Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s05-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Wed, 11 Oct 2023 14:38:50 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	458 KB 38 KB	881ms 881ms	Fetch text/plain	172.217.13.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1635825021716879&correlator=4009485966358747&eid=31078638%2C31078703%2C31078713%2C31078708%2C44804940&output=ldjh&gdfp_req=1&vrg=202310090101&ptt=17&impl=fifs&iu_parts=21694577035%2Cbravo-m%2Cbravo-m_pc_billboard%2Cbravo-m_pc_article_rect%2Cbravo-m_pc_1st_rect%2Cbravo-m_pc_2nd_rect%2Cbravo-m_pc_3rd_rect%2Cbravo-m_pc_main_rect_left%2Cbravo-m_pc_main_rect_right%2Cbravo-m_pc_footer_left%2Cbravo-m_pc_footer_right%2Cbravo-m_pc_inread&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6%2C%2F0%2F1%2F7%2C%2F0%2F1%2F8%2C%2F0%2F1%2F9%2C%2F0%2F1%2F10%2C%2F0%2F1%2F11&prev_iu_szs=970x250%7C1x1%2C336x280%7C1x1%7C300x250%2C300x600%7C300x250%7C1x1%2C300x250%7C300x600%7C1x1%2C300x250%7C300x600%7C1x1%2C336x280%7C1x1%7C300x250%2C336x280%7C1x1%7C300x250%2C336x280%7C1x1%7C300x250%2C336x280%7C1x1%7C300x250%2C336x280%7C1x1%7C300x250&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dc0eb6c1b390a3dca-2224a20e92e400ea%3AT%3D1697035130%3ART%3D1697035130%3AS%3DALNI_Mbh3FQzl2JzlynsIEEp9xcgve1Z8A&gpic=UID%3D00000d98afedaa6f%3AT%3D1697035130%3ART%3D1697035130%3AS%3DALNI_MbcUO2buQcPsDIW6yKVz1UYbll4bQ&abxe=1&dt=1697035130663&lmt=1697071130&adxs=315%2C624%2C1000%2C1000%2C-9%2C300%2C636%2C300%2C636%2C624&adys=155%2C1352%2C445%2C4128%2C-9%2C3082%2C3082%2C3970%2C3970%2C2147&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C0%7C2%7C-1%7C3%7C4%7C5%7C6%7C7&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fahm11xtr.pics%2F&vis=1&psz=1600x250%7C336x0%7C300x250%7C300x0%7C0x-1%7C660x250%7C660x250%7C660x0%7C660x0%7C336x0&msz=970x0%7C336x0%7C300x0%7C300x0%7C0x-1%7C336x0%7C336x0%7C336x0%7C336x0%7C336x0&fws=0%2C0%2C0%2C0%2C2%2C0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=382056581.1697035130&ga_sid=1697035130&ga_hid=962558107&ga_fc=false&dlt=1697035129257&idt=732&cust_params=adparam%3Dproduction%26adsense%3Don%26mainGenre%3D%25E7%2599%25BB%25E5%25B1%25B1%26articleId%3D123786&adks=2383863740%2C1199900847%2C3210573583%2C3214479354%2C440569722%2C2818522493%2C2907262358%2C3575693887%2C3499933582%2C995038251&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul03s05-in-f2.1e100.net Software cafe / Resource Hash 8fa18828c076b8a22549b4d3bbc6fea8bfa37e98c1814209b1b8b86b41d6b39f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 14:38:51 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 google-mediationgroup-id -2,-2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 38558 x-xss-protection 0 google-lineitem-id -1,-1,-1,-2,-2,-1,-1,-1,-1,-1 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -1,-1,-1,-2,-2,-1,-1,-1,-1,-1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://ahm11xtr.pics access-control-expose-headers x-google-amp-ad-validated-version cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response 9b8aed1f9254d4f52a040bda790c8e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 363E	6 KB 3 KB	458ms 56ms	Document text/html	172.217.13.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://9b8aed1f9254d4f52a040bda790c8e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f1.1e100.net Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ahm11xtr.pics/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Wed, 11 Oct 2023 14:38:51 GMT expires Thu, 10 Oct 2024 14:38:51 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	/ Show response kitchen.juicer.cc/core/	41 KB 8 KB	180ms 180ms	Script application/x-javascript	35.76.81.157 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://kitchen.juicer.cc/core/?color=DfUBG/9gaEA=&version=2.2.9 Requested by Host: kitchen.juicer.cc URL: https://kitchen.juicer.cc/?color=DfUBG/9gaEA= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.76.81.157 Tokyo, Japan, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-76-81-157.ap-northeast-1.compute.amazonaws.com Software Apache/2.4.57 () OpenSSL/1.0.2k-fips / Resource Hash 7caaed55c522743e42d6ad4d939e5a8c5956599ef468c1abeac7b4a2d9adf3a6 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 14:38:50 GMT strict-transport-security max-age=31536000 content-encoding gzip server Apache/2.4.57 () OpenSSL/1.0.2k-fips vary accept-encoding content-type application/x-javascript;charset=utf-8 access-control-allow-origin * content-language en-US cache-control max-age=7200 x-robots-tag noindex, nofollow expires Wed Oct 11 16:38:50 UTC 2023
GET H2	200	stack-driver-errors.min.js Show response cdn.kitchen.juicer.cc/scripts/stack-driver-errors/1.0.0/	40 KB 12 KB	462ms 34ms	Script application/javascript	3.160.5.127 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.kitchen.juicer.cc/scripts/stack-driver-errors/1.0.0/stack-driver-errors.min.js Requested by Host: kitchen.juicer.cc URL: https://kitchen.juicer.cc/core/?color=DfUBG/9gaEA=&version=2.2.9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.160.5.127 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-160-5-127.cmh68.r.cloudfront.net Software AmazonS3 / Resource Hash f2bf81f7cec79fde4d594be203b20ddce637c4d01010f1ec250e510a32023ded Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 16:01:34 GMT content-encoding gzip via 1.1 7992425d40820d4ff716d7127846cfb2.cloudfront.net (CloudFront) last-modified Mon, 06 Feb 2023 04:07:49 GMT server AmazonS3 x-amz-cf-pop CMH68-P4 age 254237 etag W/"794d7b9d1e57d116e5fae14b21136791" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id OesuBrLf4JLoazo8ENq1ZKqkqnNATIDrWYX_n93BEOInaSDV0e7FqQ==
GET H2	200	/ Show response kitchen.juicer.cc/c/	893 B 1 KB	179ms 179ms	XHR application/json	35.76.81.157 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://kitchen.juicer.cc/c/?color=DfUBG/9gaEA=&url=https%3A%2F%2Fahm11xtr.pics%2F&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.5938.149%20Safari%2F537.36 Requested by Host: kitchen.juicer.cc URL: https://kitchen.juicer.cc/core/?color=DfUBG/9gaEA=&version=2.2.9 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.76.81.157 Tokyo, Japan, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-76-81-157.ap-northeast-1.compute.amazonaws.com Software Apache/2.4.57 () OpenSSL/1.0.2k-fips / Resource Hash dcb919a75fadf724ea297b9180b4e0f8eaa68f2d60774bb02aeb2cec791f8e5d Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 14:38:51 GMT strict-transport-security max-age=31536000 server Apache/2.4.57 () OpenSSL/1.0.2k-fips content-type application/json;charset=utf-8 access-control-allow-origin * cache-control no-cache="set-cookie" x-robots-tag noindex, nofollow content-length 893 expires Sat, 26 Jul 1997 05:00:00 GMT
GET H2	200	juicertreasure.min.js Show response cdn.kitchen.juicer.cc/scripts/juicer-treasure/2.3.0/	52 KB 17 KB	279ms 35ms	Script application/javascript	3.160.5.127 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.kitchen.juicer.cc/scripts/juicer-treasure/2.3.0/juicertreasure.min.js Requested by Host: kitchen.juicer.cc URL: https://kitchen.juicer.cc/core/?color=DfUBG/9gaEA=&version=2.2.9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.160.5.127 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-160-5-127.cmh68.r.cloudfront.net Software AmazonS3 / Resource Hash 1c08aa1df70a43171fcf1da525a0d82108065f2c10a15ecf882cf50f3e2344dd Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Fri, 06 Oct 2023 01:20:58 GMT content-encoding gzip via 1.1 7992425d40820d4ff716d7127846cfb2.cloudfront.net (CloudFront) last-modified Wed, 29 Jun 2022 06:35:15 GMT server AmazonS3 x-amz-cf-pop CMH68-P4 age 479874 etag W/"ec8eb5334f9cc74a3e3f97a6770c9171" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=31536000 x-amz-cf-id cnJI9YK30_Dxln1qCzTpZAjomtlYNiRfzXfhLRSPALeXHudzrRjvoQ==
GET H2	200	im-uid.js Show response dmp.im-apps.net/sdk/	6 KB 3 KB	360ms 4ms	Script application/javascript	23.200.88.35 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://dmp.im-apps.net/sdk/im-uid.js Requested by Host: kitchen.juicer.cc URL: https://kitchen.juicer.cc/core/?color=DfUBG/9gaEA=&version=2.2.9 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.200.88.35 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-200-88-35.deploy.static.akamaitechnologies.com Software / Resource Hash 957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-amz-version-id Ewv0cV5pGNUFzf4cpCFpusOmzbO5pqOY content-encoding gzip date Wed, 11 Oct 2023 14:38:51 GMT last-modified Fri, 21 Apr 2023 06:05:08 GMT etag "14ccaf76e8933bdcf899015e943cd2df" x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/javascript p3p CP="NOI PSD OTR" cache-control max-age=10800 x-amz-replication-status COMPLETED accept-ranges bytes content-length 2434
GET H2	200	/ Show response kitchen.juicer.cc/t/	11 KB 3 KB	179ms 179ms	Script application/x-javascript	35.76.81.157 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://kitchen.juicer.cc/t/?color=DfUBG/9gaEA=&version=2.2.9 Requested by Host: kitchen.juicer.cc URL: https://kitchen.juicer.cc/core/?color=DfUBG/9gaEA=&version=2.2.9 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.76.81.157 Tokyo, Japan, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-76-81-157.ap-northeast-1.compute.amazonaws.com Software Apache/2.4.57 () OpenSSL/1.0.2k-fips / Resource Hash 81e8648bfe86a38a4a825270d8dbab74491d04947469d320a37f7ad4cfe867f0 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 14:38:51 GMT strict-transport-security max-age=31536000 content-encoding gzip server Apache/2.4.57 () OpenSSL/1.0.2k-fips vary accept-encoding content-type application/x-javascript;charset=utf-8 access-control-allow-origin * content-language en-US cache-control max-age=0, no-store, no-cache, must-revalidate x-robots-tag noindex, nofollow expires Sat, 26 Jul 1997 05:00:00 GMT
GET H2	200	get Show response audiencedata.im-apps.net/imuid/	10 B 172 B	493ms 151ms	XHR application/json	34.120.96.193 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://audiencedata.im-apps.net/imuid/get?cid=1000435&vid=01HCFJT6JN400NH1FHQV2PQ8YZ Requested by Host: dmp.im-apps.net URL: https://dmp.im-apps.net/sdk/im-uid.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.96.193 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 193.96.120.34.bc.googleusercontent.com Software / Resource Hash bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers access-control-allow-origin https://ahm11xtr.pics date Wed, 11 Oct 2023 14:38:51 GMT via 1.1 google access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 10 content-type application/json
GET H2	200	amp4ads-v0.mjs Show response cdn.ampproject.org/rtv/012309290141000/ Frame A561	196 KB 56 KB	455ms 15ms	Script text/javascript	172.217.13.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f1.1e100.net Software sffe / Resource Hash 19ff3397c011d5accec7152829fd1191a2a1a01ff4f5e5826d412318183e27ba Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 10 Oct 2023 17:13:50 GMT age 77102 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 56111 x-xss-protection 0 server sffe etag "196a98f213e9af2a" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 09 Oct 2024 17:13:50 GMT
GET H2	200	amp-ad-exit-0.1.mjs Show response cdn.ampproject.org/rtv/012309290141000/v0/ Frame A561	15 KB 5 KB	519ms 72ms	Script text/javascript	172.217.13.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012309290141000/v0/amp-ad-exit-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f1.1e100.net Software sffe / Resource Hash db9cf405750f735875d15e818d2a914d9da5e585bb679bf133030313050129d7 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 10 Oct 2023 17:13:50 GMT age 77102 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5226 x-xss-protection 0 server sffe etag "b67abf1ac5d05c62" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 09 Oct 2024 17:13:50 GMT
GET H2	200	amp-analytics-0.1.mjs Show response cdn.ampproject.org/rtv/012309290141000/v0/ Frame A561	94 KB 28 KB	524ms 77ms	Script text/javascript	172.217.13.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012309290141000/v0/amp-analytics-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f1.1e100.net Software sffe / Resource Hash edb2010c5df1126fb248d0ec434aae2f8293f4f7182081eeeb6f9bb64bf0e9ad Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 10 Oct 2023 17:13:50 GMT age 77102 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29036 x-xss-protection 0 server sffe etag "f80aeafaeae93075" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 09 Oct 2024 17:13:50 GMT
GET H2	200	amp-fit-text-0.1.mjs Show response cdn.ampproject.org/rtv/012309290141000/v0/ Frame A561	5 KB 2 KB	523ms 76ms	Script text/javascript	172.217.13.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012309290141000/v0/amp-fit-text-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f1.1e100.net Software sffe / Resource Hash 062e8ad7db60ba4743150e409d430e84c3cdbbba05cba579d4ef3ab23016596e Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 10 Oct 2023 17:13:50 GMT age 77102 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1915 x-xss-protection 0 server sffe etag "5fa0b581892e5d76" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 09 Oct 2024 17:13:50 GMT
GET H2	200	amp-form-0.1.mjs Show response cdn.ampproject.org/rtv/012309290141000/v0/ Frame A561	40 KB 13 KB	520ms 73ms	Script text/javascript	172.217.13.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012309290141000/v0/amp-form-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f1.1e100.net Software sffe / Resource Hash 541344055050c46c93b77fddf2d7f018821eb38500e6fa795aa7883b16b934e6 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 10 Oct 2023 17:13:50 GMT age 77102 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12962 x-xss-protection 0 server sffe etag "f431afcc9b21c868" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 09 Oct 2024 17:13:50 GMT
GET H2	200	css fonts.googleapis.com/ Frame A561	17 KB 1 KB	297ms 47ms	Stylesheet text/css	2607:f8b0:4020:807::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Playfair%20Display%3A400%2C500%7CGoogle%20Sans%3A400%2C500 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 4229b3634f357cd2cf8f7b848a36e0541d273560c2491109a8d26693cb905938 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 11 Oct 2023 14:38:51 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 11 Oct 2023 14:32:13 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 11 Oct 2023 14:38:51 GMT
GET H2	200	en.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame A561	2 KB 3 KB	389ms 33ms	Image image/png	172.217.13.129 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/en.png Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s05-in-f1.1e100.net Software cafe / Resource Hash 36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 14:20:20 GMT x-content-type-options nosniff server cafe age 1111 etag 14819457070020093239 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2502 x-xss-protection 0 expires Thu, 12 Oct 2023 14:20:20 GMT
GET H2	200	icon.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame A561	295 B 353 B	370ms 16ms	Image image/png	172.217.13.129 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s05-in-f1.1e100.net Software cafe / Resource Hash 7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 00:46:26 GMT x-content-type-options nosniff server cafe age 49945 etag 426692510519060060 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 295 x-xss-protection 0 expires Thu, 12 Oct 2023 00:46:26 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame A561	0 0	285ms 45ms	Image text/html	2607:f8b0:4020:805::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQkAtx79qW5RHBaG_0NPxCqL0S7tNWlA8wYV1LgpjqwHzh7mBnYNGO0B2IBV-_kfbQMEPrLiecTOA5znWG3OioYODIRlg Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:805::2004 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers
GET H2	200	14763004658117789537 tpc.googlesyndication.com/simgad/2122885332264497510/ Frame A561	14 KB 14 KB	396ms 43ms	Image image/jpeg	172.217.13.129 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/2122885332264497510/14763004658117789537?w=600&h=314 Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s05-in-f1.1e100.net Software sffe / Resource Hash 012fdb6e8dd941c5aceba5ee7745b04537a3a2efb037712598291b7d06848e5a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Thu, 05 Oct 2023 19:58:42 GMT x-content-type-options nosniff age 499209 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14681 x-xss-protection 0 last-modified Fri, 25 Aug 2023 10:08:52 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Fri, 04 Oct 2024 19:58:42 GMT
GET DATA	200 OK	truncated / Frame A561	206 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame A561	209 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame A561	221 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bed77199c3ac1f73bce44e1c3ef4367b4d35a4eb31bc9a7d470784770bd64ff0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Content-Type image/png
GET H2	200	amp4ads-v0.mjs Show response cdn.ampproject.org/rtv/012309290141000/ Frame E1A0	196 KB 55 KB	391ms 28ms	Script text/javascript	172.217.13.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f1.1e100.net Software sffe / Resource Hash 19ff3397c011d5accec7152829fd1191a2a1a01ff4f5e5826d412318183e27ba Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 10 Oct 2023 17:13:50 GMT age 77102 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 56111 x-xss-protection 0 server sffe etag "196a98f213e9af2a" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 09 Oct 2024 17:13:50 GMT
GET H2	200	amp-ad-exit-0.1.mjs Show response cdn.ampproject.org/rtv/012309290141000/v0/ Frame E1A0	15 KB 5 KB	100ms 77ms	Script text/javascript	172.217.13.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012309290141000/v0/amp-ad-exit-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f1.1e100.net Software sffe / Resource Hash db9cf405750f735875d15e818d2a914d9da5e585bb679bf133030313050129d7 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 10 Oct 2023 17:13:50 GMT age 77102 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5226 x-xss-protection 0 server sffe etag "b67abf1ac5d05c62" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 09 Oct 2024 17:13:50 GMT
GET H2	200	amp-analytics-0.1.mjs Show response cdn.ampproject.org/rtv/012309290141000/v0/ Frame E1A0	94 KB 28 KB	101ms 78ms	Script text/javascript	172.217.13.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012309290141000/v0/amp-analytics-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f1.1e100.net Software sffe / Resource Hash edb2010c5df1126fb248d0ec434aae2f8293f4f7182081eeeb6f9bb64bf0e9ad Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 10 Oct 2023 17:13:50 GMT age 77102 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29036 x-xss-protection 0 server sffe etag "f80aeafaeae93075" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 09 Oct 2024 17:13:50 GMT
GET H2	200	amp-fit-text-0.1.mjs Show response cdn.ampproject.org/rtv/012309290141000/v0/ Frame E1A0	5 KB 2 KB	105ms 82ms	Script text/javascript	172.217.13.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012309290141000/v0/amp-fit-text-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f1.1e100.net Software sffe / Resource Hash 062e8ad7db60ba4743150e409d430e84c3cdbbba05cba579d4ef3ab23016596e Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 10 Oct 2023 17:13:50 GMT age 77102 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1915 x-xss-protection 0 server sffe etag "5fa0b581892e5d76" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 09 Oct 2024 17:13:50 GMT
GET H2	200	amp-form-0.1.mjs Show response cdn.ampproject.org/rtv/012309290141000/v0/ Frame E1A0	40 KB 13 KB	107ms 84ms	Script text/javascript	172.217.13.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012309290141000/v0/amp-form-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f1.1e100.net Software sffe / Resource Hash 541344055050c46c93b77fddf2d7f018821eb38500e6fa795aa7883b16b934e6 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 10 Oct 2023 17:13:50 GMT age 77102 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12962 x-xss-protection 0 server sffe etag "f431afcc9b21c868" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 09 Oct 2024 17:13:50 GMT
GET H2	200	css fonts.googleapis.com/ Frame E1A0	6 KB 1 KB	207ms 37ms	Stylesheet text/css	2607:f8b0:4020:807::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 11 Oct 2023 14:38:51 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 11 Oct 2023 12:56:15 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 11 Oct 2023 14:38:51 GMT
GET H2	200	en.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame E1A0	2 KB 3 KB	334ms 55ms	Image image/png	172.217.13.129 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/en.png Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s05-in-f1.1e100.net Software cafe / Resource Hash 36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 14:20:20 GMT x-content-type-options nosniff server cafe age 1111 etag 14819457070020093239 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2502 x-xss-protection 0 expires Thu, 12 Oct 2023 14:20:20 GMT
GET H2	200	icon.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame E1A0	295 B 353 B	333ms 54ms	Image image/png	172.217.13.129 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s05-in-f1.1e100.net Software cafe / Resource Hash 7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 00:46:26 GMT x-content-type-options nosniff server cafe age 49945 etag 426692510519060060 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 295 x-xss-protection 0 expires Thu, 12 Oct 2023 00:46:26 GMT
GET H2	200	amp4ads-v0.mjs Show response cdn.ampproject.org/rtv/012309290141000/ Frame B818	196 KB 55 KB	379ms 36ms	Script text/javascript	172.217.13.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f1.1e100.net Software sffe / Resource Hash 19ff3397c011d5accec7152829fd1191a2a1a01ff4f5e5826d412318183e27ba Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 10 Oct 2023 17:13:50 GMT age 77102 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 56111 x-xss-protection 0 server sffe etag "196a98f213e9af2a" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 09 Oct 2024 17:13:50 GMT
GET H2	200	amp-ad-exit-0.1.mjs Show response cdn.ampproject.org/rtv/012309290141000/v0/ Frame B818	15 KB 5 KB	108ms 85ms	Script text/javascript	172.217.13.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012309290141000/v0/amp-ad-exit-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f1.1e100.net Software sffe / Resource Hash db9cf405750f735875d15e818d2a914d9da5e585bb679bf133030313050129d7 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 10 Oct 2023 17:13:50 GMT age 77102 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5226 x-xss-protection 0 server sffe etag "b67abf1ac5d05c62" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 09 Oct 2024 17:13:50 GMT
GET H2	200	amp-analytics-0.1.mjs Show response cdn.ampproject.org/rtv/012309290141000/v0/ Frame B818	94 KB 28 KB	109ms 86ms	Script text/javascript	172.217.13.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012309290141000/v0/amp-analytics-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f1.1e100.net Software sffe / Resource Hash edb2010c5df1126fb248d0ec434aae2f8293f4f7182081eeeb6f9bb64bf0e9ad Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 10 Oct 2023 17:13:50 GMT age 77102 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29036 x-xss-protection 0 server sffe etag "f80aeafaeae93075" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 09 Oct 2024 17:13:50 GMT
GET H2	200	amp-fit-text-0.1.mjs Show response cdn.ampproject.org/rtv/012309290141000/v0/ Frame B818	5 KB 2 KB	118ms 95ms	Script text/javascript	172.217.13.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012309290141000/v0/amp-fit-text-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f1.1e100.net Software sffe / Resource Hash 062e8ad7db60ba4743150e409d430e84c3cdbbba05cba579d4ef3ab23016596e Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 10 Oct 2023 17:13:50 GMT age 77102 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1915 x-xss-protection 0 server sffe etag "5fa0b581892e5d76" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 09 Oct 2024 17:13:50 GMT
GET H2	200	amp-form-0.1.mjs Show response cdn.ampproject.org/rtv/012309290141000/v0/ Frame B818	40 KB 13 KB	119ms 96ms	Script text/javascript	172.217.13.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012309290141000/v0/amp-form-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f1.1e100.net Software sffe / Resource Hash 541344055050c46c93b77fddf2d7f018821eb38500e6fa795aa7883b16b934e6 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 10 Oct 2023 17:13:50 GMT age 77102 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12962 x-xss-protection 0 server sffe etag "f431afcc9b21c868" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 09 Oct 2024 17:13:50 GMT
GET H2	200	en.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame B818	2 KB 3 KB	317ms 55ms	Image image/png	172.217.13.129 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/en.png Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s05-in-f1.1e100.net Software cafe / Resource Hash 36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 14:20:20 GMT x-content-type-options nosniff server cafe age 1111 etag 14819457070020093239 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2502 x-xss-protection 0 expires Thu, 12 Oct 2023 14:20:20 GMT
GET H2	200	icon.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame B818	295 B 664 B	148ms 15ms	Image image/png	172.217.13.129 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s05-in-f1.1e100.net Software cafe / Resource Hash 7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 00:46:26 GMT x-content-type-options nosniff server cafe age 49945 etag 426692510519060060 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 295 x-xss-protection 0 expires Thu, 12 Oct 2023 00:46:26 GMT
GET H2	200	668975043759506112 tpc.googlesyndication.com/daca_images/simgad/ Frame B818	32 KB 32 KB	165ms 33ms	Image image/jpeg	172.217.13.129 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/daca_images/simgad/668975043759506112?w=360&h=720 Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s05-in-f1.1e100.net Software sffe / Resource Hash 52413480d26d5c21cae727b983ca78afc09d60846ba0b551cb9cebe53228ec51 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 08:36:26 GMT x-content-type-options nosniff age 108145 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 32786 x-xss-protection 0 last-modified Tue, 10 Oct 2023 04:14:58 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=604800 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Tue, 17 Oct 2023 08:36:26 GMT
GET DATA	200 OK	truncated / Frame B818	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 66c8834dcbafcb5acf369d3aef3f7c944e19b65334e45935868bc06322c35e99 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Content-Type image/png
GET H2	200	amp4ads-v0.mjs Show response cdn.ampproject.org/rtv/012309290141000/ Frame 4DC6	196 KB 55 KB	362ms 43ms	Script text/javascript	172.217.13.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f1.1e100.net Software sffe / Resource Hash 19ff3397c011d5accec7152829fd1191a2a1a01ff4f5e5826d412318183e27ba Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 10 Oct 2023 17:13:50 GMT age 77102 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 56111 x-xss-protection 0 server sffe etag "196a98f213e9af2a" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 09 Oct 2024 17:13:50 GMT
GET H2	200	amp-ad-exit-0.1.mjs Show response cdn.ampproject.org/rtv/012309290141000/v0/ Frame 4DC6	15 KB 5 KB	120ms 98ms	Script text/javascript	172.217.13.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012309290141000/v0/amp-ad-exit-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f1.1e100.net Software sffe / Resource Hash db9cf405750f735875d15e818d2a914d9da5e585bb679bf133030313050129d7 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 10 Oct 2023 17:13:50 GMT age 77102 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5226 x-xss-protection 0 server sffe etag "b67abf1ac5d05c62" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 09 Oct 2024 17:13:50 GMT
GET H2	200	amp-analytics-0.1.mjs Show response cdn.ampproject.org/rtv/012309290141000/v0/ Frame 4DC6	94 KB 28 KB	123ms 100ms	Script text/javascript	172.217.13.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012309290141000/v0/amp-analytics-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f1.1e100.net Software sffe / Resource Hash edb2010c5df1126fb248d0ec434aae2f8293f4f7182081eeeb6f9bb64bf0e9ad Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 10 Oct 2023 17:13:50 GMT age 77102 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29036 x-xss-protection 0 server sffe etag "f80aeafaeae93075" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 09 Oct 2024 17:13:50 GMT
GET H2	200	amp-fit-text-0.1.mjs Show response cdn.ampproject.org/rtv/012309290141000/v0/ Frame 4DC6	5 KB 2 KB	125ms 103ms	Script text/javascript	172.217.13.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012309290141000/v0/amp-fit-text-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f1.1e100.net Software sffe / Resource Hash 062e8ad7db60ba4743150e409d430e84c3cdbbba05cba579d4ef3ab23016596e Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 10 Oct 2023 17:13:50 GMT age 77102 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1915 x-xss-protection 0 server sffe etag "5fa0b581892e5d76" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 09 Oct 2024 17:13:50 GMT
GET H2	200	amp-form-0.1.mjs Show response cdn.ampproject.org/rtv/012309290141000/v0/ Frame 4DC6	40 KB 13 KB	127ms 104ms	Script text/javascript	172.217.13.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012309290141000/v0/amp-form-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f1.1e100.net Software sffe / Resource Hash 541344055050c46c93b77fddf2d7f018821eb38500e6fa795aa7883b16b934e6 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 10 Oct 2023 17:13:50 GMT age 77102 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12962 x-xss-protection 0 server sffe etag "f431afcc9b21c868" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 09 Oct 2024 17:13:50 GMT
GET H2	200	css fonts.googleapis.com/ Frame 4DC6	6 KB 779 B	163ms 37ms	Stylesheet text/css	2607:f8b0:4020:807::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 11 Oct 2023 14:38:51 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 11 Oct 2023 14:38:05 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 11 Oct 2023 14:38:51 GMT
GET H2	200	en.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4DC6	2 KB 3 KB	181ms 59ms	Image image/png	172.217.13.129 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/en.png Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s05-in-f1.1e100.net Software cafe / Resource Hash 36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 14:20:20 GMT x-content-type-options nosniff server cafe age 1111 etag 14819457070020093239 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2502 x-xss-protection 0 expires Thu, 12 Oct 2023 14:20:20 GMT
GET H2	200	icon.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4DC6	295 B 353 B	180ms 58ms	Image image/png	172.217.13.129 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s05-in-f1.1e100.net Software cafe / Resource Hash 7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 00:46:26 GMT x-content-type-options nosniff server cafe age 49945 etag 426692510519060060 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 295 x-xss-protection 0 expires Thu, 12 Oct 2023 00:46:26 GMT
GET H2	200	amp4ads-v0.mjs Show response cdn.ampproject.org/rtv/012309290141000/ Frame B4EB	196 KB 55 KB	350ms 50ms	Script text/javascript	172.217.13.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f1.1e100.net Software sffe / Resource Hash 19ff3397c011d5accec7152829fd1191a2a1a01ff4f5e5826d412318183e27ba Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 10 Oct 2023 17:13:50 GMT age 77102 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 56111 x-xss-protection 0 server sffe etag "196a98f213e9af2a" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 09 Oct 2024 17:13:50 GMT
GET H2	200	amp-ad-exit-0.1.mjs Show response cdn.ampproject.org/rtv/012309290141000/v0/ Frame B4EB	15 KB 5 KB	129ms 106ms	Script text/javascript	172.217.13.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012309290141000/v0/amp-ad-exit-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f1.1e100.net Software sffe / Resource Hash db9cf405750f735875d15e818d2a914d9da5e585bb679bf133030313050129d7 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 10 Oct 2023 17:13:50 GMT age 77102 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5226 x-xss-protection 0 server sffe etag "b67abf1ac5d05c62" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 09 Oct 2024 17:13:50 GMT
GET H2	200	amp-analytics-0.1.mjs Show response cdn.ampproject.org/rtv/012309290141000/v0/ Frame B4EB	94 KB 28 KB	131ms 108ms	Script text/javascript	172.217.13.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012309290141000/v0/amp-analytics-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f1.1e100.net Software sffe / Resource Hash edb2010c5df1126fb248d0ec434aae2f8293f4f7182081eeeb6f9bb64bf0e9ad Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 10 Oct 2023 17:13:50 GMT age 77102 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29036 x-xss-protection 0 server sffe etag "f80aeafaeae93075" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 09 Oct 2024 17:13:50 GMT
GET H2	200	amp-fit-text-0.1.mjs Show response cdn.ampproject.org/rtv/012309290141000/v0/ Frame B4EB	5 KB 2 KB	133ms 110ms	Script text/javascript	172.217.13.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012309290141000/v0/amp-fit-text-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f1.1e100.net Software sffe / Resource Hash 062e8ad7db60ba4743150e409d430e84c3cdbbba05cba579d4ef3ab23016596e Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 10 Oct 2023 17:13:50 GMT age 77102 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1915 x-xss-protection 0 server sffe etag "5fa0b581892e5d76" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 09 Oct 2024 17:13:50 GMT
GET H2	200	amp-form-0.1.mjs Show response cdn.ampproject.org/rtv/012309290141000/v0/ Frame B4EB	40 KB 13 KB	138ms 115ms	Script text/javascript	172.217.13.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012309290141000/v0/amp-form-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f1.1e100.net Software sffe / Resource Hash 541344055050c46c93b77fddf2d7f018821eb38500e6fa795aa7883b16b934e6 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 10 Oct 2023 17:13:50 GMT age 77102 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12962 x-xss-protection 0 server sffe etag "f431afcc9b21c868" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 09 Oct 2024 17:13:50 GMT
GET H2	200	css fonts.googleapis.com/ Frame B4EB	6 KB 779 B	147ms 38ms	Stylesheet text/css	2607:f8b0:4020:807::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 11 Oct 2023 14:38:51 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 11 Oct 2023 13:18:07 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 11 Oct 2023 14:38:51 GMT
GET H2	200	en.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame B4EB	2 KB 3 KB	178ms 61ms	Image image/png	172.217.13.129 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/en.png Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s05-in-f1.1e100.net Software cafe / Resource Hash 36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 14:20:20 GMT x-content-type-options nosniff server cafe age 1111 etag 14819457070020093239 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2502 x-xss-protection 0 expires Thu, 12 Oct 2023 14:20:20 GMT
GET H2	200	icon.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame B4EB	295 B 353 B	177ms 60ms	Image image/png	172.217.13.129 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s05-in-f1.1e100.net Software cafe / Resource Hash 7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 00:46:26 GMT x-content-type-options nosniff server cafe age 49945 etag 426692510519060060 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 295 x-xss-protection 0 expires Thu, 12 Oct 2023 00:46:26 GMT
GET H2	200	amp4ads-v0.mjs Show response cdn.ampproject.org/rtv/012309290141000/ Frame 8F2A	196 KB 55 KB	350ms 61ms	Script text/javascript	172.217.13.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f1.1e100.net Software sffe / Resource Hash 19ff3397c011d5accec7152829fd1191a2a1a01ff4f5e5826d412318183e27ba Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 10 Oct 2023 17:13:50 GMT age 77102 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 56111 x-xss-protection 0 server sffe etag "196a98f213e9af2a" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 09 Oct 2024 17:13:50 GMT
GET H2	200	amp-ad-exit-0.1.mjs Show response cdn.ampproject.org/rtv/012309290141000/v0/ Frame 8F2A	15 KB 5 KB	139ms 117ms	Script text/javascript	172.217.13.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012309290141000/v0/amp-ad-exit-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f1.1e100.net Software sffe / Resource Hash db9cf405750f735875d15e818d2a914d9da5e585bb679bf133030313050129d7 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 10 Oct 2023 17:13:50 GMT age 77102 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5226 x-xss-protection 0 server sffe etag "b67abf1ac5d05c62" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 09 Oct 2024 17:13:50 GMT
GET H2	200	amp-analytics-0.1.mjs Show response cdn.ampproject.org/rtv/012309290141000/v0/ Frame 8F2A	94 KB 28 KB	153ms 131ms	Script text/javascript	172.217.13.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012309290141000/v0/amp-analytics-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f1.1e100.net Software sffe / Resource Hash edb2010c5df1126fb248d0ec434aae2f8293f4f7182081eeeb6f9bb64bf0e9ad Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 10 Oct 2023 17:13:50 GMT age 77102 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29036 x-xss-protection 0 server sffe etag "f80aeafaeae93075" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 09 Oct 2024 17:13:50 GMT
GET H2	200	amp-fit-text-0.1.mjs Show response cdn.ampproject.org/rtv/012309290141000/v0/ Frame 8F2A	5 KB 2 KB	155ms 133ms	Script text/javascript	172.217.13.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012309290141000/v0/amp-fit-text-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f1.1e100.net Software sffe / Resource Hash 062e8ad7db60ba4743150e409d430e84c3cdbbba05cba579d4ef3ab23016596e Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 10 Oct 2023 17:13:50 GMT age 77102 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1915 x-xss-protection 0 server sffe etag "5fa0b581892e5d76" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 09 Oct 2024 17:13:50 GMT
GET H2	200	amp-form-0.1.mjs Show response cdn.ampproject.org/rtv/012309290141000/v0/ Frame 8F2A	40 KB 13 KB	157ms 135ms	Script text/javascript	172.217.13.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012309290141000/v0/amp-form-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f1.1e100.net Software sffe / Resource Hash 541344055050c46c93b77fddf2d7f018821eb38500e6fa795aa7883b16b934e6 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 10 Oct 2023 17:13:50 GMT age 77102 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12962 x-xss-protection 0 server sffe etag "f431afcc9b21c868" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 09 Oct 2024 17:13:50 GMT
GET H2	200	css fonts.googleapis.com/ Frame 8F2A	6 KB 779 B	138ms 48ms	Stylesheet text/css	2607:f8b0:4020:807::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 11 Oct 2023 14:38:51 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 11 Oct 2023 14:16:47 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 11 Oct 2023 14:38:51 GMT
GET H2	200	en.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8F2A	2 KB 3 KB	175ms 62ms	Image image/png	172.217.13.129 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/en.png Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s05-in-f1.1e100.net Software cafe / Resource Hash 36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 14:20:20 GMT x-content-type-options nosniff server cafe age 1111 etag 14819457070020093239 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2502 x-xss-protection 0 expires Thu, 12 Oct 2023 14:20:20 GMT
GET H2	200	icon.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8F2A	295 B 353 B	175ms 61ms	Image image/png	172.217.13.129 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s05-in-f1.1e100.net Software cafe / Resource Hash 7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 00:46:26 GMT x-content-type-options nosniff server cafe age 49945 etag 426692510519060060 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 295 x-xss-protection 0 expires Thu, 12 Oct 2023 00:46:26 GMT
GET H2	200	amp4ads-v0.mjs Show response cdn.ampproject.org/rtv/012309290141000/ Frame 8BD1	196 KB 55 KB	326ms 62ms	Script text/javascript	172.217.13.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f1.1e100.net Software sffe / Resource Hash 19ff3397c011d5accec7152829fd1191a2a1a01ff4f5e5826d412318183e27ba Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 10 Oct 2023 17:13:50 GMT age 77102 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 56111 x-xss-protection 0 server sffe etag "196a98f213e9af2a" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 09 Oct 2024 17:13:50 GMT
GET H2	200	amp-ad-exit-0.1.mjs Show response cdn.ampproject.org/rtv/012309290141000/v0/ Frame 8BD1	15 KB 5 KB	158ms 136ms	Script text/javascript	172.217.13.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012309290141000/v0/amp-ad-exit-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f1.1e100.net Software sffe / Resource Hash db9cf405750f735875d15e818d2a914d9da5e585bb679bf133030313050129d7 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 10 Oct 2023 17:13:50 GMT age 77102 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5226 x-xss-protection 0 server sffe etag "b67abf1ac5d05c62" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 09 Oct 2024 17:13:50 GMT
GET H2	200	amp-analytics-0.1.mjs Show response cdn.ampproject.org/rtv/012309290141000/v0/ Frame 8BD1	94 KB 28 KB	160ms 137ms	Script text/javascript	172.217.13.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012309290141000/v0/amp-analytics-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f1.1e100.net Software sffe / Resource Hash edb2010c5df1126fb248d0ec434aae2f8293f4f7182081eeeb6f9bb64bf0e9ad Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 10 Oct 2023 17:13:50 GMT age 77102 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29036 x-xss-protection 0 server sffe etag "f80aeafaeae93075" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 09 Oct 2024 17:13:50 GMT
GET H2	200	amp-fit-text-0.1.mjs Show response cdn.ampproject.org/rtv/012309290141000/v0/ Frame 8BD1	5 KB 2 KB	162ms 140ms	Script text/javascript	172.217.13.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012309290141000/v0/amp-fit-text-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f1.1e100.net Software sffe / Resource Hash 062e8ad7db60ba4743150e409d430e84c3cdbbba05cba579d4ef3ab23016596e Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 10 Oct 2023 17:13:50 GMT age 77102 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1915 x-xss-protection 0 server sffe etag "5fa0b581892e5d76" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 09 Oct 2024 17:13:50 GMT
GET H2	200	amp-form-0.1.mjs Show response cdn.ampproject.org/rtv/012309290141000/v0/ Frame 8BD1	40 KB 13 KB	163ms 141ms	Script text/javascript	172.217.13.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012309290141000/v0/amp-form-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f1.1e100.net Software sffe / Resource Hash 541344055050c46c93b77fddf2d7f018821eb38500e6fa795aa7883b16b934e6 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 10 Oct 2023 17:13:50 GMT age 77102 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12962 x-xss-protection 0 server sffe etag "f431afcc9b21c868" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 09 Oct 2024 17:13:50 GMT
GET H2	200	css fonts.googleapis.com/ Frame 8BD1	6 KB 779 B	114ms 49ms	Stylesheet text/css	2607:f8b0:4020:807::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 11 Oct 2023 14:38:51 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 11 Oct 2023 13:46:27 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 11 Oct 2023 14:38:51 GMT
GET H2	200	en.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8BD1	2 KB 3 KB	166ms 56ms	Image image/png	172.217.13.129 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/en.png Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s05-in-f1.1e100.net Software cafe / Resource Hash 36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 14:20:20 GMT x-content-type-options nosniff server cafe age 1111 etag 14819457070020093239 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2502 x-xss-protection 0 expires Thu, 12 Oct 2023 14:20:20 GMT
GET H2	200	icon.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8BD1	295 B 353 B	167ms 57ms	Image image/png	172.217.13.129 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s05-in-f1.1e100.net Software cafe / Resource Hash 7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 00:46:26 GMT x-content-type-options nosniff server cafe age 49945 etag 426692510519060060 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 295 x-xss-protection 0 expires Thu, 12 Oct 2023 00:46:26 GMT
GET H2	200	amp4ads-v0.mjs Show response cdn.ampproject.org/rtv/012309290141000/ Frame 5FDC	196 KB 55 KB	312ms 65ms	Script text/javascript	172.217.13.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f1.1e100.net Software sffe / Resource Hash 19ff3397c011d5accec7152829fd1191a2a1a01ff4f5e5826d412318183e27ba Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 10 Oct 2023 17:13:50 GMT age 77102 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 56111 x-xss-protection 0 server sffe etag "196a98f213e9af2a" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 09 Oct 2024 17:13:50 GMT
GET H2	200	amp-ad-exit-0.1.mjs Show response cdn.ampproject.org/rtv/012309290141000/v0/ Frame 5FDC	15 KB 5 KB	164ms 142ms	Script text/javascript	172.217.13.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012309290141000/v0/amp-ad-exit-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f1.1e100.net Software sffe / Resource Hash db9cf405750f735875d15e818d2a914d9da5e585bb679bf133030313050129d7 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 10 Oct 2023 17:13:50 GMT age 77102 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5226 x-xss-protection 0 server sffe etag "b67abf1ac5d05c62" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 09 Oct 2024 17:13:50 GMT
GET H2	200	amp-analytics-0.1.mjs Show response cdn.ampproject.org/rtv/012309290141000/v0/ Frame 5FDC	94 KB 28 KB	176ms 154ms	Script text/javascript	172.217.13.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012309290141000/v0/amp-analytics-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f1.1e100.net Software sffe / Resource Hash edb2010c5df1126fb248d0ec434aae2f8293f4f7182081eeeb6f9bb64bf0e9ad Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 10 Oct 2023 17:13:50 GMT age 77102 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29036 x-xss-protection 0 server sffe etag "f80aeafaeae93075" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 09 Oct 2024 17:13:50 GMT
GET H2	200	amp-fit-text-0.1.mjs Show response cdn.ampproject.org/rtv/012309290141000/v0/ Frame 5FDC	5 KB 2 KB	178ms 156ms	Script text/javascript	172.217.13.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012309290141000/v0/amp-fit-text-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f1.1e100.net Software sffe / Resource Hash 062e8ad7db60ba4743150e409d430e84c3cdbbba05cba579d4ef3ab23016596e Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 10 Oct 2023 17:13:50 GMT age 77102 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1915 x-xss-protection 0 server sffe etag "5fa0b581892e5d76" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 09 Oct 2024 17:13:50 GMT
GET H2	200	amp-form-0.1.mjs Show response cdn.ampproject.org/rtv/012309290141000/v0/ Frame 5FDC	40 KB 13 KB	179ms 157ms	Script text/javascript	172.217.13.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012309290141000/v0/amp-form-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f1.1e100.net Software sffe / Resource Hash 541344055050c46c93b77fddf2d7f018821eb38500e6fa795aa7883b16b934e6 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 10 Oct 2023 17:13:50 GMT age 77102 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12962 x-xss-protection 0 server sffe etag "f431afcc9b21c868" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 09 Oct 2024 17:13:50 GMT
GET H2	200	css fonts.googleapis.com/ Frame 5FDC	6 KB 779 B	97ms 49ms	Stylesheet text/css	2607:f8b0:4020:807::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 11 Oct 2023 14:38:51 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 11 Oct 2023 13:15:32 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 11 Oct 2023 14:38:51 GMT
GET H2	200	en.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5FDC	2 KB 3 KB	160ms 53ms	Image image/png	172.217.13.129 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/en.png Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s05-in-f1.1e100.net Software cafe / Resource Hash 36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 14:20:20 GMT x-content-type-options nosniff server cafe age 1111 etag 14819457070020093239 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2502 x-xss-protection 0 expires Thu, 12 Oct 2023 14:20:20 GMT
GET H2	200	icon.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5FDC	295 B 353 B	165ms 58ms	Image image/png	172.217.13.129 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078708 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s05-in-f1.1e100.net Software cafe / Resource Hash 7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 00:46:26 GMT x-content-type-options nosniff server cafe age 49945 etag 426692510519060060 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 295 x-xss-protection 0 expires Thu, 12 Oct 2023 00:46:26 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame E1A0	0 0	89ms 47ms	Image text/html	2607:f8b0:4020:805::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaTLQHV4-rD4i3tqyVPvdhV8VKhzXieiqtC2T7XtjcE-Bxu2iHafg-4B9rnwdL0WFB1w3uBWRp8fkajmyEJ4FJMKXerizQ Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:805::2004 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers
GET H2	204	l www.google.com/ads/measurement/ Frame B818	0 0	96ms 55ms	Image text/html	2607:f8b0:4020:805::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaR4RNyzT3vyCkWYbWAkCLdaipiMH5C932x2rJ9OhtnJtXGjiP1HYBdXM0ydvvf2eTQn9gFvPEP6UZiOUV0XzT4DZTgFoQ Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:805::2004 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers
GET H2	204	l www.google.com/ads/measurement/ Frame 4DC6	0 0	64ms 44ms	Image text/html	2607:f8b0:4020:805::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ9Ba8BEn3ITm0YQTola4npA4vS3OwiyKPrX78JHWz5dnAhZ81SraFUx5MLqkJMnQjBjkGpAzxqTHOWAgDh7OfsH8ihJQ Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:805::2004 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers
GET H2	204	l www.google.com/ads/measurement/ Frame B4EB	0 0	66ms 46ms	Image text/html	2607:f8b0:4020:805::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaShfAKfV5NN5DxxDDAgSByiTZD5My8XP4obdki_LU-NLt7WNM32Te2EHhgImitXJzFXv71qZFJJ6nGOvxwd28yW2F0EbQ Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:805::2004 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers
GET H2	204	l www.google.com/ads/measurement/ Frame 8F2A	0 0	64ms 45ms	Image text/html	2607:f8b0:4020:805::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaRPJCWTo-ZBRccbQlsI_dWCXCiEhX0yIwrZK5zmr8CwK6hRB8uN1xD8B57E_yglMkBar10Xu_TOrw76YARyXDbIlQNWbw Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:805::2004 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers
GET H2	204	l www.google.com/ads/measurement/ Frame 8BD1	0 0	49ms 48ms	Image text/html	2607:f8b0:4020:805::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaTcIEhUes4sjJofZtYt3lpJb_uVNLeMB6izz5Z9PVmSLPwhi0TaxpnpL7oTCS6_N5VHKMUDnmCrj4q138EfoGjQlDEmNA Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:805::2004 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers
GET H2	204	l www.google.com/ads/measurement/ Frame 5FDC	0 0	48ms 47ms	Image text/html	2607:f8b0:4020:805::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQBRG1R5emmdzH-TSajx3yAZuuVZher8C7BT4f0r-JP6LdGkB9Zacs0gNmJstZ_2JmiFC5lssdupFma0ntr5ZYTzVrB6g Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:805::2004 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers
GET H2	200	2076313506083323656 tpc.googlesyndication.com/simgad/15358950557197866989/ Frame E1A0	26 KB 26 KB	151ms 17ms	Image image/jpeg	172.217.13.129 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/15358950557197866989/2076313506083323656 Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s05-in-f1.1e100.net Software sffe / Resource Hash 86e51ee95d7c66ee0154158e19c3c775d7adcac3a28e71d7b001b26e19a79184 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 22:40:48 GMT x-content-type-options nosniff age 57483 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 26310 x-xss-protection 0 last-modified Wed, 27 Sep 2023 11:15:54 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Wed, 09 Oct 2024 22:40:48 GMT
GET DATA	200 OK	truncated / Frame E1A0	218 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3140fd4b978282822081fd4e7fd1de6d3db7081876eb21082644104810c5c86f Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame E1A0	215 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 47521b789085e8ed27c763a0616463f0128892f86faed2ab9a9eced54d71f4d0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Content-Type image/png
GET H2	200	2076313506083323656 tpc.googlesyndication.com/simgad/3929221754422570962/ Frame 4DC6	31 KB 31 KB	185ms 63ms	Image image/jpeg	172.217.13.129 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/3929221754422570962/2076313506083323656 Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s05-in-f1.1e100.net Software sffe / Resource Hash 1ee37dd36da0179afdd8267bc3cc2e1de44858c279127f2342e57b12e56101c5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Thu, 05 Oct 2023 20:40:08 GMT x-content-type-options nosniff age 496723 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31568 x-xss-protection 0 last-modified Tue, 15 Aug 2023 07:08:39 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Fri, 04 Oct 2024 20:40:08 GMT
GET DATA	200 OK	truncated / Frame 4DC6	219 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 17d21dbb95943d0011ff65e881e5258bbd5439bb499c43a80cb6e9b1316a43ed Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 4DC6	217 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash eb4346686905ed50ffd873d91183fc15808bf9279192a34e105cf8df5dbc8b5e Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Content-Type image/png
GET H2	200	2076313506083323656 tpc.googlesyndication.com/simgad/8089751959290879301/ Frame B4EB	37 KB 37 KB	206ms 88ms	Image image/jpeg	172.217.13.129 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/8089751959290879301/2076313506083323656 Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s05-in-f1.1e100.net Software sffe / Resource Hash d5d1e92ac67f13845854fd0743b41ce78189d88aad054b5225c8747fbe9941a0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 14:38:51 GMT x-content-type-options nosniff age 1 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 37963 x-xss-protection 0 last-modified Tue, 19 Sep 2023 14:27:32 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Thu, 10 Oct 2024 14:38:51 GMT
GET DATA	200 OK	truncated / Frame B4EB	218 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d9117daa3b4508b4eaaabe330cba27d081ade2f9803660970146008f8dbc5d84 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame B4EB	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7501f5f47263b97c97c8b6299fead668eba76469c612972285b7844685f1027d Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Content-Type image/png
GET H2	200	2076313506083323656 tpc.googlesyndication.com/simgad/8089751959290879301/ Frame 8F2A	37 KB 37 KB	187ms 74ms	Image image/jpeg	172.217.13.129 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/8089751959290879301/2076313506083323656 Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s05-in-f1.1e100.net Software sffe / Resource Hash d5d1e92ac67f13845854fd0743b41ce78189d88aad054b5225c8747fbe9941a0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 14:38:51 GMT x-content-type-options nosniff x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 37963 x-xss-protection 0 last-modified Tue, 19 Sep 2023 14:27:32 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Thu, 10 Oct 2024 14:38:51 GMT
GET DATA	200 OK	truncated / Frame 8F2A	218 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d9117daa3b4508b4eaaabe330cba27d081ade2f9803660970146008f8dbc5d84 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 8F2A	218 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash eace4b8505e9274c66e3715bb02751db94bacf52d89b04f7a3f8dddbb90ecd65 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Content-Type image/png
GET H2	200	2076313506083323656 tpc.googlesyndication.com/simgad/8089751959290879301/ Frame 8BD1	37 KB 37 KB	189ms 79ms	Image image/jpeg	172.217.13.129 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/8089751959290879301/2076313506083323656 Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s05-in-f1.1e100.net Software sffe / Resource Hash d5d1e92ac67f13845854fd0743b41ce78189d88aad054b5225c8747fbe9941a0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 14:38:51 GMT x-content-type-options nosniff age 1 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 37963 x-xss-protection 0 last-modified Tue, 19 Sep 2023 14:27:32 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Thu, 10 Oct 2024 14:38:51 GMT
GET DATA	200 OK	truncated / Frame 8BD1	218 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d9117daa3b4508b4eaaabe330cba27d081ade2f9803660970146008f8dbc5d84 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 8BD1	219 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7f68de14f29f6e41ea81d2bacd36e4654852f2a55daa3182e7ad5f75c723a774 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Content-Type image/png
GET H2	200	2076313506083323656 tpc.googlesyndication.com/simgad/8089751959290879301/ Frame 5FDC	37 KB 37 KB	194ms 87ms	Image image/jpeg	172.217.13.129 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/8089751959290879301/2076313506083323656 Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s05-in-f1.1e100.net Software sffe / Resource Hash d5d1e92ac67f13845854fd0743b41ce78189d88aad054b5225c8747fbe9941a0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 14:38:51 GMT x-content-type-options nosniff age 1 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 37963 x-xss-protection 0 last-modified Tue, 19 Sep 2023 14:27:32 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Thu, 10 Oct 2024 14:38:51 GMT
GET DATA	200 OK	truncated / Frame 5FDC	218 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d9117daa3b4508b4eaaabe330cba27d081ade2f9803660970146008f8dbc5d84 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 5FDC	218 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9581957c60b199a260fa261481aeb96f406c125a04d0bd4305e3b1b86a3923f8 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	tbl Show response in.treasuredata.com/js/v3/event/dtb/	89 B 559 B	95ms 19ms	Script application/javascript	52.6.128.240 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://in.treasuredata.com/js/v3/event/dtb/tbl?api_key=&modified=1697035131873&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJ0ZF92ZXJzaW9uIjoiMi4zLjAiLCJ0ZF9jbGllbnRfaWQiOiIyZjgzNGZkNC1lZGNkLTQ1ZTYtODAyMi1iN2ZhMDMyZDczZDQiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoiKDPjg5rjg7zjgrjnm64pIOOCouOCpuODiOODieOCouOAjOaEj%2BWRs%2BOBjOWIhuOBi%2BOCi%2BOBqOaAluOBhOOAjeepuuOBruWGmeecn%2BOAjOeZu%2BWxseODu%2BOCreODo%2BODs%2BODl%2BODu%2BmHo%2BOCiuOAjeS4gOimi%2BOBmeOCi%2BOBqOaZrumAmuOBp%2BOCguKApuKApuOAjOacrOW9k%2BOBq%2BWNseOBquOBhOWFhuWAmeOAje%2B9nOeZu%2BWxse%2B9nOODi%2BODpeODvOOCue%2B9nEJSQVZPIE1PVU5UQUlOIiwidGRfZGVzY3JpcHRpb24iOiIoM%2BODmuODvOOCuOebrikg55m75bGx44KE44Kt44Oj44Oz44OX44Gq44Gp44CB44Ki44Km44OI44OJ44Ki44KS5pel6aCD44GL44KJ5qW944GX44KT44Gn44GE44KL44Go44CB56qB54S244Gu6LGq6Zuo44Gr6KWy44KP44KM44Gf57WM6aiT44GM44GC44KL44Gu44Gn44Gv44Gq44GE44Gg44KN44GG44GL44CC44CA5aSp5rCX44Gu6KaL5qW144KB44Gv6Zuj44GX44GP44CB57W25aW944Gu44GK5Ye644GL44GR5pel5ZKM44Gr6KaL44GI44Gm44KC44CB56qB54S244Gu6Zu36Zuo44Gr6KWy44KP44KM44KL44Gu44Gv44Ki44Km44OI44OJ44Ki5aW944GN44GC44KL44GC44KL44Gg44CC44GX44GL44GX44CB5Ye644GX5oqc44GR44Gu6Zu36Zuo44Gr6KaL44GI4oCmIiwidGRfdXJsIjoiaHR0cHM6Ly9haG0xMXh0ci5waWNzLyIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE3LjAuNTkzOC4xNDkgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiV2luMzIiLCJ0ZF9ob3N0IjoiYWhtMTF4dHIucGljcyIsInRkX3BhdGgiOiIvIiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9pcCI6InRkX2lwIiwidGRfYnJvd3NlciI6InRkX2Jyb3dzZXIiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiJ0ZF9icm93c2VyX3ZlcnNpb24iLCJ0ZF9vcyI6InRkX29zIiwidGRfb3NfdmVyc2lvbiI6InRkX29zX3ZlcnNpb24ifQ%3D%3D&callback=TreasureJSONPCallback0 Requested by Host: cdn.kitchen.juicer.cc URL: https://cdn.kitchen.juicer.cc/scripts/juicer-treasure/2.3.0/juicertreasure.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.6.128.240 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-6-128-240.compute-1.amazonaws.com Software / Resource Hash 3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers P3P CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p" Date Wed, 11 Oct 2023 14:38:51 GMT Strict-Transport-Security max-age=31536000 Cross-Origin-Resource-Policy cross-origin Connection keep-alive Content-Length 89 Content-Type application/javascript
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame E1A0	15 KB 16 KB	70ms 14ms	Font font/woff2	2607:f8b0:4020:804::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ahm11xtr.pics accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Fri, 06 Oct 2023 01:19:33 GMT x-content-type-options nosniff age 479958 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 05 Oct 2024 01:19:33 GMT
GET H2	200	KFOlCnqEu92Fr1MmSU5fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame E1A0	15 KB 15 KB	110ms 54ms	Font font/woff2	2607:f8b0:4020:804::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ahm11xtr.pics accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Fri, 06 Oct 2023 01:12:48 GMT x-content-type-options nosniff age 480363 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15740 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 05 Oct 2024 01:12:48 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 4DC6	15 KB 16 KB	51ms 26ms	Font font/woff2	2607:f8b0:4020:804::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ahm11xtr.pics accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Fri, 06 Oct 2023 01:19:33 GMT x-content-type-options nosniff age 479958 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 05 Oct 2024 01:19:33 GMT
GET H2	200	KFOlCnqEu92Fr1MmSU5fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 4DC6	15 KB 15 KB	74ms 50ms	Font font/woff2	2607:f8b0:4020:804::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ahm11xtr.pics accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Fri, 06 Oct 2023 01:12:48 GMT x-content-type-options nosniff age 480363 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15740 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 05 Oct 2024 01:12:48 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame B4EB	15 KB 16 KB	40ms 17ms	Font font/woff2	2607:f8b0:4020:804::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ahm11xtr.pics accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Fri, 06 Oct 2023 01:19:33 GMT x-content-type-options nosniff age 479958 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 05 Oct 2024 01:19:33 GMT
GET H2	200	KFOlCnqEu92Fr1MmSU5fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame B4EB	15 KB 15 KB	66ms 43ms	Font font/woff2	2607:f8b0:4020:804::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ahm11xtr.pics accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Fri, 06 Oct 2023 01:12:48 GMT x-content-type-options nosniff age 480363 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15740 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 05 Oct 2024 01:12:48 GMT
GET H2	200	nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2 fonts.gstatic.com/s/playfairdisplay/v36/ Frame A561	37 KB 37 KB	71ms 67ms	Font font/woff2	2607:f8b0:4020:804::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/playfairdisplay/v36/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Playfair%20Display%3A400%2C500%7CGoogle%20Sans%3A400%2C500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b06a5d272de6f4e0ba3f8db8338da394f8716987f7a7e764a22b6e903c0f94cf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ahm11xtr.pics accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Fri, 06 Oct 2023 15:13:26 GMT x-content-type-options nosniff age 429925 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 37964 x-xss-protection 0 last-modified Thu, 24 Aug 2023 20:43:40 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 05 Oct 2024 15:13:26 GMT
GET H2	200	4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 fonts.gstatic.com/s/googlesans/v58/ Frame A561	33 KB 33 KB	33ms 31ms	Font font/woff2	2607:f8b0:4020:804::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Playfair%20Display%3A400%2C500%7CGoogle%20Sans%3A400%2C500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ahm11xtr.pics accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Thu, 05 Oct 2023 16:54:28 GMT x-content-type-options nosniff age 510263 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 34108 x-xss-protection 0 last-modified Tue, 23 May 2023 16:35:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 04 Oct 2024 16:54:28 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 8F2A	15 KB 16 KB	41ms 40ms	Font font/woff2	2607:f8b0:4020:804::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ahm11xtr.pics accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Fri, 06 Oct 2023 01:19:33 GMT x-content-type-options nosniff age 479958 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 05 Oct 2024 01:19:33 GMT
GET H2	200	KFOlCnqEu92Fr1MmSU5fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 8F2A	15 KB 15 KB	45ms 44ms	Font font/woff2	2607:f8b0:4020:804::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ahm11xtr.pics accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Fri, 06 Oct 2023 01:12:48 GMT x-content-type-options nosniff age 480363 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15740 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 05 Oct 2024 01:12:48 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 8BD1	15 KB 16 KB	67ms 57ms	Font font/woff2	2607:f8b0:4020:804::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ahm11xtr.pics accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Fri, 06 Oct 2023 01:19:33 GMT x-content-type-options nosniff age 479958 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 05 Oct 2024 01:19:33 GMT
GET H2	200	KFOlCnqEu92Fr1MmSU5fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 8BD1	15 KB 15 KB	67ms 58ms	Font font/woff2	2607:f8b0:4020:804::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ahm11xtr.pics accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Fri, 06 Oct 2023 01:12:48 GMT x-content-type-options nosniff age 480363 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15740 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 05 Oct 2024 01:12:48 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 5FDC	15 KB 16 KB	72ms 63ms	Font font/woff2	2607:f8b0:4020:804::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ahm11xtr.pics accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Fri, 06 Oct 2023 01:19:33 GMT x-content-type-options nosniff age 479958 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 05 Oct 2024 01:19:33 GMT
GET H2	200	KFOlCnqEu92Fr1MmSU5fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 5FDC	15 KB 15 KB	74ms 65ms	Font font/woff2	2607:f8b0:4020:804::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ahm11xtr.pics accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Fri, 06 Oct 2023 01:12:48 GMT x-content-type-options nosniff age 480363 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15740 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 05 Oct 2024 01:12:48 GMT
GET H2	200	publishertag.prebid.139.js Show response static.criteo.net/js/ld/	94 KB 30 KB	327ms 17ms	Script text/javascript	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.prebid.139.js Requested by Host: ads.rubiconproject.com URL: https://ads.rubiconproject.com/prebid/12162_bravo.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash 17882276150f09461415088bd161e0242ce0327673dc9233e11bf1f7cbe28762 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 14:38:52 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Tue, 11 Jul 2023 13:25:47 GMT server nginx etag W/"64ad585b-17893" content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Thu, 12 Oct 2023 14:38:52 GMT
GET H/1.1	200 OK	global_id Show response in.treasuredata.com/js/v3/	125 B 376 B	30ms 25ms	Script application/javascript	52.6.128.240 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://in.treasuredata.com/js/v3/global_id?callback=TreasureJSONPCallback1 Requested by Host: cdn.kitchen.juicer.cc URL: https://cdn.kitchen.juicer.cc/scripts/juicer-treasure/2.3.0/juicertreasure.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.6.128.240 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-6-128-240.compute-1.amazonaws.com Software / Resource Hash cf6b4e74f5a31ca3e79ec6fe553919973e4004f700523f0b201d58bee2af12ec Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Date Wed, 11 Oct 2023 14:38:52 GMT Content-Encoding gzip Strict-Transport-Security max-age=31536000 Cross-Origin-Resource-Policy cross-origin Connection keep-alive Content-Length 124 Content-Type application/javascript
GET H2	200	/ Show response kitchen.juicer.cc/activity/	2 KB 2 KB	258ms 258ms	XHR application/json	35.76.81.157 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://kitchen.juicer.cc/activity/?color=DfUBG/9gaEA=&jid=&uid=&sesid=&tdGlobalId=8e03bdf1-0c64-44ec-a1f7-5d0b0046b1bf&tdClientId=2f834fd4-edcd-45e6-8022-b7fa032d73d4&peachId=&siteId=243128&title=(3%E3%83%9A%E3%83%BC%E3%82%B8%E7%9B%AE)%20%E3%82%A2%E3%82%A6%E3%83%88%E3%83%89%E3%82%A2%E3%80%8C%E6%84%8F%E5%91%B3%E3%81%8C%E5%88%86%E3%81%8B%E3%82%8B%E3%81%A8%E6%80%96%E3%81%84%E3%80%8D%E7%A9%BA%E3%81%AE%E5%86%99%E7%9C%9F%E3%80%8C%E7%99%BB%E5%B1%B1%E3%83%BB%E3%82%AD%E3%83%A3%E3%83%B3%E3%83%97%E3%83%BB%E9%87%A3%E3%82%8A%E3%80%8D%E4%B8%80%E8%A6%8B%E3%81%99%E3%82%8B%E3%81%A8%E6%99%AE%E9%80%9A%E3%81%A7%E3%82%82%E2%80%A6%E2%80%A6%E3%80%8C%E6%9C%AC%E5%BD%93%E3%81%AB%E5%8D%B1%E3%81%AA%E3%81%84%E5%85%86%E5%80%99%E3%80%8D%EF%BD%9C%E7%99%BB%E5%B1%B1%EF%BD%9C%E3%83%8B%E3%83%A5%E3%83%BC%E3%82%B9%EF%BD%9CBRAVO%20MOUNTAIN&url=https%3A%2F%2Fahm11xtr.pics%2F&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.5938.149%20Safari%2F537.36&accessSource=&imUid= Requested by Host: kitchen.juicer.cc URL: https://kitchen.juicer.cc/core/?color=DfUBG/9gaEA=&version=2.2.9 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.76.81.157 Tokyo, Japan, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-76-81-157.ap-northeast-1.compute.amazonaws.com Software Apache/2.4.57 () OpenSSL/1.0.2k-fips / Resource Hash 3bf24a0cf4c3853137683e07dcf71f4b4ecaf9720fa111a7a420c499ab5ffb18 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 14:38:52 GMT strict-transport-security max-age=31536000 content-encoding gzip server Apache/2.4.57 () OpenSSL/1.0.2k-fips vary accept-encoding content-type application/json;charset=utf-8 access-control-allow-origin * cache-control no-cache="set-cookie" x-robots-tag noindex, nofollow expires Sat, 26 Jul 1997 05:00:00 GMT
POST H2	204	event Show response prebid-a.rubiconproject.com/	0 125 B	31ms 21ms	Fetch	34.225.151.44 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://prebid-a.rubiconproject.com/event Requested by Host: ads.rubiconproject.com URL: https://ads.rubiconproject.com/prebid/12162_bravo.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.225.151.44 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-225-151-44.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ahm11xtr.pics/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 content-type application/json Response headers access-control-allow-origin * date Wed, 11 Oct 2023 14:38:52 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers
OPTIONS H2	200	event prebid-a.rubiconproject.com/ Frame	0 0	252ms 0ms	Preflight	34.225.151.44 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://prebid-a.rubiconproject.com/event Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.225.151.44 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-225-151-44.compute-1.amazonaws.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://ahm11xtr.pics Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers access-control-allow-headers content-type access-control-allow-methods POST access-control-allow-origin * access-control-max-age 1800 allow GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH content-length 0 date Wed, 11 Oct 2023 14:38:52 GMT vary Origin Access-Control-Request-Method Access-Control-Request-Headers
GET H2	200	1x1.gif bravo-m.ismcdn.jp/common/bravo-m/images/	43 B 219 B	15ms 15ms	Image image/gif	23.40.179.8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://bravo-m.ismcdn.jp/common/bravo-m/images/1x1.gif Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.40.179.8 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-40-179-8.deploy.static.akamaitechnologies.com Software Akamai Image Manager / Resource Hash b1efbaeb8c5ce34e2c6a6492d7aad07daeadfe3e2b4f2360a12bbd756ec23067 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 14:38:52 GMT strict-transport-security max-age=31536000 last-modified Wed, 08 Sep 2021 06:07:52 GMT server Akamai Image Manager content-type image/gif cache-control private, no-transform, max-age=1826656 content-length 43 expires Wed, 01 Nov 2023 18:03:08 GMT
GET H2	200	arrow-w.svg bravo-m.ismcdn.jp/common/bravo-m/images/	269 B 423 B	23ms 23ms	Image image/svg+xml	23.40.179.8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://bravo-m.ismcdn.jp/common/bravo-m/images/arrow-w.svg Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.40.179.8 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-40-179-8.deploy.static.akamaitechnologies.com Software / Resource Hash a7c8a846c6759b882e95b1005b4ffd9201eeba2ae5bb48de360d58048fc674f7 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-cache-ttl 900.000 date Wed, 11 Oct 2023 14:38:52 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Mon, 15 Feb 2021 12:38:23 GMT vary Accept-Encoding content-type image/svg+xml cache-control max-age=2364295 accept-ranges bytes content-length 234 expires Tue, 07 Nov 2023 23:23:47 GMT
GET H2	200	logo.svg bravo-m.ismcdn.jp/common/images/icons/	13 KB 10 KB	23ms 20ms	Image image/svg+xml	23.40.179.8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://bravo-m.ismcdn.jp/common/images/icons/logo.svg Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.40.179.8 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-40-179-8.deploy.static.akamaitechnologies.com Software / Resource Hash 3e3d406b3427a99d78dcf63fa1d55a0bd832620b02f9a3e427356460b198fbc8 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-cache-ttl 900.000 date Wed, 11 Oct 2023 14:38:52 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Thu, 01 Apr 2021 02:38:22 GMT vary Accept-Encoding content-type image/svg+xml cache-control max-age=1587532 accept-ranges bytes content-length 10005 expires Sun, 29 Oct 2023 23:37:44 GMT
GET H2	200	fb-w.svg bravo-m.ismcdn.jp/common/bravo-m/images/	326 B 467 B	12ms 10ms	Image image/svg+xml	23.40.179.8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://bravo-m.ismcdn.jp/common/bravo-m/images/fb-w.svg Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.40.179.8 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-40-179-8.deploy.static.akamaitechnologies.com Software / Resource Hash 960eb62509087c8348b640e00bc6253a0c322470eaf644d8fb91f6660d9533ec Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-cache-ttl 900.000 date Wed, 11 Oct 2023 14:38:52 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Mon, 15 Feb 2021 12:38:23 GMT vary Accept-Encoding content-type image/svg+xml cache-control max-age=1600285 accept-ranges bytes content-length 278 expires Mon, 30 Oct 2023 03:10:17 GMT
GET H2	200	tw-w.svg bravo-m.ismcdn.jp/common/bravo-m/images/	596 B 560 B	13ms 10ms	Image image/svg+xml	23.40.179.8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://bravo-m.ismcdn.jp/common/bravo-m/images/tw-w.svg Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.40.179.8 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-40-179-8.deploy.static.akamaitechnologies.com Software / Resource Hash 03091625cb324d9b6f25c11e6c1b4852931a59cc6a01e9842609119c00c26739 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-cache-ttl 900.000 date Wed, 11 Oct 2023 14:38:52 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Mon, 15 Feb 2021 12:38:23 GMT vary Accept-Encoding content-type image/svg+xml cache-control max-age=942418 accept-ranges bytes content-length 372 expires Sun, 22 Oct 2023 12:25:50 GMT
GET H2	200	insta-w.svg bravo-m.ismcdn.jp/common/bravo-m/images/	937 B 713 B	24ms 21ms	Image image/svg+xml	23.40.179.8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://bravo-m.ismcdn.jp/common/bravo-m/images/insta-w.svg Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.40.179.8 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-40-179-8.deploy.static.akamaitechnologies.com Software / Resource Hash 56a97b920e4e39220d9f33c3b18fccc1d5971dfe7a538420fb7bd86ba0f863be Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-cache-ttl 900.000 date Wed, 11 Oct 2023 14:38:52 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Mon, 15 Feb 2021 12:38:23 GMT vary Accept-Encoding content-type image/svg+xml cache-control max-age=2114505 accept-ranges bytes content-length 524 expires Sun, 05 Nov 2023 02:00:37 GMT
GET H2	200	polyfill.min.js Show response polyfill.io/v3/	101 B 489 B	70ms 22ms	Script text/javascript	2a04:4e42:800::282 FASTLY
General Check archive.org Show headers Download Go to Full URL https://polyfill.io/v3/polyfill.min.js?features=Object.assign%2CIntersectionObserver Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:800::282 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubdomains; preload content-encoding gzip x-content-type-options nosniff referrer-policy origin-when-cross-origin date Wed, 11 Oct 2023 14:38:52 GMT age 44 detected-user-agent Chrome/117.0.0 vary User-Agent, Accept-Encoding normalized-user-agent chrome/117.0.0 content-type text/javascript; charset=UTF-8 server-timing HIT-CLUSTER, fastly;desc="Edge time";dur=1 accept-ranges bytes timing-allow-origin * alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 113
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.5.1/	87 KB 31 KB	106ms 0ms	Script text/javascript	2607:f8b0:4020:804::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:804::200a Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Thu, 05 Oct 2023 16:54:27 GMT content-encoding gzip x-content-type-options nosniff age 510265 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31021 x-xss-protection 0 last-modified Fri, 08 May 2020 07:05:03 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Fri, 04 Oct 2024 16:54:27 GMT
GET H2	200	ofi.min.js Show response bravo-m.ismcdn.jp/resources/bravo-m/js/lib/	3 KB 2 KB	13ms 7ms	Script application/x-javascript	23.40.179.8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://bravo-m.ismcdn.jp/resources/bravo-m/js/lib/ofi.min.js Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.40.179.8 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-40-179-8.deploy.static.akamaitechnologies.com Software / Resource Hash a33b9cb7be6394bbbb02202baae100cf6d2e1ecb0121411da04fabcfcbfb2ed8 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-cache-ttl 7200.000 date Wed, 11 Oct 2023 14:38:52 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000 last-modified Fri, 02 Apr 2021 04:10:07 GMT x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/x-javascript; charset=utf-8 cache-control max-age=46232 accept-ranges bytes content-length 1428 x-xss-protection 1; mode=block x-request-id 143eb196-9cf8-4752-baa7-a44abe29d12c
GET H2	200	lozad.min.js Show response bravo-m.ismcdn.jp/resources/bravo-m/js/lib/	3 KB 2 KB	22ms 16ms	Script application/x-javascript	23.40.179.8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://bravo-m.ismcdn.jp/resources/bravo-m/js/lib/lozad.min.js Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.40.179.8 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-40-179-8.deploy.static.akamaitechnologies.com Software / Resource Hash 3c8dd690d8a33d3f48545cf5bdf155061efb7e95b5054f24cf6b891302e2e2ea Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-cache-ttl 7200.000 date Wed, 11 Oct 2023 14:38:52 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000 last-modified Fri, 05 Feb 2021 08:52:42 GMT x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/x-javascript; charset=utf-8 cache-control max-age=52183 accept-ranges bytes content-length 1421 x-xss-protection 1; mode=block x-request-id dbebce39-cd97-4e85-970c-1e4769ed591b
GET H2	200	slick.min.js Show response bravo-m.ismcdn.jp/resources/bravo-m/js/lib/	42 KB 10 KB	15ms 9ms	Script application/x-javascript	23.40.179.8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://bravo-m.ismcdn.jp/resources/bravo-m/js/lib/slick.min.js Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.40.179.8 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-40-179-8.deploy.static.akamaitechnologies.com Software / Resource Hash 27bebe78e3b6a4b1664dd4fa83a8cd0187f051631a06248fefa3ef3991a5a92a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-cache-ttl 7200.000 date Wed, 11 Oct 2023 14:38:52 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000 last-modified Fri, 19 Feb 2021 02:08:40 GMT x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/x-javascript; charset=utf-8 cache-control max-age=52256 accept-ranges bytes content-length 10430 x-xss-protection 1; mode=block x-request-id 11d16692-ffbf-49e8-9c33-1e1c5992195b
GET H2	200	tools.js Show response bravo-m.ismcdn.jp/resources/bravo-m/js/common/	860 B 756 B	20ms 14ms	Script application/x-javascript	23.40.179.8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://bravo-m.ismcdn.jp/resources/bravo-m/js/common/tools.js?rd=202309261846 Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.40.179.8 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-40-179-8.deploy.static.akamaitechnologies.com Software / Resource Hash 71dd2e7acef7e282793d01dcdd18c6e935ac0f400e49e94b6f6637a79da71af5 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-cache-ttl 7200.000 date Wed, 11 Oct 2023 14:38:52 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000 last-modified Thu, 25 Mar 2021 09:19:55 GMT x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/x-javascript; charset=utf-8 cache-control max-age=46919 accept-ranges bytes content-length 464 x-xss-protection 1; mode=block x-request-id 54159b23-99d1-4432-8785-4b32276c9f39
GET H2	200	leafs.js Show response bravo-m.ismcdn.jp/resources/bravo-m/js/pc/	3 KB 1 KB	21ms 15ms	Script application/x-javascript	23.40.179.8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://bravo-m.ismcdn.jp/resources/bravo-m/js/pc/leafs.js?rd=202309261846 Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.40.179.8 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-40-179-8.deploy.static.akamaitechnologies.com Software / Resource Hash 12c78cfcbd44246501cb3af3691f0e9d547937ab25c9be41886941dcb7eb4d82 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-cache-ttl 7200.000 date Wed, 11 Oct 2023 14:38:52 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000 last-modified Tue, 21 Dec 2021 07:51:31 GMT x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/x-javascript; charset=utf-8 cache-control max-age=49724 accept-ranges bytes content-length 939 x-xss-protection 1; mode=block x-request-id 3349a38e-1ac3-4412-91a4-8e96e30302e5
GET H2	200	lsync.js Show response ahm11xtr.pics/ah/7/oo/futaba/	1 KB 966 B	585ms 579ms	Script application/javascript	2606:4700:3033::6815:25af CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ahm11xtr.pics/ah/7/oo/futaba/lsync.js Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:25af , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2ec573f21fef86d447a094a0bcdbe154ac19bb5077b597a7a7f83b9bc835a6f4 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 14:38:53 GMT content-encoding br cf-cache-status MISS last-modified Thu, 10 Dec 2020 15:13:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"5fd23b08-53f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gfyN148T12qXL100lZaS2LVnq3pV9cXakHDBMPSI5lGUE483WGHHlfEb%2BzX19m2tZpfi8GdQRG0BEpTZ246HkEb6M%2BwBpSYO9S3sM7xuyoISp%2BZP6JeFFMjoELz0WCMQ752Z1BJ6MECJBHle"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=315360000 cf-ray 8147d96a7befc325-EWR alt-svc h3=":443"; ma=86400 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	publishertag.prebid.139.js Show response static.criteo.net/js/ld/	94 KB 30 KB	45ms 18ms	XHR text/javascript	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.prebid.139.js Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash 17882276150f09461415088bd161e0242ce0327673dc9233e11bf1f7cbe28762 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 14:38:52 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Tue, 11 Jul 2023 13:25:47 GMT server nginx etag W/"64ad585b-17893" content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Thu, 12 Oct 2023 14:38:52 GMT
GET H2	200	/ Show response kitchen.juicer.cc/activity/set/	2 B 381 B	179ms 173ms	Script application/json	35.76.81.157 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://kitchen.juicer.cc/activity/set/?color=DfUBG/9gaEA=&peachId=ae13dfa6-7688-4c6b-89ce-c3932b5760ef&version=2.2.9 Requested by Host: kitchen.juicer.cc URL: https://kitchen.juicer.cc/core/?color=DfUBG/9gaEA=&version=2.2.9 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.76.81.157 Tokyo, Japan, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-76-81-157.ap-northeast-1.compute.amazonaws.com Software Apache/2.4.57 () OpenSSL/1.0.2k-fips / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 14:38:52 GMT strict-transport-security max-age=31536000 server Apache/2.4.57 () OpenSSL/1.0.2k-fips content-type application/json;charset=utf-8 access-control-allow-origin * cache-control no-cache="set-cookie" x-robots-tag noindex, nofollow content-length 2 expires Sat, 26 Jul 1997 05:00:00 GMT
GET H/1.1	200 OK	juicertag_first_logs Show response in.treasuredata.com/js/v3/event/juicer/	89 B 559 B	17ms 12ms	Script application/javascript	52.6.128.240 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://in.treasuredata.com/js/v3/event/juicer/juicertag_first_logs?api_key=8318%2Fc581f430f34edc4f65d24732a5629e31f04d19e4&modified=1697035132769&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJhY2Nlc3Nfc291cmNlIjoiIiwiYWNpZCI6IiIsImFnZSI6NTQsImFyZWEiOiIiLCJjZWYiOjEsImNsaWVudF9zdGF0dXMiOiIiLCJldGFnIjoiIiwiaXBfYXBpX3R5cGUiOiIiLCJpcHVhX21peF9pZF9tZDUiOiI0OGU3MWY0NWE2NjhhMmEyZGUwN2NjODc5MjMzNDBmYyIsImlwdWFfbWl4X2lkX3NoYTI1NiI6IjQ4NTVmYzMwYjM5YzYwNWU2MTIwYzI4MWZjYzE1NTM5ZGY2MDYzNmViY2M3NmNkNDM2OGI5MjBhMjZkOGE5NDMiLCJqZHVmIjoiIiwiamlkIjoic3JuOnNtb29vdGhpZWFwaTp1c2VyY2FyZDpqdWljZXI6ZjAwNTIxYzQtNjQyZi00MjQ1LWFlYzctYzc4MjUzZjVjMGEzIiwibGluayI6IiIsIm1sX3R5cGUiOjEsImxiY19pcCI6IiIsIm9yZ19uYW1lIjoiIiwib3JnX25hbWVfb3JpZ2luYWwiOiIiLCJwZWFjaF9pZCI6ImFlMTNkZmE2LTc2ODgtNGM2Yi04OWNlLWMzOTMyYjU3NjBlZiIsInBsYWNlX2NpdHkiOiIiLCJwbGFjZV9jaXR5X2lkIjoiIiwicGxhY2VfcHJlZiI6IiIsInBsYWNlX3ByZWZfaWQiOiIiLCJwaWFpZCI6IjBlNzM1ZmZmLWI5OTYtNDk5YS1hNjE1LTE1OTQyNDUzMGY3MF9iZmI4MWFmNC00M2M3LTRmOGYtOGUyYi05NWFiMDBlNmJiZGYiLCJwaWQiOiIiLCJzY2lkIjoiIiwic2VzaWQiOiIwZTczNWZmZi1iOTk2LTQ5OWEtYTYxNS0xNTk0MjQ1MzBmNzAiLCJzZXgiOjIsInNpZCI6MjQzMTI4LCJzdG9yYWdlX3R5cGUiOjIsInRlbXBlcmF0dXJlIjoiIiwidGVzdGlkIjoiIiwidWlkIjoiZjU3Zjk0OTEtYzRkYi00NDhlLTgwYzctZDYwYmY1YzZkNmEzIiwidXJsIjoiaHR0cHMlM0ElMkYlMkZhaG0xMXh0ci5waWNzJTJGIiwidnRzIjoiIiwid2VhdGhlciI6IiIsImltX3VpZCI6IiIsImNhcnJvdF9pZCI6IiIsImxvZ190eXBlIjoidHJhbiIsImFjdGlvbl90eXBlIjoidmlldyIsInRkX3ZlcnNpb24iOiIyLjMuMCIsInRkX2NsaWVudF9pZCI6IjJmODM0ZmQ0LWVkY2QtNDVlNi04MDIyLWI3ZmEwMzJkNzNkNCIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidGRfdGl0bGUiOiIoM%2BODmuODvOOCuOebrikg44Ki44Km44OI44OJ44Ki44CM5oSP5ZGz44GM5YiG44GL44KL44Go5oCW44GE44CN56m644Gu5YaZ55yf44CM55m75bGx44O744Kt44Oj44Oz44OX44O76Yej44KK44CN5LiA6KaL44GZ44KL44Go5pmu6YCa44Gn44KC4oCm4oCm44CM5pys5b2T44Gr5Y2x44Gq44GE5YWG5YCZ44CN772c55m75bGx772c44OL44Ol44O844K5772cQlJBVk8gTU9VTlRBSU4iLCJ0ZF9kZXNjcmlwdGlvbiI6Iigz44Oa44O844K455uuKSDnmbvlsbHjgoTjgq3jg6Pjg7Pjg5fjgarjganjgIHjgqLjgqbjg4jjg4njgqLjgpLml6XpoIPjgYvjgonmpb3jgZfjgpPjgafjgYTjgovjgajjgIHnqoHnhLbjga7osarpm6jjgavopbLjgo%2FjgozjgZ%2FntYzpqJPjgYzjgYLjgovjga7jgafjga%2FjgarjgYTjgaDjgo3jgYbjgYvjgILjgIDlpKnmsJfjga7opovmpbXjgoHjga%2Fpm6PjgZfjgY%2FjgIHntbblpb3jga7jgYrlh7rjgYvjgZHml6XlkozjgavopovjgYjjgabjgoLjgIHnqoHnhLbjga7pm7fpm6jjgavopbLjgo%2Fjgozjgovjga7jga%2FjgqLjgqbjg4jjg4njgqLlpb3jgY3jgYLjgovjgYLjgovjgaDjgILjgZfjgYvjgZfjgIHlh7rjgZfmipzjgZHjga7pm7fpm6jjgavopovjgYjigKYiLCJ0ZF91cmwiOiJodHRwczovL2FobTExeHRyLnBpY3MvIiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTcuMC41OTM4LjE0OSBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJXaW4zMiIsInRkX2hvc3QiOiJhaG0xMXh0ci5waWNzIiwidGRfcGF0aCI6Ii8iLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2lwIjoidGRfaXAiLCJ0ZF9icm93c2VyIjoidGRfYnJvd3NlciIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6InRkX2Jyb3dzZXJfdmVyc2lvbiIsInRkX29zIjoidGRfb3MiLCJ0ZF9vc192ZXJzaW9uIjoidGRfb3NfdmVyc2lvbiJ9&callback=TreasureJSONPCallback2 Requested by Host: cdn.kitchen.juicer.cc URL: https://cdn.kitchen.juicer.cc/scripts/juicer-treasure/2.3.0/juicertreasure.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.6.128.240 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-6-128-240.compute-1.amazonaws.com Software / Resource Hash 84e80159fc0f0e914229e9916e1c85cb59b2a6af77d53d6b528bf464ef9aeb3b Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers P3P CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p" Date Wed, 11 Oct 2023 14:38:52 GMT Strict-Transport-Security max-age=31536000 Cross-Origin-Resource-Policy cross-origin Connection keep-alive Content-Length 89 Content-Type application/javascript
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame A561	0 0	87ms 86ms	Image text/html	2607:f8b0:4020:807::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=C-RbAerMmZbirL5yuoPwP5uWd2A-7s8u5c_LY6ejyEbHSgbznAhABIPyBmJIBYMnGqYvApNgPoAHhpo_cKMgBCeACAKgDAcgDCqoEngJP0Es0__tucQ7MzJDDmUNN3fsV1zhbnrunzrhN6_144cNJXesbFqphZFO7PKDlrqaAKOAgVV8PgaycZcHVjxuRcoO0DZhelAB0X3GVRCcLilQkTF_thv9kU93r9KSb9oGD68HzAginEL4uiuwmsdipYdvOq_B8VeayybGtET6HbR6CscnwTKF8ywcBpnElEZv7w0dsig4HDYRfLC1dItKkpk9lirDlSYK2TRxO0wK2u1PzPo-V4Te6GMfz9trw8wD7a1PcwA5Sl7toWM9Z87MZoonT7Jgx1h1mtNaCbZM-BV1v6U-KAaQzBBsYQmt3b4fFTRA3Ofy6hWQQPWlHEhbTujqNxk25W4icv64HsCT4hlB4JVy0rzuIKabyZRyXwASS7K62xATgBAGIBbfiuKlMkgUECAQYAZIFBAgFGASgBi6AB-KvgrgEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ760N0ggUCIBhEAEYHTICigI6AoBASL39wTqaCbsCaHR0cHM6Ly9pbXByb3ZlZGV4cGVyaWVuY2VzLmNvbS93b3JrLWxpZmUvbmF2aWdhdGluZy1zdWNjZXNzLXdpdGgtYWdlbmN5LWNsaWVudC1tYW5hZ2VtZW50LXNvZnR3YXJlP2Ffc3ViaWQ9Y2NfMDI5JmFfY2lkPTQ4MTcmYV9mZWVkPXJzb2MmYV92Yz0zMSZocD0xJmNhbXBhaWduaWQ9MjA0ODgwMDc5OTEmZGV2aWNlPWMma2V5d29yZD0mc291cmNlPWdvb2dsZSZhZGdyb3VwaWQ9MTU1ODA2NTc4MTk0JmNyZWF0aXZlPTY3MTI5MzE4NTk5NyZwbGFjZW1lbnQ9YWhtMTF4dHIucGljcyZsb2NfcGh5c2ljYWxfbXM9OTA2NzYwOSZsb2NfaW50ZXJlc3RfbXM9gAoDyAsB2gwQCgoQ0OLoh7np1cUFEgIBA-INEwjn_I3BnO6BAxUcF4gJHeZyB_vYEwyIFAHQFQGAFwGyFx4KHAgAEhRwdWItMzYyMjE5MzI5MzUyNTQ2NhjAhWw&sigh=3Nm7Log-iG8&uach_m=[]&ase=2&nis=5&cid=CAQSPADICaaNxzuikVGBiD4ACsw7PQUXI21Un4GZlNgNsVWZ9PNDuF-XO_BbAh-wvWZ3eOW1stvq5XWTkZylgxgB&template_id=5000&cbvp=2 Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame E1A0	0 0	89ms 88ms	Image text/html	2607:f8b0:4020:807::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CsPIierMmZbmrL5yuoPwP5uWd2A-896jCc9rlrNOnEezDtauuARABIPyBmJIBYMnGqYvApNgPoAGK1OqwAsgBCeACAKgDAcgDCqoEowJP0Lv81530bWPNuTTMY1_59OO0JNXZPchfBDv-yWNr017aaK9Vt2Yy-9pUHSwxrEYNEdFblvq3zFFrAmPX2BLNFL31KOJENu0kjkGhcpabnejneEvRCayh85eoTGygoTF-yG4CSo0e6dJK1Cu4Fyqvp7Ap6uauMq52xmJ8V2HZuwy7uyRMkc08rQW_bOLoD8b_XOwF_KM6-W3vETnDDX8vYZpde7nRMpJcTKxr7_fO3H-fW9W8n_Oy6xOlaOZCSk5NApOed2vSrfKib3bGAR9nZ0ggKS_1ZDp5qWdDz1mcsYLZ8l9OGLlARSfzd0cc0oYoKscr02c4-7kQhcw_mtsdUWfscuV75KsPWsyJvr2VXGgngRT0Wx5Yrj491soiF3CqowPABKWbtZ-8BOAEAYgFv5WF20ySBQQIBBgBkgUECAUYBKAGLoAHn4Sh7QSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCuyQTSCBQIgGEQARgdMgKKAjoCgEBIvf3BOpoJ4gFodHRwczovL3NiaXRlLmNvL2FydGljbGUvMTQ1Mj8mdXRtX3Rlcm09UHVibGljK0hlYWx0aCtNYXN0ZXJzK0RlZ3JlZSxDb21tdW5pdHkrSGVhbHRoK01hc3RlcnMrRGVncmVlLEVudmlyb25tZW50YWwrSGVhbHRoK01hc3RlcnMrRGVncmVlLEhlYWx0aCtNYW5hZ2VtZW50K01hc3RlcnMrRGVncmVlLEJpb3N0YXRpc3RpY3MrTWFzdGVycytEZWdyZWUsRXBpZGVtaW9sb2d5K01hc3RlcnMrRGVncmVlgAoDyAsB2gwRCgsQ8JDO5vrH2vjeARICAQPiDRMI6PyNwZzugQMVHBeICR3mcgf7uBPkA9gTDdAVAYAXAbIXHgocCAASFHB1Yi0zNjIyMTkzMjkzNTI1NDY2GMCFbA&sigh=BPVJo5XZ41g&uach_m=[]&ase=2&nis=5&cid=CAQSPADICaaNxzuikVGBiD4ACsw7PQUXI21Un4GZlNgNsVWZ9PNDuF-XO_BbAh-wvWZ3eOW1stvq5XWTkZylgxgB&template_id=484&cbvp=2 Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame B818	0 0	89ms 88ms	Image text/html	2607:f8b0:4020:807::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=ChktkerMmZbqrL5yuoPwP5uWd2A-ykdm9c66-4tbaEdLh0uCyARABIPyBmJIBYMnGqYvApNgPoAHZkqidKsgBAakCICezlv7FsT7gAgCoAwHIAwiqBJ8CT9Dz2srK36gK131SV8pz6Ypn6k25RPJ1PBe2NdSYCYbkPiR4e8jsp6iz2B_OosDcxuVKlk0LM6kwwOH1EdSDyLPch1KL1SkiWulbzMS5DdrD67ArK6humlcdh8IeDOhY0HgB_M3nv7edgyZUNlz2S4YBjYJ6L3T_bRL3JSvEmoOgn84OABOLTTDH-spBUVUrblozxUMlgFm1kfLtkR9jlthN0qJM5m917fRuEJUySOcBbQqyK5r1FU3v2wQMtZMemuB_sQ-BOMl5jED5_DAQXkx5Dm5iTDQsqbm7uTB9n04zFO-YndMfRQxnzzZfxT3rpqwDFKptMAf1RMVWYMuFotCbDUxdwNixNdL1ojHz2DkgzVvDOywJyKPKKQw6lKvABLXiz7-2BOAEAYgF_Oix0UySBQQIBBgBkgUECAUYBKAGAoAH0f76_ASoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCY6wXSCBQIgGEQARgdMgKKAjoCgEBIvf3BOpoJTmh0dHBzOi8vc2Vla2FuZHJlc29sdmUuY29tL2MvbGVnYWwvQmVzdC1IYW5keW1hbi1CdXNpbmVzcy1JbnN1cmFuY2UtR3VpZGUuaHRtbIAKA8gLAdoMEQoLEIDDorr01O6f1gESAgED4g0TCOn8jcGc7oEDFRwXiAkd5nIH-9gTDYgUAdAVAYAXAbIXHgocCAASFHB1Yi0zNjIyMTkzMjkzNTI1NDY2GMCFbA&sigh=xqXQgkhDbyQ&uach_m=[]&ase=2&nis=5&cid=CAQSPADICaaNxzuikVGBiD4ACsw7PQUXI21Un4GZlNgNsVWZ9PNDuF-XO_BbAh-wvWZ3eOW1stvq5XWTkZylgxgB&cbvp=2 Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame 4DC6	0 0	89ms 88ms	Image text/html	2607:f8b0:4020:807::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=C0YSqerMmZb2rL5yuoPwP5uWd2A-QoODAc9amv6XiEc2L6qnBARABIPyBmJIBYMnGqYvApNgPoAHI9MXGKcgBCakCwt9cXmnTeD7gAgCoAwHIAwqqBKYCT9DE6nVObPnvRU73D9Tv9C9JwMf2xy9-PxVujv5Ov-bwr_PK6RWWxb7B0IhjhE_kUj0_Ty3Ff3jryAirVGpDtC3FjUXkYchrq4bFBj-6DtDoEZ-beUSqA-29qFT87qzVWPZptLpBsUgX_JpxKvO7txzducZblYvRK8xaGcYS8yu2AitzHhbLWgEi8ypsWlfEMA-qZVwKxvK-UnV2vpegUy2Dg074gpiqEF-v-l9v3xcf9XJZuejan8JVsMEwZp4HvBcKJBl9SOMBr5W5mgvOm6peT87-LUZPQXj-kKMvdFKCOTeGQbkxCLu1ldveEJXwLFlICZ06lIKrb4-dCiUAd4E7AVCE7VAcJNMG88QOdMhD7FSn5NnrHLsoFyxz5mzqL6rslbUwwAS90buOtgTgBAGIBcWXjZpMkgUECAQYAZIFBAgFGASgBi6AB7TmrOQEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQj9oE0ggUCIBhEAEYHTICigI6AoBASL39wTqaCZoBaHR0cHM6Ly91cy5mb2JsdWUuY29tL2Rzcj9xPXByZW1pdW0lMjAmJTIwbHV4dXJ5JTIwc3V2JnJhYz1TZWFyY2glMjBmb3IlMjBwcmVtaXVtJTIwJiUyMGx1eHVyeSUyMHN1diZhc2lkPWZiX2NoMjMmbnc9ZCZkZT1jJmxwaWQ9OTA2NzYwOSZwdWI9YWhtMTF4dHIucGljc4AKA8gLAdoMEAoKENCM7synyrzpJxICAQPiDRMI7PyNwZzugQMVHBeICR3mcgf7uBPkA9gTDIgUA9AVAYAXAbIXHgocCAASFHB1Yi0zNjIyMTkzMjkzNTI1NDY2GMCFbA&sigh=SO8vK9zY0WU&uach_m=[]&ase=2&nis=5&cid=CAQSPADICaaNxzuikVGBiD4ACsw7PQUXI21Un4GZlNgNsVWZ9PNDuF-XO_BbAh-wvWZ3eOW1stvq5XWTkZylgxgB&template_id=484&cbvp=2 Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame B4EB	0 0	85ms 85ms	Image text/html	2607:f8b0:4020:807::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=Ctj4JerMmZb6rL5yuoPwP5uWd2A-ykdm9c66-4tbaEdLh0uCyARABIPyBmJIBYMnGqYvApNgPoAHZkqidKsgBCakCICezlv7FsT7gAgCoAwHIAwqqBKYCT9BmRKDULOG1xPF1qJhlbuklA5yANLGPSrXxFd__6wej61tzJozk6t7jzdvW-wuLuvJABhCi9JFpTfQxx31tVYfC93wMxtZOWKMec2WW6eYm7voT3lajU5XP3zXz6b6It7vV-Tx9Yk8HbSasbwPs2VDH7iNunVRu4IRoVO-9ZwBNm33RD9tclslNAdq-6bSxllatb7LRtX_bXlO80wLc_21ZM9th_irbdcE0kjzddBPc_e6NgPvm7LcUCZpYxhpNi3U3znxWjt6JOAuJ1Jq1ZqhcJdM87My5sW5LKMMExEIe8RpSLmzKqgQnvbjqz8ESfDv3GfmNr3GOdOz0gmomaW9rsh3yzEkRcfoFNf-7V1tK6XYO5dQKHR7ME7VY6AfTLtUYdKrcwAS14s-_tgTgBAGIBfzosdFMkgUECAQYAZIFBAgFGASgBi6AB9H--vwEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQhYML0ggUCIBhEAEYHTICigI6AoBASL39wTqaCU5odHRwczovL3NlZWthbmRyZXNvbHZlLmNvbS9jL2xlZ2FsL0Jlc3QtSGFuZHltYW4tQnVzaW5lc3MtSW5zdXJhbmNlLUd1aWRlLmh0bWyACgPICwHaDBAKChCwppqcs4eE3zYSAgED4g0TCO38jcGc7oEDFRwXiAkd5nIH-7gT5APYEw2IFAHQFQGAFwGyFx4KHAgAEhRwdWItMzYyMjE5MzI5MzUyNTQ2NhjAhWw&sigh=50GkkOZgd4E&uach_m=[]&ase=2&nis=5&cid=CAQSPADICaaNxzuikVGBiD4ACsw7PQUXI21Un4GZlNgNsVWZ9PNDuF-XO_BbAh-wvWZ3eOW1stvq5XWTkZylgxgB&template_id=484&cbvp=2 Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame 8F2A	0 0	91ms 90ms	Image text/html	2607:f8b0:4020:807::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=C7XoRerMmZb-rL5yuoPwP5uWd2A-ykdm9c66-4tbaEdLh0uCyARABIPyBmJIBYMnGqYvApNgPoAHZkqidKsgBCakCICezlv7FsT7gAgCoAwHIAwqqBKICT9C5eDJ_AeWHriFNG7I2u6WjOmynhlNxLpSD6pzSO82TiygzFcBPMpZDW3WfaKqOsUM2Gk5uhL83QryPS-_XYVXwgYck2012wG3GBsUbzrjFY8M2OgES6VUGy8V9jaL1VbPatN3t9WdaqVQniEzO1G37jIDIW2OlNiRknrsSueoEM4NhtV7ILI1xZjqkQhD8cybAaTU3tVvcvd-8vHcOdUeQfCX3nj1SlFexVaCt9Kxdc7WBh15i_JNAesB9h-r1JswP9odK0IB7GQaDTRDJwtXVTz3Apb4DvFcF7m1G43h9spztMpte-MFnC-OCwLvGn2ehsgGRvMNQzJvjHHjuFfpLNwOUhdOXsXvjdIIle0kG4zucGXE6-5IGBabEPt8SG4vABLXiz7-2BOAEAYgF_Oix0UySBQQIBBgBkgUECAUYBKAGLoAH0f76_ASoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDPiBfSCBQIgGEQARgdMgKKAjoCgEBIvf3BOpoJTmh0dHBzOi8vc2Vla2FuZHJlc29sdmUuY29tL2MvbGVnYWwvQmVzdC1IYW5keW1hbi1CdXNpbmVzcy1JbnN1cmFuY2UtR3VpZGUuaHRtbIAKA8gLAdoMEQoLEKDVwNXP-o7a_AESAgED4g0TCO78jcGc7oEDFRwXiAkd5nIH-7gT5APYEw2IFAHQFQGAFwGyFx4KHAgAEhRwdWItMzYyMjE5MzI5MzUyNTQ2NhjAhWw&sigh=cqR-RNwANSE&uach_m=[]&ase=2&nis=5&cid=CAQSPADICaaNxzuikVGBiD4ACsw7PQUXI21Un4GZlNgNsVWZ9PNDuF-XO_BbAh-wvWZ3eOW1stvq5XWTkZylgxgB&template_id=484&cbvp=2 Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame 8BD1	0 0	85ms 85ms	Image text/html	2607:f8b0:4020:807::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CrG-zerMmZcCrL5yuoPwP5uWd2A-ykdm9c66-4tbaEdLh0uCyARABIPyBmJIBYMnGqYvApNgPoAHZkqidKsgBCakCICezlv7FsT7gAgCoAwHIAwqqBKMCT9B6MgaWEuYSbcrp2f3v2xewgZW4stjsEVJeXAQRV9IxXSUxjkPgqZq2vn-ptckV7fOrtO3AAGt7haRsioD4DnmCnQiff8fVaQriXOytjOZcXD32kTzd9y3EFEgC8hG30RSvwbjoA09t0iKhqUJw4iEebrA18vErTbRDVbatdlRedeu8Ds_05wZmsWgWtg3PZy_bswONY0317TjsY_-y7Dsk2YbjhUh5POKKaKl15BcnjDf11wgCYa4jHipWGszpmb_99ks4JtLqg9lYDjuow531IlSyjCnWeXEJhqADs9sbY7tyfJ0K54OtjmUXb4GD7tk0pBEsjUmK_XckxFc4mQyqV1WT3EPHaAR_kyXFFq46Tk2CUGK3QOHHWdd4Sm-e6RnSwAS14s-_tgTgBAGIBfzosdFMkgUECAQYAZIFBAgFGASgBi6AB9H--vwEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ09MF0ggUCIBhEAEYHTICigI6AoBASL39wTqaCU5odHRwczovL3NlZWthbmRyZXNvbHZlLmNvbS9jL2xlZ2FsL0Jlc3QtSGFuZHltYW4tQnVzaW5lc3MtSW5zdXJhbmNlLUd1aWRlLmh0bWyACgPICwHaDBEKCxCgpMvs7ojkuesBEgIBA-INEwjv_I3BnO6BAxUcF4gJHeZyB_u4E-QD2BMNiBQB0BUBgBcBshceChwIABIUcHViLTM2MjIxOTMyOTM1MjU0NjYYwIVs&sigh=wqUTOHKarvk&uach_m=[]&ase=2&nis=5&cid=CAQSPADICaaNxzuikVGBiD4ACsw7PQUXI21Un4GZlNgNsVWZ9PNDuF-XO_BbAh-wvWZ3eOW1stvq5XWTkZylgxgB&template_id=484&cbvp=2 Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame 5FDC	0 0	93ms 88ms	Image text/html	2607:f8b0:4020:807::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=C-v5perMmZcGrL5yuoPwP5uWd2A-ykdm9c66-4tbaEdLh0uCyARABIPyBmJIBYMnGqYvApNgPoAHZkqidKsgBCakCICezlv7FsT7gAgCoAwHIAwqqBJ0CT9BZBwiHkq4cJZgTkfh6-JrsCZ9RY3h52kwfDv0SkPwD5EeYmBP4vJ0AIV22pcP60vZKgrZIys9nOUwXnaipXwdjv7y48RXptkYhUqjtAb-NkI5x0zmZ0QuhClQyVQEP45C8ggSY6Y52XNdiuVfpJKcuaq3jf86yv5os9UN8I3jyCM-46N85YheLKipo4moH0Pd4sk9PTadT77u7V2QgXW8gBei649Iep1xwbPIxpSvV1-4sLCRwqc-n8GvM9-NLLpaUnCOCz876d7jRgau83lOCTx_0qCURxNcoiwyyruaKd2_XZ1Un54JiLD626wSgpTnXJg_2IdISLOYp2SaTNzL-KKz0qmaoNDXeYv-WouMhw1Z0ZfaH8lJvrYpMwAS14s-_tgTgBAGIBfzosdFMkgUECAQYAZIFBAgFGASgBi6AB9H--vwEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQn7UH0ggUCIBhEAEYHTICigI6AoBASL39wTqaCU5odHRwczovL3NlZWthbmRyZXNvbHZlLmNvbS9jL2xlZ2FsL0Jlc3QtSGFuZHltYW4tQnVzaW5lc3MtSW5zdXJhbmNlLUd1aWRlLmh0bWyACgPICwHaDBEKCxCg6v-8r4vGr-4BEgIBA-INEwjw_I3BnO6BAxUcF4gJHeZyB_u4E-QD2BMNiBQB0BUBgBcBshceChwIABIUcHViLTM2MjIxOTMyOTM1MjU0NjYYwIVs&sigh=W0A7mCG2uhk&uach_m=[]&ase=2&nis=5&cid=CAQSPADICaaNxzuikVGBiD4ACsw7PQUXI21Un4GZlNgNsVWZ9PNDuF-XO_BbAh-wvWZ3eOW1stvq5XWTkZylgxgB&template_id=484&cbvp=2 Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers
GET H2	200	arrow-g.svg bravo-m.ismcdn.jp/common/bravo-m/images/	272 B 425 B	5ms 4ms	Image image/svg+xml	23.40.179.8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://bravo-m.ismcdn.jp/common/bravo-m/images/arrow-g.svg Requested by Host: bravo-m.ismcdn.jp URL: https://bravo-m.ismcdn.jp/resources/bravo-m/css/pc/shared/shared.css?rd=202309261846 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.40.179.8 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-40-179-8.deploy.static.akamaitechnologies.com Software / Resource Hash d4bdecf04f2c9314696c2f2f74ab3438b5670396cc05ffaf27b5d04859fd19ac Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://bravo-m.ismcdn.jp/resources/bravo-m/css/pc/shared/shared.css?rd=202309261846 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-cache-ttl 900.000 date Wed, 11 Oct 2023 14:38:53 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Mon, 15 Feb 2021 12:38:23 GMT vary Accept-Encoding content-type image/svg+xml cache-control max-age=635410 accept-ranges bytes content-length 237 expires Wed, 18 Oct 2023 23:09:03 GMT
GET H2	200	/ Show response kitchen.juicer.cc/function/popup-core/	11 KB 4 KB	179ms 177ms	Script application/x-javascript	35.76.81.157 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://kitchen.juicer.cc/function/popup-core/?color=DfUBG/9gaEA=&version=2.2.9 Requested by Host: kitchen.juicer.cc URL: https://kitchen.juicer.cc/core/?color=DfUBG/9gaEA=&version=2.2.9 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.76.81.157 Tokyo, Japan, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-76-81-157.ap-northeast-1.compute.amazonaws.com Software Apache/2.4.57 () OpenSSL/1.0.2k-fips / Resource Hash c26c584737a56c53569500a07782fc36f3f74d079475dbf38295f0ce3dd429d1 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 14:38:53 GMT strict-transport-security max-age=31536000 content-encoding gzip server Apache/2.4.57 () OpenSSL/1.0.2k-fips vary accept-encoding content-type application/x-javascript;charset=utf-8 access-control-allow-origin * content-language en-US cache-control max-age=7200 x-robots-tag noindex, nofollow expires Wed Oct 11 16:38:53 UTC 2023
GET H2	200	collabo Show response kitchen.juicer.cc/	9 KB 3 KB	183ms 181ms	Script application/x-javascript	35.76.81.157 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://kitchen.juicer.cc/collabo?color=DfUBG/9gaEA=&version=2.2.9 Requested by Host: kitchen.juicer.cc URL: https://kitchen.juicer.cc/core/?color=DfUBG/9gaEA=&version=2.2.9 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.76.81.157 Tokyo, Japan, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-76-81-157.ap-northeast-1.compute.amazonaws.com Software Apache/2.4.57 () OpenSSL/1.0.2k-fips / Resource Hash e74176959de176588fa6f15f4339f6ce331bd9639ea9bb6c5f42372d9b291b76 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 14:38:53 GMT strict-transport-security max-age=31536000 content-encoding gzip server Apache/2.4.57 () OpenSSL/1.0.2k-fips vary accept-encoding content-type application/x-javascript;charset=utf-8 access-control-allow-origin * content-language en-US cache-control max-age=7200 x-robots-tag noindex, nofollow expires Wed Oct 11 16:38:53 UTC 2023
GET H2	200	/ Show response kitchen.juicer.cc/parallel/	8 KB 2 KB	183ms 182ms	Script application/x-javascript	35.76.81.157 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://kitchen.juicer.cc/parallel/?color=DfUBG/9gaEA=&url=https%3A%2F%2Fahm11xtr.pics%2F&deviceType=1&sesid=0e735fff-b996-499a-a615-159424530f70&version=2.2.9 Requested by Host: kitchen.juicer.cc URL: https://kitchen.juicer.cc/core/?color=DfUBG/9gaEA=&version=2.2.9 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.76.81.157 Tokyo, Japan, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-76-81-157.ap-northeast-1.compute.amazonaws.com Software Apache/2.4.57 () OpenSSL/1.0.2k-fips / Resource Hash 05cd0335f54dfe81f50cfaaf88502676d23947bb6256721bc113b240694c5baa Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 14:38:53 GMT strict-transport-security max-age=31536000 content-encoding gzip server Apache/2.4.57 () OpenSSL/1.0.2k-fips vary accept-encoding content-type application/x-javascript;charset=utf-8 access-control-allow-origin * content-language en-US cache-control max-age=0, no-store, no-cache, must-revalidate x-robots-tag noindex, nofollow expires Sat, 26 Jul 1997 05:00:00 GMT
GET H2	200	syncframe Show response gum.criteo.com/ Frame 6A19	15 KB 6 KB	41ms 14ms	Document text/html	2620:100:a001::c AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ahm11xtr.pics Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 4ba95a958d22f447f9586b7c8b8e7a8e35b3343d415961dc96e4a25cec0acfc5 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://ahm11xtr.pics/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language en-US,en;q=0.9 Response headers cache-control private, max-age=3600 content-encoding gzip content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Wed, 11 Oct 2023 14:38:53 GMT server Kestrel server-processing-duration-in-ticks 2389066 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H2	200	ping ping.chartbeat.net/	43 B 201 B	50ms 13ms	Image image/gif	52.87.71.18 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ping.chartbeat.net/ping?h=bravo-m.futabanet.jp&p=%2Farticles%2F-%2F123786&u=CWUFboDUqD_8DYeGl9&d=ahm11xtr.pics&g=66985&g0=tozan%2C%E7%99%BB%E5%B1%B1%2C%E9%80%9A%E5%B8%B8%2C3%E3%83%9A%E3%83%BC%E3%82%B8&g1=%E5%80%89%E5%92%8C%20%E3%82%BD%E3%83%A9&n=1&f=00001&c=0&x=0&m=0&y=5507&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fahm11xtr.pics%2F&b=5109&t=B0dxW5BuZ1uhCo3rnvDbwq1aD3HA4I&V=141&i=%E3%82%A2%E3%82%A6%E3%83%88%E3%83%89%E3%82%A2%E3%80%8C%E6%84%8F%E5%91%B3%E3%81%8C%E5%88%86%E3%81%8B%E3%82%8B%E3%81%A8%E6%80%96%E3%81%84%E3%80%8D%E7%A9%BA%E3%81%AE%E5%86%99%E7%9C%9F%E3%80%8C%E7%99%BB%E5%B1%B1%E3%83%BB%E3%82%AD%E3%83%A3%E3%83%B3%E3%83%97%E3%83%BB%E9%87%A3%E3%82%8A%E3%80%8D%E4%B8%80%E8%A6%8B%E3%81%99%E3%82%8B%E3%81%A8%E6%99%AE%E9%80%9A%E3%81%A7%E3%82%82%E2%80%A6%E2%80%A6%E3%80%8C%E6%9C%AC%E5%BD%93%E3%81%AB%E5%8D%B1%E3%81%AA%E3%81%84%E5%85%86%E5%80%99%E3%80%8D&tz=600&sn=1&sv=CvRtGxDfpuf7LEjP9DPYZ1ND6HFYe&sd=1&im=06032c7e&_ Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.87.71.18 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-87-71-18.compute-1.amazonaws.com Software / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers content-type image/gif pragma no-cache date Wed, 11 Oct 2023 14:38:53 GMT cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-length 43 expires 0
GET H2	200	img_7bd3ef4deff15fdf2adf37c7d4a81512176301.jpg bravo-m.ismcdn.jp/mwimgs/7/b/60wm/	844 B 1 KB	14ms 14ms	Image image/avif	23.40.179.8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://bravo-m.ismcdn.jp/mwimgs/7/b/60wm/img_7bd3ef4deff15fdf2adf37c7d4a81512176301.jpg Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.40.179.8 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-40-179-8.deploy.static.akamaitechnologies.com Software Akamai Image Manager / Resource Hash 999956c24c190f7f757e66f0d26788e459ae58ab376c3577bc5dd75df8ae1494 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Frame-Options SAMEORIGIN Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 14:38:53 GMT strict-transport-security max-age=31536000 last-modified Tue, 25 Apr 2023 07:12:34 GMT x-serial 913 server Akamai Image Manager x-check-cacheable YES x-frame-options SAMEORIGIN content-type image/avif cache-control private, no-transform, max-age=1773030 content-length 844 expires Wed, 01 Nov 2023 03:09:23 GMT
GET H2	200	img_c66d8855c8bd374751d3381561d39238267381.jpg bravo-m.ismcdn.jp/mwimgs/c/6/660wm/	22 KB 22 KB	67ms 67ms	Image image/avif	23.40.179.8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://bravo-m.ismcdn.jp/mwimgs/c/6/660wm/img_c66d8855c8bd374751d3381561d39238267381.jpg Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.40.179.8 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-40-179-8.deploy.static.akamaitechnologies.com Software Akamai Image Manager / Resource Hash ce673f029c11857478eb72842b5b956b37d981a70ca7a08a597fdb2069c802ce Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 14:38:53 GMT strict-transport-security max-age=31536000 last-modified Fri, 01 Sep 2023 08:18:34 GMT server Akamai Image Manager content-type image/avif cache-control private, no-transform, max-age=1772980 content-length 22777 expires Wed, 01 Nov 2023 03:08:33 GMT
GET H2	200	sid Show response mug.criteo.com/ Frame 6A19 Redirect Chain https://gum.criteo.com/sid/json?origin=publishertag&domain=ahm11xtr.pics&sn=ChromeSyncframe&so=0&topUrl=ahm11xtr.pics&cw=1&lsw=1&topicsavail=0&fledgeavail=0 https://mug.criteo.com/sid?cpp=zMQvYXxoU1ZybHpJZXBGNWQ4Rkl2UUh2T2R4S3h2RS9qWE5MdkZ3cTdHY0U3cjMrOVJPUld2c09VUDU3NFhmQ09rZGtIdnV3dGRxaGE1MTE1a2ZSODl5WnMxakozRWNTTm5JMTFZd1lhT3diR3JsRHZmNVNnaFNibjIrZF...	422 B 648 B	61ms 12ms	Fetch application/json	74.119.119.139 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=zMQvYXxoU1ZybHpJZXBGNWQ4Rkl2UUh2T2R4S3h2RS9qWE5MdkZ3cTdHY0U3cjMrOVJPUld2c09VUDU3NFhmQ09rZGtIdnV3dGRxaGE1MTE1a2ZSODl5WnMxakozRWNTTm5JMTFZd1lhT3diR3JsRHZmNVNnaFNibjIrZFFJaFd3S3FOdmlzWFVNckdHcjVpZDkyazIrZXoyQ1IzU1dkN3pTL0lXWjVvUml0WTNPRUlQVjZWU0txT0pQdWtzUGxEa2orOU9LMlhGb2ZqSytiUkdwditudzVPUy9RTWtlcVpDYzhZZVZkNjlIU3JRL25kT2h1dHYrWVllekc0L2tYZjZ6RFZTZGx1MVdQYUh5bGFaT1NDZXFPNC9UcEtPTlYvN0hvdWF1RzZmdmlmRGtjRT18&cppv=2 Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H2 Server 74.119.119.139 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash e22934b73a370e064d0843196dc25d51965335c08c3f2abb99ea6022ca65a26f Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://gum.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Wed, 11 Oct 2023 14:38:52 GMT strict-transport-security max-age=31536000; preload; content-encoding gzip server Kestrel vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin https://gum.criteo.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 2018269 expires 0 Redirect headers pragma no-cache date Wed, 11 Oct 2023 14:38:52 GMT strict-transport-security max-age=31536000; preload; server Kestrel location https://mug.criteo.com/sid?cpp=zMQvYXxoU1ZybHpJZXBGNWQ4Rkl2UUh2T2R4S3h2RS9qWE5MdkZ3cTdHY0U3cjMrOVJPUld2c09VUDU3NFhmQ09rZGtIdnV3dGRxaGE1MTE1a2ZSODl5WnMxakozRWNTTm5JMTFZd1lhT3diR3JsRHZmNVNnaFNibjIrZFFJaFd3S3FOdmlzWFVNckdHcjVpZDkyazIrZXoyQ1IzU1dkN3pTL0lXWjVvUml0WTNPRUlQVjZWU0txT0pQdWtzUGxEa2orOU9LMlhGb2ZqSytiUkdwditudzVPUy9RTWtlcVpDYzhZZVZkNjlIU3JRL25kT2h1dHYrWVllekc0L2tYZjZ6RFZTZGx1MVdQYUh5bGFaT1NDZXFPNC9UcEtPTlYvN0hvdWF1RzZmdmlmRGtjRT18&cppv=2 cache-control no-cache, no-store, must-revalidate server-processing-duration-in-ticks 257342 content-length 0 expires 0
GET H3	404	m.gif ahm11xtr.pics/oo/futaba/	548 B 548 B	577ms 577ms	Image text/html	2606:4700:3033::6815:25af CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ahm11xtr.pics/oo/futaba/m.gif?media=bravo-m.futabanet.jp&skin=leafs%2Fpage&id=123786&category=news&subcategory=%2Ctozan%2C%E7%99%BB%E5%B1%B1%2C%E3%81%9D%E3%81%AE%E4%BB%96%E7%99%BB%E5%B1%B1%2C%E3%81%9D%E3%81%AE%E4%BB%96%2C&model=&modelid=&host=ahm11xtr.pics&path=%2F&rhost=&rpath=&rd=0.31488736577558596 Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:25af , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 14:38:53 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cz6iFqfxiZXDsiZkNDJ2HZ%2FJXxkLmCSbqbmhYIJsPNLXkx9I5gmsEwgMnUGxFSK8tjgjhm4oJeVTyb3uC7AjYYMSGMA4u7pVkr5bJ5dPRy6J8k1QNLWheDqC0TuBwLaGbodf8%2B38POD9X%2F4J"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control max-age=14400 cf-ray 8147d96ef82141d2-EWR alt-svc h3=":443"; ma=86400
GET H2	200	/ Show response kitchen.juicer.cc/function/popup-nps/	0 378 B	192ms 191ms	Script application/x-javascript	35.76.81.157 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://kitchen.juicer.cc/function/popup-nps/?color=DfUBG/9gaEA=&ip=5.181.234.132&deviceType=1&url=https%3A%2F%2Fahm11xtr.pics%2F&isShow=0&isAnswer=0&lastAnswerDate=0&version=2.2.9 Requested by Host: kitchen.juicer.cc URL: https://kitchen.juicer.cc/core/?color=DfUBG/9gaEA=&version=2.2.9 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.76.81.157 Tokyo, Japan, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-76-81-157.ap-northeast-1.compute.amazonaws.com Software Apache/2.4.57 () OpenSSL/1.0.2k-fips / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 14:38:53 GMT strict-transport-security max-age=31536000 content-encoding gzip server Apache/2.4.57 () OpenSSL/1.0.2k-fips vary accept-encoding content-type application/x-javascript;charset=utf-8 access-control-allow-origin * content-language en-US cache-control max-age=0, no-store, no-cache, must-revalidate x-robots-tag noindex, nofollow expires Sat, 26 Jul 1997 05:00:00 GMT
GET H2	200	/ Show response kitchen.juicer.cc/function/popup-ad/	0 378 B	190ms 190ms	Script application/x-javascript	35.76.81.157 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://kitchen.juicer.cc/function/popup-ad/?color=DfUBG/9gaEA=&id=f57f9491-c4db-448e-80c7-d60bf5c6d6a3&jid=srn:smooothieapi:usercard:juicer:f00521c4-642f-4245-aec7-c78253f5c0a3&ip=5.181.234.132&deviceType=1&url=https%3A%2F%2Fahm11xtr.pics%2F&isShow=0&lastShowDate=0&version=2.2.9 Requested by Host: kitchen.juicer.cc URL: https://kitchen.juicer.cc/core/?color=DfUBG/9gaEA=&version=2.2.9 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.76.81.157 Tokyo, Japan, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-76-81-157.ap-northeast-1.compute.amazonaws.com Software Apache/2.4.57 () OpenSSL/1.0.2k-fips / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 14:38:53 GMT strict-transport-security max-age=31536000 content-encoding gzip server Apache/2.4.57 () OpenSSL/1.0.2k-fips vary accept-encoding content-type application/x-javascript;charset=utf-8 access-control-allow-origin * content-language en-US cache-control max-age=0, no-store, no-cache, must-revalidate x-robots-tag noindex, nofollow expires Sat, 26 Jul 1997 05:00:00 GMT
GET H2	200	loglyjuicer_track.js Show response cdn.cookie.sync.usonar.jp/live_access/	1 KB 2 KB	705ms 558ms	Script text/javascript	2600:9000:25f4:1400:12:6e90:f080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.cookie.sync.usonar.jp/live_access/loglyjuicer_track.js Requested by Host: kitchen.juicer.cc URL: https://kitchen.juicer.cc/collabo?color=DfUBG/9gaEA=&version=2.2.9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:25f4:1400:12:6e90:f080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b321bc9876facc5b7e38a4e4510c569032e28a1498f67ebf31cab917333fe709 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 14:38:54 GMT via 1.1 0e3c225d58500145a5360bc7903299fe.cloudfront.net (CloudFront) last-modified Wed, 26 Apr 2023 04:40:49 GMT server AmazonS3 x-amz-cf-pop CMH68-P4 x-amz-server-side-encryption AES256 etag "8e197210644fcad2d9e3c9d3e296b225" x-cache RefreshHit from cloudfront content-type text/javascript cache-control max-age=0 accept-ranges bytes content-length 1247 x-amz-cf-id 98VsjUVdnI4niSEbRN2QyRshQGqOWxL_aDLl332yQ0AWGq7KE3NW5Q== expires Sat, 26 Jul 1997 05:00:00 GMT
GET H/1.1	200 OK	px.gif juicer-lift.s3-ap-northeast-1.amazonaws.com/ Redirect Chain https://sync.logly.co.jp/sync/sync.gif?ssp_id=1013&jid=srn:smooothieapi:usercard:juicer:f00521c4-642f-4245-aec7-c78253f5c0a3 https://juicer-lift.s3-ap-northeast-1.amazonaws.com/px.gif?jid=srn:smooothieapi:usercard:juicer:f00521c4-642f-4245-aec7-c78253f5c0a3&uid=gdYpqJxGm0YdDHR9LDPn5JWQyyc	37 B 392 B	605ms 198ms	Image image/gif	52.219.16.139 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://juicer-lift.s3-ap-northeast-1.amazonaws.com/px.gif?jid=srn:smooothieapi:usercard:juicer:f00521c4-642f-4245-aec7-c78253f5c0a3&uid=gdYpqJxGm0YdDHR9LDPn5JWQyyc Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol HTTP/1.1 Server 52.219.16.139 Tokyo, Japan, ASN16509 (AMAZON-02, US), Reverse DNS s3-ap-northeast-1-r-w.amazonaws.com Software AmazonS3 / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Date Wed, 11 Oct 2023 14:38:55 GMT Last-Modified Fri, 12 Jun 2020 04:06:49 GMT Server AmazonS3 x-amz-request-id 0CCNAP03KJZECQ42 ETag "3eacd0132310ea44cad756b378a3bc07" Content-Type image/gif Accept-Ranges bytes Content-Length 37 x-amz-id-2 AdhzCvH1f37y4EpIgd/W8JMnonEvCiz2Rz7NSeHARw6UANUOYu19aWN2naUaSzRpBSoxa7OdT9Y= Redirect headers pragma no-cache date Wed, 11 Oct 2023 14:38:53 GMT server nginx content-type image/gif location https://juicer-lift.s3-ap-northeast-1.amazonaws.com/px.gif?jid=srn:smooothieapi:usercard:juicer:f00521c4-642f-4245-aec7-c78253f5c0a3&uid=gdYpqJxGm0YdDHR9LDPn5JWQyyc access-control-allow-origin * p3p CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM" cache-control private, no-cache, no-cache="Set-Cookie", proxy-revalidate access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept
GET H3	200	receive pixel.tapad.com/idsync/ex/ Redirect Chain https://pixel.tapad.com/idsync/ex/receive?partner_id=2798&partner_device_id=f00521c4-642f-4245-aec7-c78253f5c0a3 https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2798&partner_device_id=f00521c4-642f-4245-aec7-c78253f5c0a3 https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=8a8bb773-4c5a-4f4f-a5e8-5c2650773812%252C%252C&gdpr=0&gdpr_consent= https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=8a8bb773-4c5a-4f4f-a5e8-5c2650773812%252C%252C&gdpr=0&gdpr_consent= https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=d3d8929a-69f5-47ad-ad55-5d359b3f6745&ttd_puid=8a8bb773-4c5a-4f4f-a5e8-5c2650773812%2C%2C	95 B 124 B	46ms 45ms	Image image/png	34.111.113.62 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=d3d8929a-69f5-47ad-ad55-5d359b3f6745&ttd_puid=8a8bb773-4c5a-4f4f-a5e8-5c2650773812%2C%2C Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H3 Server 34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 62.113.111.34.bc.googleusercontent.com Software Jetty(11.0.13) / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 14:38:53 GMT strict-transport-security max-age=31536000 via 1.1 google accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server Jetty(11.0.13) content-type image/png access-control-allow-origin * p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 95 Redirect headers location https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=d3d8929a-69f5-47ad-ad55-5d359b3f6745&ttd_puid=8a8bb773-4c5a-4f4f-a5e8-5c2650773812%2C%2C date Wed, 11 Oct 2023 14:38:53 GMT server Kestrel content-length 359
GET H/1.1	200 OK	juicertag_second_logs Show response in.treasuredata.com/js/v3/event/juicer/	89 B 559 B	13ms 13ms	Script application/javascript	52.6.128.240 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://in.treasuredata.com/js/v3/event/juicer/juicertag_second_logs?api_key=8318%2Fc581f430f34edc4f65d24732a5629e31f04d19e4&modified=1697035133279&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJhY2Nlc3Nfc291cmNlIjoiIiwiYWdlIjo1NCwiYXJlYSI6IiIsImNhcnJvdF9pZCI6IiIsImNlZiI6MSwiY2xpZW50X3N0YXR1cyI6MCwiY3YiOjAsImNvb2tpZSI6Il9fZ2Fkcz1JRD1jMGViNmMxYjM5MGEzZGNhLTIyMjRhMjBlOTJlNDAwZWE6VD0xNjk3MDM1MTMwOlJUPTE2OTcwMzUxMzA6Uz1BTE5JX01iaDNGUXpsMkp6bHluc0lFRXA5eGNndmUxWjhBOyBfX2dwaT1VSUQ9MDAwMDBkOThhZmVkYWE2ZjpUPTE2OTcwMzUxMzA6UlQ9MTY5NzAzNTEzMDpTPUFMTklfTWJjVU8yYnVRY1BzRElXNnlLVnoxVVlibGw0YlE7IF9pbV92aWQ9MDFIQ0ZKVDZKTjQwME5IMUZIUVYyUFE4WVo7IF9fdGRfc2lnbmVkPXRydWU7IF90ZD0yZjgzNGZkNC1lZGNkLTQ1ZTYtODAyMi1iN2ZhMDMyZDczZDQ7IF90ZF9nbG9iYWw9OGUwM2JkZjEtMGM2NC00NGVjLWExZjctNWQwYjAwNDZiMWJmOyBfY2I9Q1dVRmJvRFVxRF84RFllR2w5OyBfY2hhcnRiZWF0Mj0uMTY5NzAzNTEzMzA0My4xNjk3MDM1MTMzMDQzLjEuQ3ZSdEd4RGZwdWY3TEVqUDlEUFlaMU5ENkhGWWUuMTsgX2NiX3N2cmVmPW51bGwiLCJjcmVhdGVkX2F0IjoiIiwiZGNfYWN0aW9uIjoiZ2V0SW5mby8iLCJkZXZpY2UiOiJQQyIsImV0YWciOiIiLCJpbnRlcmVzdF90NyI6IiIsImppZCI6InNybjpzbW9vb3RoaWVhcGk6dXNlcmNhcmQ6anVpY2VyOmYwMDUyMWM0LTY0MmYtNDI0NS1hZWM3LWM3ODI1M2Y1YzBhMyIsIm1sX3R5cGUiOjEsImxiY19pcCI6IiIsIm9yZ19uYW1lIjoiIiwib3JnX25hbWVfb3JnIjoiIiwicGVhY2hfaWQiOiJhZTEzZGZhNi03Njg4LTRjNmItODljZS1jMzkzMmI1NzYwZWYiLCJwaWFpZCI6IjBlNzM1ZmZmLWI5OTYtNDk5YS1hNjE1LTE1OTQyNDUzMGY3MF9iZmI4MWFmNC00M2M3LTRmOGYtOGUyYi05NWFiMDBlNmJiZGYiLCJyZWZlcmVyIjoiIiwic2NpZCI6IiIsInNpZCI6MjQzMTI4LCJzZXNpZCI6IjBlNzM1ZmZmLWI5OTYtNDk5YS1hNjE1LTE1OTQyNDUzMGY3MCIsInNleCI6Miwic3RhdHVzIjoiIiwidGVtcGVyYXR1cmUiOm51bGwsInRjaWQiOiIyZjgzNGZkNC1lZGNkLTQ1ZTYtODAyMi1iN2ZhMDMyZDczZDQiLCJ0Z2lkIjoiOGUwM2JkZjEtMGM2NC00NGVjLWExZjctNWQwYjAwNDZiMWJmIiwidGltZXN0YW1wIjoxNjk3MDM1MTMwLCJ0aXRsZSI6Iigz44Oa44O844K455uuKSDjgqLjgqbjg4jjg4njgqLjgIzmhI%2FlkbPjgYzliIbjgYvjgovjgajmgJbjgYTjgI3nqbrjga7lhpnnnJ%2FjgIznmbvlsbHjg7vjgq3jg6Pjg7Pjg5fjg7vph6PjgorjgI3kuIDopovjgZnjgovjgajmma7pgJrjgafjgoLigKbigKbjgIzmnKzlvZPjgavljbHjgarjgYTlhYblgJnjgI3vvZznmbvlsbHvvZzjg4vjg6Xjg7zjgrnvvZxCUkFWTyBNT1VOVEFJTiIsInVhIjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExNy4wLjU5MzguMTQ5IFNhZmFyaS81MzcuMzYiLCJ1aWQiOiJmNTdmOTQ5MS1jNGRiLTQ0OGUtODBjNy1kNjBiZjVjNmQ2YTMiLCJ1cmwiOiJodHRwczovL2FobTExeHRyLnBpY3MvIiwicGxhY2UiOiIiLCJwbGFjZV9jaXR5IjoiIiwicGxhY2VfY2l0eV9pZCI6IiIsInBsYWNlX3ByZWYiOiIiLCJwbGFjZV9wcmVmX2lkIjoiIiwidHh0MSI6IiIsInR4dDIiOiIiLCJ2aXNpdCI6MCwid2VhdGhlciI6bnVsbCwid2lkIjoyNDMxMjgsInZ0cyI6MTY5NzAzNTEzMCwiaW1fdWlkIjoiIiwiZ2FfY2xpZW50aWQiOiIiLCJtZW4iOjAsIndvbWFuIjoxLCJnZW5kZXIiOiLlpbPmgKciLCJwYyI6MSwic3AiOjAsInVzZV9pcF9hcGkiOiIiLCJqZHVmIjoxLCJsb2dfdHlwZSI6InRyYW4iLCJhY3Rpb25fdHlwZSI6InZpZXciLCJ0ZXN0aWQiOiIiLCJwaWQiOiIiLCJhY2lkIjoiIiwidGVzdF90eXBlIjoiIiwiaW1hZ2UiOiIiLCJsaW5rIjoiIiwiaW50ZXJlc3RfaWQiOiJuXzk5MDAwMDAwMDAiLCJpbnRlcmVzdF9hY3Rpb25fc2NvcmUiOjEsInNpdGVfY2F0ZWdvcnlfaWRfbjQiOiJuXzk5MDAwMDAwMDAiLCJ0ZF92ZXJzaW9uIjoiMi4zLjAiLCJ0ZF9jbGllbnRfaWQiOiIyZjgzNGZkNC1lZGNkLTQ1ZTYtODAyMi1iN2ZhMDMyZDczZDQiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoiKDPjg5rjg7zjgrjnm64pIOOCouOCpuODiOODieOCouOAjOaEj%2BWRs%2BOBjOWIhuOBi%2BOCi%2BOBqOaAluOBhOOAjeepuuOBruWGmeecn%2BOAjOeZu%2BWxseODu%2BOCreODo%2BODs%2BODl%2BODu%2BmHo%2BOCiuOAjeS4gOimi%2BOBmeOCi%2BOBqOaZrumAmuOBp%2BOCguKApuKApuOAjOacrOW9k%2BOBq%2BWNseOBquOBhOWFhuWAmeOAje%2B9nOeZu%2BWxse%2B9nOODi%2BODpeODvOOCue%2B9nEJSQVZPIE1PVU5UQUlOIiwidGRfZGVzY3JpcHRpb24iOiIoM%2BODmuODvOOCuOebrikg55m75bGx44KE44Kt44Oj44Oz44OX44Gq44Gp44CB44Ki44Km44OI44OJ44Ki44KS5pel6aCD44GL44KJ5qW944GX44KT44Gn44GE44KL44Go44CB56qB54S244Gu6LGq6Zuo44Gr6KWy44KP44KM44Gf57WM6aiT44GM44GC44KL44Gu44Gn44Gv44Gq44GE44Gg44KN44GG44GL44CC44CA5aSp5rCX44Gu6KaL5qW144KB44Gv6Zuj44GX44GP44CB57W25aW944Gu44GK5Ye644GL44GR5pel5ZKM44Gr6KaL44GI44Gm44KC44CB56qB54S244Gu6Zu36Zuo44Gr6KWy44KP44KM44KL44Gu44Gv44Ki44Km44OI44OJ44Ki5aW944GN44GC44KL44GC44KL44Gg44CC44GX44GL44GX44CB5Ye644GX5oqc44GR44Gu6Zu36Zuo44Gr6KaL44GI4oCmIiwidGRfdXJsIjoiaHR0cHM6Ly9haG0xMXh0ci5waWNzLyIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE3LjAuNTkzOC4xNDkgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiV2luMzIiLCJ0ZF9ob3N0IjoiYWhtMTF4dHIucGljcyIsInRkX3BhdGgiOiIvIiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9pcCI6InRkX2lwIiwidGRfYnJvd3NlciI6InRkX2Jyb3dzZXIiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiJ0ZF9icm93c2VyX3ZlcnNpb24iLCJ0ZF9vcyI6InRkX29zIiwidGRfb3NfdmVyc2lvbiI6InRkX29zX3ZlcnNpb24ifQ%3D%3D&callback=TreasureJSONPCallback3 Requested by Host: cdn.kitchen.juicer.cc URL: https://cdn.kitchen.juicer.cc/scripts/juicer-treasure/2.3.0/juicertreasure.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.6.128.240 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-6-128-240.compute-1.amazonaws.com Software / Resource Hash b3a7346cae0525400bb6539496990f7de2ee33862cb6e38fd82f0e463d367e1a Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers P3P CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p" Date Wed, 11 Oct 2023 14:38:53 GMT Strict-Transport-Security max-age=31536000 Cross-Origin-Resource-Policy cross-origin Connection keep-alive Content-Length 89 Content-Type application/javascript
GET H3	200	activeview pagead2.googlesyndication.com/pcs/ Frame A561	42 B 64 B	102ms 102ms	Image image/gif	2607:f8b0:4020:807::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuNVhVBu4Ljb_6cA0vgoMQz7axkBMUNtZ-QROG2GvdXYV2SVO55-3rNPCIAptwD17doFarD8_xXhf5lKCe4qmwT8qIRULLYDn03-diK8yxvMJSbG_5DJL_e0kwIRGLMsvTFPgw_n_77jA&sai=AMfl-YQOe4703ebqQpnWLzB54vA47WRucxzRz1xjuWVP1yI_Llt-qsqrVFoO3ke-ldsLEw-jGQHudL7Lb3kfMp3zmalaHMr5f_E8R9I1ChED9DPu74O-VzKxgcqPEz5n&sig=Cg0ArKJSzIzCd70Puv9lEAE&cid=CAQSPADICaaNxzuikVGBiD4ACsw7PQUXI21Un4GZlNgNsVWZ9PNDuF-XO_BbAh-wvWZ3eOW1stvq5XWTkZylgxgB&id=ampim&o=315,155&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1002&mtos=0,0,0,1002,1002&tos=0,0,0,1002,0&tfs=1198&tls=2200&g=100&h=100&tt=2200&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0 Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Wed, 11 Oct 2023 14:38:53 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview pagead2.googlesyndication.com/pcs/ Frame B818	42 B 64 B	88ms 87ms	Image image/gif	2607:f8b0:4020:807::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss4rrs9LDRiZzg3UmZQKkfvzlRmYwk1AGIQIx-lwNKIBhza7hKsr08AaYF45UTQMiD9yG4EyAgKa3iAOn-uWmj0141OHR3VoeU9YNiAxTUEHtDYzSBk3GtZ3cadO9gChOAr3JdS6xXlDA&sai=AMfl-YRwmDZg1_lmaguq_hSisHsN0mR1stfOUbAQjecVlJKp0KdkWj6l47TnHdfL7sPNsrmbCXnGnbUQjovTXJJQkns4_Ve1mXGid8idhWXMMasoU1MpwPIRrOY0QrAQ&sig=Cg0ArKJSzG7yw9Ob2hkEEAE&cid=CAQSPADICaaNxzuikVGBiD4ACsw7PQUXI21Un4GZlNgNsVWZ9PNDuF-XO_BbAh-wvWZ3eOW1stvq5XWTkZylgxgB&id=ampim&o=1000,445&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=1118&tls=2118&g=100&h=100&tt=2118&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0 Requested by Host: ahm11xtr.pics URL: https://ahm11xtr.pics/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Wed, 11 Oct 2023 14:38:53 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	16 KB 12 KB	55ms 54ms	XHR application/json	2607:f8b0:4020:807::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231004&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash eb3a69c3c3b9b536417d440da9deedc6a1c5be2d166f7e2576bac57f66a55892 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 14:38:54 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12103 x-xss-protection 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	63ms 62ms	Script text/javascript	172.217.13.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s05-in-f1.1e100.net Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 14:38:54 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Wed, 11 Oct 2023 14:38:54 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame BF02	13 KB 5 KB	19ms 16ms	Document text/html	2607:f8b0:4020:805::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ahm11xtr.pics/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes age 157544 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Mon, 09 Oct 2023 18:53:10 GMT expires Tue, 08 Oct 2024 18:53:10 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	aframe Show response www.google.com/recaptcha/api2/ Frame 1274	829 B 561 B	53ms 52ms	Document text/html	2607:f8b0:4020:805::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4020:805::2004 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 776de24245d94451b6f95b47bc9910274be6e1be4783f7bdfd1485c4af6853d9 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-9Eji3pP1NP4UG3_cWU18RA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://ahm11xtr.pics/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-9Eji3pP1NP4UG3_cWU18RA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Wed, 11 Oct 2023 14:38:54 GMT expires Wed, 11 Oct 2023 14:38:54 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 1274	0 0	75ms 75ms	Image text/html	2607:f8b0:4020:807::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231004&jk=1635825021716879&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers
GET H3	200	YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js Show response pagead2.googlesyndication.com/bg/ Frame BF02	37 KB 14 KB	12ms 12ms	Script text/javascript	2607:f8b0:4020:807::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 10 Oct 2023 04:23:44 GMT content-encoding br x-content-type-options nosniff age 123310 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14663 x-xss-protection 0 last-modified Mon, 02 Oct 2023 14:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 09 Oct 2024 04:23:44 GMT
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame BF02	0 10 B	13ms 12ms	Image text/plain	2607:f8b0:4020:805::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?b4f9Dg Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 14:38:55 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	91ms 91ms	Image text/html	2607:f8b0:4020:807::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231004&jk=1635825021716879&bg=!pKelp-jNAAbjlzx0w5c7ADQBe5WfODB11dEmV7DGpo6UJct2isgnGH-OH528qScJ_zgo4RVRvMr0OTWzRzGOAn8-7h4SAgAAAF9SAAAACmgBB5kCvgHJiM4VFksWokHrRtjuCb-_8P_PQ0FGta-NBSSD_Tu3opAsKR5_5UHN9mp6ldOyYvCm_JAZ53jN_cMI3jfa7hY9ZiBLyrEE5AkSdE14qvLkY60gl4T_vvTvIBnpOUvocDO4hs50eF86SNeUUdXZsVEmGye0x9Eip4CsKoGIdEDsJM9odM0xall6L3oF1en6j6qM58rxmvqijAzpJbpXqjFvN0WoKTLjq_kCAwKGEa5ibeCrV-4jwpKc3YIErMAmIjYOMEMw-lrBwHglBzLbVm916i_HJewLrs93i-qrc19cUJbLgBtak86VJrpHO5jvMfay71OHfzm2MdkIVJU8MzEojgKQ7yv5MrbE3xouuuUfk6v5Y4skfWQiv4-qvKJwvDnjuKLUxCHoFjqAgZondyJKI613SghTlDpHYM7_UmWzgDQBe4BxKCu4S5az8TjHyHZ-ySTO8uOeGDw20s1SFK-vdpmsUvso98EuvqoaZXN5750b5j-gzr1ZFpLtBEQV-wWscj2ekZVO1YKzDKo7n-EWfiZJ2vLFW2DSWP4IW6PVf6tmFowtQsC7TkDw552cWEDtfewGAu7akl0wlJESbsSSMH3SVlpApLD0eYW1nAeNUNvjTBAHfVOhIvsOUyJA_nzelhjYH0BtWSmsbLNLKS049gn4OVzUK6p8niNbN8fs04EsrDK9d1vSWKJ1xWjUekrVfgxa4RdU9SLUc3Ivxu0bGt3egAh8wL59BUyaA4TXQ01Qe-WfaMPMDcPbVrVyrvt_TpC7n8EOhV01EUCXpPhA_py4gkodZXDq8f-GHHQCzIo-V12m7rjfY2vSvkElDN_W_dhyhs8ClPkXP1esYtQCogaIDzsN4UO1JmACTlJiJvo0qwVnLZ6m47hdwqguNwO12jgT-ip4kFxW76dDLFZXOdai036rIdRm1qDuxg Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://ahm11xtr.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers
GET H/1.1	200 OK	usync.html Show response eus.rubiconproject.com/ Frame D5EB	281 B 554 B	288ms 5ms	Document text/html	23.47.170.102 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html Requested by Host: ads.rubiconproject.com URL: https://ads.rubiconproject.com/prebid/12162_bravo.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.47.170.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-47-170-102.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390 Request headers Referer https://ahm11xtr.pics/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Accept-Ranges bytes Connection keep-alive Content-Encoding gzip Content-Length 233 Content-Type text/html; charset=UTF-8 Date Wed, 11 Oct 2023 14:38:55 GMT ETag "40011-119-6051b805b8000" Last-Modified Mon, 11 Sep 2023 20:52:16 GMT Server Apache/2.2.15 (CentOS) Vary Accept-Encoding
GET H/1.1	200 OK	async_usersync.html Show response acdn.adnxs.com/dmp/ Frame FFF6	52 KB 17 KB	39ms 3ms	Document text/html	151.101.1.108 FASTLY
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/dmp/async_usersync.html Requested by Host: ads.rubiconproject.com URL: https://ads.rubiconproject.com/prebid/12162_bravo.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.1.108 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd Request headers Referer https://ahm11xtr.pics/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Accept-Ranges bytes Access-Control-Allow-Origin * Age 16999 Cache-Control max-age=86402 Connection keep-alive Content-Encoding gzip Content-Length 17053 Content-Type text/html Date Wed, 11 Oct 2023 14:38:55 GMT ETag W/"623de86a-cf34" Expires Sun, 01 Oct 2023 09:55:16 GMT Last-Modified Fri, 25 Mar 2022 16:06:02 GMT Server nginx/1.18.0 (Ubuntu) Vary Accept-Encoding Via 1.1 varnish X-Cache HIT X-Cache-Hits 65489 X-Served-By cache-lga21937-LGA X-Timer S1697035136.672725,VS0,VE0
GET H2	200	ixmatch.html Show response js-sec.indexww.com/um/ Frame CA1C	3 KB 2 KB	45ms 17ms	Document text/html	104.18.24.18 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-sec.indexww.com/um/ixmatch.html Requested by Host: ads.rubiconproject.com URL: https://ads.rubiconproject.com/prebid/12162_bravo.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.24.18 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb Request headers Referer https://ahm11xtr.pics/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language en-US,en;q=0.9 Response headers age 14 cache-control public, max-age=14400 cf-cache-status HIT cf-ray 8147d97ded4643e9-EWR content-encoding gzip content-type text/html; charset=UTF-8 date Wed, 11 Oct 2023 14:38:55 GMT expires Wed, 11 Oct 2023 18:38:55 GMT last-modified Mon, 25 Jul 2022 19:18:19 GMT p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" server cloudflare vary Accept-Encoding
GET H2	200	bounce Show response ib.adnxs.com/ Frame FFF6 Redirect Chain https://ib.adnxs.com/async_usersync?cbfn=queuePixels https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels	0 646 B	7ms 6ms	Script text/html	68.67.181.211 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol H2 Server 68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.21.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Wed, 11 Oct 2023 14:38:55 GMT an-x-request-uuid 1bb2cdf0-4584-4017-ad56-bbed0a5a1381 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 5.181.234.132; 5.181.234.132; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Wed, 11 Oct 2023 14:38:55 GMT an-x-request-uuid 9fc267ea-b838-4b34-9846-3061e8b834d0 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 location https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels cache-control no-store, no-cache, private x-proxy-origin 5.181.234.132; 5.181.234.132; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	usermatch Show response ssum-sec.casalemedia.com/ Frame BB25 Redirect Chain https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fahm11xtr.pics%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fahm11xtr.pics%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1	2 KB 1 KB	26ms 24ms	Document text/html	104.18.27.193 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fahm11xtr.pics%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/um/ixmatch.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f6998e046491488c1d1b837f3c41b6633d232c11fe0b18f37b22a834350b9ff6 Request headers Referer https://js-sec.indexww.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-cache cf-cache-status DYNAMIC cf-ray 8147d97ffb56c420-EWR content-encoding br content-type text/html date Wed, 11 Oct 2023 14:38:56 GMT expires 0 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i11bwG8pm7F8OhGNGnT7Wp3T4KGSPTaoLhrYlT3Ja%2FLoLpFpuP7F4nqbxJMWyisnONfJZVm11qhSMKrrOO9eWQUp2nbA05H5uDNUCIFphlsO6OC6Ron8OWA7hANuTB4AS71x2vrUqoVWTw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding Redirect headers alt-svc h3=":443"; ma=86400 cache-control no-cache cf-cache-status DYNAMIC cf-ray 8147d97fcb2bc420-EWR content-length 0 date Wed, 11 Oct 2023 14:38:55 GMT expires 0 location /usermatch?d=https%3A%2F%2Fahm11xtr.pics%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dd0%2FqCUxed5l8ERorLaxCcZwzgYYR2FoOY1hAsdtEuuShyYPnUmWfOSdQyU1YXM8MGK%2FTPzynr2pTo6J6mxAi536wPMf68P2zmDNyR7ei1%2Fmvh1WFnwvUVXEWvaAEYelvOs0Zt9NKyVL2A%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H/1.1	200 OK	usync.js Show response eus.rubiconproject.com/ Frame D5EB	38 KB 11 KB	7ms 6ms	Script text/html	23.47.170.102 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.js Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.47.170.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-47-170-102.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash 5dc280f17d00e8a1b9f05ac2bac39994b576fc49b80a42c0e2bb5dfa2fc38170 Request headers accept-language en-US,en;q=0.9 Referer https://eus.rubiconproject.com/usync.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Date Wed, 11 Oct 2023 14:38:55 GMT Content-Encoding gzip Last-Modified Tue, 10 Oct 2023 22:23:54 GMT Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 Vary Accept-Encoding Content-Type text/html; charset=UTF-8 p3p CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT" Cache-Control max-age=27898 Connection keep-alive Content-Length 10836 Expires Wed, 11 Oct 2023 22:23:53 GMT
GET H/1.1	200 OK	khaos.json Show response token.rubiconproject.com/ Frame D5EB	7 B 766 B	673ms 131ms	XHR application/json	69.173.151.100 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://token.rubiconproject.com/khaos.json? Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e Request headers accept-language en-US,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Pragma no-cache P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" content-type application/json; charset=UTF-8 access-control-allow-origin https://eus.rubiconproject.com Cache-Control no-cache,no-store,must-revalidate access-control-allow-credentials true content-length 7 X-RPHost 2fcb300b847bad3e7dd1184ec8a1c2f5 Expires 0
GET H2	200	rum dsum-sec.casalemedia.com/ Frame BB25 Redirect Chain https://match.adsrvr.org/track/cmf/casale https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=d3d8929a-69f5-47ad-ad55-5d359b3f6745&expiration=1699627136&gdpr=0&gdpr_consent=	43 B 342 B	18ms 18ms	Image image/gif	104.18.27.193 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=d3d8929a-69f5-47ad-ad55-5d359b3f6745&expiration=1699627136&gdpr=0&gdpr_consent= Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fahm11xtr.pics%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol H2 Server 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-US,en;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Wed, 11 Oct 2023 14:38:56 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7QLyMFBH0Dg9qQRW8XtpEUdTnVD1BNjz7ZmSucXZr5bEk3eO0ZJ5X3XTV%2BdzkYOsp4GvqGuOjjdjW0SYLAjXK%2B1snbHpKYem4fRIiXMHk53stx%2FYZSkRUgbreVi6X3A%2BqPQebpY%2FzTpAaA%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 8147d9803b87c420-EWR alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=d3d8929a-69f5-47ad-ad55-5d359b3f6745&expiration=1699627136&gdpr=0&gdpr_consent= date Wed, 11 Oct 2023 14:38:56 GMT server Kestrel content-length 323
GET H/1.1	200 OK	dcm s.amazon-adsystem.com/ Frame BB25 Redirect Chain https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZSazf7HEqEcgfi2lqFVemQAABZAAAAIB&gpp=&gpp_sid= https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZSazf7HEqEcgfi2lqFVemQAABZAAAAIB&gpp=&gpp_sid=&dcc=t	43 B 855 B	34ms 34ms	Image image/gif	52.46.130.91 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZSazf7HEqEcgfi2lqFVemQAABZAAAAIB&gpp=&gpp_sid=&dcc=t Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fahm11xtr.pics%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol HTTP/1.1 Server 52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Pragma no-cache Date Wed, 11 Oct 2023 14:38:56 GMT Strict-Transport-Security max-age=47474747; includeSubDomains; preload Server Server x-amz-rid JM5A7EYPSHV895TDBSWR Vary Content-Type,Accept-Encoding,User-Agent Content-Type image/gif p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Pragma no-cache Date Wed, 11 Oct 2023 14:38:56 GMT Strict-Transport-Security max-age=47474747; includeSubDomains; preload Server Server x-amz-rid GKD9ASZVTZ76EEW3S1SV Vary Content-Type,Accept-Encoding,User-Agent p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Location https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZSazf7HEqEcgfi2lqFVemQAABZAAAAIB&gpp=&gpp_sid=&dcc=t Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H3	200	usermatchredir ssum-sec.casalemedia.com/ Frame BB25 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZSazf7HEqEcgfi2lqFVemQAABZAAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHVl_JSOQAT5r2o_TZRQNIg&google_cver=1	43 B 771 B	19ms 19ms	Image image/gif	104.18.26.193 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHVl_JSOQAT5r2o_TZRQNIg&google_cver=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fahm11xtr.pics%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol H3 Server 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-US,en;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Wed, 11 Oct 2023 14:38:56 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RPVUMrwI6gtT26RtEctVu2yEXaaYg7ISkl%2B%2BU9ax5dZcxLY1BiXOGFkEleRpfckUzn1vrqfn%2FlVj1R6QrOL%2BCLFYh4aXV8zKW1F1LE4RuepFgbkbVDWOc50%2BLzocqwAUqOYAIRTSLQwRFw%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 8147d9807c2c0f88-EWR alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Wed, 11 Oct 2023 14:38:56 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHVl_JSOQAT5r2o_TZRQNIg&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 364 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	crum dsum-sec.casalemedia.com/ Frame BB25 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZSazf7HEqEcgfi2lqFVemQAA https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDdOyak4aX66bFOyiR30XPM&google_cver=1	43 B 730 B	40ms 39ms	Image image/gif	104.18.26.193 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDdOyak4aX66bFOyiR30XPM&google_cver=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fahm11xtr.pics%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol H3 Server 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-US,en;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Wed, 11 Oct 2023 14:38:56 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pNelDO6OeEp4abszmMWckz98MKawctwQfXqtCQ0vQCcQklySWmV6hdWY3cCwhGAapCJQD5NJ0OSIqUGr7iQMdkc4R31lAJP%2BlV84hycVyZlfWO0v2KSmsngWMgBrxzlP5jb8QSKCt%2BV06w%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 8147d9808c2f0f88-EWR alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Wed, 11 Oct 2023 14:38:56 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDdOyak4aX66bFOyiR30XPM&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 314 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	rum dsum.casalemedia.com/ Frame BB25 Redirect Chain https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 https://casale-match.dotomi.com/match/bounce/current?DotomiTest=33abe79e7453138a&is_secure=true&networkId=19998&version=1 https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAGKn8ZTOCZRgN7rRo2AAAAAAA&expiration=1697121536&is_secure=true	43 B 323 B	32ms 19ms	Image image/gif	104.18.27.193 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAGKn8ZTOCZRgN7rRo2AAAAAAA&expiration=1697121536&is_secure=true Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fahm11xtr.pics%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol H2 Server 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-US,en;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Wed, 11 Oct 2023 14:38:56 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2G1Xjh1nfWOmP%2FED%2BjQymUul5P8t4dSTuf03D7w3vrbwM%2Fxf08VzSnX73Q3%2F8X%2FmDVB8TAgwEncdYAJl8aAOmGci%2BcC5fUGtpj%2BP6CVCq0CpOTx%2FZ0qcmNIrknfwCEQgiCluK7qe"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 8147d982de24c420-EWR alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Wed, 11 Oct 2023 14:38:56 GMT server nginx p3p policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP" location https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAGKn8ZTOCZRgN7rRo2AAAAAAA&expiration=1697121536&is_secure=true cache-control no-cache, private, max-age=0, no-store content-length 0 expires 0
GET H/1.1	200	user-registering ads.stickyadstv.com/ Frame BB25	43 B 655 B	139ms 7ms	Image image/gif	63.251.28.133 INTERNAP-BLK3
General Check archive.org Show headers Download Go to Show image Full URL https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZSazf7HEqEcgfi2lqFVemQAABZAAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fahm11xtr.pics%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 63.251.28.133 Secaucus, United States, ASN13789 (INTERNAP-BLK3, US), Reverse DNS Software nginx / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language en-US,en;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Pragma no-cache Date Wed, 11 Oct 2023 14:38:56 GMT Server nginx Transfer-Encoding chunked Content-Type image/gif Access-Control-Allow-Origin * Cache-Control no-cache Access-Control-Allow-Credentials true Connection keep-alive x-sticky-vk 1697035136138041-292
GET H3	200	crum dsum-sec.casalemedia.com/ Frame BB25 Redirect Chain https://p.rfihub.com/cm?in=1&pub=2079 https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=969188720337740503	43 B 728 B	18ms 17ms	Image image/gif	104.18.26.193 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=969188720337740503 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fahm11xtr.pics%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol H3 Server 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-US,en;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Wed, 11 Oct 2023 14:38:56 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5EzLRx%2BKT0jBi8As2ABdfBcNWavF3Hk6yaVwEmW888eyTeCvfOKH5Tkm3UpcOL3hT6rBhswxeomrAr9H98J4HcLxF2rXKMoylHZ3QiBG92OYrM31qKohA2E0HpBWoNED9UgMgGDWNXnp1Q%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 8147d9836ea90f88-EWR alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers Location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=969188720337740503 Date Wed, 11 Oct 2023 14:38:56 GMT Server Jetty(9.4.51.v20230217) Content-Length 0 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET		usersyncsupply cm-supply-web.gammaplatform.com/adx/ Frame BB25	0 0
GET H2	200	htw-pixel.gif cdn.indexww.com/ht/ Frame BB25	43 B 252 B	16ms 12ms	Image image/gif	104.18.24.18 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.indexww.com/ht/htw-pixel.gif?ZSazf7HEqEcgfi2lqFVemQAA%261424 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fahm11xtr.pics%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.24.18 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-US,en;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 14:38:56 GMT cf-cache-status HIT last-modified Tue, 24 Jan 2017 19:36:04 GMT server cloudflare age 14147 etag "761e21-2b-546dc3a097100" vary Accept-Encoding content-type image/gif p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" edge-control cache-maxage=1h cache-control public, max-age=86400 accept-ranges bytes cf-ray 8147d9802fc443e9-EWR content-length 43 expires Thu, 12 Oct 2023 14:38:56 GMT
GET H2	200	async_usersync Show response ib.adnxs.com/ Frame FFF6	0 595 B	10ms 9ms	Script text/html	68.67.181.211 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/async_usersync?cbfn=queuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.21.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Wed, 11 Oct 2023 14:38:56 GMT an-x-request-uuid 32b85a27-c52b-4d12-8330-c8f014bd6a1b server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 cache-control no-store, no-cache, private x-proxy-origin 5.181.234.132; 5.181.234.132; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	setuid px.ads.linkedin.com/ Frame D5EB Redirect Chain https://token.rubiconproject.com/token?pid=36584 https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LNLUWF48-24-CBD8	0 515 B	49ms 35ms	Image text/plain	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LNLUWF48-24-CBD8 Protocol H2 Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 14:38:56 GMT x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: 04099987AF8C47CB900EAAAB918E561D Ref B: EWR30EDGE0806 Ref C: 2023-10-11T14:38:56Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-lva1 x-li-proto http/2 content-length 0 x-li-uuid AAYHcciCSdz0Nc4IknEqPw== Redirect headers Location https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LNLUWF48-24-CBD8 Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost 0228ab361cece0438ff9eb16e4e5890e P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H/1.1	200 OK	tap.php pixel.rubiconproject.com/ Frame D5EB Redirect Chain https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 https://pr-bh.ybp.yahoo.com/sync/rubicon/E-G93cM6qtqWApPzixY9_Mn5EUdSAgOZEtemQ7w0kco?csrc= https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-k8UYIOZE2oJR3UCFUlYj9GAULxFSbRZWUC5ffg--~A	42 B 679 B	348ms 131ms	Image image/gif	69.173.151.100 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-k8UYIOZE2oJR3UCFUlYj9GAULxFSbRZWUC5ffg--~A Protocol HTTP/1.1 Server 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language en-US,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 42 X-RPHost 19c1ac3b9706c83a73951eba4d239689 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers date Wed, 11 Oct 2023 14:38:57 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff referrer-policy strict-origin-when-cross-origin server ATS content-security-policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-frame-options DENY location https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-k8UYIOZE2oJR3UCFUlYj9GAULxFSbRZWUC5ffg--~A content-length 0
GET H/1.1	200 OK	tap.php pixel.rubiconproject.com/ Frame D5EB Redirect Chain https://match.adsrvr.org/track/cmf/rubicon https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=d3d8929a-69f5-47ad-ad55-5d359b3f6745&gdpr=0&gdpr_consent=&expires=30	42 B 679 B	519ms 126ms	Image image/gif	69.173.151.100 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=d3d8929a-69f5-47ad-ad55-5d359b3f6745&gdpr=0&gdpr_consent=&expires=30 Protocol HTTP/1.1 Server 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language en-US,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 42 X-RPHost b5ba23d75d0dcd35432b720d73e3149b P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers location https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=d3d8929a-69f5-47ad-ad55-5d359b3f6745&gdpr=0&gdpr_consent=&expires=30 date Wed, 11 Oct 2023 14:38:56 GMT server Kestrel content-length 289
GET H3	200	pixel cm.g.doubleclick.net/ Frame D5EB Redirect Chain https://token.rubiconproject.com/token?pid=2249&pt=n https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDM4N2Y0MGUyN2EzYmMyY2VmOWZlNGU4NzI3MDI0MzIwZjJhNjQzZQ	170 B 188 B	40ms 39ms	Image image/png	172.217.13.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDM4N2Y0MGUyN2EzYmMyY2VmOWZlNGU4NzI3MDI0MzIwZjJhNjQzZQ Protocol H3 Server 172.217.13.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s05-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Wed, 11 Oct 2023 14:38:57 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDM4N2Y0MGUyN2EzYmMyY2VmOWZlNGU4NzI3MDI0MzIwZjJhNjQzZQ Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost 19c1ac3b9706c83a73951eba4d239689 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H3	200	pixel cm.g.doubleclick.net/ Frame D5EB Redirect Chain https://token.rubiconproject.com/token?pid=25470 https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE5MVVdGNDgtMjQtQ0JEOA== https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEImCI2S1Uv9CY7kIhIm81P0&google_cver=1 https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5MVVdGNDgtMjQtQ0JEOA==&google_push=	170 B 188 B	44ms 44ms	Image image/png	172.217.13.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5MVVdGNDgtMjQtQ0JEOA==&google_push= Protocol H3 Server 172.217.13.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s05-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Wed, 11 Oct 2023 14:38:57 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Content-Type text/html Location https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5MVVdGNDgtMjQtQ0JEOA==&google_push= Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost ffef7c53154b04a892ce1f9531c32cb1 Expires 0
GET H/1.1	200 OK	ecm3 s.amazon-adsystem.com/ Frame D5EB Redirect Chain https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=eDF7OLnERlOmi6ZFXyKWAA&rk=usync-na https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=eDF7OLnERlOmi6ZFXyKWAA	43 B 479 B	16ms 15ms	Image image/gif	52.46.130.91 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=eDF7OLnERlOmi6ZFXyKWAA Protocol HTTP/1.1 Server 52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Pragma no-cache Date Wed, 11 Oct 2023 14:38:57 GMT Strict-Transport-Security max-age=47474747; includeSubDomains; preload Server Server x-amz-rid FJFX3H0AQ76QCW7KCM7J Vary Content-Type,Accept-Encoding,User-Agent Content-Type image/gif Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Location https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=eDF7OLnERlOmi6ZFXyKWAA Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost 83041abbe8494cb29eff3083edd6dff6 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H/1.1	200 OK	dcm aax-eu.amazon-adsystem.com/s/ Frame D5EB	43 B 855 B	431ms 158ms	Image image/gif	52.94.220.185 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.94.220.185 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Pragma no-cache Date Wed, 11 Oct 2023 14:38:57 GMT Strict-Transport-Security max-age=47474747; includeSubDomains; preload Server Server x-amz-rid J86RK9XGEF273WMS75YG Vary Content-Type,Accept-Encoding,User-Agent Content-Type image/gif p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	tap.php pixel.rubiconproject.com/ Frame D5EB Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIBEhjV7Q0GPFcevfNc0lYM&google_cver=1	42 B 679 B	518ms 131ms	Image image/gif	69.173.151.100 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIBEhjV7Q0GPFcevfNc0lYM&google_cver=1 Protocol HTTP/1.1 Server 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language en-US,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 42 X-RPHost 2fcb300b847bad3e7dd1184ec8a1c2f5 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers pragma no-cache date Wed, 11 Oct 2023 14:38:56 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIBEhjV7Q0GPFcevfNc0lYM&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 326 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	tap.php pixel.rubiconproject.com/ Frame D5EB Redirect Chain https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACoUk7KTWcAABmaiqJHCA&expires=30	42 B 679 B	527ms 135ms	Image image/gif	69.173.151.100 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACoUk7KTWcAABmaiqJHCA&expires=30 Protocol HTTP/1.1 Server 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language en-US,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 42 X-RPHost 84e0f527cd81a00b0210e20b4ee7ed94 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers location https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACoUk7KTWcAABmaiqJHCA&expires=30 Date Wed, 11 Oct 2023 14:38:56 GMT strict-transport-security max-age=2592000; includeSubDomains Server gunicorn Connection keep-alive Content-Length 0
GET H2	200	cksync hb.yahoo.net/ Frame D5EB Redirect Chain https://token.rubiconproject.com/token?pid=26594 https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LNLUWF48-24-CBD8&redir=true https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LNLUWF48-24-CBD8&redir=true https://hb.yahoo.net/cksync?cs=63&axid_e=eS00aENPMEJGRTJ1RUxNR1pSeFV0U2tRYl9EdlFpYlpOc35B&ovsid=LNLUWF48-24-CBD8&dpid=58160	53 B 646 B	192ms 138ms	Image image/gif	23.40.179.29 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://hb.yahoo.net/cksync?cs=63&axid_e=eS00aENPMEJGRTJ1RUxNR1pSeFV0U2tRYl9EdlFpYlpOc35B&ovsid=LNLUWF48-24-CBD8&dpid=58160 Protocol H2 Server 23.40.179.29 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-40-179-29.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470 Security Headers Name Value Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800 Request headers accept-language en-US,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=86400 ; includeSubDomains, max-age=604800 date Wed, 11 Oct 2023 14:38:57 GMT server Apache p3p CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA content-type image/gif cache-control max-age=0, no-cache, no-store content-length 53 x-mnet-hl2 E expires Wed, 11 Oct 2023 14:38:57 GMT Redirect headers location https://hb.yahoo.net/cksync?cs=63&axid_e=eS00aENPMEJGRTJ1RUxNR1pSeFV0U2tRYl9EdlFpYlpOc35B&ovsid=LNLUWF48-24-CBD8&dpid=58160 date Wed, 11 Oct 2023 14:38:57 GMT strict-transport-security max-age=31536000 server ATS/9.1.10.87 age 0 content-length 0 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H3	200	receive pixel.tapad.com/idsync/ex/ Frame D5EB Redirect Chain https://token.rubiconproject.com/token?pid=37556&a=1 https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LNLUWF48-24-CBD8	95 B 124 B	31ms 31ms	Image image/png	34.111.113.62 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LNLUWF48-24-CBD8 Protocol H3 Server 34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 62.113.111.34.bc.googleusercontent.com Software Jetty(11.0.13) / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 14:38:57 GMT strict-transport-security max-age=31536000 via 1.1 google accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server Jetty(11.0.13) content-type image/png access-control-allow-origin * p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 95 Redirect headers Location https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LNLUWF48-24-CBD8 Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost e71ccbe96f42d70fa40603ada4c96b28 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	200	ProfilesEngineServlet sync1.intentiq.com/profiles_engine/ Frame D5EB Redirect Chain https://pixel.rubiconproject.com/exchange/sync.php?p=primis https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LNLUWF48-24-CBD8 https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LNLUWF48-24-CBD8 https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LNLUWF48-24-CBD8&ckls=true&ci=lkJJ3XXIKr&nc=false&trid=-585769437	43 B 1 KB	94ms 41ms	Image image/gif	108.156.184.13 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LNLUWF48-24-CBD8&ckls=true&ci=lkJJ3XXIKr&nc=false&trid=-585769437 Protocol H2 Server 108.156.184.13 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-156-184-13.cmh68.r.cloudfront.net Software Apache-Coyote/1.1 / Resource Hash caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c Request headers accept-language en-US,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Wed, 11 Oct 2023 14:38:57 GMT via 1.1 782cd53d3d23369feee6e4656bafe94a.cloudfront.net (CloudFront) server Apache-Coyote/1.1 x-amz-cf-pop CMH68-P2 x-cache Miss from cloudfront p3p CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC" content-type image/gif cache-control no-cache, no-store, must-revalidate alt-svc h3=":443"; ma=86400 content-length 43 x-amz-cf-id ALo4rE2xbueWsxS_RcRkApKYquuWbkg8BavcQwigZbWpBMsoGgpE5A== expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers pragma no-cache date Wed, 11 Oct 2023 14:38:57 GMT via 1.1 f7643b009c68e27aaeae1de9ae84fb44.cloudfront.net (CloudFront) server Apache-Coyote/1.1 x-amz-cf-pop CMH68-P2 x-cache Miss from cloudfront p3p CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC" location https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LNLUWF48-24-CBD8&ckls=true&ci=lkJJ3XXIKr&nc=false&trid=-585769437 content-type image/gif cache-control no-cache, no-store, must-revalidate patent https://www.almondnet.com/ip alt-svc h3=":443"; ma=86400 content-length 43 x-amz-cf-id gKdvc3mmlPoaxNQAJahksEtckbnnCmQDLmdVo17zQG_jlKkupDYHVw== expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	tap.php pixel.rubiconproject.com/ Frame D5EB Redirect Chain https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=0a0fcb97-c6e9-4bc9-a110-d62ebf4bfb41&expires=30	42 B 679 B	394ms 127ms	Image image/gif	69.173.151.100 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=0a0fcb97-c6e9-4bc9-a110-d62ebf4bfb41&expires=30 Protocol HTTP/1.1 Server 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language en-US,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 42 X-RPHost 29af2665c43893332e84c235bac366c1 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers Location https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=0a0fcb97-c6e9-4bc9-a110-d62ebf4bfb41&expires=30 Date Wed, 11 Oct 2023 14:38:57 GMT Connection keep-alive X-CI-RTID 32529643-b82a-4d74-901c-fb5d6da389f2 Content-Length 144 Content-Type text/html; charset=utf-8
GET H2	204	magnite prebid.a-mo.net/setuid/ Frame D5EB Redirect Chain https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx https://prebid.a-mo.net/setuid/magnite?uid=LNLUWF48-24-CBD8	0 452 B	30ms 8ms	Image text/plain	147.75.198.144 PACKET
General Check archive.org Show headers Download Go to Show image Full URL https://prebid.a-mo.net/setuid/magnite?uid=LNLUWF48-24-CBD8 Protocol H2 Server 147.75.198.144 Parsippany, United States, ASN54825 (PACKET, US), Reverse DNS Software envoy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 14:38:57 GMT cache-control max-age=0, private, must-revalidate x-envoy-upstream-service-time 3 server envoy vary Accept-Encoding Redirect headers Pragma no-cache P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Content-Type text/html Location https://prebid.a-mo.net/setuid/magnite?uid=LNLUWF48-24-CBD8 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost e71ccbe96f42d70fa40603ada4c96b28 Expires 0
GET H/1.1	200 OK	merge ce.lijit.com/ Frame D5EB Redirect Chain https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn https://ce.lijit.com/merge?pid=80&3pid=LNLUWF48-24-CBD8 https://ce.lijit.com/merge?pid=80&3pid=LNLUWF48-24-CBD8&dnr=1	43 B 664 B	6ms 6ms	Image image/gif	23.92.190.68 INTERNAP-BLK
General Check archive.org Show headers Download Go to Show image Full URL https://ce.lijit.com/merge?pid=80&3pid=LNLUWF48-24-CBD8&dnr=1 Protocol HTTP/1.1 Server 23.92.190.68 Katy, United States, ASN10913 (INTERNAP-BLK, US), Reverse DNS Software / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-US,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Pragma no-cache Date Wed, 11 Oct 2023 14:38:57 GMT P3P CP="CUR ADM OUR NOR STA NID" Content-Type image/gif Cache-Control private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 X-Sovrn-Pod ad_ap2ewr1 Content-Length 43 Expires Fri, 20 Mar 2009 00:00:00 GMT Redirect headers Pragma no-cache Date Wed, 11 Oct 2023 14:38:57 GMT P3P CP="CUR ADM OUR NOR STA NID" Location https://ce.lijit.com/merge?pid=80&3pid=LNLUWF48-24-CBD8&dnr=1 Cache-Control private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 X-Sovrn-Pod ad_ap2ewr1 Content-Length 0 Expires Fri, 20 Mar 2009 00:00:00 GMT
GET H2	200	setuid ib.adnxs.com/prebid/ Frame D5EB Redirect Chain https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LNLUWF48-24-CBD8	43 B 1 KB	3ms 3ms	Image image/gif	68.67.181.211 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LNLUWF48-24-CBD8 Protocol H2 Server 68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Wed, 11 Oct 2023 14:38:57 GMT an-x-request-uuid d08d6d93-3539-4e93-8031-a250ff5c6ddb server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif cache-control no-store, no-cache, private x-proxy-origin 5.181.234.132; 5.181.234.132; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Content-Type text/html Location https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LNLUWF48-24-CBD8 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost 0b388c490ecfef74be7d13328a4f3ac3 Expires 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

cm-supply-web.gammaplatform.com

URL

https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=1&t=pixel